WordPress Qyrr – simply and modern QR-Code creation Plugin < 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Qyrr – simply and modern QR-Code creation Type Plugin Vulnerable versions 1.5 Fixed in 1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Patrick Posner PSID b4effa18b733 Credits Rafie Muhamma...

WordPress Any Popup – Popup Forms, Optins & Ads Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Any Popup – Popup Forms, Optins & Ads Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e44a4be7d74c Credits Rafie Muhammad...

WordPress FeedbackScout: The easiest way to collect, prioritise, manage and track customer feedback. Plugin <= 1.9.3 is vulnerable to Cross Site Scripting (XSS)

Software FeedbackScout: The easiest way to collect, prioritise, manage and track customer feedback. Type Plugin Vulnerable versions = 1.9.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer...

WordPress Feedpress Generator Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Feedpress Generator Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8b2db3433ca2 Credits Rafie Muhammad Patchstack...

WordPress Events Addon for Elementor Plugin < 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Events Addon for Elementor Type Plugin Vulnerable versions 2.0.3 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2ee0a2921c21 Credits Rafie Muhammad Patchsta...

WordPress Passster – Password Protection Plugin < 4.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Passster – Password Protection Type Plugin Vulnerable versions 4.2.2 Fixed in 4.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Patrick Posner PSID 8b97c2c68b65 Credits Rafie Muhammad...

WordPress SLP – Extended Data Manager Plugin <= 6.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SLP – Extended Data Manager Type Plugin Vulnerable versions = 6.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d2e98c75731 Credits Rafie Muhammad...

WordPress Iks Menu – WordPress Category Accordion Menu Plugin < 1.11.2 is vulnerable to Cross Site Scripting (XSS)

Software Iks Menu – WordPress Category Accordion Menu Type Plugin Vulnerable versions 1.11.2 Fixed in 1.11.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 241c584c7b9d Credits Raf...

WordPress WordPress Animation Plugin – Animated Everything Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Animation Plugin – Animated Everything Type Plugin Vulnerable versions = 1.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b8c549fc7717 Credits...

WordPress Multifox Plus Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Multifox Plus Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3de79f159460 Credits Rafie Muhammad Patchstack Required...

WordPress Simple Sponsorships Plugin <= 1.8.1 is vulnerable to Cross Site Scripting (XSS)

Software Simple Sponsorships Type Plugin Vulnerable versions = 1.8.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b240f816b732 Credits Rafie Muhammad Patchstack...

WordPress FTC Disclosure Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software FTC Disclosure Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c482a6fc80d1 Credits Rafie Muhammad Patchstack Required...

WordPress WordPress Notification Bar Plugin - TinyBar Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Notification Bar Plugin - TinyBar Type Plugin Vulnerable versions = 2.1 Fixed in 2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2bc5afc6df48 Credits Rafie...

WordPress Auto Mail - Abandoned Cart Recovery, Newsletter Builder & Marketing Automation for WooCommerce Plugin < 1.1.78 is vulnerable to Cross Site Scripting (XSS)

Software Auto Mail - Abandoned Cart Recovery, Newsletter Builder & Marketing Automation for WooCommerce Type Plugin Vulnerable versions 1.1.78 Fixed in 1.1.78 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1...

WordPress ClickerVolt – Affiliate Links & Click Tracking for Performance Marketers Plugin <= 1.169 is vulnerable to Cross Site Scripting (XSS)

Software ClickerVolt – Affiliate Links & Click Tracking for Performance Marketers Type Plugin Vulnerable versions = 1.169 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSI...

WordPress WPFormify – Stripe Payments with Form and Checkout Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software WPFormify – Stripe Payments with Form and Checkout Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0de1f6b1382 Credits...

WordPress SEO Content Randomizer Plugin < 3.28.1 is vulnerable to Cross Site Scripting (XSS)

Software SEO Content Randomizer Type Plugin Vulnerable versions 3.28.1 Fixed in 3.28.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f3735b8f77bc Credits Rafie Muhammad Patchstack...

WordPress Streak CRM For Gmail For Contact Form 7 – WordPress Plugin Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Streak CRM For Gmail For Contact Form 7 – WordPress Plugin Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 00592a65a43d...

WordPress Custom Tabs for Products WooCommerce Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Custom Tabs for Products WooCommerce Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e95b47afb3cf Credits Rafie Muhamma...

WordPress Pretty Opt In Lite – Content Locker for Lead Generation Plugin <= 1.3.13 is vulnerable to Cross Site Scripting (XSS)

Software Pretty Opt In Lite – Content Locker for Lead Generation Type Plugin Vulnerable versions = 1.3.13 Fixed in 1.3.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 550b1e29c12...