WordPress Content Aware Sidebars Plugin < 3.19.1 is vulnerable to Cross Site Scripting (XSS)

Software Content Aware Sidebars Type Plugin Vulnerable versions 3.19.1 Fixed in 3.19.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer DEV Institute PSID 7045acf9eb4c Credits Rafie Muhammad Patchstack...

WordPress F4 Post Tree Plugin < 1.1.15 is vulnerable to Cross Site Scripting (XSS)

Software F4 Post Tree Type Plugin Vulnerable versions 1.1.15 Fixed in 1.1.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 26798b0a50ec Credits Rafie Muhammad Patchstack Required...

WordPress AutoMail – Event-driven Email Automation. Easy email Notification and Auto-reply. Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software AutoMail – Event-driven Email Automation. Easy email Notification and Auto-reply. Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Alt Manager Plugin < 1.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Alt Manager Type Plugin Vulnerable versions 1.5.7 Fixed in 1.5.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d5816be5174 Credits Rafie Muhammad Patchstack Required...

WordPress Premmerce Variation Swatches for WooCommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Variation Swatches for WooCommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 2a04ac1c6e8a Credits Rafie...

WordPress Reset Course Progress For LearnDash Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Reset Course Progress For LearnDash Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a19631e39834 Credits Rafie Muhammad...

WordPress Easy Social Feed Plugin < 6.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Easy Social Feed Type Plugin Vulnerable versions 6.5.1 Fixed in 6.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d5526157708e Credits Rafie Muhammad Patchstack Require...

WordPress WC Place Order Without Payment Plugin < 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software WC Place Order Without Payment Type Plugin Vulnerable versions 2.5.2 Fixed in 2.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 20778007dca1 Credits Rafie Muhammad...

WordPress Live TV Player – Worldwide Live TV Channels Player for WordPress Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Live TV Player – Worldwide Live TV Channels Player for WordPress Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Page Visit Counter Plugin <= 6.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Page Visit Counter Type Plugin Vulnerable versions = 6.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2a559c6794f4 Credits Rafie Muhammad Patchstack...

WordPress AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSI...

WordPress WCC SEO Keyword Research Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WCC SEO Keyword Research Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b9e296dd4139 Credits Rafie Muhammad Patchstack...

WordPress Ultimate Blocks – Gutenberg Blocks Plugin Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Blocks – Gutenberg Blocks Plugin Type Plugin Vulnerable versions = 3.0.0 Fixed in 3.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3f338cd9f3f6 Credits Rafie...

WordPress Advanced Custom Fields options import/export Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields options import/export Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4db49edd1f34 Credits Rafie...

WordPress Livemesh Addons for WPBakery Page Builder Plugin < 3.3 is vulnerable to Cross Site Scripting (XSS)

Software Livemesh Addons for WPBakery Page Builder Type Plugin Vulnerable versions 3.3 Fixed in 3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 58640bfcdb02 Credits Rafie Muhamm...

WordPress WooCommerce Bulk Edit Coupons – WP Sheet Editor Plugin < 1.3.41 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Bulk Edit Coupons – WP Sheet Editor Type Plugin Vulnerable versions 1.3.41 Fixed in 1.3.41 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 842ecbe2fc33 Credits...

WordPress WP REST User Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WP REST User Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a086b3cb3cdc Credits Rafie Muhammad Patchstack Required...

WordPress WP Relevant Ads Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Relevant Ads Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7cfa2ceef473 Credits Rafie Muhammad Patchstack Required...

WordPress Material Design for Contact Form 7 Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Material Design for Contact Form 7 Type Plugin Vulnerable versions = 2.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dee6925b46 Credits Rafie Muhammad...

WordPress BAVOKO SEO Tools – All-in-One WordPress SEO Plugin <= 2.1.9.12 is vulnerable to Cross Site Scripting (XSS)

Software BAVOKO SEO Tools – All-in-One WordPress SEO Type Plugin Vulnerable versions = 2.1.9.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc4738883f56 Credits Raf...