WordPress Turbo Widgets Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Turbo Widgets Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 87b08b4531c7 Credits Rafie Muhammad Patchstack Required...

WordPress StoreCustomizer – WooCommerce plugin to Customize all WooCommerce Pages Plugin < 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software StoreCustomizer – WooCommerce plugin to Customize all WooCommerce Pages Type Plugin Vulnerable versions 2.5.2 Fixed in 2.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress WPFormify – Stripe Payments with Form and Checkout Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software WPFormify – Stripe Payments with Form and Checkout Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0de1f6b1382 Credits...

WordPress SEO Content Randomizer Plugin < 3.28.1 is vulnerable to Cross Site Scripting (XSS)

Software SEO Content Randomizer Type Plugin Vulnerable versions 3.28.1 Fixed in 3.28.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f3735b8f77bc Credits Rafie Muhammad Patchstack...

WordPress Streak CRM For Gmail For Contact Form 7 – WordPress Plugin Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Streak CRM For Gmail For Contact Form 7 – WordPress Plugin Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 00592a65a43d...

WordPress Custom Tabs for Products WooCommerce Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Custom Tabs for Products WooCommerce Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e95b47afb3cf Credits Rafie Muhamma...

WordPress Pretty Opt In Lite – Content Locker for Lead Generation Plugin <= 1.3.13 is vulnerable to Cross Site Scripting (XSS)

Software Pretty Opt In Lite – Content Locker for Lead Generation Type Plugin Vulnerable versions = 1.3.13 Fixed in 1.3.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 550b1e29c12...

WordPress Bulk Edit Easy Digital Downloads – Fast Bulk Creator Plugin < 1.0.62 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Edit Easy Digital Downloads – Fast Bulk Creator Type Plugin Vulnerable versions 1.0.62 Fixed in 1.0.62 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9f06b59d7222...

WordPress Embed Tik Tok Video Feed (Tiktok feed) for WordPress Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Embed Tik Tok Video Feed Tiktok feed for WordPress Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1c927ede470a Credits...

WordPress WP Page Templates Plugin <= 1.1.14 is vulnerable to Cross Site Scripting (XSS)

Software WP Page Templates Type Plugin Vulnerable versions = 1.1.14 Fixed in 1.1.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a023bfd71ce4 Credits Rafie Muhammad Patchstack...

WordPress Content Hubs Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Content Hubs Type Plugin Vulnerable versions = 1.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 988f22d403da Credits Rafie Muhammad Patchstack Required...

WordPress STARTEND Subscription Add-On for GravityForms Plugin <= 4.0.3 is vulnerable to Cross Site Scripting (XSS)

Software STARTEND Subscription Add-On for GravityForms Type Plugin Vulnerable versions = 4.0.3 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc9e3b41e070 Credits...

WordPress WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto Plugin < 7.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto Type Plugin Vulnerable versions 7.0.1 Fixed in 7.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Subscriber Addons for The Events Calendar Plugin <= 5.5 is vulnerable to Cross Site Scripting (XSS)

Software Subscriber Addons for The Events Calendar Type Plugin Vulnerable versions = 5.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID faec0e8594b3 Credits Rafie...

WordPress Google Sheet Connector for Easy Digital Downloads Plugin < 1.6.6 is vulnerable to Cross Site Scripting (XSS)

Software Google Sheet Connector for Easy Digital Downloads Type Plugin Vulnerable versions 1.6.6 Fixed in 1.6.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2b571060efb4 Credits...

WordPress WP Dev Powers – Display Screen Dimensions to Admin Plugin Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Dev Powers – Display Screen Dimensions to Admin Plugin Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f38bbbbde0ec...

WordPress Print My Blog Plugin < 3.25.2 is vulnerable to Cross Site Scripting (XSS)

Software Print My Blog Type Plugin Vulnerable versions 3.25.2 Fixed in 3.25.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Michael Nelson PSID 0cee933b5bb7 Credits Rafie Muhammad Patchstack Required...

WordPress Menu Image, Icons made easy Plugin < 3.10 is vulnerable to Cross Site Scripting (XSS)

Software Menu Image, Icons made easy Type Plugin Vulnerable versions 3.10 Fixed in 3.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 25e0bdea54af Credits Rafie Muhammad Patchstac...

WordPress Show Eventbrite Events – Event Feed for Eventbrite Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Show Eventbrite Events – Event Feed for Eventbrite Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 896a8e4be5fa Credi...

WordPress Power Ups for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Power Ups for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5f90ede97ce0 Credits Rafie Muhammad Patchstack...