WordPress YARPP Plugin <= 5.30.3 is vulnerable to Cross Site Scripting (XSS)

Software YARPP Type Plugin Vulnerable versions = 5.30.3 Fixed in 5.30.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2433 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a7d49568bb15 Credits Lana Codes Required privilege...

WordPress Material Design for Contact Form 7 Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Material Design for Contact Form 7 Type Plugin Vulnerable versions = 2.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dee6925b46 Credits Rafie Muhammad...

WordPress Past Events Extension Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Past Events Extension Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2e6ecc56e2b5 Credits Rafie Muhammad Patchstack...

WordPress NEXUS Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software NEXUS Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29099b6f6f6d Credits Rafie Muhammad Patchstack Required privilege...

WordPress Database Table Overview and Logs Plugin < 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Database Table Overview and Logs Type Plugin Vulnerable versions 1.1.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 43825b47431f Credits Rafie Muhammad...

WordPress Live Drag and Drop Builder for Contact Form 7 Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Live Drag and Drop Builder for Contact Form 7 Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8dcf6b85301 Credits Rafi...

WordPress Video Embed & Thumbnail Generator Plugin < 4.8.11 is vulnerable to Cross Site Scripting (XSS)

Software Video Embed & Thumbnail Generator Type Plugin Vulnerable versions 4.8.11 Fixed in 4.8.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 593159c2fc96 Credits Rafie Muhammad...

WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...

WordPress WooCommerce Dynamic Pricing and Discount Rules Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Dynamic Pricing and Discount Rules Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 506694d0fc2e Credits...

WordPress Doubly - Cross Domain Copy Paste for WordPress Plugin < 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Doubly - Cross Domain Copy Paste for WordPress Type Plugin Vulnerable versions 1.0 Fixed in 1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dd92367e6b06 Credits Rafie...

WordPress QuotePress – Quote Estimate Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software QuotePress – Quote Estimate Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 51fb8888d848 Credits Rafie Muhammad...

WordPress WordApp Mobile App Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WordApp Mobile App Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3aec8014f5d8 Credits Rafie Muhammad Patchstack...

WordPress Page Studio Lite Plugin Plugin <= 4.6 is vulnerable to Cross Site Scripting (XSS)

Software Page Studio Lite Plugin Type Plugin Vulnerable versions = 4.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 58e1ed7adebe Credits Rafie Muhammad Patchstack...

WordPress GloriousThemes Starter Sites Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software GloriousThemes Starter Sites Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fbb0bb613259 Credits Rafie Muhammad...

WordPress Under Construction Plugin <= 6.0 is vulnerable to Cross Site Scripting (XSS)

Software Under Construction Type Plugin Vulnerable versions = 6.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ffe51e35d950 Credits Rafie Muhammad Patchstack Require...

WordPress SEO Content Randomizer Plugin < 3.28.1 is vulnerable to Cross Site Scripting (XSS)

Software SEO Content Randomizer Type Plugin Vulnerable versions 3.28.1 Fixed in 3.28.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f3735b8f77bc Credits Rafie Muhammad Patchstack...

WordPress DeMomentSomTres Address Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres Address Type Plugin Vulnerable versions = 2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f5877fb71667 Credits Rafie Muhammad Patchstack...

WordPress Ethereum Wallet Plugin < 4.10.6 is vulnerable to Cross Site Scripting (XSS)

Software Ethereum Wallet Type Plugin Vulnerable versions 4.10.6 Fixed in 4.10.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 12d0d0ea37bd Credits Rafie Muhammad Patchstack Requir...

WordPress Battle Suit for Divi Plugin <= 1.17.0 is vulnerable to Cross Site Scripting (XSS)

Software Battle Suit for Divi Type Plugin Vulnerable versions = 1.17.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 008027bf67c9 Credits Rafie Muhammad Patchstack...

WordPress Tweet Old Custom Post Plugin <= 19.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Tweet Old Custom Post Type Plugin Vulnerable versions = 19.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 052dae11c71c Credits Rafie Muhammad Patchstack...