Lucene search
K

73 matches found

Patchstack
Patchstack
added 2025/07/30 3:2 p.m.7 views

WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Button Block versions = 1.2.0...

4.3CVSS6.6AI score0.00135EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/22 11:10 a.m.14 views

WordPress AI Tools <= 4.0.7 - Arbitrary Content Deletion Vulnerability

Arbitrary Content Deletion Vulnerability discovered by theviper17 in WordPress Plugin AI Tools versions = 4.0.7...

6.5CVSS6.6AI score0.00299EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 12:5 a.m.9 views

WordPress POEditor plugin <= 0.9.10 - CSRF to Arbitrary File Deletion vulnerability

CSRF to Arbitrary File Deletion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin POEditor versions = 0.9.10...

7.4CVSS6.8AI score0.00166EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/02 1:52 p.m.12 views

WordPress Web3Press – Decentralize Publishing with Writing NFT plugin <= 3.2.0 - Arbitrary File Read vulnerability

Arbitrary File Read vulnerability discovered by ch4r0n in WordPress Plugin Web3Press versions = 3.2.0...

6.5CVSS8.9AI score0.00416EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/16 2:2 p.m.7 views

WordPress WP Tools plugin <= 5.18 - CSRF to Arbitrary File Deletion vulnerability

CSRF to Arbitrary File Deletion vulnerability discovered by chuck in WordPress Plugin WP Tools versions = 5.18...

7.4CVSS8.4AI score0.00234EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/04 1:39 p.m.8 views

WordPress StaffList plugin <= 3.2.7 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Anhchangmutrang in WordPress Plugin StaffList versions = 3.2.7...

5.3CVSS8.4AI score0.00514EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.8 views

WordPress Ahmeti Wp Güzel Sözler Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ahmeti Wp Güzel Sözler Type Plugin Vulnerable versions = 4.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53707 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 29f434d8f692 Credits thiennv Required...

6.6AI score0.00225EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.13 views

WordPress nBlocks Plugin <= 1.0.2 is vulnerable to Local File Inclusion

Software nBlocks Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-52450 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID d4618b9386b6 Credits João Pedro S Alcântara Kinorth Required...

7.5CVSS6.6AI score0.00561EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.11 views

WordPress Elementor Addon Elements Plugin <= 1.13.6 is vulnerable to Broken Access Control

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.13.6 Fixed in 1.13.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47361 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 2e7a1c5b31a1 Credits Rafie Muhammad Patchstack...

8.8CVSS6.5AI score0.00433EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.10 views

WordPress Depicter Slider Plugin <= 3.2.2 is vulnerable to Broken Access Control

Software Depicter Slider Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.5.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47359 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fe95aaab539d Credits Rafie Muhammad Patchstack...

9.8CVSS6.5AI score0.00294EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.13 views

WordPress Use Any Font Plugin <= 6.3.08 is vulnerable to Cross Site Request Forgery (CSRF)

Software Use Any Font Type Plugin Vulnerable versions = 6.3.08 Fixed in 6.3.09 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-47305 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 15cf8c1d7c9e Credits Rafie Muhammad...

8.8CVSS6.7AI score0.00197EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/28 12:0 a.m.11 views

WordPress Relevanssi Live Ajax Search Plugin <= 2.4 is vulnerable to Broken Access Control

Software Relevanssi Live Ajax Search Type Plugin Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-7573 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 091b716b5837 Credits scottaglia Required...

5.3CVSS6.6AI score0.00382EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/27 12:0 a.m.13 views

WordPress Gixaw Chat Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gixaw Chat Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7816 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID aa72a581011b Credits Daniel Ruf Required privilege...

6.1CVSS6.7AI score0.00177EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.17 views

WordPress wpForo Forum Plugin <= 2.3.4 is vulnerable to Insecure Direct Object References (IDOR)

Software wpForo Forum Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-43288 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 84baf52495a3 Credits Ananda Dhakal...

8.1CVSS6.5AI score0.0031EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/09 12:0 a.m.9 views

WordPress Persian WooCommerce Plugin <= 7.1.6 is vulnerable to Broken Access Control

Software Persian WooCommerce Type Plugin Vulnerable versions = 7.1.6 Fixed in 9.0.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43219 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 2fdf96331252 Credits Rafie Muhammad Patchstack...

5.3CVSS6.9AI score0.00371EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.14 views

WordPress Masteriyo - LMS Plugin <= 1.11.6 is vulnerable to Broken Access Control

Software Masteriyo - LMS Type Plugin Vulnerable versions = 1.11.6 Fixed in 1.12.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43159 Patch priority Low CVSS severity Low 5.3 Developer Masteriyo PSID 1a387af06f60 Credits Ananda Dhakal Patchstack Required...

5.3CVSS6.3AI score0.00409EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.15 views

WordPress Masteriyo - LMS Plugin <= 1.11.4 is vulnerable to Broken Access Control

Software Masteriyo - LMS Type Plugin Vulnerable versions = 1.11.4 Fixed in 1.11.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43158 Patch priority Low CVSS severity Low 7.5 Developer Masteriyo PSID 9c29d6b5ac47 Credits Ananda Dhakal Patchstack Required...

7.5CVSS6.3AI score0.00515EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.14 views

WordPress Hummingbird Plugin <= 3.9.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Hummingbird Type Plugin Vulnerable versions = 3.9.1 Fixed in 3.9.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43117 Patch priority Low CVSS severity Low 4.3 Developer WPMU DEV PSID 6f3eebbe9837 Credits Rafie Muhammad Patchstack...

8.8CVSS6.7AI score0.00198EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/01 12:0 a.m.19 views

WordPress Filter & Grids Plugin <= 2.8.33 is vulnerable to Broken Authentication

Software Filter & Grids Type Plugin Vulnerable versions = 2.8.33 Fixed in 2.8.34 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-39664 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID bac0e0da8bce Credits RE-ALTER Required privileg...

7.3CVSS6.3AI score0.00399EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/29 12:0 a.m.24 views

WordPress Profile Builder Plugin < 3.11.8 is vulnerable to Broken Access Control

Software Profile Builder Type Plugin Vulnerable versions 3.11.8 Fixed in 3.11.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-6366 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 351dbb0efb2f Credits Michel Prunet Required privile...

9.1CVSS6.5AI score0.28993EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder