WordPress Elementor Addon Elements Plugin <= 1.11.16 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.11.16 Fixed in 1.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer WPVibes PSID 41872ea94dbe Credits Rafie Muhammad Patchstack Required...

WordPress Greenshift – animation and page builder blocks Plugin <= 2.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Greenshift – animation and page builder blocks Type Plugin Vulnerable versions = 2.8.4 Fixed in 4.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 468204672d41 Credits Rafie...

WordPress Stop WP Emails Going to Spam Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Stop WP Emails Going to Spam Type Plugin Vulnerable versions = 1.1.6 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID fd8327c521e3 Credits Rafie Muhammad Patchsta...

WordPress Checkbox Plugin <= 0.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Checkbox Type Plugin Vulnerable versions = 0.8.3 Fixed in 0.8.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 36822a9c98e8 Credits Rafie Muhammad Patchstack Required privileg...

WordPress WN Flipbox Pro Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)

Software WN Flipbox Pro Type Plugin Vulnerable versions = 1.15 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ef85e7e1358f Credits Rafie Muhammad Patchstack Required...

WordPress WP Cloud Server Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Cloud Server Type Plugin Vulnerable versions = 1.3.0 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8cdd8c408320 Credits Rafie Muhammad Patchstack Required...

WordPress WPEForm Lite – Drag and Drop Live Form Builder for Contact, Payment & Quiz Forms Plugin <= 1.6.4 is vulnerable to Cross Site Scripting (XSS)

Software WPEForm Lite – Drag and Drop Live Form Builder for Contact, Payment & Quiz Forms Type Plugin Vulnerable versions = 1.6.4 Fixed in 1.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownersh...

WordPress Divi Content Restrictor Plugin < 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Divi Content Restrictor Type Plugin Vulnerable versions 1.4.3 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 19d3d4ac2e6a Credits Rafie Muhammad Patchstack...

WordPress Cryptocurrency Product for WooCommerce Plugin < 3.16.10 is vulnerable to Cross Site Scripting (XSS)

Software Cryptocurrency Product for WooCommerce Type Plugin Vulnerable versions 3.16.10 Fixed in 3.16.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 10effe065692 Credits Rafie...

WordPress Featured Products First for WooCommerce – A Extension of WooCommerce (WooCommerce Addon Plugin) Plugin <= 1.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Featured Products First for WooCommerce – A Extension of WooCommerce WooCommerce Addon Plugin Type Plugin Vulnerable versions = 1.9.5 Fixed in 1.9.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1...

WordPress WordPress HelpDesk & Support Ticket System Plugin – Octrace Support Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software WordPress HelpDesk & Support Ticket System Plugin – Octrace Support Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Yatri Tools Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Yatri Tools Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 84e7df9e0b09 Credits Rafie Muhammad Patchstack Required...

WordPress LittleBot ACH for Stripe + Plaid Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)

Software LittleBot ACH for Stripe + Plaid Type Plugin Vulnerable versions = 1.2.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5af20012a51f Credits Rafie Muhammad...

WordPress All in One Video Downloader Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software All in One Video Downloader Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 83138c5b2fe4 Credits Rafie Muhammad...

WordPress Alley Business Toolkit Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Alley Business Toolkit Type Plugin Vulnerable versions = 2.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f03c4c803b7a Credits Rafie Muhammad Patchstack...

WordPress Joli CLEAR Lightbox Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Joli CLEAR Lightbox Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 81ea7793b95a Credits Rafie Muhammad Patchstack...

WordPress STAX Header Builder Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software STAX Header Builder Type Plugin Vulnerable versions = 1.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8750093fc2e7 Credits Rafie Muhammad Patchstack...

WordPress Device Wrapper Plugin < 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Device Wrapper Type Plugin Vulnerable versions 1.1.1 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dffe70065f07 Credits Rafie Muhammad Patchstack Required...

WordPress Genealogical Tree – WordPress Family Tree Plugin <= 2.2.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Genealogical Tree – WordPress Family Tree Type Plugin Vulnerable versions = 2.2.0.8 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3035976be303 Credits Rafi...

WordPress Ajax Press - Easily Enable Fast Ajax Navigation Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Ajax Press - Easily Enable Fast Ajax Navigation Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5ec2c53426f5 Credits...