WordPress Simple Tour Guide Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Simple Tour Guide Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 16c7f68a1d9d Credits Rafie Muhammad Patchstack Required...

WordPress Pay For Post with WooCommerce Plugin <= 3.1.10 is vulnerable to Cross Site Scripting (XSS)

Software Pay For Post with WooCommerce Type Plugin Vulnerable versions = 3.1.10 Fixed in 3.1.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 66dd1df63221 Credits Rafie Muhammad...

WordPress Google Maps Plugin by Intergeo Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Google Maps Plugin by Intergeo Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 6c46fd667005 Credits Rafie Muhammad...

WordPress Custom Welcome Guide Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Custom Welcome Guide Type Plugin Vulnerable versions = 1.0.8 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 0f8aead91a99 Credits Rafie Muhammad Patchstack...

WordPress Divi Carousel Lite Plugin <= 1.2.11 is vulnerable to Cross Site Scripting (XSS)

Software Divi Carousel Lite Type Plugin Vulnerable versions = 1.2.11 Fixed in 1.2.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a2b273c2e39a Credits Rafie Muhammad Patchstack...

WordPress Ultimate Custom ScrollBar Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Custom ScrollBar Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9b4f77bc482f Credits Rafie Muhammad Patchstack...

WordPress bbResolutions Plugin <= 0.7 is vulnerable to Cross Site Scripting (XSS)

Software bbResolutions Type Plugin Vulnerable versions = 0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 33976c10ced6 Credits Rafie Muhammad Patchstack Required privile...

WordPress Popup Maker Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Popup Maker Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.10.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b1490f38ddc0 Credits Rafie Muhammad Patchstack Required...

WordPress Display WP Admin Pages in the Frontend – WP Frontend Admin Plugin <= 1.20.0 is vulnerable to Cross Site Scripting (XSS)

Software Display WP Admin Pages in the Frontend – WP Frontend Admin Type Plugin Vulnerable versions = 1.20.0 Fixed in 1.21.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2da048d80366...

WordPress Hide Admin Bar Based on User Roles Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software Hide Admin Bar Based on User Roles Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 3d22aaa97c1e Credits Rafie Muhammad...

WordPress WordPress Team Members – GS Plugins Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Team Members – GS Plugins Type Plugin Vulnerable versions = 2.2.1 Fixed in 2.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 741ebe0ad0f9 Credits Rafie Muhammad...

WordPress BuddyForms Form Elements for WooCommerce Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Form Elements for WooCommerce Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 935b2e87bd86 Credits Rafie...

WordPress WordPress Auto SEO Plugin – Upfiv SEO Wizard Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Auto SEO Plugin – Upfiv SEO Wizard Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2a56c1fca648 Credits Rafie...

WordPress WooCommerce Tiered Price Table Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Tiered Price Table Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9b5f585c6785 Credits Rafie Muhammad...

WordPress SV Forms Plugin <= 1.9.00 is vulnerable to Cross Site Scripting (XSS)

Software SV Forms Type Plugin Vulnerable versions = 1.9.00 Fixed in 2.0.02 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 3d5feaf66d74 Credits Rafie Muhammad Patchstack Required...

WordPress Contact form builder for Gutenberg - Formello Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Contact form builder for Gutenberg - Formello Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9de8c7507f30 Credits Rafie...

WordPress WP Tools Divi Blog Carousel Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Tools Divi Blog Carousel Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8fda70168d77 Credits Rafie Muhammad Patchstac...

WordPress Remove WP Update Nags Plugin <= 1.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Remove WP Update Nags Type Plugin Vulnerable versions = 1.4.0 Fixed in 1.5.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 4c53c2dafb06 Credits Rafie Muhammad Patchstack...

WordPress WP Activity Log Plugin <= 4.4.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Activity Log Type Plugin Vulnerable versions = 4.4.2.1 Fixed in 4.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Melapress PSID 309a4583a754 Credits Rafie Muhammad Patchstack Required...

WordPress AnyWhere Elementor Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)

Software AnyWhere Elementor Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer WPVibes PSID 929510fc606c Credits Rafie Muhammad Patchstack Required...