Lucene search
K

273 matches found

Patchstack
Patchstack
added 2023/02/23 12:0 a.m.6 views

WordPress WP Meta SEO Plugin <= 4.5.2 is vulnerable to SQL Injection

Software WP Meta SEO Type Plugin Vulnerable versions = 4.5.2 Fixed in 4.5.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ed22c0b021d4 Credits WordFence Required privilege Subscriber Published 23 February,...

7.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/13 12:0 a.m.16 views

WordPress Portfolio – WordPress Portfolio Plugin Plugin <= 2.8.10 is vulnerable to Cross Site Scripting (XSS)

Software Portfolio – WordPress Portfolio Plugin Type Plugin Vulnerable versions = 2.8.10 Fixed in 2.8.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23685 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 518a0520e6c9 Credit...

6.5CVSS5.7AI score0.00361EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/06 12:0 a.m.18 views

WordPress Auto Affiliate Links Plugin <= 6.2.1.5 is vulnerable to Privilege Escalation

Software Auto Affiliate Links Type Plugin Vulnerable versions = 6.2.1.5 Fixed in 6.2.1.6 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2022-45840 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 552906959004 Credits Nguyen Anh Tien...

6.3AI score0.00637EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/06 12:0 a.m.12 views

WordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV Injection

Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.5.2 Fixed in 5.5.3 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45810 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID bc18fb9ece3e Credits Mika Required privilege...

9.8CVSS6.9AI score0.00629EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/06 12:0 a.m.14 views

WordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV Injection

Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45370 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID aa57ae50e983 Credits Mika Required privilege...

9.8CVSS6.9AI score0.00847EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.10 views

WordPress Olevmedia Shortcodes Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Olevmedia Shortcodes Type Plugin Vulnerable versions = 1.1.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0168 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 576499d3655f Credits István Márton...

5.4CVSS5.7AI score0.0049EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.8 views

WordPress Glossary Plugin <= 2.1.27 is vulnerable to Cross Site Scripting (XSS)

Software Glossary Type Plugin Vulnerable versions = 2.1.27 Fixed in 2.1.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24378 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7470ca4b443e Credits Rafshanzani Suhada Required...

6.5CVSS5.8AI score0.00383EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/24 12:0 a.m.22 views

WordPress Intuitive Custom Post Order Plugin <= 3.1.3 is vulnerable to Broken Access Control

Software Intuitive Custom Post Order Type Plugin Vulnerable versions = 3.1.3 Fixed in 3.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4385 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 582d2859794c Credits Yuya Kotake...

4.3CVSS6.4AI score0.00486EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/17 12:0 a.m.13 views

WordPress Judge.me Product Reviews for WooCommerce Plugin < 1.3.21 is vulnerable to Cross Site Scripting (XSS)

Software Judge.me Product Reviews for WooCommerce Type Plugin Vulnerable versions 1.3.21 Fixed in 1.3.21 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0061 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 7fda1dafd296...

6.8CVSS5.7AI score0.00635EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/17 12:0 a.m.24 views

WordPress Simple URLs Plugin < 115 is vulnerable to SQL Injection

Software Simple URLs Type Plugin Vulnerable versions 115 Fixed in 115 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0098 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ce05d13c3118 Credits dc11 Required privilege Subscriber Published 17 January,...

8.8CVSS6.8AI score0.00943EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/01/14 12:0 a.m.16 views

WordPress Easy Digital Downloads Plugin <= 3.1.0.3 is vulnerable to SQL Injection

Software Easy Digital Downloads Type Plugin Vulnerable versions = 3.1.0.3 Fixed in 3.1.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-23489 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 8ebed23bcf9a Credits Joshua Martinelle Required privilege...

9.8CVSS6.7AI score0.11172EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/12 12:0 a.m.16 views

WordPress WP Blog and Widget Plugin < 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Blog and Widget Type Plugin Vulnerable versions 2.3.1 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4824 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID db9b8648db51 Credits Lana Codes Requir...

5.4CVSS5.6AI score0.00649EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/06 12:0 a.m.8 views

WordPress Post Grid, Post Carousel, & List Category Posts – by Smart Post Show Plugin < 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Post Grid, Post Carousel, & List Category Posts – by Smart Post Show Type Plugin Vulnerable versions 2.3.5 Fixed in 2.3.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

6.9AI score
Exploits0References4Affected Software1
Rows per page
Query Builder