Lucene search
K

12 matches found

Patchstack
Patchstack
added 2025/12/16 9:13 a.m.8 views

WordPress WPCOM Member plugin <= 1.7.16 - Authentication Bypass via Weak OTP vulnerability

Authentication Bypass via Weak OTP vulnerability discovered by wesley wcraft in WordPress Plugin WPCOM Member versions = 1.7.16...

8.1CVSS7AI score0.00441EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/02/24 11:40 p.m.10 views

WordPress Classified Listing – Classified ads & Business Directory Plugin plugin <= 4.0.4 - Unauthenticated Settings Exposure vulnerability

Unauthenticated Settings Exposure vulnerability discovered by wesley wcraft in WordPress Plugin Classified Listing versions = 4.0.4...

5.3CVSS7AI score0.00328EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/04 8:50 p.m.7 views

WordPress Loginizer plugin <= 1.9.2 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Loginizer versions = 1.9.2...

8.1CVSS7AI score0.00666EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/28 7:59 a.m.5 views

WordPress Wp Social Login and Register Social Counter plugin <= 3.0.7 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Wp Social versions = 3.0.7...

9.8CVSS7AI score0.00782EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 8:53 p.m.6 views

WordPress MultiVendorX plugin <= 4.2.4 - Cross-Site Request Forgery to Vendor Updates vulnerability

Cross-Site Request Forgery to Vendor Updates vulnerability discovered by wesley wcraft in WordPress Plugin MultiVendorX versions = 4.2.4...

6.3CVSS7AI score0.00192EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/01 12:56 a.m.6 views

WordPress Blog2Social plugin <= 7.5.4 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via File Upload vulnerability discovered by wesley wcraft in WordPress Plugin Blog2Social versions = 7.5.4...

6.4CVSS5.8AI score0.00385EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/20 5:28 p.m.7 views

WordPress The Plus Addons for Elementor Page Builder plugin <= 5.5.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Pro versions = 5.5.6...

6.1CVSS6.3AI score0.0031EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/12 8:6 a.m.4 views

WordPress Elementor Header & Footer Builder plugin <= 1.6.35 - Authenticated Stored Cross-Site Scripting via Site Title Widget vulnerability

Authenticated Stored Cross-Site Scripting via Site Title Widget vulnerability discovered by wesley wcraft in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.35...

6.4CVSS5.7AI score0.00401EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/06 2:57 a.m.7 views

WordPress Qi Blocks plugin <= 1.2.9 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Qi Blocks versions = 1.2.9...

6.4CVSS5.7AI score0.00252EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/16 1:2 a.m.5 views

WordPress Menu Icons by ThemeIsle plugin <= 0.13.13 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG Upload vulnerability discovered by wesley wcraft in WordPress Plugin Menu Icons by ThemeIsle versions = 0.13.13...

6.4CVSS5.8AI score0.00371EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/10 2:8 a.m.9 views

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.102 - Authenticated (Admin+) Command Injection vulnerability

Authenticated Admin+ Command Injection vulnerability discovered by wesley wcraft in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.102...

7.2CVSS7.3AI score0.01749EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/07 8:21 a.m.4 views

WordPress Beaver Builder plugin <= 2.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Beaver Builder versions = 2.8.1.1...

6.4CVSS5.7AI score0.00419EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder