5105 matches found
WordPress Fullworks Slack Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Fullworks Slack Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4a8ad72a132f Credits Rafie Muhammad Patchstack Required...
WordPress WordApp Mobile App Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Software WordApp Mobile App Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3aec8014f5d8 Credits Rafie Muhammad Patchstack...
WordPress Add Twitter Pixel for Twitter ads Plugin < 1.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Add Twitter Pixel for Twitter ads Type Plugin Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c2595926ce4e Credits Rafie Muhammad...
WordPress Purus Theme <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software Purus Type Theme Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4884818f6a93 Credits Rafie Muhammad Patchstack Required privilege...
WordPress RelicWP Helper Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software RelicWP Helper Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d323152ffbc Credits Rafie Muhammad Patchstack Required...
WordPress Different Home for Logged IN & Logged OUT Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Different Home for Logged IN & Logged OUT Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 003ec4cecce4 Credits Rafie...
WordPress Emails Blacklist for Everest Forms Plugin < 1.0.4 is vulnerable to Cross Site Scripting (XSS)
Software Emails Blacklist for Everest Forms Type Plugin Vulnerable versions 1.0.4 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ca3c9ef88aae Credits Rafie Muhammad...
WordPress CP Simple Newsletter Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software CP Simple Newsletter Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ce14137a822 Credits Rafie Muhammad Patchstack...
WordPress Spice Box Plugin < 2.2 is vulnerable to Cross Site Scripting (XSS)
Software Spice Box Type Plugin Vulnerable versions 2.2 Fixed in 2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1d9a54925819 Credits Rafie Muhammad Patchstack Required privilege...
WordPress Shortcodes Ultimate Plugin <= 5.13.0 is vulnerable to Cross Site Scripting (XSS)
Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.0 Fixed in 5.13.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 568e2ac38f7b Credits Rafie Muhammad Patchstack...
WordPress WP Table Builder – WordPress Table Plugin Plugin < 1.4.10 is vulnerable to Cross Site Scripting (XSS)
Software WP Table Builder – WordPress Table Plugin Type Plugin Vulnerable versions 1.4.10 Fixed in 1.4.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c04de373423 Credits Rafie...
WordPress GloriousThemes Starter Sites Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software GloriousThemes Starter Sites Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fbb0bb613259 Credits Rafie Muhammad...
WordPress BookIt Plugin < 2.4.0 is vulnerable to Cross Site Scripting (XSS)
Software BookIt Type Plugin Vulnerable versions 2.4.0 Fixed in 2.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Liquid Web / StellarWP PSID 6ec153a6ea5e Credits Rafie Muhammad Patchstack Required...
WordPress Blockst Theme < 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Blockst Type Theme Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cefcfa1f48c8 Credits Rafie Muhammad Patchstack Required privileg...
WordPress MoceanAPI Abandoned Carts for WooCommerce Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)
Software MoceanAPI Abandoned Carts for WooCommerce Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a4413625463e Credits Rafie...
WordPress Delete Duplicate Posts Plugin < 4.8.9 is vulnerable to Cross Site Scripting (XSS)
Software Delete Duplicate Posts Type Plugin Vulnerable versions 4.8.9 Fixed in 4.8.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer CleverPlugins.com PSID 697dcfa11c60 Credits Rafie Muhammad Patchstack...
WordPress ProfileGrid Plugin <= 5.5.0 is vulnerable to Other Vulnerability Type
Software ProfileGrid Type Plugin Vulnerable versions = 5.5.0 Fixed in 5.5.1 OWASP Top 10 A5: Security Misconfiguration Classification Other Vulnerability Type CVE CVE-2023-3404 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 6dcb68eeaeb3 Credits Lana Codes Required privile...
WordPress Scheduled Notification Bar Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Scheduled Notification Bar Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 18a062a468b5 Credits Rafie Muhammad Patchsta...
WordPress Contact Form Generator Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS)
Software Contact Form Generator Type Plugin Vulnerable versions = 2.5.5 Fixed in 2.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37988 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4da7e4864bf8 Credits Arvandy...
WordPress YourMembership Single Sign On Plugin <= 1.1.3 is vulnerable to Broken Access Control
Software YourMembership Single Sign On Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-37987 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9b1dfdc28505 Credits Aman Rawat...