Lucene search
K

251 matches found

Patchstack
Patchstack
added 2025/11/15 5:40 a.m.8 views

WordPress Appointment Booking Calendar plugin <= 1.3.95 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Appointment Booking Calendar versions = 1.3.95...

6.5CVSS6.8AI score0.00171EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/28 12:0 a.m.7 views

WordPress MinimogWP Theme <= 3.9.0 is vulnerable to Content Injection

Software MinimogWP Type Theme Vulnerable versions = 3.9.0 Fixed in 3.9.1 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2025-8198 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID d80fff95e821 Credits Valatty Required privilege Unauthenticated Published ...

7.5CVSS6.3AI score0.00338EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2025/07/04 10:13 a.m.7 views

WordPress MyRewards plugin <= 5.4.14 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin MyRewards versions = 5.4.14...

6.5CVSS7.3AI score0.00224EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/03 6:12 p.m.6 views

WordPress Radio Station plugin <= 2.5.12 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Radio Station versions = 2.5.12...

4.3CVSS6.6AI score0.00121EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/19 12:0 a.m.6 views

WordPress Spark Multipurpose Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Spark Multipurpose Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-50030 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 093473ec2f16 Credits Peter Thaleikis Required privilege...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/17 10:57 a.m.5 views

WordPress Simple Logo Carousel plugin <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Simple Logo Carousel versions = 1.9.3...

6.4CVSS5.5AI score0.00225EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/13 7:20 a.m.6 views

WordPress Game Review Block plugin <= 4.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via className Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Game Review Block versions = 4.8.1...

6.4CVSS5.5AI score0.00225EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/05 1:40 a.m.10 views

WordPress TicketBAI Facturas para WooCommerce plugin <= 3.45 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by ch4r0n in WordPress Plugin TicketBAI Facturas para WooCommerce versions = 3.45...

5.4CVSS5.2AI score0.00273EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 12:16 a.m.8 views

WordPress WP Multilang plugin <= 2.4.19 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by muhammad yudha in WordPress Plugin WP Multilang versions = 2.4.19...

7.5CVSS6.7AI score0.00502EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 12:7 a.m.10 views

WordPress Team Showcase plugin < 25.05.13 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Team Showcase versions 25.05.13...

4.3CVSS6.7AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/22 8:15 p.m.7 views

WordPress Blog2Social: Social Media Auto Post & Scheduler plugin < 8.4.0 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Blog2Social versions 8.4.0...

5.4CVSS7.9AI score0.00254EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/05/19 7:42 p.m.7 views

WordPress Ninja Forms plugin < 3.10.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Ninja Forms versions 3.10.1...

4.8CVSS8AI score0.00278EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/05/19 1:29 a.m.4 views

WordPress CM Tooltip Glossary plugin < 4.3.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Felipe Caon in WordPress Plugin CM Tooltip Glossary versions 4.3.4...

4.8CVSS6.1AI score0.00266EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/05/17 12:10 a.m.7 views

WordPress Hubbub Lite plugin < 1.34.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Hubbub Lite versions 1.34.4...

4.8CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/05/16 1:10 p.m.4 views

WordPress Wishlist plugin <= 2.1.0 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Wishlist versions = 2.1.0...

4.3CVSS8.2AI score0.0028EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/15 5:27 p.m.6 views

WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin TI WooCommerce Wishlist versions = 2.10.0...

6.5CVSS7AI score0.00218EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/09 9:24 p.m.11 views

WordPress Groundhogg plugin <= 4.1.1.2 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability

Authenticated Administrator+ Arbitrary File Deletion vulnerability discovered by Phat Do in WordPress Plugin Groundhogg versions = 4.1.1.2...

7.2CVSS8.4AI score0.01313EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/28 7:27 a.m.12 views

WordPress AI Autotagger plugin < 3.30.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin TaxoPress versions 3.30.0...

3.5CVSS7.4AI score0.00219EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/04/22 11:39 a.m.10 views

WordPress Theme Switcha plugin <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Theme Switcha versions = 3.4...

6.5CVSS7.1AI score0.00178EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/16 1:57 p.m.8 views

WordPress PropertyHive plugin <= 2.1.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin PropertyHive versions = 2.1.2...

6.5CVSS7.2AI score0.00254EPSS
Exploits0Affected Software1
Rows per page
Query Builder