WordPress Advanced Custom Fields Frontend Forms Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields Frontend Forms Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID e7bf47e904be Credits Rafie Muhammad...

WordPress Fast Custom Social Share by CodeBard Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Fast Custom Social Share by CodeBard Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Codebard PSID d404bf7e4f09 Credits Rafie Muhammad...

WordPress Elementor Addon Elements Plugin <= 1.11.16 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.11.16 Fixed in 1.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer WPVibes PSID 41872ea94dbe Credits Rafie Muhammad Patchstack Required...

WordPress Greenshift – animation and page builder blocks Plugin <= 2.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Greenshift – animation and page builder blocks Type Plugin Vulnerable versions = 2.8.4 Fixed in 4.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 468204672d41 Credits Rafie...

WordPress WP Cloud Server Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Cloud Server Type Plugin Vulnerable versions = 1.3.0 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8cdd8c408320 Credits Rafie Muhammad Patchstack Required...

WordPress WP Mail Log Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Mail Log Type Plugin Vulnerable versions = 1.0.2 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 0ce743ed2f3d Credits Rafie Muhammad Patchstack Required...

WordPress WordPress Form Builder Plugin – Gutenberg Forms Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Form Builder Plugin – Gutenberg Forms Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 994f2f3ecc26 Credits Rafi...

WordPress Divi Content Restrictor Plugin < 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Divi Content Restrictor Type Plugin Vulnerable versions 1.4.3 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 19d3d4ac2e6a Credits Rafie Muhammad Patchstack...

WordPress Simple Social Page Widget & Shortcode Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Simple Social Page Widget & Shortcode Type Plugin Vulnerable versions = 1.7.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0903d51f92c2 Credits Rafie Muhamm...

WordPress Cryptocurrency Product for WooCommerce Plugin < 3.16.10 is vulnerable to Cross Site Scripting (XSS)

Software Cryptocurrency Product for WooCommerce Type Plugin Vulnerable versions 3.16.10 Fixed in 3.16.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 10effe065692 Credits Rafie...

WordPress Featured Products First for WooCommerce – A Extension of WooCommerce (WooCommerce Addon Plugin) Plugin <= 1.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Featured Products First for WooCommerce – A Extension of WooCommerce WooCommerce Addon Plugin Type Plugin Vulnerable versions = 1.9.5 Fixed in 1.9.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1...

WordPress QuotePress – Quote Estimate Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software QuotePress – Quote Estimate Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 51fb8888d848 Credits Rafie Muhammad...

WordPress WordPress HelpDesk & Support Ticket System Plugin – Octrace Support Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software WordPress HelpDesk & Support Ticket System Plugin – Octrace Support Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Yatri Tools Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Yatri Tools Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 84e7df9e0b09 Credits Rafie Muhammad Patchstack Required...

WordPress Checkout with Cash App on WooCommerce Plugin <= 5.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Checkout with Cash App on WooCommerce Type Plugin Vulnerable versions = 5.2.1 Fixed in 5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 95fc9f3742ce Credits Rafie Muhamm...

WordPress LittleBot ACH for Stripe + Plaid Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)

Software LittleBot ACH for Stripe + Plaid Type Plugin Vulnerable versions = 1.2.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5af20012a51f Credits Rafie Muhammad...

WordPress All in One Video Downloader Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software All in One Video Downloader Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 83138c5b2fe4 Credits Rafie Muhammad...

WordPress Alley Business Toolkit Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Alley Business Toolkit Type Plugin Vulnerable versions = 2.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f03c4c803b7a Credits Rafie Muhammad Patchstack...

WordPress Joli CLEAR Lightbox Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Joli CLEAR Lightbox Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 81ea7793b95a Credits Rafie Muhammad Patchstack...

WordPress STAX Header Builder Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software STAX Header Builder Type Plugin Vulnerable versions = 1.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8750093fc2e7 Credits Rafie Muhammad Patchstack...