WordPress WordPress Admin Tables Extra Columns : Easy way to create custom columns on WordPress post, page & user admin tables Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Admin Tables Extra Columns : Easy way to create custom columns on WordPress post, page & user admin tables Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS...

WordPress Wp My Admin Bar Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Wp My Admin Bar Type Plugin Vulnerable versions = 3.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 491eed150f92 Credits Rafie Muhammad Patchstack Required...

WordPress WebinarIgnition Plugin < 3.01.3 is vulnerable to Cross Site Scripting (XSS)

Software WebinarIgnition Type Plugin Vulnerable versions 3.01.3 Fixed in 3.01.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID 30c1e2f35176 Credits Rafie Muhammad Patchstack Required...

WordPress Mass Ping Tool for SEO – Wordpress ping list to get indexed faster on Google, Yandex, … Plugin < 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Mass Ping Tool for SEO – Wordpress ping list to get indexed faster on Google, Yandex, … Type Plugin Vulnerable versions 1.0.3 Fixed in 1.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer...

WordPress Bulk Auto Image Title Attribute (Image Title tag) optimization (Image SEO) + Woocommerce Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Auto Image Title Attribute Image Title tag optimization Image SEO + Woocommerce Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress WordPress Animation Plugin – Animated Everything Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Animation Plugin – Animated Everything Type Plugin Vulnerable versions = 1.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b8c549fc7717 Credits...

WordPress Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) Plugin < 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Internal Linking for SEO traffic & Ranking – Auto internal links 100% automatic Type Plugin Vulnerable versions 1.1.2 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Distancr – Price by Location for WooCommerce Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)

Software Distancr – Price by Location for WooCommerce Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fc09f6eee010 Credits Rafie...

WordPress WooCommerce Disable Payment Methods based on cart conditions Plugin < 1.16.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Disable Payment Methods based on cart conditions Type Plugin Vulnerable versions 1.16.0 Fixed in 1.16.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress HT Mega Plugin <= 2.2.0 is vulnerable to Privilege Escalation

Software HT Mega Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-37999 Patch priority High CVSS severity High 9.8 Developer HTMega PSID bbe5238c947f Credits Rafie Muhammad Patchstac...

WordPress WPFunnels Plugin <= 2.7.16 is vulnerable to Cross Site Scripting (XSS)

Software WPFunnels Type Plugin Vulnerable versions = 2.7.16 Fixed in 2.7.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-37977 Patch priority Medium CVSS severity Medium 7.1 Developer WPFunnels Team PSID 5b27642361cb Credits LEE SE HYOUNG hackintoanetwork Requir...

WordPress Coming Soon Chop Chop Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Coming Soon Chop Chop Type Plugin Vulnerable versions = 2.2.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37893 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a25fdf76e34 Credits Phd Required...

WordPress JetFormBuilder Plugin <= 3.0.8 is vulnerable to Privilege Escalation

Software JetFormBuilder Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-37866 Patch priority Medium CVSS severity Medium 7.2 Developer Crocoblock PSID bb75400351be Credits Rafie...

WordPress WooCommerce Warranty Requests Plugin <= 2.1.9 is vulnerable to Broken Access Control

Software WooCommerce Warranty Requests Type Plugin Vulnerable versions = 2.1.9 Fixed in 2.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-37870 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID a8cf2ee414a2 Credits Rafie Muhamma...

WordPress ARMember Plugin <= 4.0.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software ARMember Type Plugin Vulnerable versions = 4.0.5 Fixed in 4.0.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47424 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 7cdd5c04b280 Credits Cat Required privilege...

WordPress Booking Package Plugin <= 1.5.98 is vulnerable to Privilege Escalation

Software Booking Package Type Plugin Vulnerable versions = 1.5.98 Fixed in 1.5.99 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-37389 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 0ff1d9e379c0 Credits Rafie...

WordPress Premium Addons PRO Plugin <= 2.9.0 is vulnerable to Sensitive Data Exposure

Software Premium Addons PRO Type Plugin Vulnerable versions = 2.9.0 Fixed in 2.9.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-37868 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 61bc62d7d465 Credits Rafie Muhammad...

WordPress Masteriyo - LMS Plugin < 1.6.8 is vulnerable to Sensitive Data Exposure

Software Masteriyo - LMS Type Plugin Vulnerable versions 1.6.8 Fixed in 1.6.8 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE N/A Patch priority Medium CVSS severity Medium 6.5 Developer Masteriyo PSID aef3f4a1c0c4 Credits Unknown Required privilege Subscriber...

WordPress User Registration Plugin <= 3.0.2 is vulnerable to Arbitrary File Upload

Software User Registration Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.0.2.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-3342 Patch priority High CVSS severity High 9.9 Developer Masteriyo PSID 9e6954072452 Credits István Márton Required privilege Subscribe...

WordPress WP-Optimize Plugin < 3.2.13 is vulnerable to Cross Site Scripting (XSS)

Software WP-Optimize Type Plugin Vulnerable versions 3.2.13 Fixed in 3.2.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1119 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 74a58d2a57e4 Credits Paolo Elia Required...