CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3802 matches found

Patchstack•added 2023/11/28 12:0 a.m.•14 views

WordPress JetThemeCore Plugin <= 2.1.2.1 is vulnerable to Broken Access Control

Software JetThemeCore Type Plugin Vulnerable versions = 2.1.2.1 Fixed in 2.1.2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID 0220d8533139 Credits Rafie Muhammad Patchstack...

9.8CVSS6.8AI score0.00445EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•16 views

WordPress JetProductGallery Plugin <= 2.1.13.1 is vulnerable to Broken Access Control

Software JetProductGallery Type Plugin Vulnerable versions = 2.1.13.1 Fixed in 2.1.13.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID 7e68b6745d20 Credits Rafie Muhammad...

9.8CVSS6.8AI score0.00445EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•11 views

WordPress Widgets for SourceForge Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for SourceForge Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 54da1ae2f502 Credits Rafie Muhammad...

8CVSS7.2AI score0.00535EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•13 views

WordPress JetTricks Plugin <= 1.4.6.1 is vulnerable to Broken Access Control

Software JetTricks Type Plugin Vulnerable versions = 1.4.6.1 Fixed in 1.4.6.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 889841daf743 Credits Rafie Muhammad Patchstack...

6.3CVSS6.1AI score0.00268EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•11 views

WordPress Multiple Post Passwords Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Multiple Post Passwords Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49157 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e6267a0778ae Credits DoYeon Park p6rkdoye0n Require...

5.9CVSS6.6AI score0.00394EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•12 views

WordPress JetTabs Plugin <= 2.1.25.1 is vulnerable to Broken Access Control

Software JetTabs Type Plugin Vulnerable versions = 2.1.25.1 Fixed in 2.1.25.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID e010512426cf Credits Rafie Muhammad Patchstack...

9.8CVSS9.3AI score0.00445EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•13 views

WordPress JetEngine Plugin <= 3.2.5.1 is vulnerable to Broken Access Control

Software JetEngine Type Plugin Vulnerable versions = 3.2.5.1 Fixed in 3.2.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 12b2e0c6af30 Credits Rafie Muhammad Patchstack...

6.3CVSS6.1AI score0.00268EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•9 views

WordPress JetReviews Plugin <= 2.3.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software JetReviews Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.2.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID 9d6ba75febf9 Credits Rafie Muhammad Patchstack...

8.8CVSS7AI score0.00237EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•20 views

WordPress JetThemeCore Plugin <= 2.1.2.1 is vulnerable to Broken Access Control

Software JetThemeCore Type Plugin Vulnerable versions = 2.1.2.1 Fixed in 2.1.2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 81078e3aaad1 Credits Rafie Muhammad Patchstack...

6.3CVSS6.8AI score0.00268EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•9 views

WordPress JetReviews Plugin <= 2.3.2 is vulnerable to Broken Access Control

Software JetReviews Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 02df9f71dc32 Credits Rafie Muhammad Patchstack...

6.3CVSS6.8AI score0.00268EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•22 views

WordPress JetWooBuilder Plugin <= 2.1.7.2 is vulnerable to Broken Access Control

Software JetWooBuilder Type Plugin Vulnerable versions = 2.1.7.2 Fixed in 2.1.7.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID 8b8b6528e3fb Credits Rafie Muhammad Patchstack...

9.8CVSS9.3AI score0.00445EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/28 12:0 a.m.•16 views

WordPress Widgets for Árukereső Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for Árukereső Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 0e28953b2be2 Credits Rafie Muhammad Patchsta...

8CVSS7.2AI score0.00535EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/27 12:0 a.m.•13 views

WordPress Participants Database Plugin <= 2.5.5 is vulnerable to Broken Access Control

Software Participants Database Type Plugin Vulnerable versions = 2.5.5 Fixed in 2.5.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48751 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 4e4f72b6b27f Credits Yudistira Arya...

8.8CVSS6.8AI score0.0025EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/27 12:0 a.m.•14 views

WordPress SoundCloud Shortcode Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS)

Software SoundCloud Shortcode Type Plugin Vulnerable versions = 3.1.0 Fixed in 4.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34018 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID bb0d82ac536c Credits yuyudhn Required...

5.9CVSS6AI score0.00397EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/27 12:0 a.m.•10 views

WordPress Campaign Monitor for WordPress Plugin <= 2.8.13 is vulnerable to Cross Site Scripting (XSS)

Software Campaign Monitor for WordPress Type Plugin Vulnerable versions = 2.8.13 Fixed in 2.8.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-38474 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 625473050b18 Credits Phd Required...

7.1CVSS6.9AI score0.00412EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/24 12:0 a.m.•8 views

WordPress Simply Exclude Plugin <= 2.0.6.6 is vulnerable to Cross Site Scripting (XSS)

Software Simply Exclude Type Plugin Vulnerable versions = 2.0.6.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48743 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID 391a661fbc93 Credits Le Ngoc Anh Required privilege...

6.1CVSS6.8AI score0.00358EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/24 12:0 a.m.•19 views

WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.1 Fixed in 7.1.2 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-48333 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b3744065c2d4 Credits Dave Jong...

6.5CVSS6.8AI score0.00593EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/23 12:0 a.m.•13 views

WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS)

Software Enfold Type Theme Vulnerable versions = 5.6.4 Fixed in 5.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-38400 Patch priority Medium CVSS severity Medium 7.1 Developer Kriesi PSID 33a791c850de Credits Rafie Muhammad Patchstack Required privilege...

7.1CVSS6.8AI score0.00403EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/11/23 12:0 a.m.•9 views

WordPress League Table Plugin <= 1.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software League Table Type Plugin Vulnerable versions = 1.13 Fixed in 1.14 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48334 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 11fbeec1c358 Credits Nguyen Xuan Chien Requir...

8.8CVSS7AI score0.00269EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/23 12:0 a.m.•11 views

WordPress Contact Form Email Plugin <= 1.3.41 is vulnerable to Bypass Vulnerability

Software Contact Form Email Type Plugin Vulnerable versions = 1.3.41 Fixed in 1.3.42 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-48318 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f3190218dd33 Credits qilin99 Required...

6.5CVSS6.9AI score0.00312EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by