Lucene search
K

273 matches found

Patchstack
Patchstack
added 2024/06/06 12:0 a.m.21 views

WordPress Bloglo Theme <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Bloglo Type Theme Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35715 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 469488b623d7 Credits stealthcopter Required privilege Contributor...

6.5CVSS6.5AI score0.00254EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.11 views

WordPress Five Star Restaurant Menu Plugin <= 2.4.16 is vulnerable to Broken Access Control

Software Five Star Restaurant Menu Type Plugin Vulnerable versions = 2.4.16 Fixed in 2.4.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5459 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d3ee7a9da89d Credits Lucio Sá Required...

4.3CVSS6.6AI score0.00368EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.18 views

WordPress Login/Signup Popup Plugin <= 2.7.2 is vulnerable to Broken Access Control

Software Login/Signup Popup Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5324 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 8315f4731f19 Credits 1337Wannabe - home Requir...

8.8CVSS6.3AI score0.01507EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/03 12:0 a.m.14 views

WordPress Responsive Theme <= 5.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Type Theme Vulnerable versions = 5.0.3 Fixed in 5.0.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35654 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c102ae479f0d Credits stealthcopter Required privilege Contribut...

6.5CVSS6.6AI score0.00261EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/22 12:0 a.m.14 views

WordPress Media Library Assistant Plugin <= 3.15 is vulnerable to Cross Site Scripting (XSS)

Software Media Library Assistant Type Plugin Vulnerable versions = 3.15 Fixed in 3.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3519 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f2ec0a790f20 Credits Le Ngoc Anh...

6.1CVSS5.6AI score0.00329EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/22 12:0 a.m.10 views

WordPress Media Library Assistant Plugin <= 3.15 is vulnerable to SQL Injection

Software Media Library Assistant Type Plugin Vulnerable versions = 3.15 Fixed in 3.16 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3518 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID fe78e3bb0aff Credits Thanh Nam Tran Required privilege Contributo...

8.8CVSS6.8AI score0.00531EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/16 12:0 a.m.14 views

WordPress Tutor LMS Pro Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4352 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 7694afbc9e58 Credits villu164 Required privilege...

8.8CVSS6.4AI score0.01183EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/16 12:0 a.m.15 views

WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4223 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 86348e33f1ae Credits villu164 Required privilege...

9.8CVSS6.5AI score0.00522EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/10 12:0 a.m.19 views

WordPress LearnPress Plugin <= 4.2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software LearnPress Type Plugin Vulnerable versions = 4.2.6.5 Fixed in 4.2.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4277 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3ad5ee25dcd1 Credits stealthcopter Required...

6.4CVSS5.8AI score0.0034EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/09 12:0 a.m.11 views

WordPress SportsPress – Sports Club & League Manager Plugin <= 2.7.20 is vulnerable to Broken Access Control

Software SportsPress – Sports Club & League Manager Type Plugin Vulnerable versions = 2.7.20 Fixed in 2.7.21 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34824 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2f441ec415dc Credits...

6.3CVSS6.6AI score0.00246EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/07 12:0 a.m.17 views

WordPress Himalayas Theme <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Himalayas Type Theme Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34571 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dd02f673cbfe Credits stealthcopter Required privilege Contributor...

6.5CVSS6.6AI score0.00255EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/02 12:0 a.m.10 views

WordPress Sticky Buttons Plugin < 3.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sticky Buttons Type Plugin Vulnerable versions 3.2.4 Fixed in 3.2.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3475 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c9f456e279d5 Credits Bob Matyas Required...

6.6AI score0.00283EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2024/04/30 12:0 a.m.10 views

WordPress Where Did You Hear About Us Checkout Field for WooCommerce Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Where Did You Hear About Us Checkout Field for WooCommerce Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2752 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID...

5.5CVSS5.8AI score0.00419EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/30 12:0 a.m.9 views

WordPress Event Management Tickets Booking Plugin <= 1.3.4 is vulnerable to PHP Object Injection

Software Event Management Tickets Booking Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1895 Patch priority Medium CVSS severity Medium 7.4 Developer Claim ownership PSID d93e6770a231 Credits Francesco Carlucci...

7.5CVSS6.8AI score0.0085EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/29 12:0 a.m.10 views

WordPress CPO Companion Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software CPO Companion Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33916 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 57daf6c77a1b Credits Ngô Thiên An ancorn from VNPT-VCI Required...

6.5CVSS6.6AI score0.00315EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/26 12:0 a.m.10 views

WordPress Hugo WP Theme <= 1.0.8 is vulnerable to Broken Access Control

Software Hugo WP Type Theme Vulnerable versions = 1.0.8 Fixed in 1.0.10 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33686 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b2b5b58a00f1 Credits Dhabaleshwar Das Required privilege...

4.3CVSS4.4AI score0.00507EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/25 12:0 a.m.8 views

WordPress Blocksy Theme <= 2.0.39 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.39 Fixed in 2.0.40 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3747 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 3ec8e6a91460 Credits Ngô Thiên An ancorn Required...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/24 12:0 a.m.12 views

WordPress Chaty Plugin < 3.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Chaty Type Plugin Vulnerable versions 3.1.9 Fixed in 3.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2972 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID de00cfe54026 Credits Dmitrii Ignatyev Required privilege...

5.7AI score0.00394EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.9 views

WordPress WP LinkedIn Auto Publish Plugin <= 8.11 is vulnerable to Broken Access Control

Software WP LinkedIn Auto Publish Type Plugin Vulnerable versions = 8.11 Fixed in 8.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32797 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 03094155e86a Credits Abdi Pranata Required...

5.4CVSS6.6AI score0.00314EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.22 views

WordPress ProfileGrid Plugin <= 5.7.9 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.9 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32808 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b60c26e035a2 Credits Kyle Sanchez...

8.8CVSS6.5AI score0.00448EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder