WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin < 1.5.75 is vulnerable to Cross Site Scripting (XSS)

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions 1.5.75 Fixed in 1.5.75 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Unlimited Elements PSID...

WordPress Easy Courses Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Easy Courses Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e3ad0b50099b Credits Rafie Muhammad Patchstack Required...

WordPress AADMY Plugin <= 1.1.4 is vulnerable to Cross Site Scripting (XSS)

Software AADMY Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ceb9abf563c7 Credits Rafie Muhammad Patchstack Required privile...

WordPress Nugget by Ingot: Easy, automated and native A/B testing for everyone Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Nugget by Ingot: Easy, automated and native A/B testing for everyone Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Post Carousel Divi Plugin < 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Post Carousel Divi Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bacae8d56eec Credits Rafie Muhammad Patchstack Required...

WordPress Super Notes – create Admin Notes with ease Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Super Notes – create Admin Notes with ease Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2252dccf311e Credits Rafie...

WordPress Run Contests, Raffles, and Giveaways with ContestsWP Plugin < 1.9.8 is vulnerable to Cross Site Scripting (XSS)

Software Run Contests, Raffles, and Giveaways with ContestsWP Type Plugin Vulnerable versions 1.9.8 Fixed in 1.9.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c939c7b8102a Credi...

WordPress Get Cash Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)

Software Get Cash Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2801248ebadb Credits Rafie Muhammad Patchstack Required privileg...

WordPress Delete Duplicate Posts Plugin < 4.8.9 is vulnerable to Cross Site Scripting (XSS)

Software Delete Duplicate Posts Type Plugin Vulnerable versions 4.8.9 Fixed in 4.8.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer CleverPlugins.com PSID 697dcfa11c60 Credits Rafie Muhammad Patchstack...

WordPress Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) Plugin < 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Internal Linking for SEO traffic & Ranking – Auto internal links 100% automatic Type Plugin Vulnerable versions 1.1.2 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress WordPress Admin Tables Extra Columns : Easy way to create custom columns on WordPress post, page & user admin tables Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Admin Tables Extra Columns : Easy way to create custom columns on WordPress post, page & user admin tables Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS...

WordPress Protect Admin Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Protect Admin Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 90a7aabd2940 Credits Rafie Muhammad Patchstack Required...

WordPress Go Fetch Jobs (for JobEngine) Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Go Fetch Jobs for JobEngine Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 257718bba697 Credits Rafie Muhammad Patchstac...

WordPress SLP – Extenders Plugin <= 6.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SLP – Extenders Type Plugin Vulnerable versions = 6.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f659d4022f0d Credits Rafie Muhammad Patchstack Required...

WordPress Notionify - WordPress, WooCommerce, Contact form 7 integration with notion. Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Notionify - WordPress, WooCommerce, Contact form 7 integration with notion. Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

WordPress HM Resume Manager Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software HM Resume Manager Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 912793162937 Credits Rafie Muhammad Patchstack Required...

WordPress Postmatic Plugin <= 2.2.10 is vulnerable to Cross Site Scripting (XSS)

Software Postmatic Type Plugin Vulnerable versions = 2.2.10 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 87332f88c14e Credits Rafie Muhammad Patchstack Required...

WordPress Device Frame Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Device Frame Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 716731f50ce3 Credits Rafie Muhammad Patchstack Required...

WordPress Coming Soon Page and Maintenance Mode for WordPress Block Editor Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Coming Soon Page and Maintenance Mode for WordPress Block Editor Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Five-Star Ratings Shortcode Plugin < 1.2.48 is vulnerable to Cross Site Scripting (XSS)

Software Five-Star Ratings Shortcode Type Plugin Vulnerable versions 1.2.48 Fixed in 1.2.48 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ed6e5abc9527 Credits Rafie Muhammad...