Lucene search
+L

76 matches found

Patchstack
Patchstack
added 2026/07/10 6:51 a.m.6 views

WordPress Dokan plugin <= 5.0.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin Dokan versions = 5.0.6...

7.1CVSS6.1AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/07/02 7:11 a.m.9 views

WordPress Ninja Forms - File Uploads plugin <= 3.3.29 - Unauthenticated Arbitrary File Read vulnerability

WordPress Ninja Forms - File Uploads plugin = 3.3.29 - Unauthenticated Arbitrary File Read vulnerability discovered by daroo in WordPress Plugin Ninja Forms File Uploads Extension versions = 3.3.29...

7.5CVSS5.8AI score0.00522EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/30 2:59 p.m.6 views

WordPress Timetics plugin <= 1.0.58 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin Timetics versions = 1.0.58...

7.1CVSS5.8AI score0.00191EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/30 11:41 a.m.6 views

WordPress Optimole plugin <= 4.2.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin Optimole versions = 4.2.7...

7.1CVSS5.8AI score0.00191EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/30 9:57 a.m.7 views

WordPress Slider Revolution plugin 7.0.0-7.0.16 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin Slider Revolution versions 7.0.0-7.0.16...

7.1CVSS5.8AI score0.00155EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/29 8:8 a.m.6 views

WordPress Embed Privacy plugin <= 1.12.3 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin Embed Privacy versions = 1.12.3...

7.1CVSS5.8AI score0.00265EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/19 8:51 a.m.7 views

WordPress WP Activity Log plugin <= 5.6.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin WP Activity Log versions = 5.6.3.1...

7.1CVSS5.8AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 2:6 p.m.9 views

WordPress WP Photo Album Plus plugin <= 9.1.13.005 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin WP Photo Album Plus versions = 9.1.13.005...

7.5CVSS6AI score0.00195EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 12:55 p.m.11 views

WordPress JetBooking plugin <= 4.0.4.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin JetBooking versions = 4.0.4.1...

9.3CVSS6AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/08 11:47 a.m.10 views

WordPress JetEngine plugin <= 3.8.9.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin JetEngine versions = 3.8.9.1...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/04 1:31 p.m.9 views

WordPress wpForo Forum plugin <= 3.1.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin wpForo Forum versions = 3.1.0...

9.8CVSS5.5AI score0.00383EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/04 12:32 p.m.43 views

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 2.0.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 2.0.8...

8.5CVSS5.9AI score0.00373EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 9:48 a.m.13 views

WordPress AIWU plugin <= 1.4.17 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin AIWU versions = 1.4.17...

9.8CVSS5.8AI score0.00328EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 9:43 a.m.12 views

WordPress WP Statistics plugin <= 14.16.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin WP Statistics versions = 14.16.6...

7.1CVSS5.8AI score0.00212EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/19 3:16 p.m.7 views

WordPress WP Activity Log plugin <= 5.6.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin WP Activity Log versions = 5.6.3...

6.5CVSS5.8AI score0.00197EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/18 3:18 a.m.16 views

WordPress AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin 3.4.9-3.4.9 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by daroo in WordPress Plugin AI Engine versions 3.4.9-3.4.9...

8.8CVSS5.8AI score0.00359EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/17 11:15 a.m.10 views

WordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Contest Gallery Pro versions = 29.0.1...

9.8CVSS5.8AI score0.00331EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 3:15 p.m.5 views

WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Responsive Slider by MetaSlider versions = 3.106.0...

7.2CVSS5.8AI score0.00425EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/16 11:46 a.m.12 views

WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin Groundhogg versions = 4.4...

5.8AI score0.00342EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/07 12:21 p.m.5 views

WordPress CTX Feed plugin <= 6.6.26 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin CTX Feed versions = 6.6.26...

5.9AI score0.00446EPSS
Exploits0Affected Software1
Rows per page
Query Builder