Lucene search
K

376 matches found

Patchstack
Patchstack
added 2024/10/29 12:0 a.m.15 views

WordPress Crypto Plugin <= 2.18 is vulnerable to Broken Authentication

Software Crypto Type Plugin Vulnerable versions = 2.18 Fixed in 2.19 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9988 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4336600a033e Credits István Márton...

9.8CVSS9.4AI score0.0108EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.15 views

WordPress 1-Click Login: Passwordless Authentication Plugin 1.4.5 is vulnerable to Broken Authentication

Software 1-Click Login: Passwordless Authentication Type Plugin Vulnerable versions 1.4.5 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2024-50478 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2b1c10f4ccc7 Credits...

9.8CVSS6.5AI score0.01092EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.13 views

WordPress Ajar in5 Embed Plugin <= 3.1.3 is vulnerable to Arbitrary File Upload

Software Ajar in5 Embed Type Plugin Vulnerable versions = 3.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50473 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 049a1a1b0c36 Credits CTRL Chance Required privilege...

10CVSS6.8AI score0.01033EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.13 views

WordPress Stacks Mobile App Builder Plugin <= 5.2.3 is vulnerable to Broken Authentication

Software Stacks Mobile App Builder Type Plugin Vulnerable versions = 5.2.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50477 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 02ff662824ca Credit...

9.8CVSS6.5AI score0.07959EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.11 views

WordPress App Builder Plugin <= 5.3.7 is vulnerable to Broken Authentication

Software App Builder Type Plugin Vulnerable versions = 5.3.7 Fixed in 5.3.8 OWASP Top 10 A3: Injection Classification Broken Authentication CVE CVE-2024-9302 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 82e5ff2f8d20 Credits wesley wcraft Required privilege...

9.8CVSS6.8AI score0.00586EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.13 views

WordPress iBryl Switch User Plugin <= 1.0.1 is vulnerable to Broken Authentication

Software iBryl Switch User Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-49675 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID e670b280f106 Credits...

8.8CVSS6.5AI score0.00492EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.12 views

WordPress TeploBot - Telegram Bot for WP Plugin <= 1.3 is vulnerable to Sensitive Data Exposure

Software TeploBot - Telegram Bot for WP Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-9627 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 5b587e0ba22b Credits István Márton...

8.6CVSS6.5AI score0.00351EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.19 views

WordPress TI WooCommerce Wishlist Plugin <= 2.9.0 is vulnerable to SQL Injection

Software TI WooCommerce Wishlist Type Plugin Vulnerable versions = 2.9.0 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9156 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 2b353481dee7 Credits John Castro Required privilege...

7.5CVSS6.8AI score0.00391EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.12 views

WordPress Rate Own Post Plugin <= 1.0 is vulnerable to SQL Injection

Software Rate Own Post Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49616 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID c63aca788766 Credits João Pedro S Alcântara Kinorth Required privilege...

8.8CVSS8.8AI score0.00432EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.27 views

WordPress Time Clock Plugin <= 1.2.2 is vulnerable to Remote Code Execution (RCE)

Software Time Clock Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-9593 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID ba1ac64c553d Credits István Márton Required privilege...

8.3CVSS7.3AI score0.12491EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.11 views

WordPress photokit Plugin <= 1.0 is vulnerable to Arbitrary File Upload

Software photokit Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49610 Patch priority High CVSS severity High 10 Developer Claim ownership PSID a740c666723d Credits stealthcopter Required privilege Unauthenticated...

10CVSS6.9AI score0.00501EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.18 views

WordPress Product Website Showcase Plugin <= 1.0 is vulnerable to Arbitrary File Upload

Software Product Website Showcase Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49611 Patch priority High CVSS severity High 10 Developer Claim ownership PSID f26ca655ccfd Credits stealthcopter Required privilege...

10CVSS6.9AI score0.0053EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/17 12:0 a.m.18 views

WordPress Giveaway Boost Plugin <= 2.1.4 is vulnerable to PHP Object Injection

Software Giveaway Boost Type Plugin Vulnerable versions = 2.1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49332 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID dc16e9530c12 Credits Mika Required privilege Unauthenticated...

9.8CVSS6.9AI score0.00509EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.12 views

WordPress Timetable and Event Schedule Plugin <= 2.3.8 is vulnerable to Broken Access Control

Software Timetable and Event Schedule Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2020-36840 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID d75a5069efd3 Credits Ram Required...

9.8CVSS6.5AI score0.00403EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.14 views

WordPress FREE DOWNLOAD MANAGER Plugin <= 1.0.0 is vulnerable to Arbitrary File Deletion

Software FREE DOWNLOAD MANAGER Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Deletion CVE CVE-2024-49315 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 8f4f5a37b4b7 Credits stealthcopter Required privilege...

8.6CVSS6.9AI score0.00566EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.19 views

WordPress File Manager Pro Plugin <= 8.3.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software File Manager Pro Type Plugin Vulnerable versions = 8.3.9 Fixed in 8.3.10 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8507 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID caf0adb29b86 Credits TANG Cheuk Hei...

8.8CVSS8.8AI score0.00229EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.12 views

WordPress Email Verification for WooCommerce Plugin <= 2.8.10 is vulnerable to SQL Injection

Software Email Verification for WooCommerce Type Plugin Vulnerable versions = 2.8.10 Fixed in 2.9.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49305 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 2913142990bb Credits shaman0x01 Required privile...

9.3CVSS9.4AI score0.00403EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.15 views

WordPress Recently Plugin <= 1.1 is vulnerable to PHP Object Injection

Software Recently Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49218 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID dfdd033e65c6 Credits LVT-tholv2k Required privilege Unauthenticated...

9.8CVSS6.8AI score0.00509EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.14 views

WordPress Feed Comments Number Plugin <= 0.2.1 is vulnerable to Arbitrary File Upload

Software Feed Comments Number Type Plugin Vulnerable versions = 0.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49216 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 6dc3911dda2c Credits stealthcopter Required privilege...

10CVSS7.2AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.30 views

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.121 is vulnerable to Remote Code Execution (RCE)

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.121 Fixed in 1.5.122 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-49271 Patch priority High CVSS severity High 9.1 Developer Unlimited Elements PSID...

9.1CVSS7.3AI score0.01114EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder