5105 matches found
WordPress WP Mobile Menu Plugin < 2.8.4 is vulnerable to Cross Site Scripting (XSS)
Software WP Mobile Menu Type Plugin Vulnerable versions 2.8.4 Fixed in 2.8.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b62d186dca99 Credits Rafie Muhammad Patchstack Required...
WordPress Under Construction Plugin <= 6.0 is vulnerable to Cross Site Scripting (XSS)
Software Under Construction Type Plugin Vulnerable versions = 6.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ffe51e35d950 Credits Rafie Muhammad Patchstack Require...
WordPress Shortcodes Ultimate Plugin <= 5.13.0 is vulnerable to Cross Site Scripting (XSS)
Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.0 Fixed in 5.13.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 568e2ac38f7b Credits Rafie Muhammad Patchstack...
WordPress Simple Feature Requests Free – User Feedback Board Plugin < 2.2.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Simple Feature Requests Free – User Feedback Board Type Plugin Vulnerable versions 2.2.5.1 Fixed in 2.2.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5f85daa19cb8...
WordPress Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor Plugin < 1.7.6 is vulnerable to Cross Site Scripting (XSS)
Software Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor Type Plugin Vulnerable versions 1.7.6 Fixed in 1.7.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...
WordPress B Blocks - The ultimate block collection Plugin < 1.7.8 is vulnerable to Cross Site Scripting (XSS)
Software B Blocks - The ultimate block collection Type Plugin Vulnerable versions 1.7.8 Fixed in 1.7.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a29938020aa Credits Rafie...
WordPress ProfileGrid Plugin <= 5.5.2 is vulnerable to Broken Access Control
Software ProfileGrid Type Plugin Vulnerable versions = 5.5.2 Fixed in 5.5.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3714 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 163433ba9759 Credits Lana Codes Required privilege...
WordPress MultiParcels Shipping For WooCommerce Plugin < 1.14.15 is vulnerable to SQL Injection
Software MultiParcels Shipping For WooCommerce Type Plugin Vulnerable versions 1.14.15 Fixed in 1.14.15 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2843 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 3e93313a1e18 Credits Dao Xuan Hieu Required...
WordPress New Order Notification Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software New Order Notification Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f85602c77d34 Credits Rafie Muhammad Patchstack...
WordPress 1 Click Close Store Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software 1 Click Close Store Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d6ea0096ad8 Credits Rafie Muhammad Patchstack...
WordPress Woo Admin Product Notes Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Woo Admin Product Notes Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2c264a5cbee2 Credits Rafie Muhammad Patchstack...
WordPress WP Table Builder – WordPress Table Plugin Plugin < 1.4.10 is vulnerable to Cross Site Scripting (XSS)
Software WP Table Builder – WordPress Table Plugin Type Plugin Vulnerable versions 1.4.10 Fixed in 1.4.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c04de373423 Credits Rafie...
WordPress Contact Form DB Divi Plugin < 1.2 is vulnerable to Cross Site Scripting (XSS)
Software Contact Form DB Divi Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7b57e95fddc1 Credits Rafie Muhammad Patchstack Require...
WordPress License Manager for WooCommerce Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS)
Software License Manager for WooCommerce Type Plugin Vulnerable versions = 2.2.9 Fixed in 2.2.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 24ad0c80c991 Credits Rafie Muhammad...
WordPress Power Ups for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software Power Ups for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5f90ede97ce0 Credits Rafie Muhammad Patchstack...
WordPress CP Simple Newsletter Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software CP Simple Newsletter Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ce14137a822 Credits Rafie Muhammad Patchstack...
WordPress Product Size Charts Plugin for WooCommerce Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)
Software Product Size Charts Plugin for WooCommerce Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 148533d1f7c7 Credits Raf...
WordPress Video Embed & Thumbnail Generator Plugin < 4.8.11 is vulnerable to Cross Site Scripting (XSS)
Software Video Embed & Thumbnail Generator Type Plugin Vulnerable versions 4.8.11 Fixed in 4.8.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 593159c2fc96 Credits Rafie Muhammad...
WordPress Issues Tracker Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software Issues Tracker Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 524fc4ced1e7 Credits Rafie Muhammad Patchstack Require...
WordPress Windsor Strava Club Plugin <= 1.0.14 is vulnerable to Cross Site Scripting (XSS)
Software Windsor Strava Club Type Plugin Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2effed58e825 Credits Rafie Muhammad Patchstack...