WordPress eaSYNC Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software eaSYNC Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ed96527855d Credits Rafie Muhammad Patchstack Required...

WordPress Floating Awesome Button Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Floating Awesome Button Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a554276c1f96 Credits Rafie Muhammad Patchstac...

WordPress Ultimate Downloadable Products for WooCommerce Plugin < 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Downloadable Products for WooCommerce Type Plugin Vulnerable versions 1.3.1 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c1f9e8d2a5cc Credits Raf...

WordPress Contact Form 7 Multi-Step Forms Plugin < 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 Multi-Step Forms Type Plugin Vulnerable versions 4.3.1 Fixed in 4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4442b3e885b0 Credits Rafie Muhammad...

WordPress Filr – Secure document library Plugin < 1.2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Filr – Secure document library Type Plugin Vulnerable versions 1.2.3.1 Fixed in 1.2.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Patrick Posner PSID 4238a0e05073 Credits Rafie Muhammad...

WordPress 1 Click Close Store Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software 1 Click Close Store Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d6ea0096ad8 Credits Rafie Muhammad Patchstack...

WordPress Backup Bolt Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Backup Bolt Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6cdb95fd5dfc Credits Rafie Muhammad Patchstack Required...

WordPress Security Ninja – Secure Firewall & Secure Malware Scanner Plugin < 5.159 is vulnerable to Cross Site Scripting (XSS)

Software Security Ninja – Secure Firewall & Secure Malware Scanner Type Plugin Vulnerable versions 5.159 Fixed in 5.159 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Security Ninja PSID 6acc36b932c4...

WordPress Joli Table Of Contents Plugin < 2.0.10 is vulnerable to Cross Site Scripting (XSS)

Software Joli Table Of Contents Type Plugin Vulnerable versions 2.0.10 Fixed in 2.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dbdc6cbc5b8e Credits Rafie Muhammad Patchstack...

WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...

WordPress Video Embed & Thumbnail Generator Plugin < 4.8.11 is vulnerable to Cross Site Scripting (XSS)

Software Video Embed & Thumbnail Generator Type Plugin Vulnerable versions 4.8.11 Fixed in 4.8.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 593159c2fc96 Credits Rafie Muhammad...

WordPress Rank Math SEO Plugin <= 1.0.119 is vulnerable to Cross Site Scripting (XSS)

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.119 Fixed in 1.0.119.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32600 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fbe17eef0220 Credits Rafie Muhammad...

WordPress Contact Form Generator Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Generator Type Plugin Vulnerable versions = 2.5.5 Fixed in 2.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37988 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4da7e4864bf8 Credits Arvandy...

WordPress Quiz And Survey Master Plugin <= 8.1.10 is vulnerable to Broken Access Control

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.1.10 Fixed in 8.1.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-37984 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 046309de9fe7 Credits qilin99 Required...

WordPress YourMembership Single Sign On Plugin <= 1.1.3 is vulnerable to Broken Access Control

Software YourMembership Single Sign On Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-37987 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9b1dfdc28505 Credits Aman Rawat...

WordPress Slider a SlidersPack Plugin <= 2.0.2 is vulnerable to Broken Access Control

Software Slider a SlidersPack Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-46845 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b8f7f4a77e50 Credits Cat Required privilege...

WordPress Grid Kit Premium Plugin < 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Grid Kit Premium Type Plugin Vulnerable versions 2.2.0 Fixed in 2.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3292 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 75b7f5364596 Credits Erwan LR WPScan...

WordPress Short URL Plugin < 1.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Short URL Type Plugin Vulnerable versions 1.6.5 Fixed in 1.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3130 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9ca4df5fae13 Credits Bob Matyas Required privilege...

WordPress Falang multilanguage Plugin <= 1.3.39 is vulnerable to Cross Site Request Forgery (CSRF)

Software Falang multilanguage Type Plugin Vulnerable versions = 1.3.39 Fixed in 1.3.40 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-37968 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1920d648ac5e Credits Skalucy...

WordPress AnsPress – Question and answer Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS)

Software AnsPress – Question and answer Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34374 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8d2ef4a3a5f2 Credits Theodoro...