WordPress Noted PRO Plugin <= 1.02 is vulnerable to Cross Site Scripting (XSS)

Software Noted PRO Type Plugin Vulnerable versions = 1.02 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 52e1f269cd85 Credits Rafie Muhammad Patchstack Required...

WordPress Add Linkedin insight tags for Linkedin ads Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Add Linkedin insight tags for Linkedin ads Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0bbab2a1f59f Credits Rafie...

WordPress BotMate - Automate or Sync Your Sites With No Code Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software BotMate - Automate or Sync Your Sites With No Code Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8348fa6fe814 Credits...

WordPress Nokke Theme < 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Nokke Type Theme Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 801453b53dfc Credits Rafie Muhammad Patchstack Required privilege...

WordPress Product Carousel For WooCommerce – WoorouSell Plugin < 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Product Carousel For WooCommerce – WoorouSell Type Plugin Vulnerable versions 1.1.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b5e19f5c4f77 Credits Rafi...

WordPress Master Addons for Elementor Plugin < 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Master Addons for Elementor Type Plugin Vulnerable versions 2.0.3 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1cb661f3de8e Credits Rafie Muhammad...

WordPress Pixel & tracking codes for Google Web stories (formerly AMP Stories) Plugin < 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Pixel & tracking codes for Google Web stories formerly AMP Stories Type Plugin Vulnerable versions 1.0.5 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Contact Form 7 – Capsule CRM – Integration Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 – Capsule CRM – Integration Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c0e0fb288c2a Credits Rafie...

WordPress Page Visit Counter Plugin <= 6.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Page Visit Counter Type Plugin Vulnerable versions = 6.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2a559c6794f4 Credits Rafie Muhammad Patchstack...

WordPress Full Page Blog Designer Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Full Page Blog Designer Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ac6f41a33fc8 Credits Rafie Muhammad Patchstack...

WordPress Date Picker by Input WP – Sync bookings with external Calendars (.ics) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Date Picker by Input WP – Sync bookings with external Calendars .ics Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress GFireM Action After Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software GFireM Action After Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 980302f4a4bb Credits Rafie Muhammad Patchstack...

WordPress Booking Addon for WooCommerce Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Booking Addon for WooCommerce Type Plugin Vulnerable versions = 4.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1704b913b21c Credits Rafie Muhammad...

WordPress eaSYNC Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software eaSYNC Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ed96527855d Credits Rafie Muhammad Patchstack Required...

WordPress STARTEND Subscription Add-On for GravityForms Plugin <= 4.0.3 is vulnerable to Cross Site Scripting (XSS)

Software STARTEND Subscription Add-On for GravityForms Type Plugin Vulnerable versions = 4.0.3 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc9e3b41e070 Credits...

WordPress WooKit – WooCommerce Tools & Customizations Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software WooKit – WooCommerce Tools & Customizations Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 650930cce60d Credits Rafie...

WordPress Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimization (image SEO) + Woocommerce Plugin < 1.4.7.2 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Auto Image Alt Text Alt tag, Alt attribute optimization image SEO + Woocommerce Type Plugin Vulnerable versions 1.4.7.2 Fixed in 1.4.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Cla...

WordPress Shared Files Plugin < 1.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Shared Files Type Plugin Vulnerable versions 1.7.1 Fixed in 1.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tammersoft PSID 075a041bc160 Credits Rafie Muhammad Patchstack Required privile...

WordPress Floating Awesome Button Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Floating Awesome Button Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a554276c1f96 Credits Rafie Muhammad Patchstac...

WordPress Ultimate Downloadable Products for WooCommerce Plugin < 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Downloadable Products for WooCommerce Type Plugin Vulnerable versions 1.3.1 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c1f9e8d2a5cc Credits Raf...