WordPress Gallery PhotoBlocks Plugin < 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Gallery PhotoBlocks Type Plugin Vulnerable versions 1.3.0 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cc12359f2fd6 Credits Rafie Muhammad Patchstack...

WordPress Post Grid for Elementor & Product Grid | PowerGrids Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Post Grid for Elementor & Product Grid | PowerGrids Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b07b1b7c7042...

WordPress Speculor Theme <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Speculor Type Theme Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1c05fae77b8c Credits Rafie Muhammad Patchstack Required privile...

WordPress WCC SEO Keyword Research Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WCC SEO Keyword Research Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b9e296dd4139 Credits Rafie Muhammad Patchstack...

WordPress MotionMagic Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software MotionMagic Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dd0568d24650 Credits Rafie Muhammad Patchstack Required...

WordPress LittleBot Invoices Plugin <= 2.6.7 is vulnerable to Cross Site Scripting (XSS)

Software LittleBot Invoices Type Plugin Vulnerable versions = 2.6.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 06757730d70c Credits Rafie Muhammad Patchstack...

WordPress WooRocks Magic Content Plugin <= 1.0.17 is vulnerable to Cross Site Scripting (XSS)

Software WooRocks Magic Content Type Plugin Vulnerable versions = 1.0.17 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1fd587f00a62 Credits Rafie Muhammad Patchstack...

WordPress Super Video Player Plugin < 1.6.13 is vulnerable to Cross Site Scripting (XSS)

Software Super Video Player Type Plugin Vulnerable versions 1.6.13 Fixed in 1.6.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a2d8b09b91b6 Credits Rafie Muhammad Patchstack...

WordPress Simple Cart Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Simple Cart Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d50ef7e26bc5 Credits Rafie Muhammad Patchstack Required...

WordPress WP Tools Divi Product Carousel Plugin < 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Tools Divi Product Carousel Type Plugin Vulnerable versions 1.5.1 Fixed in 1.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 42d03d30e091 Credits Rafie Muhammad...

WordPress Auto Set Admin Colour on Staging and Dev Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Auto Set Admin Colour on Staging and Dev Type Plugin Vulnerable versions = 4.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc1617de8fbf Credits Rafie...

WordPress Unite Gallery Lite Plugin < 1.7.61 is vulnerable to Cross Site Scripting (XSS)

Software Unite Gallery Lite Type Plugin Vulnerable versions 1.7.61 Fixed in 1.7.61 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a8cd76e55c3 Credits Rafie Muhammad Patchstack...

WordPress Fraud Prevention For Woocommerce Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Fraud Prevention For Woocommerce Type Plugin Vulnerable versions = 2.1.4 Fixed in 2.1.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ea78bd17532b Credits Rafie Muhamma...

WordPress Remove Add to Cart WooCommerce Plugin <= 1.4.5 is vulnerable to Cross Site Scripting (XSS)

Software Remove Add to Cart WooCommerce Type Plugin Vulnerable versions = 1.4.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b3c05cadc1a1 Credits Rafie Muhammad...

WordPress Restaurant & Cafe Addon for Elementor Plugin < 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Restaurant & Cafe Addon for Elementor Type Plugin Vulnerable versions 1.4.8 Fixed in 1.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1b34f3b56b8e Credits Rafie Muhamm...

WordPress Booking Weir Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Booking Weir Type Plugin Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f04da911473 Credits Rafie Muhammad Patchstack Required...

WordPress GloriousThemes Starter Sites Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software GloriousThemes Starter Sites Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fbb0bb613259 Credits Rafie Muhammad...

WordPress Advanced USPS Shipping Method Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Advanced USPS Shipping Method Type Plugin Vulnerable versions = 1.0.1 Fixed in 1.0.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a753901c3acc Credits Rafie Muhammad...

WordPress WooCommerce Cross-Seller Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Cross-Seller Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5e99150d929 Credits Rafie Muhammad Patchstack...

WordPress Primary Addon for Elementor Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Primary Addon for Elementor Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 636a21480ff8 Credits Rafie Muhammad...