WordPress Booking Addon for WooCommerce Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Booking Addon for WooCommerce Type Plugin Vulnerable versions = 4.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1704b913b21c Credits Rafie Muhammad...

WordPress eaSYNC Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software eaSYNC Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ed96527855d Credits Rafie Muhammad Patchstack Required...

WordPress STARTEND Subscription Add-On for GravityForms Plugin <= 4.0.3 is vulnerable to Cross Site Scripting (XSS)

Software STARTEND Subscription Add-On for GravityForms Type Plugin Vulnerable versions = 4.0.3 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc9e3b41e070 Credits...

WordPress WooKit – WooCommerce Tools & Customizations Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software WooKit – WooCommerce Tools & Customizations Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 650930cce60d Credits Rafie...

WordPress Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimization (image SEO) + Woocommerce Plugin < 1.4.7.2 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Auto Image Alt Text Alt tag, Alt attribute optimization image SEO + Woocommerce Type Plugin Vulnerable versions 1.4.7.2 Fixed in 1.4.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Cla...

WordPress Shared Files Plugin < 1.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Shared Files Type Plugin Vulnerable versions 1.7.1 Fixed in 1.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tammersoft PSID 075a041bc160 Credits Rafie Muhammad Patchstack Required privile...

WordPress Floating Awesome Button Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Floating Awesome Button Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a554276c1f96 Credits Rafie Muhammad Patchstac...

WordPress Contact Form 7 Multi-Step Forms Plugin < 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 Multi-Step Forms Type Plugin Vulnerable versions 4.3.1 Fixed in 4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4442b3e885b0 Credits Rafie Muhammad...

WordPress Fast Index Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Fast Index Type Plugin Vulnerable versions = 1.9 Fixed in 1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1efd80ca1662 Credits Rafie Muhammad Patchstack Required...

WordPress Search Merchandising – Track & Manage WooCommerce Product Search Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Search Merchandising – Track & Manage WooCommerce Product Search Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Qyrr – simply and modern QR-Code creation Plugin < 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Qyrr – simply and modern QR-Code creation Type Plugin Vulnerable versions 1.5 Fixed in 1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Patrick Posner PSID b4effa18b733 Credits Rafie Muhamma...

WordPress APIExperts Square for WooCommerce Plugin <= 4.2.8 is vulnerable to Cross Site Scripting (XSS)

Software APIExperts Square for WooCommerce Type Plugin Vulnerable versions = 4.2.8 Fixed in 4.2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 703ff9c637f4 Credits Rafie Muhammad...

WordPress FooBox Image Lightbox Plugin < 2.7.27 is vulnerable to Cross Site Scripting (XSS)

Software FooBox Image Lightbox Type Plugin Vulnerable versions 2.7.27 Fixed in 2.7.27 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0aedda1b7b63 Credits Rafie Muhammad Patchstack...

WordPress Bootstrap Fitness Theme < 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Bootstrap Fitness Type Theme Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 151cad56de76 Credits Rafie Muhammad Patchstack Require...

WordPress Backup Bolt Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Backup Bolt Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6cdb95fd5dfc Credits Rafie Muhammad Patchstack Required...

WordPress Phraseanet Wordpress Client Plugin <= 1.3.11 is vulnerable to Cross Site Scripting (XSS)

Software Phraseanet Wordpress Client Type Plugin Vulnerable versions = 1.3.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d3b74aa199c0 Credits Rafie Muhammad...

WordPress Master Blocks – Gutenberg Site Builder Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Master Blocks – Gutenberg Site Builder Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ff08f9c52cf5 Credits Rafie...

WordPress WP School Calendar Plugin < 3.7.9 is vulnerable to Cross Site Scripting (XSS)

Software WP School Calendar Type Plugin Vulnerable versions 3.7.9 Fixed in 3.7.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2469db793f59 Credits Rafie Muhammad Patchstack...

WordPress Super Social Content Locker Lite Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Super Social Content Locker Lite Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 96c47939fcea Credits Rafie Muhammad...

WordPress WordPress Admin Tables Extra Columns : Easy way to create custom columns on WordPress post, page & user admin tables Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Admin Tables Extra Columns : Easy way to create custom columns on WordPress post, page & user admin tables Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS...