WordPress NextGEN Gallery Plugin <= 3.3.6 is vulnerable to Cross Site Scripting (XSS)

Software NextGEN Gallery Type Plugin Vulnerable versions = 3.3.6 Fixed in 3.4.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1895dd78f517 Credits Rafie Muhammad Patchstack Required...

WordPress Stripe Express Plugin <= 1.12.0 is vulnerable to Cross Site Scripting (XSS)

Software Stripe Express Type Plugin Vulnerable versions = 1.12.0 Fixed in 1.12.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2d97e8c50280 Credits Rafie Muhammad Patchstack Required...

WordPress Gallery Bank Plugin <= 4.0.18 is vulnerable to Cross Site Scripting (XSS)

Software Gallery Bank Type Plugin Vulnerable versions = 4.0.18 Fixed in 4.0.19 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b7b7ba517a68 Credits Rafie Muhammad Patchstack Required...

WordPress Embed Docs - Elementor Files Addon,Elementor Docs Addon,Embed PDF, Word, PowerPoint and Excel Files in Gutenberg & Elementor Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Embed Docs - Elementor Files Addon,Elementor Docs Addon,Embed PDF, Word, PowerPoint and Excel Files in Gutenberg & Elementor Type Plugin Vulnerable versions = 2.0.3 Fixed in 3.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CV...

WordPress Chamber Dashboard Business Directory Plugin <= 3.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Chamber Dashboard Business Directory Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID f5647bf3131f Credits Rafie Muhammad...

WordPress HuCommerce | Magyar WooCommerce kieg鳺?ek Plugin <= 30.3.0 is vulnerable to Cross Site Scripting (XSS)

Software HuCommerce | Magyar WooCommerce kieg鳺?ek Type Plugin Vulnerable versions = 30.3.0 Fixed in 2022.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1c58fd50ae68 Credits Rafie...

WordPress Search Console Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Search Console Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a4be5ffaaaab Credits Rafie Muhammad Patchstack Required...

WordPress CF7 Constant Contact Fields Mapping Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software CF7 Constant Contact Fields Mapping Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 513aaa765db6 Credits Rafie Muhammad...

WordPress SV Columns Manager Plugin <= 1.9.00 is vulnerable to Cross Site Scripting (XSS)

Software SV Columns Manager Type Plugin Vulnerable versions = 1.9.00 Fixed in 2.0.00 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8ae25831d9ac Credits Rafie Muhammad Patchstack...

WordPress DeMomentSomTres Gravity Forms Improvements Plugin <= 20170425 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres Gravity Forms Improvements Type Plugin Vulnerable versions = 20170425 Fixed in 201805021810 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 477dcd7d6435 Credits...

WordPress Page Builder for Gutenberg – StarterBlocks Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Page Builder for Gutenberg – StarterBlocks Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 97ebfdae62a5 Credits Rafie...

WordPress WordPress Image Compression and Optimizer Plugin – CheetahO Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Image Compression and Optimizer Plugin – CheetahO Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID...

WordPress MasterStudy LMS Plugin <= 2.7.9 is vulnerable to Cross Site Scripting (XSS)

Software MasterStudy LMS Type Plugin Vulnerable versions = 2.7.9 Fixed in 2.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 876c95417bf3 Credits Rafie Muhammad Patchstack Required...

WordPress BuddyForms Hierarchical Posts Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Hierarchical Posts Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 0e41c8fe2c4e Credits Rafie Muhammad...

WordPress XPlainer - WooCommerce Product FAQ Plugin <= 1.3.35 is vulnerable to Cross Site Scripting (XSS)

Software XPlainer - WooCommerce Product FAQ Type Plugin Vulnerable versions = 1.3.35 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9c00776efd55 Credits Rafie Muhammad...

WordPress TempTool [Show Current Template Info] Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software TempTool Show Current Template Info Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bb611e3948a1 Credits Rafie Muhammad...

WordPress Expandable Paywall Plugin <= 2.0.16 is vulnerable to Cross Site Scripting (XSS)

Software Expandable Paywall Type Plugin Vulnerable versions = 2.0.16 Fixed in 2.0.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 4f52f28e3436 Credits Rafie Muhammad Patchstack...

WordPress Divi Testimonial Plus Plugin <= 6.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Divi Testimonial Plus Type Plugin Vulnerable versions = 6.1.0 Fixed in 6.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1e69e2a451e7 Credits Rafie Muhammad Patchstack...

WordPress WPEventPartners Demo Import Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WPEventPartners Demo Import Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a8b8e9b1e719 Credits Rafie Muhammad Patchstac...

WordPress DeMomentSomTres Subscribe Plugin <= 3.201706150908 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres Subscribe Type Plugin Vulnerable versions = 3.201706150908 Fixed in 3.201903272301 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c4ea936848b0 Credits Rafie...