WordPress Apperr – Android and iOS App builder for WooCommerce and WordPress Plugin <= 0.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Apperr – Android and iOS App builder for WooCommerce and WordPress Type Plugin Vulnerable versions = 0.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress simplelender Plugin <= 1.3.14 is vulnerable to Cross Site Scripting (XSS)

Software simplelender Type Plugin Vulnerable versions = 1.3.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 540b2a01d315 Credits Rafie Muhammad Patchstack Required...

WordPress EthPress – Web3 Login Plugin < 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software EthPress – Web3 Login Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8300c2068fb2 Credits Rafie Muhammad Patchstack...

WordPress BAVOKO SEO Tools – All-in-One WordPress SEO Plugin <= 2.1.9.12 is vulnerable to Cross Site Scripting (XSS)

Software BAVOKO SEO Tools – All-in-One WordPress SEO Type Plugin Vulnerable versions = 2.1.9.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc4738883f56 Credits Raf...

WordPress Woocommerce Customer Reviews with Artificial Intelligence analyzis, with IBM Watson Tone Analyzer Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Customer Reviews with Artificial Intelligence analyzis, with IBM Watson Tone Analyzer Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1...

WordPress WC Place Order Without Payment Plugin < 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software WC Place Order Without Payment Type Plugin Vulnerable versions 2.5.2 Fixed in 2.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 20778007dca1 Credits Rafie Muhammad...

WordPress YouTube Embed - YouTube Gallery, Vimeo Gallery - Wordpress Plugin Plugin <= 10.3 is vulnerable to Cross Site Scripting (XSS)

Software YouTube Embed - YouTube Gallery, Vimeo Gallery - Wordpress Plugin Type Plugin Vulnerable versions = 10.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Responsive Accordion Tabs Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Accordion Tabs Type Plugin Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09d7b302a437 Credits Rafie Muhammad Patchstac...

WordPress Import Social Statistics Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Import Social Statistics Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 847bf2e0ca26 Credits Rafie Muhammad Patchstack...

WordPress G Blog Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software G Blog Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6d3793144fe Credits Rafie Muhammad Patchstack Required privilege...

WordPress Before and After Product Images for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Before and After Product Images for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 667bb1121fd9 Credits...

WordPress Customer Chat Facebook Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Customer Chat Facebook Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 36d502d50ea9 Credits Rafie Muhammad Patchstack...

WordPress Slider Addons for The Events Calendar Plugin <= 5.6 is vulnerable to Cross Site Scripting (XSS)

Software Slider Addons for The Events Calendar Type Plugin Vulnerable versions = 5.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d83dcd3934a0 Credits Rafie Muhammad...

WordPress Surbma | GDPR Proof Cookie Consent & Notice Bar Plugin < 17.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Surbma | GDPR Proof Cookie Consent & Notice Bar Type Plugin Vulnerable versions 17.8.2 Fixed in 17.8.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 17767534824b Credits...

WordPress Document Viewer for Office Plugin < 2.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Document Viewer for Office Type Plugin Vulnerable versions 2.2.7 Fixed in 2.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d9616ec54053 Credits Rafie Muhammad Patchsta...

WordPress StreamWeasels Twitch Integration Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels Twitch Integration Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 71e06e3c812c Credits Rafie Muhammad...

WordPress Internal Link Juicer: SEO Auto Linker for WordPress Plugin < 2.23.2 is vulnerable to Cross Site Scripting (XSS)

Software Internal Link Juicer: SEO Auto Linker for WordPress Type Plugin Vulnerable versions 2.23.2 Fixed in 2.23.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dd5685544e...

WordPress Sky Login Redirect Plugin < 3.7.3 is vulnerable to Cross Site Scripting (XSS)

Software Sky Login Redirect Type Plugin Vulnerable versions 3.7.3 Fixed in 3.7.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 47937b8b3a2f Credits Rafie Muhammad Patchstack...

WordPress Dynamic Pricing for WooCommerce Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Dynamic Pricing for WooCommerce Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ce0b562a9dd7 Credits Rafie Muhammad...

WordPress WP Simple Maintenance & Under Construction Mode Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Simple Maintenance & Under Construction Mode Type Plugin Vulnerable versions = 1.5.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ae5ab24add7b Credits...