WordPress Contact Form DB Divi Plugin < 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form DB Divi Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7b57e95fddc1 Credits Rafie Muhammad Patchstack Require...

WordPress Dreamfox Media Payment gateway per Product for Woocommerce Plugin < 3.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Dreamfox Media Payment gateway per Product for Woocommerce Type Plugin Vulnerable versions 3.2.7 Fixed in 3.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f228b3d2c1e8...

WordPress License Manager for WooCommerce Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS)

Software License Manager for WooCommerce Type Plugin Vulnerable versions = 2.2.9 Fixed in 2.2.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 24ad0c80c991 Credits Rafie Muhammad...

WordPress Power Ups for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Power Ups for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5f90ede97ce0 Credits Rafie Muhammad Patchstack...

WordPress Super Video Player Plugin < 1.6.13 is vulnerable to Cross Site Scripting (XSS)

Software Super Video Player Type Plugin Vulnerable versions 1.6.13 Fixed in 1.6.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a2d8b09b91b6 Credits Rafie Muhammad Patchstack...

WordPress STAX Header Builder Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software STAX Header Builder Type Plugin Vulnerable versions = 1.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8750093fc2e7 Credits Rafie Muhammad Patchstack...

WordPress Post Grid for Elementor & Product Grid | PowerGrids Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Post Grid for Elementor & Product Grid | PowerGrids Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b07b1b7c7042...

WordPress YARPP Plugin <= 5.30.3 is vulnerable to Cross Site Scripting (XSS)

Software YARPP Type Plugin Vulnerable versions = 5.30.3 Fixed in 5.30.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2433 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a7d49568bb15 Credits Lana Codes Required privilege...

WordPress CP Simple Newsletter Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software CP Simple Newsletter Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ce14137a822 Credits Rafie Muhammad Patchstack...

WordPress Material Design for Contact Form 7 Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Material Design for Contact Form 7 Type Plugin Vulnerable versions = 2.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dee6925b46 Credits Rafie Muhammad...

WordPress Past Events Extension Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Past Events Extension Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2e6ecc56e2b5 Credits Rafie Muhammad Patchstack...

WordPress NEXUS Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software NEXUS Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29099b6f6f6d Credits Rafie Muhammad Patchstack Required privilege...

WordPress Product Size Charts Plugin for WooCommerce Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Product Size Charts Plugin for WooCommerce Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 148533d1f7c7 Credits Raf...

WordPress Live Drag and Drop Builder for Contact Form 7 Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Live Drag and Drop Builder for Contact Form 7 Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8dcf6b85301 Credits Rafi...

WordPress Video Embed & Thumbnail Generator Plugin < 4.8.11 is vulnerable to Cross Site Scripting (XSS)

Software Video Embed & Thumbnail Generator Type Plugin Vulnerable versions 4.8.11 Fixed in 4.8.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 593159c2fc96 Credits Rafie Muhammad...

WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...

WordPress WooCommerce Dynamic Pricing and Discount Rules Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Dynamic Pricing and Discount Rules Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 506694d0fc2e Credits...

WordPress Doubly - Cross Domain Copy Paste for WordPress Plugin < 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Doubly - Cross Domain Copy Paste for WordPress Type Plugin Vulnerable versions 1.0 Fixed in 1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dd92367e6b06 Credits Rafie...

WordPress QuotePress – Quote Estimate Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software QuotePress – Quote Estimate Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 51fb8888d848 Credits Rafie Muhammad...

WordPress WordApp Mobile App Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WordApp Mobile App Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3aec8014f5d8 Credits Rafie Muhammad Patchstack...