WordPress Finpose – Accounting and Financial Tracking Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Finpose – Accounting and Financial Tracking Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b756a68c076a Credits Rafie...

WordPress Raise Prices with Sales for WooCommerce Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Raise Prices with Sales for WooCommerce Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1b6d642c4a5 Credits Rafie...

WordPress Automatic YouTube Gallery Plugin < 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Automatic YouTube Gallery Type Plugin Vulnerable versions 2.3.3 Fixed in 2.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ed4d7f0ef45b Credits Rafie Muhammad Patchstac...

WordPress Database Table Overview and Logs Plugin < 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Database Table Overview and Logs Type Plugin Vulnerable versions 1.1.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 43825b47431f Credits Rafie Muhammad...

WordPress Aquarella Lite Theme <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Aquarella Lite Type Theme Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b3af0c04aaa1 Credits Rafie Muhammad Patchstack Required...

WordPress WP Security Safe Plugin <= 2.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Security Safe Type Plugin Vulnerable versions = 2.5.1 Fixed in 2.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 65de9592a0f7 Credits Rafie Muhammad Patchstack...

WordPress Product Size Charts Plugin for WooCommerce Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Product Size Charts Plugin for WooCommerce Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 148533d1f7c7 Credits Raf...

WordPress Live Drag and Drop Builder for Contact Form 7 Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Live Drag and Drop Builder for Contact Form 7 Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8dcf6b85301 Credits Rafi...

WordPress South Pole: Climate action now Plugin <= 1.0.3.2 is vulnerable to Cross Site Scripting (XSS)

Software South Pole: Climate action now Type Plugin Vulnerable versions = 1.0.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0b8c06df3bd4 Credits Rafie Muhammad...

WordPress WP FOFT Loader Plugin < 2.1.29 is vulnerable to Cross Site Scripting (XSS)

Software WP FOFT Loader Type Plugin Vulnerable versions 2.1.29 Fixed in 2.1.29 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ef74a92e3a5f Credits Rafie Muhammad Patchstack Require...

WordPress WordPress Announcement & Notification Banner Plugin – Bulletin Plugin < 3.8.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Announcement & Notification Banner Plugin – Bulletin Type Plugin Vulnerable versions 3.8.1 Fixed in 3.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Local SEO For Divi & Gutenberg Blocks Plugin < 9.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Local SEO For Divi & Gutenberg Blocks Type Plugin Vulnerable versions 9.2.1 Fixed in 9.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9be3b701dbe0 Credits Rafie Muhamm...

WordPress Video Embed & Thumbnail Generator Plugin < 4.8.11 is vulnerable to Cross Site Scripting (XSS)

Software Video Embed & Thumbnail Generator Type Plugin Vulnerable versions 4.8.11 Fixed in 4.8.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 593159c2fc96 Credits Rafie Muhammad...

WordPress Verbalize WP Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Verbalize WP Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21e3ff2fe6c4 Credits Rafie Muhammad Patchstack Required...

WordPress TwentyFourth WP Scraper Plugin <= 0.6.5 is vulnerable to Cross Site Scripting (XSS)

Software TwentyFourth WP Scraper Type Plugin Vulnerable versions = 0.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8302abdf1de Credits Rafie Muhammad Patchstack...

WordPress ClinicalWP Core Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software ClinicalWP Core Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 39cede9b6e05 Credits Rafie Muhammad Patchstack Required...

WordPress Fast Index Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Fast Index Type Plugin Vulnerable versions = 1.9 Fixed in 1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1efd80ca1662 Credits Rafie Muhammad Patchstack Required...

WordPress Content Aware Sidebars Plugin < 3.19.1 is vulnerable to Cross Site Scripting (XSS)

Software Content Aware Sidebars Type Plugin Vulnerable versions 3.19.1 Fixed in 3.19.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer DEV Institute PSID 7045acf9eb4c Credits Rafie Muhammad Patchstack...

WordPress Modern Designs for Gravity Forms Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Modern Designs for Gravity Forms Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4662a347c105 Credits Rafie Muhammad...

WordPress Salt Shaker Plugin < 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Salt Shaker Type Plugin Vulnerable versions 1.4.2 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1572d197983 Credits Rafie Muhammad Patchstack Required...