WordPress Human Resource Management (HRM) for WordPress – FooPeople Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Human Resource Management HRM for WordPress – FooPeople Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6943e73986ad...

WordPress WP Event Partners – WordPress Plugin for Event and Conference Management Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Event Partners – WordPress Plugin for Event and Conference Management Type Plugin Vulnerable versions = 1.2.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSI...

WordPress Change Price Title for WooCommerce Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Software Change Price Title for WooCommerce Type Plugin Vulnerable versions = 2.3 Fixed in 2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 363a9547c8ad Credits Rafie Muhammad...

WordPress WP REST User Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WP REST User Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a086b3cb3cdc Credits Rafie Muhammad Patchstack Required...

WordPress Reset Course Progress For LearnDash Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Reset Course Progress For LearnDash Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a19631e39834 Credits Rafie Muhammad...

WordPress Advanced Form Integration Plugin < 1.69.1 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Form Integration Type Plugin Vulnerable versions 1.69.1 Fixed in 1.69.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b9cd0d3cccb3 Credits Rafie Muhammad...

WordPress PixiGo Theme <= 1.0.16 is vulnerable to Cross Site Scripting (XSS)

Software PixiGo Type Theme Vulnerable versions = 1.0.16 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1dff6c0bf87 Credits Rafie Muhammad Patchstack Required privileg...

WordPress Inavii for Elementor Social Feed Plugin < 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Inavii for Elementor Social Feed Type Plugin Vulnerable versions 2.1.3 Fixed in 2.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9e06abac0d5b Credits Rafie Muhammad...

WordPress Apperr – Android and iOS App builder for WooCommerce and WordPress Plugin <= 0.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Apperr – Android and iOS App builder for WooCommerce and WordPress Type Plugin Vulnerable versions = 0.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress simplelender Plugin <= 1.3.14 is vulnerable to Cross Site Scripting (XSS)

Software simplelender Type Plugin Vulnerable versions = 1.3.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 540b2a01d315 Credits Rafie Muhammad Patchstack Required...

WordPress EthPress – Web3 Login Plugin < 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software EthPress – Web3 Login Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8300c2068fb2 Credits Rafie Muhammad Patchstack...

WordPress BAVOKO SEO Tools – All-in-One WordPress SEO Plugin <= 2.1.9.12 is vulnerable to Cross Site Scripting (XSS)

Software BAVOKO SEO Tools – All-in-One WordPress SEO Type Plugin Vulnerable versions = 2.1.9.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc4738883f56 Credits Raf...

WordPress Woocommerce Customer Reviews with Artificial Intelligence analyzis, with IBM Watson Tone Analyzer Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Customer Reviews with Artificial Intelligence analyzis, with IBM Watson Tone Analyzer Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1...

WordPress WC Place Order Without Payment Plugin < 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software WC Place Order Without Payment Type Plugin Vulnerable versions 2.5.2 Fixed in 2.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 20778007dca1 Credits Rafie Muhammad...

WordPress YouTube Embed - YouTube Gallery, Vimeo Gallery - Wordpress Plugin Plugin <= 10.3 is vulnerable to Cross Site Scripting (XSS)

Software YouTube Embed - YouTube Gallery, Vimeo Gallery - Wordpress Plugin Type Plugin Vulnerable versions = 10.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Responsive Accordion Tabs Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Accordion Tabs Type Plugin Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09d7b302a437 Credits Rafie Muhammad Patchstac...

WordPress Import Social Statistics Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Import Social Statistics Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 847bf2e0ca26 Credits Rafie Muhammad Patchstack...

WordPress G Blog Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software G Blog Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6d3793144fe Credits Rafie Muhammad Patchstack Required privilege...

WordPress Before and After Product Images for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Before and After Product Images for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 667bb1121fd9 Credits...

WordPress Customer Chat Facebook Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Customer Chat Facebook Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 36d502d50ea9 Credits Rafie Muhammad Patchstack...