WordPress Joli Table Of Contents Plugin < 2.0.10 is vulnerable to Cross Site Scripting (XSS)

Software Joli Table Of Contents Type Plugin Vulnerable versions 2.0.10 Fixed in 2.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dbdc6cbc5b8e Credits Rafie Muhammad Patchstack...

WordPress WP Mobile Menu Plugin < 2.8.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Mobile Menu Type Plugin Vulnerable versions 2.8.4 Fixed in 2.8.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b62d186dca99 Credits Rafie Muhammad Patchstack Required...

WordPress Under Construction Plugin <= 6.0 is vulnerable to Cross Site Scripting (XSS)

Software Under Construction Type Plugin Vulnerable versions = 6.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ffe51e35d950 Credits Rafie Muhammad Patchstack Require...

WordPress Shortcodes Ultimate Plugin <= 5.13.0 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.0 Fixed in 5.13.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 568e2ac38f7b Credits Rafie Muhammad Patchstack...

WordPress ProfileGrid Plugin <= 5.5.1 is vulnerable to Broken Access Control

Software ProfileGrid Type Plugin Vulnerable versions = 5.5.1 Fixed in 5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3713 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 8475e71147a0 Credits Lana Codes Required privilege...

WordPress TinyMCE Annotate Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software TinyMCE Annotate Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c0657a55b6a4 Credits Rafie Muhammad Patchstack Require...

WordPress Delete old Posts automatically Plugin < 3.3.9 is vulnerable to Cross Site Scripting (XSS)

Software Delete old Posts automatically Type Plugin Vulnerable versions 3.3.9 Fixed in 3.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 46270e2e981b Credits Rafie Muhammad...

WordPress Temp Mail X Theme <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Temp Mail X Type Theme Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 010056c53463 Credits Rafie Muhammad Patchstack Required...

WordPress Elementor BEMAX Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Elementor BEMAX Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f4c1a4c9489c Credits Rafie Muhammad Patchstack Required...

WordPress Superfast Mailgun for the Newsletter plugin Plugin < 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Superfast Mailgun for the Newsletter plugin Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05f4a612540e Credits Rafie...

WordPress Different Home for Logged IN & Logged OUT Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Different Home for Logged IN & Logged OUT Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 003ec4cecce4 Credits Rafie...

WordPress Content Scheduler: Editorial Calendar and Notes Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Content Scheduler: Editorial Calendar and Notes Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bce889e4798c Credits...

WordPress Woo Admin Product Notes Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Woo Admin Product Notes Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2c264a5cbee2 Credits Rafie Muhammad Patchstack...

WordPress SMS for WooCommerce Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)

Software SMS for WooCommerce Type Plugin Vulnerable versions = 2.6 Fixed in 2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0418ff42f218 Credits Rafie Muhammad Patchstack Requir...

WordPress WP Table Builder – WordPress Table Plugin Plugin < 1.4.10 is vulnerable to Cross Site Scripting (XSS)

Software WP Table Builder – WordPress Table Plugin Type Plugin Vulnerable versions 1.4.10 Fixed in 1.4.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c04de373423 Credits Rafie...

WordPress Dreamfox Media Shipping gateway per Product for Woocommerce Plugin < 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Dreamfox Media Shipping gateway per Product for Woocommerce Type Plugin Vulnerable versions 2.3.3 Fixed in 2.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 34683916968...

WordPress Contact Form DB Divi Plugin < 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form DB Divi Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7b57e95fddc1 Credits Rafie Muhammad Patchstack Require...

WordPress Dreamfox Media Payment gateway per Product for Woocommerce Plugin < 3.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Dreamfox Media Payment gateway per Product for Woocommerce Type Plugin Vulnerable versions 3.2.7 Fixed in 3.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f228b3d2c1e8...

WordPress License Manager for WooCommerce Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS)

Software License Manager for WooCommerce Type Plugin Vulnerable versions = 2.2.9 Fixed in 2.2.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 24ad0c80c991 Credits Rafie Muhammad...

WordPress Power Ups for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Power Ups for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5f90ede97ce0 Credits Rafie Muhammad Patchstack...