Lucene search
K

10 matches found

patchstack
patchstack
added 2023/10/18 12:0 a.m.15 views

WordPress Super Testimonial Pro Plugin <= 2.9 is vulnerable to Cross Site Scripting (XSS)

Software Super Testimonial Pro Type Plugin Vulnerable versions = 2.9 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5613 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4c345a4e70e4 Credits Lana Codes Required...

6.4CVSS5.7AI score0.00448EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2023/09/18 12:0 a.m.19 views

WordPress Horizontal scrolling announcement Plugin <= 9.2 is vulnerable to SQL Injection

Software Horizontal scrolling announcement Type Plugin Vulnerable versions = 9.2 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-4999 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 360dd90299d7 Credits Lana Codes Required privilege...

8.8CVSS7.2AI score0.00725EPSS
Exploits1References2Affected Software1
patchstack
patchstack
added 2023/07/10 12:0 a.m.20 views

WordPress Buy Me a Coffee Plugin <= 3.7 is vulnerable to Broken Access Control

Software Buy Me a Coffee Type Plugin Vulnerable versions = 3.7 Fixed in 3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2078 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4f9e072d5272 Credits Lana Codes Required privilege...

7.3CVSS6.5AI score0.00552EPSS
Exploits1References3Affected Software1
patchstack
patchstack
added 2023/05/22 12:0 a.m.12 views

WordPress Groundhogg Plugin <= 2.7.9.8 is vulnerable to Broken Access Control

Software Groundhogg Type Plugin Vulnerable versions = 2.7.9.8 Fixed in 2.7.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2716 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 35a3839f18ce Credits Lana Codes Required...

5.4CVSS6.5AI score0.00467EPSS
Exploits0References3Affected Software1
patchstack
patchstack
added 2023/05/22 12:0 a.m.10 views

WordPress Groundhogg Plugin <= 2.7.9.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Groundhogg Type Plugin Vulnerable versions = 2.7.9.8 Fixed in 2.7.10 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-2736 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 8080227ecd75 Credits Lana Codes Required...

8CVSS6.6AI score0.00399EPSS
Exploits0References3Affected Software1
patchstack
patchstack
added 2023/04/12 12:0 a.m.13 views

WordPress Video Central Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Video Central Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0418 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6114cbd9fcb5 Credits Lana Codes Required...

5.4CVSS5.6AI score0.00444EPSS
Exploits2References3Affected Software1
patchstack
patchstack
added 2023/03/06 12:0 a.m.9 views

WordPress HT Portfolio Plugin <= 1.1.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software HT Portfolio Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0497 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3421d1e706d1 Credits Lana Codes Required...

4.3CVSS6.6AI score0.00281EPSS
Exploits2References4Affected Software1
patchstack
patchstack
added 2023/03/06 12:0 a.m.22 views

WordPress HT Slider For Elementor Plugin < 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software HT Slider For Elementor Type Plugin Vulnerable versions 1.4.0 Fixed in 1.4.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0495 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fea57db2be31 Credits Lana Codes...

4.3CVSS6.6AI score0.00262EPSS
Exploits2References4Affected Software1
patchstack
patchstack
added 2023/03/02 12:0 a.m.15 views

WordPress OAuth Server Plugin < 4.3.0 is vulnerable to Broken Access Control

Software OAuth Server Type Plugin Vulnerable versions 4.3.0 Fixed in 4.3.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4148 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 20d9eb3b6ea8 Credits Lana Codes Required privilege...

4.3CVSS6.8AI score0.00262EPSS
Exploits2References5Affected Software1
patchstack
patchstack
added 2023/01/12 12:0 a.m.16 views

WordPress WP Blog and Widget Plugin < 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Blog and Widget Type Plugin Vulnerable versions 2.3.1 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4824 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID db9b8648db51 Credits Lana Codes Requir...

5.4CVSS5.6AI score0.00649EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder