Lucene search
K

1261 matches found

Patchstack
Patchstack
added 2025/04/01 4:9 p.m.6 views

WordPress Norse Rune Oracle Plugin plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Norse Rune Oracle Plugin versions = 1.4.3...

6.5CVSS6.9AI score0.00204EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/01 4:5 p.m.7 views

WordPress Directorist AddonsKit for Elementor plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Yusuf in WordPress Plugin Directorist AddonsKit for Elementor versions = 1.1.6...

6.5CVSS6.9AI score0.00252EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/01 3:59 p.m.6 views

WordPress Nova Blocks by Pixelgrade plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Nova Blocks versions = 2.1.8...

6.5CVSS6.9AI score0.00269EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/01 3:48 p.m.5 views

WordPress Breaking News WP Plugin <= 1.3 - CSRF to Settings Change vulnerability

CSRF to Settings Change vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Breaking News WP versions = 1.3...

6.5CVSS8.3AI score0.00242EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/01 11:49 a.m.5 views

WordPress Auto scroll for reading plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Auto scroll for reading versions = 1.1.4...

7.1CVSS6.9AI score0.00294EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/01 11:36 a.m.9 views

WordPress Awesome Event Booking plugin <= 2.8.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Awesome Event Booking versions = 2.8.4...

7.1CVSS6.9AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 4:50 p.m.6 views

WordPress Ni WooCommerce Product Enquiry plugin <= 4.1.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Ni WooCommerce Product Enquiry versions = 4.1.8...

7.5CVSS8.3AI score0.00396EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 4:43 p.m.7 views

WordPress Import Export Suite for CSV and XML Datafeed plugin <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by mikemyers in WordPress Plugin WP Ultimate CSV Importer versions = 7.19...

8.8CVSS9.2AI score0.01105EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/03/31 12:0 a.m.6 views

WordPress Real Estate 7 Theme <= 3.5.4 is vulnerable to Arbitrary File Upload

Software Real Estate 7 Type Theme Vulnerable versions = 3.5.4 Fixed in 3.5.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-2891 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 22e03f3e7c10 Credits Foxyyy Required privilege Seller...

8.8CVSS6.8AI score0.0066EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.13 views

WordPress Kudos Donations Plugin <= 3.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Kudos Donations Type Plugin Vulnerable versions = 3.2.9 Fixed in 3.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11684 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 27c0ae774d02 Credits vgo0 Required...

5.6AI score0.00398EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.16 views

WordPress Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) Plugin <= 1.2.1 is vulnerable to SQL Injection

Software Internal Linking for SEO traffic & Ranking – Auto internal links 100% automatic Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-11009 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID...

4.9CVSS7.2AI score0.00433EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/26 12:0 a.m.43 views

WordPress Category Ajax Filter Plugin <= 2.8.2 is vulnerable to Local File Inclusion

Software Category Ajax Filter Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.8.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-10871 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 41b4026eef43 Credits Le Ngoc Anh Required privilege...

9.8CVSS6.8AI score0.00765EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.14 views

WordPress Jeg Elementor Kit Plugin <= 2.6.9 is vulnerable to Cross Site Scripting (XSS)

Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10308 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7709d157b72c Credits zer0gh0st Required...

6.4CVSS5.7AI score0.00306EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.11 views

WordPress Skt NURCaptcha Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Software Skt NURCaptcha Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11342 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID f1e7b8255838 Credits SOPROBRO Required...

6.1CVSS6AI score0.00215EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.23 views

WordPress Video Lessons Manager Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Video Lessons Manager Type Plugin Vulnerable versions = 1.8.2 Fixed in 1.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID de6edf652333 Credits Peter...

6.1CVSS5.9AI score0.00584EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.11 views

WordPress CM On Demand Search And Replace Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software CM On Demand Search And Replace Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cf0ce3925274 Credits...

6.1CVSS5.9AI score0.00584EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.23 views

WordPress Jeg Elementor Kit Plugin <= 2.6.9 is vulnerable to Sensitive Data Exposure

Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8899 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a83345ae77b9 Credits Ankit Patel Required...

4.3CVSS6.5AI score0.004EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.26 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.44 is vulnerable to Broken Authentication

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.44 Fixed in 6.45 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bd21f35fe5e...

8.1CVSS6.3AI score0.03824EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.17 views

WordPress WPGYM Plugin <= 67.1.0 is vulnerable to Broken Access Control

Software WPGYM Type Plugin Vulnerable versions = 67.1.0 Fixed in 67.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9941 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 71c6636a78f1 Credits Tonn Required privilege Subscriber...

8.8CVSS6.8AI score0.00582EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/23 12:0 a.m.18 views

WordPress Rescue Shortcodes Plugin <= 2.9 is vulnerable to Cross Site Scripting (XSS)

Software Rescue Shortcodes Type Plugin Vulnerable versions = 2.9 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11199 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9032d40ace0e Credits Peter Thaleikis Required...

6.4CVSS5.8AI score0.00951EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder