WordPress LittleBot Invoices Plugin <= 2.6.7 is vulnerable to Cross Site Scripting (XSS)

Software LittleBot Invoices Type Plugin Vulnerable versions = 2.6.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 06757730d70c Credits Rafie Muhammad Patchstack...

WordPress RSS feed with featured images | RSS Chimp Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software RSS feed with featured images | RSS Chimp Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a074166be2d5 Credits Rafie...

WordPress Livemesh SiteOrigin Widgets Plugin < 3.3 is vulnerable to Cross Site Scripting (XSS)

Software Livemesh SiteOrigin Widgets Type Plugin Vulnerable versions 3.3 Fixed in 3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a6f49c9df0d3 Credits Rafie Muhammad Patchstack...

WordPress LocalSEOMap Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software LocalSEOMap Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3215d319786f Credits Rafie Muhammad Patchstack Required...

WordPress VidSEO | WordPress Video SEO embedder with transcripts (Youtube & Vimeo) Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software VidSEO | WordPress Video SEO embedder with transcripts Youtube & Vimeo Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Genealogical Tree – WordPress Family Tree Plugin <= 2.2.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Genealogical Tree – WordPress Family Tree Type Plugin Vulnerable versions = 2.2.0.8 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3035976be303 Credits Rafi...

WordPress F4 Post Tree Plugin < 1.1.15 is vulnerable to Cross Site Scripting (XSS)

Software F4 Post Tree Type Plugin Vulnerable versions 1.1.15 Fixed in 1.1.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 26798b0a50ec Credits Rafie Muhammad Patchstack Required...

WordPress Top Bar – PopUps – by WPOptin Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Top Bar – PopUps – by WPOptin Type Plugin Vulnerable versions = 1.2.6 Fixed in 1.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cc20ab59ac51 Credits Rafie Muhammad...

WordPress Google My Business Manager Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Google My Business Manager Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a703fbf6f025 Credits Rafie Muhammad Patchsta...

WordPress WordPress Form Customizer | CF7 Customizer Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Form Customizer | CF7 Customizer Type Plugin Vulnerable versions = 1.6.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3a6ce9d015a7 Credits Rafie...

WordPress SEO Booster Plugin < 3.8.9 is vulnerable to Cross Site Scripting (XSS)

Software SEO Booster Type Plugin Vulnerable versions 3.8.9 Fixed in 3.8.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f88d0b59f7d6 Credits Rafie Muhammad Patchstack Required...

WordPress Conditional Logic for Woo Product Add-ons Plugin < 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Conditional Logic for Woo Product Add-ons Type Plugin Vulnerable versions 1.2.1 Fixed in 1.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 80418579c1aa Credits Rafie...

WordPress Advanced Visual Elements - Shortcode addons for Elementor & Gutenberg Plugin < 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Visual Elements - Shortcode addons for Elementor & Gutenberg Type Plugin Vulnerable versions 1.0.7 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Local SEO For Divi & Gutenberg Blocks Plugin < 9.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Local SEO For Divi & Gutenberg Blocks Type Plugin Vulnerable versions 9.2.1 Fixed in 9.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9be3b701dbe0 Credits Rafie Muhamm...

WordPress Wholesale For WooCommerce Lite – B2B & B2C Solution Plugin < 1.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Wholesale For WooCommerce Lite – B2B & B2C Solution Type Plugin Vulnerable versions 1.6.5 Fixed in 1.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7ae9861c90c1 Credit...

WordPress Admin Speedo Plugin <= 2.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Admin Speedo Type Plugin Vulnerable versions = 2.4.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 95d783684103 Credits Rafie Muhammad Patchstack Required...

WordPress WP-HR Manager: The Human Resources Plugin for WordPress Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS)

Software WP-HR Manager: The Human Resources Plugin for WordPress Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4bb08ee51e2f...

WordPress Quick Bulk Variations Checkout for WooCommerce Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Quick Bulk Variations Checkout for WooCommerce Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fc70a535ba3f Credits Raf...

WordPress WooCommerce Store Toolkit Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Store Toolkit Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 17a9ffda0fb3 Credits Rafie Muhammad...

WordPress YouTube Easy Embed (Wall/Rail) Plugin < 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software YouTube Easy Embed Wall/Rail Type Plugin Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b0d95fa5dab1 Credits Rafie Muhammad...