WordPress Easy Post Views Count Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Easy Post Views Count Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0c7ddb24e98 Credits Rafie Muhammad Patchstack...

WordPress Elation Theme <= 1.1.01 is vulnerable to Cross Site Scripting (XSS)

Software Elation Type Theme Vulnerable versions = 1.1.01 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 30b4c70f5ae1 Credits Rafie Muhammad Patchstack Required privile...

WordPress Passster – Password Protection Plugin < 4.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Passster – Password Protection Type Plugin Vulnerable versions 4.2.2 Fixed in 4.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Patrick Posner PSID 8b97c2c68b65 Credits Rafie Muhammad...

WordPress Logo Showcase with Slick Slider Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Logo Showcase with Slick Slider Type Plugin Vulnerable versions = 3.2.0 Fixed in 3.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d01735b38aab Credits Rafie Muhammad...

WordPress Delete Duplicate Posts Plugin < 4.8.9 is vulnerable to Cross Site Scripting (XSS)

Software Delete Duplicate Posts Type Plugin Vulnerable versions 4.8.9 Fixed in 4.8.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer CleverPlugins.com PSID 697dcfa11c60 Credits Rafie Muhammad Patchstack...

WordPress Master Addons for Elementor Plugin < 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Master Addons for Elementor Type Plugin Vulnerable versions 2.0.3 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1cb661f3de8e Credits Rafie Muhammad...

WordPress Ultimate Infinite Scroll Plugin Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Infinite Scroll Plugin Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e939817d24d9 Credits Rafie Muhammad...

WordPress netFORUM Single Sign On Plugin <= 1.3.5 is vulnerable to Cross Site Scripting (XSS)

Software netFORUM Single Sign On Type Plugin Vulnerable versions = 1.3.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9ddecf76497f Credits Rafie Muhammad Patchstack...

WordPress Pixel & tracking codes for Google Web stories (formerly AMP Stories) Plugin < 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Pixel & tracking codes for Google Web stories formerly AMP Stories Type Plugin Vulnerable versions 1.0.5 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Contact Form 7 – Capsule CRM – Integration Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 – Capsule CRM – Integration Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c0e0fb288c2a Credits Rafie...

WordPress Page Visit Counter Plugin <= 6.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Page Visit Counter Type Plugin Vulnerable versions = 6.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2a559c6794f4 Credits Rafie Muhammad Patchstack...

WordPress Full Page Blog Designer Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Full Page Blog Designer Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ac6f41a33fc8 Credits Rafie Muhammad Patchstack...

WordPress Date Picker by Input WP – Sync bookings with external Calendars (.ics) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Date Picker by Input WP – Sync bookings with external Calendars .ics Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress GFireM Action After Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software GFireM Action After Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 980302f4a4bb Credits Rafie Muhammad Patchstack...

WordPress Booking Addon for WooCommerce Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Booking Addon for WooCommerce Type Plugin Vulnerable versions = 4.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1704b913b21c Credits Rafie Muhammad...

WordPress eaSYNC Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software eaSYNC Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ed96527855d Credits Rafie Muhammad Patchstack Required...

WordPress STARTEND Subscription Add-On for GravityForms Plugin <= 4.0.3 is vulnerable to Cross Site Scripting (XSS)

Software STARTEND Subscription Add-On for GravityForms Type Plugin Vulnerable versions = 4.0.3 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc9e3b41e070 Credits...

WordPress WooKit – WooCommerce Tools & Customizations Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software WooKit – WooCommerce Tools & Customizations Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 650930cce60d Credits Rafie...

WordPress Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimization (image SEO) + Woocommerce Plugin < 1.4.7.2 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Auto Image Alt Text Alt tag, Alt attribute optimization image SEO + Woocommerce Type Plugin Vulnerable versions 1.4.7.2 Fixed in 1.4.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Cla...

WordPress Shared Files Plugin < 1.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Shared Files Type Plugin Vulnerable versions 1.7.1 Fixed in 1.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tammersoft PSID 075a041bc160 Credits Rafie Muhammad Patchstack Required privile...