Lucene search
+L

377 matches found

Patchstack
Patchstack
‱added 2025/09/23 11:30 a.m.‱5 views

WordPress Houzez Theme - Functionality Plugin <= 4.1.2 - Arbitrary File Download Vulnerability

WordPress Houzez Theme - Functionality Plugin = 4.1.2 - Arbitrary File Download Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Houzez Theme - Functionality versions = 4.1.2...

8.5CVSS6.7AI score0.00251EPSS
Exploits0Affected Software1
OSV
OSV
‱added 2025/09/23 6:0 a.m.‱5 views

CVE-2025-39886 bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()

In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...

5.5CVSS6.4AI score0.00139EPSS
Exploits0References7
Patchstack
Patchstack
‱added 2025/09/08 12:0 a.m.‱4 views

WordPress Anubia Theme <= 1.0.14 is vulnerable to Local File Inclusion

Software Anubia Type Theme Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID b5ed4e6dec35 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

8.1CVSS7.7AI score0.00519EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/09/08 12:0 a.m.‱6 views

WordPress Doccure Theme <= 1.4.8 is vulnerable to Arbitrary File Upload

Software Doccure Type Theme Vulnerable versions = 1.4.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-9113 Patch priority High CVSS severity High 10 Developer Claim ownership PSID a390d4c607ad Credits IstvĂĄn MĂĄrton Required privilege Unauthenticated...

9.8CVSS7.3AI score0.00574EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
‱added 2025/09/08 12:0 a.m.‱8 views

WordPress AI ANN Theme <= 1.1.0 is vulnerable to Local File Inclusion

Software AI ANN Type Theme Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID db0cdc544b6f Credits Bonds Required privilege Unauthenticated Published 8...

8.1CVSS7.6AI score0.00519EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/09/08 12:0 a.m.‱4 views

WordPress Samadhi Theme <= 1.0.13 is vulnerable to Local File Inclusion

Software Samadhi Type Theme Vulnerable versions = 1.0.13 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bf8a42958bd Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

8.1CVSS7.7AI score0.00519EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/08/27 12:0 a.m.‱9 views

WordPress Pin WP Theme < 7.2 is vulnerable to Arbitrary File Upload

Software Pin WP Type Theme Vulnerable versions 7.2 Fixed in 7.2 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2025-53251 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 85f8a3209836 Credits Bonds Required privilege Subscriber Published 27 August...

9.9CVSS7.2AI score0.00307EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/08/22 10:6 p.m.‱7 views

WordPress Wptobe-memberships plugin <= 3.4.2 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Aril Aprilio forsak3n in WordPress Plugin Wptobe-memberships versions = 3.4.2...

8.1CVSS6.8AI score0.00588EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/06/17 12:10 p.m.‱6 views

WordPress Rankie plugin < 1.8.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Anhchangmutrang in WordPress Plugin Rankie versions 1.8.2...

8.5CVSS8AI score0.00252EPSS
Exploits0Affected Software1
Patchstack
Patchstack
‱added 2025/06/12 6:52 a.m.‱18 views

WordPress Workreap plugin <= 3.3.2 - Authenticated (Subscriber+) Arbitrary File Upload via 'workreap_temp_upload_to_media' vulnerability

Authenticated Subscriber+ Arbitrary File Upload via 'workreaptempuploadtomedia' vulnerability discovered by Foxyyy in WordPress Plugin Workreap theme's plugin versions = 3.3.2...

8.8CVSS6.8AI score0.00521EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/06/11 12:0 a.m.‱6 views

WordPress Ruza Theme <= 1.0.7 is vulnerable to Local File Inclusion

Software Ruza Type Theme Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-49255 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 6bd5103cfe41 Credits Phat RiO - BlueRock Required privilege...

8.1CVSS6.8AI score0.00397EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/06/11 12:0 a.m.‱7 views

WordPress Zota Theme <= 1.3.8 is vulnerable to Local File Inclusion

Software Zota Type Theme Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-49257 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 511b31ea918b Credits Phat RiO - BlueRock Required privilege...

8.1CVSS6.8AI score0.00397EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/06/03 11:35 a.m.‱13 views

WordPress WPCHURCH plugin <= 2.7.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by PhĂșc ton luoi in WordPress Plugin WPCHURCH versions = 2.7.0...

9.3CVSS7.7AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
‱added 2025/06/03 12:0 a.m.‱4 views

WordPress Minterio Theme <= 1.4.0 is vulnerable to Local File Inclusion

Software Minterio Type Theme Vulnerable versions = 1.4.0 Fixed in 1.4.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-48290 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 004a498a9b2a Credits Bonds Required privilege Unauthenticated Publish...

6.3AI score0.00488EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/05/22 1:7 p.m.‱11 views

WordPress MapSVG plugin < 8.6.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Anhchangmutrang Patchstack Alliance in WordPress Plugin MapSVG versions 8.6.13...

7.5CVSS6.8AI score0.00365EPSS
Exploits0Affected Software1
Patchstack
Patchstack
‱added 2025/05/22 12:46 p.m.‱7 views

WordPress Bus Ticket Booking with Seat Reservation for WooCommerce plugin <= 1.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jingle Bells in WordPress Plugin Bus Ticket Booking with Seat Reservation for WooCommerce versions = 1.7...

9.3CVSS7.8AI score0.00379EPSS
Exploits0Affected Software1
Patchstack
Patchstack
‱added 2025/05/21 12:0 a.m.‱8 views

WordPress Oxpitan Theme <= 1.3.1 is vulnerable to Local File Inclusion

Software Oxpitan Type Theme Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-32294 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 95fea536d9dc Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

8.1CVSS6.8AI score0.00669EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/05/14 9:24 p.m.‱6 views

WordPress UiPress lite plugin <= 3.5.07 - Authenticated (Subscriber+) Remote Code Execution vulnerability

Authenticated Subscriber+ Remote Code Execution vulnerability discovered by WordFence in WordPress Plugin UiPress lite versions = 3.5.07...

8.8CVSS9AI score0.00881EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
‱added 2025/05/12 4:6 p.m.‱6 views

WordPress Opal Woo Custom Product Variation plugin <= 1.2.0 - Arbitrary File Deletion Vulnerability

Arbitrary File Deletion Vulnerability discovered by timomangcut in WordPress Plugin Opal Woo Custom Product Variation versions = 1.2.0...

8.6CVSS8.2AI score0.00426EPSS
Exploits0Affected Software1
Patchstack
Patchstack
‱added 2025/05/12 4:6 p.m.‱9 views

WordPress WPFunnels plugin <= 3.5.18 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by timomangcut in WordPress Plugin WPFunnels versions = 3.5.18...

9.8CVSS8.4AI score0.00396EPSS
Exploits0Affected Software1
Rows per page
Query Builder