5098 matches found
WordPress Post Grid, Image Gallery & Portfolio for Elementor | PowerFolio Plugin < 3.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Post Grid, Image Gallery & Portfolio for Elementor | PowerFolio Type Plugin Vulnerable versions 3.0.3 Fixed in 3.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...
WordPress WP-Cron Status Checker Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)
Software WP-Cron Status Checker Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e78f192bc072 Credits Rafie Muhammad Patchstack...
WordPress Mapster WP Maps Plugin < 1.2.36 is vulnerable to Cross Site Scripting (XSS)
Software Mapster WP Maps Type Plugin Vulnerable versions 1.2.36 Fixed in 1.2.36 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 42d3f06779ba Credits Rafie Muhammad Patchstack Requir...
WordPress Bani Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)
Software Bani Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 34cf7cd408a8 Credits Rafie Muhammad Patchstack Required privilege...
WordPress Online Booking for Barbershops and Salons Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Online Booking for Barbershops and Salons Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 42e60e184e83 Credits Rafie...
WordPress Windsor Strava Club Plugin <= 1.0.14 is vulnerable to Cross Site Scripting (XSS)
Software Windsor Strava Club Type Plugin Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2effed58e825 Credits Rafie Muhammad Patchstack...
WordPress Tickera Plugin < 3.4.8.4 is vulnerable to Cross Site Scripting (XSS)
Software Tickera Type Plugin Vulnerable versions 3.4.8.4 Fixed in 3.4.8.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 572bf731f4a5 Credits Rafie Muhammad Patchstack Required...
WordPress Chained Theme <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Chained Type Theme Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 086dfbf797b5 Credits Rafie Muhammad Patchstack Required privileg...
WordPress Purus Theme <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software Purus Type Theme Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4884818f6a93 Credits Rafie Muhammad Patchstack Required privilege...
WordPress WP Photo Effects Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)
Software WP Photo Effects Type Plugin Vulnerable versions = 1.2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 83f7978cf7eb Credits Rafie Muhammad Patchstack Require...
WordPress Contact Form for WordPress- Cybrosys Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)
Software Contact Form for WordPress- Cybrosys Type Plugin Vulnerable versions = 5.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a418e2304432 Credits Rafie Muhammad...
WordPress RankBear Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software RankBear Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 013916b233cd Credits Rafie Muhammad Patchstack Required...
WordPress RelicWP Helper Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software RelicWP Helper Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d323152ffbc Credits Rafie Muhammad Patchstack Required...
WordPress Advanced USPS Shipping Method Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Advanced USPS Shipping Method Type Plugin Vulnerable versions = 1.0.1 Fixed in 1.0.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a753901c3acc Credits Rafie Muhammad...
WordPress EazyDocs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)
Software EazyDocs Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6b527c9fb24 Credits Rafie Muhammad Patchstack Required...
WordPress Cool Author Box - For Widget and Post Content Plugin <= 2.9.5 is vulnerable to Cross Site Scripting (XSS)
Software Cool Author Box - For Widget and Post Content Type Plugin Vulnerable versions = 2.9.5 Fixed in 2.9.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 965a0456c07b Credits...
WordPress Fullworks Slack Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Fullworks Slack Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4a8ad72a132f Credits Rafie Muhammad Patchstack Required...
WordPress Royal Elementor Addons Plugin < 1.3.71 is vulnerable to Cross Site Scripting (XSS)
Software Royal Elementor Addons Type Plugin Vulnerable versions 1.3.71 Fixed in 1.3.71 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WProyal PSID f12eb2449894 Credits Rafie Muhammad Patchstack Require...
WordPress Rest Routes – Custom Endpoints for WP REST API Plugin < 4.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Rest Routes – Custom Endpoints for WP REST API Type Plugin Vulnerable versions 4.4.1 Fixed in 4.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d3ad1937efb Credits Raf...
WordPress Spice Box Plugin < 2.2 is vulnerable to Cross Site Scripting (XSS)
Software Spice Box Type Plugin Vulnerable versions 2.2 Fixed in 2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1d9a54925819 Credits Rafie Muhammad Patchstack Required privilege...