WordPress Fast Index Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Fast Index Type Plugin Vulnerable versions = 1.9 Fixed in 1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1efd80ca1662 Credits Rafie Muhammad Patchstack Required...

WordPress Ant Admin Notices for Team Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Ant Admin Notices for Team Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2410afb1f6ab Credits Rafie Muhammad Patchsta...

WordPress Delivery & Pickup Scheduling DateTime Picker Plugin for WooCommerce - Date Time Picker Plugin for WooCommerce Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Delivery & Pickup Scheduling DateTime Picker Plugin for WooCommerce - Date Time Picker Plugin for WooCommerce Type Plugin Vulnerable versions = 1.0.11 Fixed in 1.0.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity...

WordPress Ultimeter Plugin < 2.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Ultimeter Type Plugin Vulnerable versions 2.8.3 Fixed in 2.8.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6dbf05fd248 Credits Rafie Muhammad Patchstack Required...

WordPress Agy – Age verification for WooCommerce Plugin <= 4.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Agy – Age verification for WooCommerce Type Plugin Vulnerable versions = 4.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f0f028393287 Credits Rafie...

WordPress Music Player for Elementor – Audio Player & Podcast Player Plugin < 1.5.9.9 is vulnerable to Cross Site Scripting (XSS)

Software Music Player for Elementor – Audio Player & Podcast Player Type Plugin Vulnerable versions 1.5.9.9 Fixed in 1.5.9.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Easy Caller with Mocean Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Easy Caller with Mocean Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 95b81194adaf Credits Rafie Muhammad Patchstack...

WordPress Delete old Posts automatically Plugin < 3.3.9 is vulnerable to Cross Site Scripting (XSS)

Software Delete old Posts automatically Type Plugin Vulnerable versions 3.3.9 Fixed in 3.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 46270e2e981b Credits Rafie Muhammad...

WordPress WordPress Expert Agent XML Feed Plugin <= 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Expert Agent XML Feed Type Plugin Vulnerable versions = 2.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09eb8ef56aa2 Credits Rafie Muhammad...

WordPress TwentyFourth WP Scraper Plugin <= 0.6.5 is vulnerable to Cross Site Scripting (XSS)

Software TwentyFourth WP Scraper Type Plugin Vulnerable versions = 0.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8302abdf1de Credits Rafie Muhammad Patchstack...

WordPress Multilist Subscribe for Sendy Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Multilist Subscribe for Sendy Type Plugin Vulnerable versions = 1.6.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 92425a5d4204 Credits Rafie Muhammad...

WordPress Performance Kit Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Performance Kit Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b28c91b23fa9 Credits Rafie Muhammad Patchstack Required...

WordPress Alt Manager Plugin < 1.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Alt Manager Type Plugin Vulnerable versions 1.5.7 Fixed in 1.5.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d5816be5174 Credits Rafie Muhammad Patchstack Required...

WordPress AutoMail – Event-driven Email Automation. Easy email Notification and Auto-reply. Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software AutoMail – Event-driven Email Automation. Easy email Notification and Auto-reply. Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Live TV Player – Worldwide Live TV Channels Player for WordPress Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Live TV Player – Worldwide Live TV Channels Player for WordPress Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress WC Place Order Without Payment Plugin < 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software WC Place Order Without Payment Type Plugin Vulnerable versions 2.5.2 Fixed in 2.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 20778007dca1 Credits Rafie Muhammad...

WordPress Easy Social Feed Plugin < 6.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Easy Social Feed Type Plugin Vulnerable versions 6.5.1 Fixed in 6.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d5526157708e Credits Rafie Muhammad Patchstack Require...

WordPress Rocket Addons – Conditional logic and form addons for Elementor Pro Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Rocket Addons – Conditional logic and form addons for Elementor Pro Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Error Log Monitor Plugin < 1.7.7 is vulnerable to Cross Site Scripting (XSS)

Software Error Log Monitor Type Plugin Vulnerable versions 1.7.7 Fixed in 1.7.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1ba690e43ba1 Credits Rafie Muhammad Patchstack Requir...

WordPress Page Visit Counter Plugin <= 6.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Page Visit Counter Type Plugin Vulnerable versions = 6.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2a559c6794f4 Credits Rafie Muhammad Patchstack...