WordPress Mojito Shipping Plugin < 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Mojito Shipping Type Plugin Vulnerable versions 1.4.3 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 836e46da79bb Credits Rafie Muhammad Patchstack Required...

WordPress Webriti Companion Plugin < 1.9.3 is vulnerable to Cross Site Scripting (XSS)

Software Webriti Companion Type Plugin Vulnerable versions 1.9.3 Fixed in 1.9.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9145bb2b5a2a Credits Rafie Muhammad Patchstack Requir...

WordPress Post Grid, Image Gallery & Portfolio for Elementor | PowerFolio Plugin < 3.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Post Grid, Image Gallery & Portfolio for Elementor | PowerFolio Type Plugin Vulnerable versions 3.0.3 Fixed in 3.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Tickera Plugin < 3.4.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Tickera Type Plugin Vulnerable versions 3.4.8.4 Fixed in 3.4.8.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 572bf731f4a5 Credits Rafie Muhammad Patchstack Required...

WordPress Categorify Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Categorify Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ce4f365e15c Credits Rafie Muhammad Patchstack Required...

WordPress Premmerce Wishlist for WooCommerce Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Wishlist for WooCommerce Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID aafe83c7ae0e Credits Rafie Muhammad...

WordPress Royal Elementor Addons Plugin < 1.3.71 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions 1.3.71 Fixed in 1.3.71 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WProyal PSID f12eb2449894 Credits Rafie Muhammad Patchstack Require...

WordPress Block Styler For Gravity Forms Plugin < 6.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Block Styler For Gravity Forms Type Plugin Vulnerable versions 6.3.0 Fixed in 6.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cb51772428c4 Credits Rafie Muhammad...

WordPress Form Vibes – Database Manager for Forms Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Form Vibes – Database Manager for Forms Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WPVibes PSID cd425a15435a Credits Rafie Muhammad...

WordPress Elementor BEMAX Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Elementor BEMAX Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f4c1a4c9489c Credits Rafie Muhammad Patchstack Required...

WordPress Amela Theme < 1.0.14 is vulnerable to Cross Site Scripting (XSS)

Software Amela Type Theme Vulnerable versions 1.0.14 Fixed in 1.0.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21e404749550 Credits Rafie Muhammad Patchstack Required privileg...

WordPress Product Delivery Date Plugin < 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Product Delivery Date Type Plugin Vulnerable versions 1.1.5 Fixed in 1.1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01a83af05e0b Credits Rafie Muhammad Patchstack...

WordPress Lightbox – EverlightBox Gallery Plugin < 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Lightbox – EverlightBox Gallery Type Plugin Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0f3c1713753 Credits Rafie Muhammad...

WordPress Relax Spa Theme < 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Relax Spa Type Theme Vulnerable versions 1.1.1 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b6d96cda06db Credits Rafie Muhammad Patchstack Required...

WordPress Date Picker by Input WP – Sync bookings with external Calendars (.ics) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Date Picker by Input WP – Sync bookings with external Calendars .ics Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress eaSYNC Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software eaSYNC Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ed96527855d Credits Rafie Muhammad Patchstack Required...

WordPress Floating Awesome Button Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Floating Awesome Button Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a554276c1f96 Credits Rafie Muhammad Patchstac...

WordPress WP Mobile Menu Plugin < 2.8.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Mobile Menu Type Plugin Vulnerable versions 2.8.4 Fixed in 2.8.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b62d186dca99 Credits Rafie Muhammad Patchstack Required...

WordPress TinyMCE Annotate Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software TinyMCE Annotate Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c0657a55b6a4 Credits Rafie Muhammad Patchstack Require...

WordPress Travel Agency Booking Theme <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Travel Agency Booking Type Theme Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a2ab945a39ee Credits Rafie Muhammad Patchstack...