WordPress Setka Editor Plugin <= 2.1.20 is vulnerable to Cross Site Scripting (XSS)

Software Setka Editor Type Plugin Vulnerable versions = 2.1.20 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0e08af89e840 Credits Rafie Muhammad Patchstack Required...

WordPress STARTEND Subscription Add-On for GravityForms Plugin <= 4.0.3 is vulnerable to Cross Site Scripting (XSS)

Software STARTEND Subscription Add-On for GravityForms Type Plugin Vulnerable versions = 4.0.3 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc9e3b41e070 Credits...

WordPress Rest Routes – Custom Endpoints for WP REST API Plugin < 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Rest Routes – Custom Endpoints for WP REST API Type Plugin Vulnerable versions 4.4.1 Fixed in 4.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d3ad1937efb Credits Raf...

WordPress Glorious Services & Support Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Glorious Services & Support Type Plugin Vulnerable versions = 1.0.0 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 530fddb6656a Credits Rafie Muhammad...

WordPress Universal email preference center Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Universal email preference center Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bbcdce37fcfa Credits Rafie Muhammad...

WordPress Elegant Calendar Lite – WordPress Events Calendar Plugin Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software Elegant Calendar Lite – WordPress Events Calendar Plugin Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 615ca7b21043...

WordPress SVG Flags – Beautiful Scalable Flags For All Countries! Plugin <= 0.9.6 is vulnerable to Cross Site Scripting (XSS)

Software SVG Flags – Beautiful Scalable Flags For All Countries! Type Plugin Vulnerable versions = 0.9.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9d8c58ac2463...

WordPress Conditional Payment Methods for WooCommerce Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Conditional Payment Methods for WooCommerce Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 88cda384e297 Credits Rafi...

WordPress Windsor Strava Club Plugin <= 1.0.14 is vulnerable to Cross Site Scripting (XSS)

Software Windsor Strava Club Type Plugin Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2effed58e825 Credits Rafie Muhammad Patchstack...

WordPress Builder for WooCommerce reviews shortcodes – ReviewShort Plugin < 1.0.21 is vulnerable to Cross Site Scripting (XSS)

Software Builder for WooCommerce reviews shortcodes – ReviewShort Type Plugin Vulnerable versions 1.0.21 Fixed in 1.0.21 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID 38a6f8afe733 Credits...

WordPress TreePress – Easy Family Trees & Ancestor Profiles Plugin <= 3.0.0.1 is vulnerable to Cross Site Scripting (XSS)

Software TreePress – Easy Family Trees & Ancestor Profiles Type Plugin Vulnerable versions = 3.0.0.1 Fixed in 3.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a43ea79f6f29...

WordPress PageManager Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software PageManager Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4d83214e89fb Credits Rafie Muhammad Patchstack Required...

WordPress Divi Carousel Lite - Image Carousel, Logo Carousel, Testimonial Carousel Slider and more Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

Software Divi Carousel Lite - Image Carousel, Logo Carousel, Testimonial Carousel Slider and more Type Plugin Vulnerable versions = 1.6.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Cla...

WordPress Connected Sermons Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Connected Sermons Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c3e345f223ee Credits Rafie Muhammad Patchstack Requir...

WordPress WP Temp Mail (Temporary Mail Service Powered By WordPress) Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Temp Mail Temporary Mail Service Powered By WordPress Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6a5eb4e385ef...

WordPress Variable Product Swatches for WooCommerce Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Variable Product Swatches for WooCommerce Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID af47ebf471b2 Credits Rafie...

WordPress Product Carousel For WooCommerce – WoorouSell Plugin < 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Product Carousel For WooCommerce – WoorouSell Type Plugin Vulnerable versions 1.1.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b5e19f5c4f77 Credits Rafi...

WordPress Mojito Shipping Plugin < 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Mojito Shipping Type Plugin Vulnerable versions 1.4.3 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 836e46da79bb Credits Rafie Muhammad Patchstack Required...

WordPress Spice Post Slider Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Spice Post Slider Type Plugin Vulnerable versions = 1.9 Fixed in 2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d34a32da46f Credits Rafie Muhammad Patchstack Required...

WordPress Agncy Theme <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software Agncy Type Theme Vulnerable versions = 1.6.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa0143071d81 Credits Rafie Muhammad Patchstack Required privilege...