Lucene search
+L

377 matches found

Patchstack
Patchstack
added 2024/10/14 12:0 a.m.7 views

WordPress Ajax Rating with Custom Login Plugin <= 1.1 is vulnerable to SQL Injection

Software Ajax Rating with Custom Login Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49246 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID de8e18fe2e58 Credits stealthcopter Required privilege...

9.3CVSS6.8AI score0.004EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.13 views

WordPress Digital Lottery Plugin <= 3.0.5 is vulnerable to Arbitrary File Upload

Software Digital Lottery Type Plugin Vulnerable versions = 3.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49242 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 7676461ee2c0 Credits stealthcopter Required privilege...

10CVSS7.2AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.15 views

WordPress Feed Comments Number Plugin <= 0.2.1 is vulnerable to Arbitrary File Upload

Software Feed Comments Number Type Plugin Vulnerable versions = 0.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49216 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 6dc3911dda2c Credits stealthcopter Required privilege...

10CVSS7.2AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/10 12:0 a.m.28 views

WordPress Hunk Companion Plugin <= 1.8.4 is vulnerable to Broken Access Control

Software Hunk Companion Type Plugin Vulnerable versions = 1.8.4 Fixed in 1.8.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9707 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 20cecbb53904 Credits Sean Murphy Required privileg...

9.8CVSS6.5AI score0.09137EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.17 views

WordPress WP Users Masquerade Plugin <= 2.0.0 is vulnerable to Broken Authentication

Software WP Users Masquerade Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9522 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID eb305b8e1a56 Credits Istvá...

8.8CVSS8.7AI score0.00465EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.21 views

WordPress Tainacan Plugin <= 0.21.8 is vulnerable to SQL Injection

Software Tainacan Type Plugin Vulnerable versions = 0.21.8 Fixed in 0.21.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-48040 Patch priority High CVSS severity High 8.5 Developer Tainacan Community PSID 8db23d195d90 Credits Trương Hữu Phúc truonghuuphuc Required privilege...

8.5CVSS6.8AI score0.0053EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/08 12:0 a.m.22 views

WordPress LatePoint Plugin <= 5.0.11 is vulnerable to SQL Injection

Software LatePoint Type Plugin Vulnerable versions = 5.0.11 Fixed in 5.0.12 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-8911 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 26726ee6dc78 Credits István Márton Required privilege Unauthenticated...

9.8CVSS7.2AI score0.0288EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.18 views

WordPress Top Bar – PopUps – by WPOptin Plugin <= 2.0.1 is vulnerable to Local File Inclusion

Software Top Bar – PopUps – by WPOptin Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-47645 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID f22f05a49b0f Credits tahu.datar Required...

7.5CVSS6.8AI score0.00481EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.12 views

WordPress YITH WooCommerce Ajax Search Plugin <= 2.8.0 is vulnerable to SQL Injection

Software YITH WooCommerce Ajax Search Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.8.1 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-47350 Patch priority High CVSS severity High 9.3 Developer YITH PSID 596c2acc77c4 Credits Hakiduck Required privilege Unauthenticated...

9.3CVSS6.8AI score0.00416EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/09/27 12:39 p.m.14 views

CVE-2024-46837 drm/panthor: Restrict high priorities on group_create

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on groupcreate We were allowing any users to create a high priority group without any permission checks. As a result, this was allowing possible denial of service. We now only allow the DRM...

5.5CVSS4.9AI score0.00202EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.11 views

WordPress Charitable Plugin <= 1.8.1.14 is vulnerable to Privilege Escalation

Software Charitable Type Plugin Vulnerable versions = 1.8.1.14 Fixed in 1.8.1.15 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8791 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 04c66e8c147c Credits wesley...

9.8CVSS6.6AI score0.00733EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/10 12:0 a.m.20 views

WordPress Frontend Dashboard Plugin <= 2.2.4 is vulnerable to Arbitrary Code Execution

Software Frontend Dashboard Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-8268 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 9cb7568890b1 Credits Lucio Sá Required privilege...

8.8CVSS7AI score0.00706EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/06 12:0 a.m.12 views

WordPress Newsletters Plugin <= 4.9.9.2 is vulnerable to Privilege Escalation

Software Newsletters Type Plugin Vulnerable versions = 4.9.9.2 Fixed in 4.9.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8247 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID eb3ac75f37d4 Credits rajesh...

8.8CVSS6.6AI score0.00485EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/04 12:0 a.m.16 views

WordPress Bit File Manager Plugin 6.0-6.5.5 is vulnerable to Arbitrary File Upload

Software Bit File Manager Type Plugin Vulnerable versions 6.0-6.5.5 Fixed in 6.5.6 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-7627 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 8d646fb4b08e Credits TANG Cheuk Hei siunam Required...

8.1CVSS6.8AI score0.02802EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
added 2024/08/28 12:0 a.m.10 views

WordPress Login As Users Plugin <= 1.4.3 is vulnerable to Broken Access Control

Software Login As Users Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43982 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 591007b6910c Credits Ananda Dhakal Patchstack...

8.8CVSS8.7AI score0.00435EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.21 views

WordPress SendGrid for WordPress Plugin <= 1.4 is vulnerable to SQL Injection

Software SendGrid for WordPress Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43965 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 897d693aed88 Credits Ananda Dhakal Patchstack Required privilege...

9.8CVSS6.9AI score0.0188EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/08/22 12:0 a.m.27 views

WordPress WBW Product Table PRO Plugin <= 1.9.4 is vulnerable to SQL Injection

Software WBW Product Table PRO Type Plugin Vulnerable versions = 1.9.4 Fixed in 1.9.5 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43918 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 2c9d3f09a102 Credits Dave Jong Patchstack Required privilege...

10CVSS6.8AI score0.01486EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/08/22 12:0 a.m.31 views

WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 is vulnerable to SQL Injection

Software TI WooCommerce Wishlist Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.9.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43917 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 55f8b0990265 Credits Rafie Muhammad Patchstack Required...

9.8CVSS9.6AI score0.21769EPSS
Exploits3References2Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.11 views

WordPress Grow by Tradedoubler Plugin < 2.0.22 is vulnerable to Local File Inclusion

Software Grow by Tradedoubler Type Plugin Vulnerable versions 2.0.22 Fixed in 2.0.22 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-6460 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 01b6350330ff Credits Project Black Required privilege...

9.8CVSS6.8AI score0.04826EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/08/15 12:0 a.m.11 views

WordPress TrueBooker Plugin <= 1.0.2 is vulnerable to SQL Injection

Software TrueBooker Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6924 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID bf0618e9b2e8 Credits Project Black Required privilege Unauthenticated...

9.8CVSS6.8AI score0.03292EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder