WordPress Date Picker by Input WP – Sync bookings with external Calendars (.ics) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Date Picker by Input WP – Sync bookings with external Calendars .ics Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress LMS Plugin – eLearning, Online Courses by Attest Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS)

Software LMS Plugin – eLearning, Online Courses by Attest Type Plugin Vulnerable versions = 1.7.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3780cc3e494d Credits...

WordPress Live TV Player – Worldwide Live TV Channels Player for WordPress Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Live TV Player – Worldwide Live TV Channels Player for WordPress Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress BlogSafe Scanner Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software BlogSafe Scanner Type Plugin Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e47a3b031425 Credits Rafie Muhammad Patchstack Require...

WordPress Advance Menu Manager Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Advance Menu Manager Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 720e04a5ed64 Credits Rafie Muhammad Patchstack...

WordPress WooCommerce Bulk Edit Coupons – WP Sheet Editor Plugin < 1.3.41 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Bulk Edit Coupons – WP Sheet Editor Type Plugin Vulnerable versions 1.3.41 Fixed in 1.3.41 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 842ecbe2fc33 Credits...

WordPress SVG Flags – Beautiful Scalable Flags For All Countries! Plugin <= 0.9.6 is vulnerable to Cross Site Scripting (XSS)

Software SVG Flags – Beautiful Scalable Flags For All Countries! Type Plugin Vulnerable versions = 0.9.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9d8c58ac2463...

WordPress WP Relevant Ads Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Relevant Ads Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7cfa2ceef473 Credits Rafie Muhammad Patchstack Required...

WordPress Windsor Strava Club Plugin <= 1.0.14 is vulnerable to Cross Site Scripting (XSS)

Software Windsor Strava Club Type Plugin Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2effed58e825 Credits Rafie Muhammad Patchstack...

WordPress Builder for WooCommerce reviews shortcodes – ReviewShort Plugin < 1.0.21 is vulnerable to Cross Site Scripting (XSS)

Software Builder for WooCommerce reviews shortcodes – ReviewShort Type Plugin Vulnerable versions 1.0.21 Fixed in 1.0.21 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID 38a6f8afe733 Credits...

WordPress PageManager Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software PageManager Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4d83214e89fb Credits Rafie Muhammad Patchstack Required...

WordPress Mojito Shipping Plugin < 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Mojito Shipping Type Plugin Vulnerable versions 1.4.3 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 836e46da79bb Credits Rafie Muhammad Patchstack Required...

WordPress Spice Post Slider Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Spice Post Slider Type Plugin Vulnerable versions = 1.9 Fixed in 2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d34a32da46f Credits Rafie Muhammad Patchstack Required...

WordPress WebinarIgnition Plugin < 3.01.3 is vulnerable to Cross Site Scripting (XSS)

Software WebinarIgnition Type Plugin Vulnerable versions 3.01.3 Fixed in 3.01.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID 30c1e2f35176 Credits Rafie Muhammad Patchstack Required...

WordPress WordApp Mobile App Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WordApp Mobile App Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3aec8014f5d8 Credits Rafie Muhammad Patchstack...

WordPress SEO Booster Plugin < 3.8.9 is vulnerable to Cross Site Scripting (XSS)

Software SEO Booster Type Plugin Vulnerable versions 3.8.9 Fixed in 3.8.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f88d0b59f7d6 Credits Rafie Muhammad Patchstack Required...

WordPress WoowGallery – image gallery / content gallery / ecommerce gallery / social gallery / video gallery / album photo gallery Plugin < 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software WoowGallery – image gallery / content gallery / ecommerce gallery / social gallery / video gallery / album photo gallery Type Plugin Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS...

WordPress Court Reservation – Manage Your Court Bookings Online Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)

Software Court Reservation – Manage Your Court Bookings Online Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b8d73c11bad9...

WordPress Fast Index Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Fast Index Type Plugin Vulnerable versions = 1.9 Fixed in 1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1efd80ca1662 Credits Rafie Muhammad Patchstack Required...

WordPress Ant Admin Notices for Team Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Ant Admin Notices for Team Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2410afb1f6ab Credits Rafie Muhammad Patchsta...