WordPress WP Gratify Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Gratify Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 28082b5b6655 Credits Rafie Muhammad Patchstack Required...

WordPress Before and After Product Images for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Before and After Product Images for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 667bb1121fd9 Credits...

WordPress Get Better Reviews for WooCommerce Plugin <= 4.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Get Better Reviews for WooCommerce Type Plugin Vulnerable versions = 4.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID deeb16fc811f Credits Rafie Muhammad Patchstac...

WordPress Food Store – Online Food Delivery & Pickup Plugin <= 1.4.7.4 is vulnerable to Cross Site Scripting (XSS)

Software Food Store – Online Food Delivery & Pickup Type Plugin Vulnerable versions = 1.4.7.4 Fixed in 1.4.7.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1205491a7a45 Credits...

WordPress Sparrow: Product Reviews and Ratings for WooCommerce Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Sparrow: Product Reviews and Ratings for WooCommerce Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8b45251649e Credi...

WordPress HQTheme Extra Plugin <= 1.0.19 is vulnerable to Cross Site Scripting (XSS)

Software HQTheme Extra Type Plugin Vulnerable versions = 1.0.19 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bf9979eb70a5 Credits Rafie Muhammad Patchstack Required...

WordPress WooCommerce PayLate Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce PayLate Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7223feb8df37 Credits Rafie Muhammad Patchstack...

WordPress Woocommerce Newsletter Image Generator Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Newsletter Image Generator Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 639c79648d62 Credits Rafie...

WordPress Out of stock display for woocommerce Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Out of stock display for woocommerce Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c805e11af12f Credits Rafie Muhammad...

WordPress WP EasyPay Plugin <= 4.1 is vulnerable to Cross Site Scripting (XSS)

Software WP EasyPay Type Plugin Vulnerable versions = 4.1 Fixed in 4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 031c608a3e9c Credits Rafie Muhammad Patchstack Required...

WordPress Streak CRM For Gmail For Contact Form 7 – WordPress Plugin Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Streak CRM For Gmail For Contact Form 7 – WordPress Plugin Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 00592a65a43d...

WordPress Customizer custom controls with Drag and Drop builder – Customizely Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Customizer custom controls with Drag and Drop builder – Customizely Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Connected Sermons Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Connected Sermons Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c3e345f223ee Credits Rafie Muhammad Patchstack Requir...

WordPress Wallet Up Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Wallet Up Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a4dec02c5f4a Credits Rafie Muhammad Patchstack Required...

WordPress Instant Page Load Plugin <= 1.09 is vulnerable to Cross Site Scripting (XSS)

Software Instant Page Load Type Plugin Vulnerable versions = 1.09 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e04533f20844 Credits Rafie Muhammad Patchstack Require...

WordPress WP Relevant Ads Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Relevant Ads Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7cfa2ceef473 Credits Rafie Muhammad Patchstack Required...

WordPress DIVI Enhancer – DIVI Modules and Options Plugin <= 5.0.9 is vulnerable to Cross Site Scripting (XSS)

Software DIVI Enhancer – DIVI Modules and Options Type Plugin Vulnerable versions = 5.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c7324d4558dc Credits Rafie...

WordPress WP Page Templates Plugin <= 1.1.14 is vulnerable to Cross Site Scripting (XSS)

Software WP Page Templates Type Plugin Vulnerable versions = 1.1.14 Fixed in 1.1.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a023bfd71ce4 Credits Rafie Muhammad Patchstack...

WordPress Multifox Plus Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Multifox Plus Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3de79f159460 Credits Rafie Muhammad Patchstack Required...

WordPress LMS Plugin – eLearning, Online Courses by Attest Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS)

Software LMS Plugin – eLearning, Online Courses by Attest Type Plugin Vulnerable versions = 1.7.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3780cc3e494d Credits...