Lucene search
+L

34 matches found

Patchstack
Patchstack
added 2026/07/07 3:24 p.m.6 views

WordPress aBlocks plugin < 2.9.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Evan NR in WordPress Plugin aBlocks versions 2.9.1...

8.8CVSS5.9AI score0.00286EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/07/02 8:47 a.m.8 views

WordPress iNET Webkit plugin 1.2.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Evan NR in WordPress Plugin iNET Webkit versions 1.2.4...

8.5CVSS5.8AI score0.0029EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/23 9:27 a.m.7 views

WordPress Easy Elements for Elementor – Addons & Website Templates plugin <= 1.4.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Evan NR in WordPress Plugin Easy Elements for Elementor Addons & Website Templates versions = 1.4.9...

9.8CVSS5.8AI score0.0036EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/13 6:17 p.m.15 views

WordPress GeoDirectory plugin <= 2.8.157 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Evan in WordPress Plugin GeoDirectory versions = 2.8.157...

5.8AI score0.00196EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/12 11:29 p.m.9 views

WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability

Payment Bypass vulnerability discovered by Evan in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.14...

5.8AI score0.00252EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/10 5:40 a.m.9 views

WordPress Salon booking system plugin <= 10.30.25 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Evan in WordPress Plugin Salon booking system versions = 10.30.25...

5.8AI score0.00278EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-50011

Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Cloner: from n/a through = 1.0.0...

7AI score0.00222EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/31 2:2 p.m.6 views

WordPress Flag Icons plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso in WordPress Plugin Flag Icons versions = 2.2...

5.9CVSS6.1AI score0.00249EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/14 1:7 p.m.9 views

WordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Keep Backup Daily versions = 2.1.0...

4.9CVSS7AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/16 6:43 p.m.5 views

WordPress Slides & Presentations Plugin <= 0.0.39 - Content Injection vulnerability

Content Injection vulnerability discovered by Caesar Evan Santoso in WordPress Plugin Slides & Presentations versions = 0.0.39...

5.4CVSS7.2AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/07 10:3 p.m.7 views

WordPress Content Blocks Builder plugin <= 2.7.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Content Blocks Builder versions = 2.7.6...

6.5CVSS6.1AI score0.00205EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/07 1:46 p.m.4 views

WordPress Slides & Presentations Plugin <= 0.0.39 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Slides & Presentations versions = 0.0.39...

6.5CVSS6.1AI score0.0034EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/07 1:0 p.m.5 views

WordPress Slides & Presentations Plugin <= 0.0.39 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Slides & Presentations versions = 0.0.39...

5.4CVSS7AI score0.00421EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/07 12:54 p.m.6 views

WordPress Virtual Bot Plugin <= 1.0.0 - CSRF Cross Site Scripting (XSS) vulnerability

CSRF Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Virtual Bot versions = 1.0.0...

7.1CVSS6.1AI score0.00187EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/07 12:47 p.m.7 views

WordPress Virtual Bot Plugin <= 1.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Virtual Bot versions = 1.0.0...

9.3CVSS8.1AI score0.00383EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2024/08/21 4:15 p.m.53 views

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 CVSS score: 8.5, the vulnerability has been described as an information disclosure bug stemming from a...

9.1CVSS6.7AI score0.12341EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/01/16 9:13 p.m.2 views

aries-askar (=0.1.2), indy-credx (>=0.2.0 <=0.3.1) +5 more potentially affected by CVE-2024-21670 via ursa (>=0.3.6 <=0.3.7)

ursa CARGO version =0.3.6, =0.2.0, =0.5.0, =0.3.1, =0.1.0, =0.1.0, =0.0.6, =0.0.8 Source cves: CVE-2024-21670 Source advisory: OSV:GHSA-R78F-4Q2Q-HVV4...

8.1CVSS7.2AI score0.00276EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/01/16 9:13 p.m.7 views

aries-askar (=0.1.2), indy-credx (>=0.2.0 <=0.3.1) +5 more potentially affected by CVE-2024-22192 via ursa (>=0.3.6 <=0.3.7)

ursa CARGO version =0.3.6, =0.2.0, =0.5.0, =0.3.1, =0.1.0, =0.1.0, =0.0.6, =0.0.8 Source cves: CVE-2024-22192 Source advisory: OSV:GHSA-6698-MHXX-R84G...

6.5CVSS6.5AI score0.00317EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/09/16 5:41 p.m.26 views

linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

Impact What kind of vulnerability is it? Who is impacted? This vulnerability impacts all the initialization functions on the Heap and LockedHeap types, including Heap::new, Heap::init, Heap::initfromslice, and LockedHeap::new. It also affects multiple uses of the Heap::extend method. Initializati...

9.8CVSS9AI score0.00754EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/08/06 5:20 a.m.284 views

Rust-WebSocket memory allocation based on untrusted length

Impact Untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When...

7.5CVSS7.2AI score0.01483EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder