WordPress GravityStripe Subscription Manager Plugin <= 4.1.4 is vulnerable to Cross Site Scripting (XSS)

Software GravityStripe Subscription Manager Type Plugin Vulnerable versions = 4.1.4 Fixed in 4.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 757ed2a2a571 Credits Rafie Muhamma...

WordPress GravityStripe Subscription Manager plugin <= 4.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress GravityStripe Subscription Manager plugin versions = 4.0. Solution Update the WordPress GravityStripe Subscription Manager plugin to the latest available version at least 4.1...

WordPress GravityStripe Subscription Manager plugin <= 4.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress GravityStripe Subscription Manager plugin versions = 4.0. Solution Update the WordPress GravityStripe Subscription Manager plugin to the latest available version at least 4.1...