Lucene search
K

139 matches found

Patchstack
Patchstack
added 2025/08/18 9:48 p.m.11 views

WordPress FunnelKit Automations plugin <= 3.6.3 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by wesley wcraft in WordPress Plugin FunnelKit Automations versions = 3.6.3...

8.8CVSS6.7AI score0.00572EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/08/13 12:18 p.m.12 views

WordPress Authentication and xmlrpc log writer plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Authentication and xmlrpc log writer versions = 1.2.2...

7.1CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/28 12:39 p.m.8 views

WordPress Advanced Google Universal Analytics plugin <= 1.0.3 - Broken Access Control to Sensitive Data Exposure vulnerability

Broken Access Control to Sensitive Data Exposure vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Advanced Google Universal Analytics versions = 1.0.3...

6.5CVSS6.7AI score0.00286EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/22 11:45 a.m.12 views

WordPress ReachShip WooCommerce Multi-Carrier & Conditional Shipping <= 4.3.1 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ReachShip WooCommerce Multi-Carrier & Conditional Shipping versions = 4.3.1...

9.9CVSS6.7AI score0.00307EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/21 10:2 p.m.9 views

WordPress SureForms plugin < 1.7.2 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin SureForms versions 1.7.2...

5.8CVSS6.1AI score0.00175EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/23 1:1 p.m.10 views

WordPress WP Front User Submit / Front Editor plugin <= 4.9.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin WP Front User Submit / Front Editor versions = 4.9.3...

7.1CVSS5.9AI score0.00222EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/11 11:58 a.m.8 views

WordPress eForm - WordPress Form Builder < 4.19.1 - Cross Site Scripting (XSS) Vulnerability

WordPress eForm - WordPress Form Builder 4.19.1 - Cross Site Scripting XSS Vulnerability discovered by Dave Jong Patchstack in WordPress Plugin eForm - WordPress Form Builder versions 4.19.1...

7.1CVSS6AI score0.00222EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/03 12:0 a.m.7 views

WordPress FlatNews Theme <= 5.8 is vulnerable to Cross Site Scripting (XSS)

Software FlatNews Type Theme Vulnerable versions = 5.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-32305 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ff5e3bb37606 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

7.1CVSS6.5AI score0.00235EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/19 4:6 a.m.11 views

WordPress Plugin Oficial – Getnet para WooCommerce plugin < 1.8.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Plugin Oficial – Getnet para WooCommerce versions 1.8.1...

6.1CVSS6.3AI score0.00525EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/05/17 12:58 a.m.9 views

WordPress Sailthru Triggermail plugin < 1.1 - Subscriber+ Stored XSS vulnerability

Subscriber+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Sailthru Triggermail versions 1.1...

6.1CVSS6AI score0.00149EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/05/14 9:5 p.m.9 views

WordPress WP Content Security Plugin plugin <= 2.3 - Unauthenticated Stored Cross-Site Scripting via CSP-Report Fields vulnerability

Unauthenticated Stored Cross-Site Scripting via CSP-Report Fields vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin WP Content Security Plugin versions = 2.3...

7.2CVSS6.3AI score0.00301EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/02 1:52 p.m.6 views

WordPress Nomupay Payment Processing Gateway plugin <= 7.1.7 - Arbitrary File Download Vulnerability

Arbitrary File Download Vulnerability discovered by astra.r3verii in WordPress Plugin Nomupay Payment Processing Gateway versions = 7.1.7...

4.9CVSS8.7AI score0.00435EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/24 8:14 p.m.7 views

WordPress eForm plugin <= 4.18.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by shaman0x01 in WordPress Plugin eForm - WordPress Form Builder versions = 4.18.0...

7.2CVSS6.4AI score0.00303EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/08 4:54 p.m.5 views

WordPress Site Notify plugin <= 1.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Vo Thi Ngoc Nhi in WordPress Plugin Site Notify versions = 1.0...

6.5CVSS8AI score0.00273EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/03 12:58 p.m.4 views

WordPress TextMe SMS plugin <= 1.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Aiden in WordPress Plugin TextMe SMS versions = 1.9.1...

6.5CVSS8.4AI score0.00302EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/03 8:53 a.m.6 views

WordPress MyBookProgress by Stormhill Media plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin MyBookProgress by Stormhill Media versions = 1.0.8...

6.5CVSS6.9AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.15 views

WordPress SEO Landing Page Generator Plugin <= 1.66.2 is vulnerable to Cross Site Scripting (XSS)

Software SEO Landing Page Generator Type Plugin Vulnerable versions = 1.66.2 Fixed in 1.66.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11366 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0d742f2bf7f0 Credits vgo0...

5.9AI score0.00434EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.23 views

WordPress Video Lessons Manager Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Video Lessons Manager Type Plugin Vulnerable versions = 1.8.2 Fixed in 1.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID de6edf652333 Credits Peter...

6.1CVSS5.9AI score0.00584EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.12 views

WordPress PeachPay Payments Plugin <= 1.112.0 is vulnerable to Cross Site Scripting (XSS)

Software PeachPay Payments Type Plugin Vulnerable versions = 1.112.0 Fixed in 1.113.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11362 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2ab27db02ed0 Credits vgo0 Requir...

6.1CVSS5.7AI score0.00437EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.16 views

WordPress Button Block Plugin <= 1.1.4 is vulnerable to Broken Authentication

Software Button Block Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10671 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID ae07da220d1c Credits...

6.5CVSS6.8AI score0.00506EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder