Lucene search
K

140 matches found

Patchstack
Patchstack
added 2023/07/28 12:0 a.m.14 views

WordPress Ultimate Posts Widget Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3977 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ecda45839866 Credits WordFence...

4.3CVSS4.4AI score0.00512EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2023/07/27 12:0 a.m.11 views

WordPress Video Conferencing with Zoom Plugin <= 4.2.1 is vulnerable to Sensitive Data Exposure

Software Video Conferencing with Zoom Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-3947 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID 55e6071a651c Credits Lana Codes...

5.3CVSS6.9AI score0.00322EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/27 12:0 a.m.16 views

WordPress Simple Author Box Plugin < 2.52 is vulnerable to Insecure Direct Object References (IDOR)

Software Simple Author Box Type Plugin Vulnerable versions 2.52 Fixed in 2.52 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-3601 Patch priority Low CVSS severity Low 6.5 Developer WebFactory Ltd. PSID c55453b38919 Credits Dmitriy Require...

4.3CVSS6.8AI score0.0043EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/07/17 12:0 a.m.14 views

WordPress Quiz And Survey Master Plugin <= 8.1.10 is vulnerable to Broken Access Control

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.1.10 Fixed in 8.1.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-37984 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 046309de9fe7 Credits qilin99 Required...

6.3AI score0.00377EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/30 12:0 a.m.11 views

WordPress Groundhogg Plugin <= 2.7.11 is vulnerable to Cross Site Request Forgery (CSRF)

Software Groundhogg Type Plugin Vulnerable versions = 2.7.11 Fixed in 2.7.11.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-34178 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5e519ca6b6e3 Credits Rafshanzani Suhada...

8.8CVSS6.6AI score0.00306EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.10 views

WordPress WooCommerce Bookings Plugin <= 1.15.78 is vulnerable to Insecure Direct Object References (IDOR)

Software WooCommerce Bookings Type Plugin Vulnerable versions = 1.15.78 Fixed in 1.15.79 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-32747 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 81006e449dea Credits Raf...

7.5CVSS6.5AI score0.00449EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/11 12:0 a.m.12 views

WordPress WP Reactions Lite Plugin <= 1.3.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Reactions Lite Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32587 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b436a9de7ad3 Credits István Márton...

8.8CVSS7AI score0.00322EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/03 12:0 a.m.11 views

WordPress Ko-fi Button Plugin < 1.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Ko-fi Button Type Plugin Vulnerable versions 1.3.3 Fixed in 1.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2254 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID af182fbd1aaa Credits Felipe Restrepo Rodriguez...

4.8CVSS5.7AI score0.00442EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/04/21 12:0 a.m.12 views

WordPress Clock In Portal- Staff & Attendance Management Plugin <= 2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Clock In Portal- Staff & Attendance Management Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0763 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 460bee1676e1...

4.3CVSS7AI score0.00278EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/04/12 12:0 a.m.11 views

WordPress Zyrex Popup Plugin <= 1.0 is vulnerable to Arbitrary File Upload

Software Zyrex Popup Type Plugin Vulnerable versions = 1.0 Fixed in 1.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-0924 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 902b3bcce78c Credits Yogesh Verma Required privilege Administrator...

7.2CVSS6.8AI score0.00962EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/04/03 12:0 a.m.8 views

WordPress Product Enquiry for WooCommerce Plugin <= 2.2.12 is vulnerable to Cross Site Scripting (XSS)

Software Product Enquiry for WooCommerce Type Plugin Vulnerable versions = 2.2.12 Fixed in 2.2.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-29170 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b43cae5ebb34 Credits Myung...

5.9CVSS6AI score0.00369EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/30 12:0 a.m.10 views

WordPress Zippy Plugin <= 1.6.1 is vulnerable to Sensitive Data Exposure

Software Zippy Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-26533 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 652b24a2c5be Credits Junsu Yeo Required privilege...

6.5CVSS6.6AI score0.00724EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/30 12:0 a.m.8 views

WordPress Really Simple Google Tag Manager Plugin <= 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Really Simple Google Tag Manager Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23801 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0e8a9934df4f Credits...

8.8CVSS6.9AI score0.00256EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/28 12:0 a.m.14 views

WordPress Advanced Shipment Tracking for WooCommerce Plugin <= 3.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Advanced Shipment Tracking for WooCommerce Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-41635 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7b3ec3a5415d...

8.8CVSS6.7AI score0.00256EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/22 12:0 a.m.9 views

WordPress Thank You Page Customizer for WooCommerce – Increase Your Sales Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Thank You Page Customizer for WooCommerce – Increase Your Sales Type Plugin Vulnerable versions = 1.0.13 Fixed in 1.0.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-46812 Patch priority Low CVSS severity Low 4.3 Developer Claim...

8.8CVSS6.7AI score0.00256EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/21 12:0 a.m.11 views

WordPress Sheets To WP Table Live Sync Plugin <= 2.12.14 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sheets To WP Table Live Sync Type Plugin Vulnerable versions = 2.12.14 Fixed in 2.12.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 10f41cbc718b Credits...

5.5AI score0.00113EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/13 12:0 a.m.10 views

WordPress RSVPMarker Plugin <= 9.9.3 is vulnerable to SQL Injection

Software RSVPMarker Type Plugin Vulnerable versions = 9.9.3 Fixed in 9.9.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-25045 Patch priority Low CVSS severity Low 6.7 Developer Claim ownership PSID b21a0533c506 Credits Aldo Dimas Anugrah K Required privilege Administrator...

7.2CVSS6.8AI score0.0055EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/12 12:0 a.m.9 views

WordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.0.7 Fixed in 8.0.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-46862 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bcb98ded3ded Credits Oliver K...

8.8CVSS6.6AI score0.00384EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/30 12:0 a.m.16 views

WordPress Quick Restaurant Menu Plugin <= 2.0.2 is vulnerable to Insecure Direct Object References (IDOR)

Software Quick Restaurant Menu Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.1.0 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-0550 Patch priority Low CVSS severity Low 8.1 Developer Claim ownership PSID 53344b864cc7 Credits Marco...

7.6CVSS6.5AI score0.0065EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/01/03 12:0 a.m.13 views

WordPress Booster Elite for WooCommerce Plugin < 6.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Booster Elite for WooCommerce Type Plugin Vulnerable versions 6.0.1 Fixed in 6.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4017 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e0191ec2ee9f Credits WPscan...

8.8CVSS8.7AI score0.00339EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder