WordPress WPFormify – Stripe Payments with Form and Checkout Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software WPFormify – Stripe Payments with Form and Checkout Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0de1f6b1382 Credits...

WordPress Template Manager for Gutenberg Block Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Template Manager for Gutenberg Block Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 011e9bd91ed5 Credits Rafie Muhamma...

WordPress SMS OTP Easy Login with Mocean Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software SMS OTP Easy Login with Mocean Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f36dc3803d0f Credits Rafie Muhammad...

WordPress Content Hubs Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Content Hubs Type Plugin Vulnerable versions = 1.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 988f22d403da Credits Rafie Muhammad Patchstack Required...

WordPress Easy Digital Downloads – Courses Plugin <= 0.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Easy Digital Downloads – Courses Type Plugin Vulnerable versions = 0.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 03375981d3ea Credits Rafie Muhammad...

WordPress Embed Tik Tok Video Feed (Tiktok feed) for WordPress Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Embed Tik Tok Video Feed Tiktok feed for WordPress Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1c927ede470a Credits...

WordPress WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto Plugin < 7.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto Type Plugin Vulnerable versions 7.0.1 Fixed in 7.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Number Chat Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Number Chat Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8cd1dd5221d3 Credits Rafie Muhammad Patchstack Required...

WordPress Ninja Popups Plugin <= 4.7.7 is vulnerable to Open Redirection

Software Ninja Popups Type Plugin Vulnerable versions = 4.7.7 Fixed in 4.7.8 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2022-27861 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 5f5341c2db31 Credits Dave Jong Patchstack Required privilege...

WordPress Word Count Analysis Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Word Count Analysis Type Plugin Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 056e051a5bca Credits Rafie Muhammad Patchstack...

WordPress WP Page Templates Plugin <= 1.1.14 is vulnerable to Cross Site Scripting (XSS)

Software WP Page Templates Type Plugin Vulnerable versions = 1.1.14 Fixed in 1.1.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a023bfd71ce4 Credits Rafie Muhammad Patchstack...

WordPress Bulk Auto Image Title Attribute (Image Title tag) optimization (Image SEO) + Woocommerce Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Auto Image Title Attribute Image Title tag optimization Image SEO + Woocommerce Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Email Tracker Plugin <= 5.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Email Tracker Type Plugin Vulnerable versions = 5.3.8 Fixed in 5.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c4e012d0abd Credits Rafie Muhammad Patchstack Required...

WordPress WordLive Livecall Addon for Woocommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WordLive Livecall Addon for Woocommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 59aa5946d146 Credits Rafie...

WordPress URL Shortify Plugin < 1.7.4 is vulnerable to Cross Site Scripting (XSS)

Software URL Shortify Type Plugin Vulnerable versions 1.7.4 Fixed in 1.7.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9b0133e4c7f5 Credits Rafie Muhammad Patchstack Required...

WordPress Ultimate Carousel For Divi Plugin < 4.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Carousel For Divi Type Plugin Vulnerable versions 4.5.1 Fixed in 4.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 62b9f7045643 Credits Rafie Muhammad Patchsta...

WordPress Easy Order View Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Easy Order View Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 06032b452cdb Credits Rafie Muhammad Patchstack Required...

WordPress AffiEasy Plugin < 1.1.4 is vulnerable to Cross Site Scripting (XSS)

Software AffiEasy Type Plugin Vulnerable versions 1.1.4 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer AffiEasy PSID 3e6342eaad96 Credits Rafie Muhammad Patchstack Required privilege...

WordPress WordPress Editable Posts Table for the Frontend Plugin < 2.4.28 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Editable Posts Table for the Frontend Type Plugin Vulnerable versions 2.4.28 Fixed in 2.4.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7f8dbd4fe9f8 Credits...

WordPress NicheBase Theme < 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software NicheBase Type Theme Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 32512bd4c4db Credits Rafie Muhammad Patchstack Required...