Lucene search
+L

377 matches found

Patchstack
Patchstack
added 2024/11/25 12:0 a.m.15 views

WordPress MP3 Sticky Player Plugin <= 8.0 is vulnerable to Path Traversal

Software MP3 Sticky Player Type Plugin Vulnerable versions = 8.0 Fixed in 8.1 OWASP Top 10 A5: Security Misconfiguration Classification Path Traversal CVE CVE-2024-10803 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID f73c5492a133 Credits Tonn Required privilege...

7.5CVSS6.8AI score0.0093EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.12 views

WordPress School Management Plugin <= 91.5.0 is vulnerable to Arbitrary File Upload

Software School Management Type Plugin Vulnerable versions = 91.5.0 Fixed in 92.0.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-9659 Patch priority High CVSS severity High 10 Developer Claim ownership PSID c5a4715332b9 Credits Tonn Required privilege Unauthenticat...

9.8CVSS6.9AI score0.01612EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.11 views

WordPress Sky Addons for Elementor Plugin <= 2.6.2 is vulnerable to Broken Access Control

Software Sky Addons for Elementor Type Plugin Vulnerable versions = 2.6.2 Fixed in 2.6.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-11104 Patch priority High CVSS severity High 8.1 Developer Shahidul Islam PSID 3c17c9976c8a Credits vgo0 Required...

8.1CVSS6.5AI score0.00666EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.12 views

WordPress AccessPress Staple Theme <= 1.9.1 is vulnerable to Arbitrary File Upload

Software AccessPress Staple Type Theme Vulnerable versions = 1.9.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52488 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 613a651ca664 Credits Mika Required privilege Subscriber...

6.6AI score0.00471EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.14 views

WordPress MStore API Plugin <= 4.15.7 is vulnerable to SQL Injection

Software MStore API Type Plugin Vulnerable versions = 4.15.7 Fixed in 4.15.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-11179 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 1c06ba6b6a95 Credits Trương Hữu Phúc truonghuuphuc Required privilege...

6.5CVSS6.8AI score0.0045EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.16 views

WordPress Jobify - Job Board WordPress Theme Theme <= 4.2.3 is vulnerable to Arbitrary File Download

Software Jobify - Job Board WordPress Theme Type Theme Vulnerable versions = 4.2.3 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Download CVE CVE-2024-52481 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID d63150ac42f8 Credits Anand...

6.8AI score0.00669EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/15 12:0 a.m.17 views

WordPress WP Quick Setup Plugin <= 2.0 is vulnerable to Arbitrary File Upload

Software WP Quick Setup Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52429 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID ceb3ca8b7fc9 Credits Mika Required privilege Subscriber Published...

9.9CVSS7.2AI score0.00901EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/14 12:0 a.m.49 views

WordPress Really Simple Security Pro multisite Plugin 9.0.0-9.1.1.1 is vulnerable to Broken Authentication

Software Really Simple Security Pro multisite Type Plugin Vulnerable versions 9.0.0-9.1.1.1 Fixed in 9.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10924 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 976349dfad8d Credits...

9.8CVSS6.2AI score0.81722EPSS
Exploits21References2Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.16 views

WordPress WooCommerce Upload Files Plugin <= 84.3 is vulnerable to Arbitrary File Upload

Software WooCommerce Upload Files Type Plugin Vulnerable versions = 84.3 Fixed in 84.4 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-10820 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2047e0da8994 Credits Tonn Required privilege...

9.8CVSS6.9AI score0.01164EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.14 views

WordPress B-Banner Slider Plugin <= 1.1 is vulnerable to Arbitrary File Upload

Software B-Banner Slider Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52405 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 1fa3975122b0 Credits stealthcopter Required privilege Subscriber...

9.9CVSS7.2AI score0.00478EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/12 12:0 a.m.19 views

WordPress Relais 2FA Plugin <= 1.0 is vulnerable to Broken Authentication

Software Relais 2FA Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10245 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 461a7cd31084 Credits István Márton...

9.8CVSS6.8AI score0.01162EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2024/11/11 12:0 a.m.14 views

WordPress Boat Rental Plugin for WordPress Plugin <= 1.0.1 is vulnerable to Arbitrary File Upload

Software Boat Rental Plugin for WordPress Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52376 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 3fb792ad560d Credits stealthcopter Required...

10CVSS6.8AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/11 12:0 a.m.19 views

WordPress Devexhub Gallery Plugin <= 2.0.1 is vulnerable to Arbitrary File Upload

Software Devexhub Gallery Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52373 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 41326b5950fa Credits stealthcopter Required privilege...

10CVSS6.8AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/11 12:0 a.m.15 views

WordPress Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation Plugin <= 2.4.9 is vulnerable to Arbitrary File Upload

Software Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation Type Plugin Vulnerable versions = 2.4.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52384 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID...

9.9CVSS7.2AI score0.00478EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/11 12:0 a.m.10 views

WordPress DigiPass Plugin <= 0.3.0 is vulnerable to Arbitrary File Download

Software DigiPass Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Download CVE CVE-2024-52378 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID dbfd2eb97192 Credits stealthcopter Required privilege Unauthenticat...

7.5CVSS7.2AI score0.0055EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/11 12:0 a.m.16 views

WordPress Datasets Manager by Arttia Creative Plugin <= 1.5 is vulnerable to Arbitrary File Upload

Software Datasets Manager by Arttia Creative Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52375 Patch priority High CVSS severity High 10 Developer Claim ownership PSID c894c89a63d1 Credits stealthcopter Required...

10CVSS6.8AI score0.0135EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.18 views

WordPress HB AUDIO GALLERY Plugin <= 3.0 is vulnerable to Arbitrary File Upload

Software HB AUDIO GALLERY Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-51790 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 40d2c24127c2 Credits stealthcopter Required privilege...

10CVSS6.8AI score0.00527EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.23 views

WordPress WooCommerce Social Login Plugin <= 2.7.7 is vulnerable to Broken Authentication

Software WooCommerce Social Login Type Plugin Vulnerable versions = 2.7.7 Fixed in 2.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10114 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 36095483e627 Credi...

8.1CVSS6.6AI score0.00524EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.14 views

WordPress Contest Gallery Plugin <= 24.0.3 is vulnerable to SQL Injection

Software Contest Gallery Type Plugin Vulnerable versions = 24.0.3 Fixed in 24.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10687 Patch priority High CVSS severity High 9.3 Developer Wasiliy Strecker PSID 3e91b10a855a Credits shaman0x01 Required privilege Unauthenticate...

9.8CVSS6.9AI score0.00635EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.14 views

WordPress BookingPress Plugin <= 1.1.16 is vulnerable to SQL Injection

Software BookingPress Type Plugin Vulnerable versions = 1.1.16 Fixed in 1.1.17 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10540 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID ae4b89138a08 Credits Arkadiusz Hydzik Required privilege Subscriber...

6.5CVSS6.9AI score0.00575EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder