CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Patchstack•added 2022/01/28 12:0 a.m.•9 views

WordPress Arrival theme <= 1.4.2 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress Arrival theme versions = 1.4.2. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...

2.9AI score

Exploits0References3Affected Software1

Patchstack•added 2022/01/24 12:0 a.m.•4 views

WordPress AccessPress Parallax theme <= 4.5 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress AccessPress Parallax theme versions = 4.5. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...

3.9AI score

Exploits0References1Affected Software1

Patchstack•added 2022/01/24 12:0 a.m.•13 views

WordPress VMagazine Lite theme <= 1.3.5 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress VMagazine Lite theme versions = 1.3.5. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...

3.3AI score

Exploits0References1Affected Software1

Patchstack•added 2022/01/24 12:0 a.m.•9 views

WordPress ScrollMe theme <= 2.1.0 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress ScrollMe theme versions = 2.1.0. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...

3.2AI score

Exploits0References1Affected Software1

Patchstack•added 2022/01/24 12:0 a.m.•8 views

WordPress Edict Lite theme <= 1.1.4 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress Edict Lite theme versions = 1.1.4. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...

3.4AI score

Exploits0References1Affected Software1

Patchstack•added 2022/01/24 12:0 a.m.•12 views

WordPress Sakala theme <= 1.0.4 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress Sakala theme versions = 1.0.4. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...

3.6AI score

Exploits0References1Affected Software1

Patchstack•added 2022/01/24 12:0 a.m.•10 views

WordPress WP Store theme <= 1.1.9 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress WP Store theme versions = 1.1.9. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...

3.2AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by