WordPress Tabs with Recommended Posts (Widget) Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Tabs with Recommended Posts Widget Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a781c6b9a217 Credits Rafie Muhammad...

WordPress KPIS CTA Buttons Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software KPIS CTA Buttons Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2cbe82135686 Credits Rafie Muhammad Patchstack Require...

WordPress Stackable Plugin < 3.10.0 is vulnerable to Cross Site Scripting (XSS)

Software Stackable Type Plugin Vulnerable versions 3.10.0 Fixed in 3.10.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d793410a8984 Credits Rafie Muhammad Patchstack Required...

WordPress Quick Event Manager Plugin < 9.8.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Quick Event Manager Type Plugin Vulnerable versions 9.8.5.3 Fixed in 9.8.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID 5068fcdc6585 Credits Rafie Muhammad Patchstac...

WordPress Checkout with Venmo on Woocommerce Plugin <= 4.1 is vulnerable to Cross Site Scripting (XSS)

Software Checkout with Venmo on Woocommerce Type Plugin Vulnerable versions = 4.1 Fixed in 4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0579a795d0cd Credits Rafie Muhammad...

WordPress Ultimate Infinite Scroll Plugin Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Infinite Scroll Plugin Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e939817d24d9 Credits Rafie Muhammad...

WordPress Post Grid, Image Gallery & Portfolio for Elementor | PowerFolio Plugin < 3.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Post Grid, Image Gallery & Portfolio for Elementor | PowerFolio Type Plugin Vulnerable versions 3.0.3 Fixed in 3.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Product Tables for WooCommerce: Quickster Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Product Tables for WooCommerce: Quickster Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77feadf1ad67 Credits Rafie...

WordPress WP Adminify Plugin < 3.1.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Adminify Type Plugin Vulnerable versions 3.1.4 Fixed in 3.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0e3546694fbf Credits Rafie Muhammad Patchstack Required...

WordPress Live Scores for SportsPress Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Live Scores for SportsPress Type Plugin Vulnerable versions = 1.9.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1a8a87c6e703 Credits Rafie Muhammad...

WordPress Goal Tracker - Custom Event Tracking for GA4 Plugin < 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Goal Tracker - Custom Event Tracking for GA4 Type Plugin Vulnerable versions 1.0.11 Fixed in 1.0.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e97011f95aa7 Credits Raf...

WordPress Magic Login API Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Magic Login API Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d2c95bc7776 Credits Rafie Muhammad Patchstack Required...

WordPress WordPress FAQ Accordion Plugin - Display FAQ Plugin < 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WordPress FAQ Accordion Plugin - Display FAQ Type Plugin Vulnerable versions 1.4.3 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 153e3f2c0d28 Credits Rafie...

WordPress Superfast Mailgun for the Newsletter plugin Plugin < 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Superfast Mailgun for the Newsletter plugin Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05f4a612540e Credits Rafie...

WordPress WP Disable Sitemap Plugin <= 1.1.6.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Disable Sitemap Type Plugin Vulnerable versions = 1.1.6.4 Fixed in 1.1.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ee9a57bb1bb5 Credits Rafie Muhammad Patchstack...

WordPress Cart tracking for WooCommerce Plugin < 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Cart tracking for WooCommerce Type Plugin Vulnerable versions 1.0.11 Fixed in 1.0.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dcb0e41e383c Credits Rafie Muhammad...

WordPress Pets Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Pets Type Plugin Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID de9a99f2fff5 Credits Rafie Muhammad Patchstack Required privilege...

WordPress Free Shipping Label and Progress Bar for WooCommerce Plugin < 2.6.12 is vulnerable to Cross Site Scripting (XSS)

Software Free Shipping Label and Progress Bar for WooCommerce Type Plugin Vulnerable versions 2.6.12 Fixed in 2.6.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ce90fbf8a11...

WordPress Coupon Affiliates Plugin < 5.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Coupon Affiliates Type Plugin Vulnerable versions 5.6.0 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID de39047c211f Credits Rafie Muhammad Patchstack Required...

WordPress Aquarella Lite Theme <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Aquarella Lite Type Theme Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b3af0c04aaa1 Credits Rafie Muhammad Patchstack Required...