5105 matches found
WordPress Blog Sidebar Widget Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Blog Sidebar Widget Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7ae8bbf8a06a Credits Rafie Muhammad Patchstack...
WordPress Temp Mail X Theme <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)
Software Temp Mail X Type Theme Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 010056c53463 Credits Rafie Muhammad Patchstack Required...
WordPress Past Events Extension Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Past Events Extension Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2e6ecc56e2b5 Credits Rafie Muhammad Patchstack...
WordPress WordPress Form Customizer | CF7 Customizer Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Software WordPress Form Customizer | CF7 Customizer Type Plugin Vulnerable versions = 1.6.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3a6ce9d015a7 Credits Rafie...
WordPress Spice Box Plugin < 2.2 is vulnerable to Cross Site Scripting (XSS)
Software Spice Box Type Plugin Vulnerable versions 2.2 Fixed in 2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1d9a54925819 Credits Rafie Muhammad Patchstack Required privilege...
WordPress Station Pro Plugin < 2.3.4 is vulnerable to Cross Site Scripting (XSS)
Software Station Pro Type Plugin Vulnerable versions 2.3.4 Fixed in 2.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d46c92672929 Credits Rafie Muhammad Patchstack Required...
WordPress Moose Elementor Kit Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Moose Elementor Kit Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1da1bca2e4ae Credits Rafie Muhammad Patchstack...
WordPress Ethereum Wallet Plugin < 4.10.6 is vulnerable to Cross Site Scripting (XSS)
Software Ethereum Wallet Type Plugin Vulnerable versions 4.10.6 Fixed in 4.10.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 12d0d0ea37bd Credits Rafie Muhammad Patchstack Requir...
WordPress Cleanup Action Scheduler Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software Cleanup Action Scheduler Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 658cd4ed1a2b Credits Rafie Muhammad Patchsta...
WordPress Front End PM Plugin < 11.3.9 is vulnerable to Cross Site Scripting (XSS)
Software Front End PM Type Plugin Vulnerable versions 11.3.9 Fixed in 11.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d8bae7ecb926 Credits Rafie Muhammad Patchstack Required...
WordPress Agncy Theme <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)
Software Agncy Type Theme Vulnerable versions = 1.6.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa0143071d81 Credits Rafie Muhammad Patchstack Required privilege...
WordPress Battle Suit for Divi Plugin <= 1.17.0 is vulnerable to Cross Site Scripting (XSS)
Software Battle Suit for Divi Type Plugin Vulnerable versions = 1.17.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 008027bf67c9 Credits Rafie Muhammad Patchstack...
WordPress ProfileGrid Plugin <= 5.5.1 is vulnerable to Broken Access Control
Software ProfileGrid Type Plugin Vulnerable versions = 5.5.1 Fixed in 5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3713 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 8475e71147a0 Credits Lana Codes Required privilege...
WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...
WordPress WordApp Mobile App Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Software WordApp Mobile App Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3aec8014f5d8 Credits Rafie Muhammad Patchstack...
WordPress GloriousThemes Starter Sites Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software GloriousThemes Starter Sites Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fbb0bb613259 Credits Rafie Muhammad...
WordPress Arendelle Theme < 1.1.13 is vulnerable to Cross Site Scripting (XSS)
Software Arendelle Type Theme Vulnerable versions 1.1.13 Fixed in 1.1.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b2fecb51ff76 Credits Rafie Muhammad Patchstack Required...
WordPress Emails Blacklist for Everest Forms Plugin < 1.0.4 is vulnerable to Cross Site Scripting (XSS)
Software Emails Blacklist for Everest Forms Type Plugin Vulnerable versions 1.0.4 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ca3c9ef88aae Credits Rafie Muhammad...
WordPress WP Shopping Pages Plugin <= 1.14 is vulnerable to Cross Site Scripting (XSS)
Software WP Shopping Pages Type Plugin Vulnerable versions = 1.14 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3492 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 898c5bf8d8e1 Credits Katharina Altmann...
WordPress Add Tiktok Pixel for Tiktok ads (+Woocommerce) Plugin < 1.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Add Tiktok Pixel for Tiktok ads +Woocommerce Type Plugin Vulnerable versions 1.2.7 Fixed in 1.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 92194b39a569 Credits Rafie...