Lucene search
K

228 matches found

Patchstack
Patchstack
added 2025/08/29 11:5 p.m.14 views

WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload vulnerability

Unauthenticated Double Extension Arbitrary File Upload vulnerability discovered by luckybuddy in WordPress Plugin Booster for WooCommerce versions = 7.2.4...

9.8CVSS6.7AI score0.00686EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/28 12:0 a.m.4 views

WordPress Platform Theme < 1.4.4 is vulnerable to Broken Access Control

Software Platform Type Theme Vulnerable versions 1.4.4 Fixed in 1.4.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2015-10143 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 04b827207d59 Credits Marc-Alexandre Montpas Required...

9.8CVSS6AI score0.01805EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2025/07/10 12:0 a.m.7 views

WordPress Pro Bulk Watermark Plugin for WordPress Theme <= 2.0 is vulnerable to Path Traversal

Software Pro Bulk Watermark Plugin for WordPress Type Theme Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2025-28973 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID c40f943bba08 Credits Tran Nguyen Bao Khanh VCI -...

6.8AI score0.00302EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/11 12:0 a.m.7 views

WordPress Lasa Theme <= 1.1 is vulnerable to Local File Inclusion

Software Lasa Type Theme Vulnerable versions = 1.1 Fixed in 1.1.1 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-49253 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 146f1b55407b Credits Phat RiO - BlueRock Required privilege...

8.1CVSS6.8AI score0.00397EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/02 12:0 a.m.6 views

WordPress Mr. Murphy Theme < 1.2.12.1 is vulnerable to PHP Object Injection

Software Mr. Murphy Type Theme Vulnerable versions 1.2.12.1 Fixed in 1.2.12.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-49072 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 743adbe763dd Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

9.8CVSS6.8AI score0.00396EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/20 12:10 p.m.11 views

WordPress DZS Video Gallery plugin <= 12.39 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin DZS Video Gallery versions = 12.39...

9.8CVSS5.5AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/07 9:52 a.m.8 views

WordPress PGS Core plugin <= 5.8.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by István Márton in WordPress Plugin PGS Core versions = 5.8.0...

7.5CVSS8.9AI score0.00347EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/24 9:40 p.m.4 views

WordPress Mayosis Core plugin <= 5.4.1 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by Tonn in WordPress Plugin Mayosis Core versions = 5.4.1...

7.5CVSS8.4AI score0.00464EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/17 12:0 a.m.4 views

WordPress Foton Theme <= 2.5.2 is vulnerable to Local File Inclusion

Software Foton Type Theme Vulnerable versions = 2.5.2 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39458 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e548d81179ab Credits Bonds Required privilege Unauthenticated Published ...

8.1CVSS6.8AI score0.00616EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/17 12:0 a.m.3 views

WordPress Ivy School Theme <= 1.6.0 is vulnerable to Local File Inclusion

Software Ivy School Type Theme Vulnerable versions = 1.6.0 Fixed in 1.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39470 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 2982cc652634 Credits Bonds Required privilege Unauthenticated...

8.1CVSS6.8AI score0.00605EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/17 12:0 a.m.8 views

WordPress Dessau Theme < 1.9 is vulnerable to Local File Inclusion

Software Dessau Type Theme Vulnerable versions 1.9 Fixed in 1.9 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39463 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 0679c8533d71 Credits Bonds Required privilege Unauthenticated Published 17...

6.9AI score0.0056EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/14 1:31 p.m.7 views

WordPress TuriTop Booking System Plugin <= 1.0.10 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin TuriTop Booking System versions = 1.0.10...

8.8CVSS8.6AI score0.00516EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/09 2:37 p.m.4 views

WordPress Review Stars Count For WooCommerce plugin <= 2.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Aiden Thái An in WordPress Plugin Review Stars Count For WooCommerce versions = 2.0...

8.5CVSS8.8AI score0.00301EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 4:59 p.m.5 views

WordPress Ultimate Push Notifications plugin <= 1.2.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Ultimate Push Notifications versions = 1.2.0...

8.5CVSS8.9AI score0.00424EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/03/31 12:0 a.m.7 views

Ubuntu: Security Advisory (USN-7330-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.02458EPSS
Exploits2References3
Patchstack
Patchstack
added 2024/11/26 12:0 a.m.36 views

WordPress RegistrationMagic Plugin <= 6.0.2.6 is vulnerable to Privilege Escalation

Software RegistrationMagic Type Plugin Vulnerable versions = 6.0.2.6 Fixed in 6.0.2.7 OWASP Top 10 A3: Injection Classification Privilege Escalation CVE CVE-2024-10508 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID fa83ac6f8527 Credits shaman0x01 Required privilege...

9.8CVSS6.8AI score0.01463EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.31 views

WordPress AppPresser Plugin <= 4.4.6 is vulnerable to Privilege Escalation

Software AppPresser Type Plugin Vulnerable versions = 4.4.6 Fixed in 4.4.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-11024 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 25ae1391ba68 Credits shaman0x01...

9.8CVSS6.5AI score0.00678EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.26 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.44 is vulnerable to Broken Authentication

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.44 Fixed in 6.45 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bd21f35fe5e...

8.1CVSS6.3AI score0.03824EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.15 views

WordPress Grip Theme <= 1.0.9 is vulnerable to Arbitrary File Upload

Software Grip Type Theme Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52488 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID b55cacdb5723 Credits Mika Required privilege Subscriber Published 20...

6.6AI score0.00471EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.16 views

WordPress Clone Plugin <= 2.4.6 is vulnerable to PHP Object Injection

Software Clone Type Plugin Vulnerable versions = 2.4.6 Fixed in 2.4.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-10913 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3676e7fb18ec Credits Webbernaut Required privilege Unauthenticated...

8.8CVSS6.8AI score0.0064EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder