WordPress ICEcoder integration Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software ICEcoder integration Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2358f2d6d388 Credits Rafie Muhammad Patchstack...

WordPress Easy Code Snippets Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Easy Code Snippets Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 282dfece7848 Credits Rafie Muhammad Patchstack...

WordPress Date Picker by Input WP – Sync bookings with external Calendars (.ics) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Date Picker by Input WP – Sync bookings with external Calendars .ics Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Agncy Theme <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software Agncy Type Theme Vulnerable versions = 1.6.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa0143071d81 Credits Rafie Muhammad Patchstack Required privilege...

WordPress Elementor BEMAX Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Elementor BEMAX Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f4c1a4c9489c Credits Rafie Muhammad Patchstack Required...

WordPress EazyDocs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software EazyDocs Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6b527c9fb24 Credits Rafie Muhammad Patchstack Required...

WordPress Spice Post Slider Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Spice Post Slider Type Plugin Vulnerable versions = 1.9 Fixed in 2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d34a32da46f Credits Rafie Muhammad Patchstack Required...

WordPress Delete old Posts automatically Plugin < 3.3.9 is vulnerable to Cross Site Scripting (XSS)

Software Delete old Posts automatically Type Plugin Vulnerable versions 3.3.9 Fixed in 3.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 46270e2e981b Credits Rafie Muhammad...

WordPress TinyMCE Annotate Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software TinyMCE Annotate Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c0657a55b6a4 Credits Rafie Muhammad Patchstack Require...

WordPress Abeta OCI PunchOut Plugin <= 0.4 is vulnerable to Cross Site Scripting (XSS)

Software Abeta OCI PunchOut Type Plugin Vulnerable versions = 0.4 Fixed in 1.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7188a4db1ad7 Credits Rafie Muhammad Patchstack...

WordPress Agy – Age verification for WooCommerce Plugin <= 4.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Agy – Age verification for WooCommerce Type Plugin Vulnerable versions = 4.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f0f028393287 Credits Rafie...

WordPress WP Coupons and Deals – WordPress Coupon Plugin Plugin < 3.1.19 is vulnerable to Cross Site Scripting (XSS)

Software WP Coupons and Deals – WordPress Coupon Plugin Type Plugin Vulnerable versions 3.1.19 Fixed in 3.1.19 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f1b62167704e Credits...

WordPress Music Player for Elementor – Audio Player & Podcast Player Plugin < 1.5.9.9 is vulnerable to Cross Site Scripting (XSS)

Software Music Player for Elementor – Audio Player & Podcast Player Type Plugin Vulnerable versions 1.5.9.9 Fixed in 1.5.9.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Nitek Carousel Slider Cool Transitions Plugin <= 4.3 is vulnerable to Cross Site Scripting (XSS)

Software Nitek Carousel Slider Cool Transitions Type Plugin Vulnerable versions = 4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2a97bd96f108 Credits Rafie Muhamma...

WordPress Add Pinterest conversion tags for Pinterest Ads + Site verification Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Add Pinterest conversion tags for Pinterest Ads + Site verification Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Under Construction Plugin <= 6.0 is vulnerable to Cross Site Scripting (XSS)

Software Under Construction Type Plugin Vulnerable versions = 6.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ffe51e35d950 Credits Rafie Muhammad Patchstack Require...

WordPress Buttonizer Plugin < 3.3.10 is vulnerable to Cross Site Scripting (XSS)

Software Buttonizer Type Plugin Vulnerable versions 3.3.10 Fixed in 3.3.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5c5ce971d99e Credits Rafie Muhammad Patchstack Required...

WordPress Post Grid for Elementor & Product Grid | PowerGrids Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Post Grid for Elementor & Product Grid | PowerGrids Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b07b1b7c7042...

WordPress Material Design for Contact Form 7 Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Material Design for Contact Form 7 Type Plugin Vulnerable versions = 2.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dee6925b46 Credits Rafie Muhammad...

WordPress Smart phone field for Gravity Forms Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software Smart phone field for Gravity Forms Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c510b0a80922 Credits Rafie Muhammad...