WordPress WooCommerce to Zoho CRM Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce to Zoho CRM Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fd362fec5d18 Credits Rafie Muhammad Patchstac...

WordPress Smart Admin Menu Filter Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Smart Admin Menu Filter Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6bdc701a1bda Credits Rafie Muhammad Patchstack...

WordPress South Pole: Climate action now Plugin <= 1.0.3.2 is vulnerable to Cross Site Scripting (XSS)

Software South Pole: Climate action now Type Plugin Vulnerable versions = 1.0.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0b8c06df3bd4 Credits Rafie Muhammad...

WordPress WP Private Media Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Private Media Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 97f5406e373a Credits Rafie Muhammad Patchstack Require...

WordPress Full Picture – Privacy-Focused Tag Manager & Cookie Notice Plugin < 5.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Full Picture – Privacy-Focused Tag Manager & Cookie Notice Type Plugin Vulnerable versions 5.0.0 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 665d64e793d9...

WordPress Passwordless Login with OTP / SMS & Email – Account Kit Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Passwordless Login with OTP / SMS & Email – Account Kit Type Plugin Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f69eb28819b1...

WordPress AI Mojo – GPT-3 Playground for WordPress Plugin < 0.9.0 is vulnerable to Cross Site Scripting (XSS)

Software AI Mojo – GPT-3 Playground for WordPress Type Plugin Vulnerable versions 0.9.0 Fixed in 0.9.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5642cc65e7b6 Credits Rafie...

WordPress All in One Invite Codes Plugin < 1.1.11 is vulnerable to Cross Site Scripting (XSS)

Software All in One Invite Codes Type Plugin Vulnerable versions 1.1.11 Fixed in 1.1.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 070ddaecd3e9 Credits Rafie Muhammad Patchstac...

WordPress GutenBook Theme <= 1.0.14 is vulnerable to Cross Site Scripting (XSS)

Software GutenBook Type Theme Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 196df2c9a7a0 Credits Rafie Muhammad Patchstack Required...

WordPress SSL Atlas – Free SSL Certificate & HTTPS Redirect for WordPress Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SSL Atlas – Free SSL Certificate & HTTPS Redirect for WordPress Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress WP BugBot Plugin <= 1.8.0 is vulnerable to Cross Site Scripting (XSS)

Software WP BugBot Type Plugin Vulnerable versions = 1.8.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8154723f093b Credits Rafie Muhammad Patchstack Required...

WordPress Modern Designs for Gravity Forms Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Modern Designs for Gravity Forms Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4662a347c105 Credits Rafie Muhammad...

WordPress WP Delicious Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Delicious Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f958188390a5 Credits Rafie Muhammad Patchstack Required...

WordPress RevivePress Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software RevivePress Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e19b58dc50bd Credits Rafie Muhammad Patchstack Required...

WordPress Forms to Sendinblue Plugin <= 5.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Forms to Sendinblue Type Plugin Vulnerable versions = 5.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 455e2c223c64 Credits Rafie Muhammad Patchstack...

WordPress Floating Awesome Button Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Floating Awesome Button Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a554276c1f96 Credits Rafie Muhammad Patchstac...

WordPress Go Viral – social share, social sharebar, social locker, social chat, open graph, reactions, share & view counters Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Go Viral – social share, social sharebar, social locker, social chat, open graph, reactions, share & view counters Type Plugin Vulnerable versions = 1.8.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severit...

WordPress Video Embed & Thumbnail Generator Plugin < 4.8.11 is vulnerable to Cross Site Scripting (XSS)

Software Video Embed & Thumbnail Generator Type Plugin Vulnerable versions 4.8.11 Fixed in 4.8.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 593159c2fc96 Credits Rafie Muhammad...

WordPress Instant Page Load Plugin <= 1.09 is vulnerable to Cross Site Scripting (XSS)

Software Instant Page Load Type Plugin Vulnerable versions = 1.09 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e04533f20844 Credits Rafie Muhammad Patchstack Require...

WordPress Rating Widget Plugin < 3.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Rating Widget Type Plugin Vulnerable versions 3.2.0 Fixed in 3.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Rating-Widget PSID fd73e6791148 Credits Rafie Muhammad Patchstack Required...