Lucene search
K

136 matches found

Patchstack
Patchstack
added 2025/09/04 2:37 p.m.7 views

WordPress Quick Paypal Payments Plugin <= 5.7.46 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Quick Paypal Payments versions = 5.7.46...

4.3CVSS6.8AI score0.00119EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/03 6:12 p.m.6 views

WordPress Radio Station plugin <= 2.5.12 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Radio Station versions = 2.5.12...

4.3CVSS6.6AI score0.00121EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 12:12 a.m.11 views

WordPress WP Table Builder plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by domiee13 in WordPress Plugin WP Table Builder versions = 2.0.6...

4.3CVSS6.6AI score0.0014EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.12 views

WordPress StreamWeasels YouTube Integration Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels YouTube Integration Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11788 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bbd6037644c5 Credits...

5.7AI score0.004EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.11 views

WordPress Theme Builder For Elementor Plugin <= 1.2.2 is vulnerable to Broken Access Control

Software Theme Builder For Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10782 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 266b574a3c97...

4.3CVSS6.7AI score0.00456EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.17 views

WordPress Save as PDF plugin by Pdfcrowd Plugin <= 4.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Save as PDF plugin by Pdfcrowd Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10891 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bc2c8b0bae5b Credits Peter...

6.4CVSS5.7AI score0.0027EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.12 views

WordPress nBlocks Plugin <= 1.0.2 is vulnerable to Local File Inclusion

Software nBlocks Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-52450 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID d4618b9386b6 Credits João Pedro S Alcântara Kinorth Required...

7.5CVSS6.6AI score0.00561EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.14 views

WordPress Google for WooCommerce Plugin <= 2.8.6 is vulnerable to Sensitive Data Exposure

Software Google for WooCommerce Type Plugin Vulnerable versions = 2.8.6 Fixed in 2.8.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10486 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID aafd7d494c83 Credits Francesco Carlucci...

5.3CVSS6.5AI score0.00887EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.13 views

WordPress Envo Extra Plugin <= 1.9.3 is vulnerable to Sensitive Data Exposure

Software Envo Extra Type Plugin Vulnerable versions = 1.9.3 Fixed in 1.9.4 OWASP Top 10 A3: Injection Classification Sensitive Data Exposure CVE CVE-2024-10770 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c74e911b1aae Credits Francesco Carlucci Required privilege...

4.3CVSS6.8AI score0.003EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.10 views

WordPress Contact Form 7 Dynamic Text Extension Plugin <= 4.5 is vulnerable to Sensitive Data Exposure

Software Contact Form 7 Dynamic Text Extension Type Plugin Vulnerable versions = 4.5 Fixed in 4.5.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10084 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a8f9f7ebcd8 Credits...

4.3CVSS6.6AI score0.00344EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.13 views

WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.8.6 is vulnerable to Broken Access Control

Software WooCommerce PDF Invoices & Packing Slips Type Plugin Vulnerable versions = 3.8.6 Fixed in 3.8.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-50421 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b5246d239102 Credits Rafi...

5.3CVSS6.5AI score0.00398EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.11 views

WordPress The Pack Elementor addons Plugin <= 2.0.9 is vulnerable to Local File Inclusion

Software The Pack Elementor addons Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-50453 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID e424fb066139 Credits João Pedro S Alcânta...

8.8CVSS7.6AI score0.00542EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.13 views

WordPress Cooked Pro Plugin < 1.8.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Cooked Pro Type Plugin Vulnerable versions 1.8.0 Fixed in 1.8.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49290 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c5a09464e377 Credits RE-ALTER Required privileg...

8.8CVSS7AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.8 views

WordPress Advanced Woo Labels Plugin <= 2.01 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Woo Labels Type Plugin Vulnerable versions = 2.01 Fixed in 2.02 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47622 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9dc287c181e2 Credits savphill Required privilege...

6.5CVSS6.5AI score0.00237EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/26 12:0 a.m.10 views

WordPress Email Subscribers & Newsletters Plugin <= 5.7.34 is vulnerable to Broken Access Control

Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.7.34 Fixed in 5.7.35 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8771 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d3427c89899f Credits Michelle...

4.3CVSS6.6AI score0.00352EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.11 views

WordPress Bit Form – Contact Form Plugin Plugin <= 2.13.10 is vulnerable to Arbitrary File Upload

Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions = 2.13.10 Fixed in 2.13.11 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-47319 Patch priority Low CVSS severity Low 8 Developer Claim ownership PSID 4ad1bd9ca230 Credits Certus Cybersecurity...

8CVSS6.8AI score0.00426EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/13 12:0 a.m.12 views

WordPress Tweaker5 Theme <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Tweaker5 Type Theme Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5870 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dc368d54393c Credits Francesco Carlucci Required privileg...

6.4CVSS5.8AI score0.00257EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/11 12:0 a.m.11 views

WordPress Flash & HTML5 Video Plugin <= 2.5.34 is vulnerable to Broken Access Control

Software Flash & HTML5 Video Type Plugin Vulnerable versions = 2.5.34 Fixed in 2.5.35 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7721 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 692106c3e036 Credits Lucio Sá Required...

4.3CVSS6.6AI score0.00309EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/10 12:0 a.m.13 views

WordPress Floating Contact Button Plugin < 2.8 is vulnerable to Cross Site Scripting (XSS)

Software Floating Contact Button Type Plugin Vulnerable versions 2.8 Fixed in 2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7891 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2bb2b652e147 Credits Kientt Required...

4.8CVSS5.8AI score0.00328EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/09/04 12:0 a.m.11 views

WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 3.0.8 is vulnerable to Insecure Direct Object References (IDOR)

Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-8123 Patch priority Low CVSS severity Low 5.4 Developer WP Extended PSID...

5.4CVSS9.4AI score0.00309EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder