WordPress Panorama Viewer – 360 Degree Image + Video Viewer Plugin < 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Panorama Viewer – 360 Degree Image + Video Viewer Type Plugin Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 90a4b4196c3c Credits...

WordPress TK Event Weather Plugin <= 1.6.6 is vulnerable to Cross Site Scripting (XSS)

Software TK Event Weather Type Plugin Vulnerable versions = 1.6.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e823c2c9f8bf Credits Rafie Muhammad Patchstack Require...

WordPress VidSEO | WordPress Video SEO embedder with transcripts (Youtube & Vimeo) Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software VidSEO | WordPress Video SEO embedder with transcripts Youtube & Vimeo Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Shuban Theme <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Shuban Type Theme Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 98dcb66899d5 Credits Rafie Muhammad Patchstack Required privilege...

WordPress WS Bootstrap Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software WS Bootstrap Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b19c745aa206 Credits Rafie Muhammad Patchstack Required...

WordPress DIVI Maker – Create your own DIVI Modules Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software DIVI Maker – Create your own DIVI Modules Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c8935540b0df Credits Rafie...

WordPress Simply Featured Video - Featured video support for WordPress Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Simply Featured Video - Featured video support for WordPress Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d9558f50ad...

WordPress Display Eventbrite Events Plugin < 5.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Display Eventbrite Events Type Plugin Vulnerable versions 5.3.3 Fixed in 5.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID b65580fd09a1 Credits Rafie Muhammad...

WordPress Web3 Token Gate Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Web3 Token Gate Type Plugin Vulnerable versions = 1.0.4 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f615f3c0c30 Credits Rafie Muhammad Patchstack Requir...

WordPress Sync eCommerce NEO Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software Sync eCommerce NEO Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9dbd1f3d1861 Credits Rafie Muhammad Patchstack Require...

WordPress GA4WP: Google Analytics for WordPress Plugin < 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software GA4WP: Google Analytics for WordPress Type Plugin Vulnerable versions 2.2.0 Fixed in 2.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID afc97efd69b5 Credits Rafie Muhamm...

WordPress Krste Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Krste Type Theme Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 85a28ce3ea57 Credits Rafie Muhammad Patchstack Required privilege...

WordPress Perelandra Sermons Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Perelandra Sermons Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9ff817c8a39c Credits Rafie Muhammad Patchstack...

WordPress WP Moose Theme <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Moose Type Theme Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a3a49f50a84c Credits Rafie Muhammad Patchstack Required privile...

WordPress Travel Tour Theme < 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Travel Tour Type Theme Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f08db9648ea0 Credits Rafie Muhammad Patchstack Required...

WordPress AWS S3 for WordPress Plugin – Upcasted Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)

Software AWS S3 for WordPress Plugin – Upcasted Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fb7f2e635031 Credits Rafie...

WordPress Scheduled Notification Bar Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Scheduled Notification Bar Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 18a062a468b5 Credits Rafie Muhammad Patchsta...

WordPress Customizer custom controls with Drag and Drop builder – Customizely Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Customizer custom controls with Drag and Drop builder – Customizely Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Multipurpose Gutenberg Block Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Software Multipurpose Gutenberg Block Type Plugin Vulnerable versions = 1.7.5 Fixed in 1.7.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 814ea97caffb Credits Rafie Muhammad...

WordPress Simple Giveaways Plugin <= 2.46.0 is vulnerable to Cross Site Scripting (XSS)

Software Simple Giveaways Type Plugin Vulnerable versions = 2.46.0 Fixed in 2.46.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0ce7fb5f5ef Credits Rafie Muhammad Patchstack...