Lucene search
K

96 matches found

Patchstack
Patchstack
added 2025/07/21 10:26 p.m.8 views

WordPress Like & Share My Site plugin <= 0.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Like & Share My Site versions = 0.2...

6.1CVSS5.5AI score0.00117EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/16 12:12 p.m.7 views

WordPress FluentSnippets plugin <= 10.50 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin FluentSnippets versions = 10.50...

9.6CVSS6.6AI score0.0017EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/19 4:23 p.m.7 views

WordPress WPComplete plugin <= 2.9.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin WPComplete versions = 2.9.5...

6.5CVSS6AI score0.00192EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/16 11:25 a.m.5 views

WordPress YITH PayPal Express Checkout for WooCommerce plugin <= 1.49.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin YITH PayPal Express Checkout for WooCommerce versions = 1.49.0...

4.3CVSS6.8AI score0.0014EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 1:37 a.m.9 views

WordPress FastBook plugin <= 1.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by HLog in WordPress Plugin FastBook versions = 1.1...

4.3CVSS6.6AI score0.00156EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 1:19 a.m.9 views

WordPress ThemeHunk plugin <= 1.1.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin ThemeHunk versions = 1.1.2...

5.4CVSS6.7AI score0.00215EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/05/22 1:36 p.m.16 views

CVE-2025-4575 The x509 application adds trusted use instead of rejected use

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.5CVSS6.9AI score0.00306EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/05/20 10:28 p.m.6 views

WordPress WP YouTube Video Optimizer plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang in WordPress Plugin WP YouTube Video Optimizer versions = 1.2...

6.4CVSS5.5AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/18 11:11 p.m.6 views

WordPress tarteaucitron.js for WordPress plugin < 0.3.0 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin tarteaucitron.js for WordPress versions 0.3.0...

5.4CVSS5.9AI score0.00254EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blog
added 2025/05/16 2:13 p.m.18 views

Vyper's `slice()` may elide side-effects when output length is 0

Impact the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is skipped:...

6.3CVSS6.7AI score0.00384EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/05/16 2:10 p.m.13 views

Vyper's `concat()` builtin may elide side-effects for zero-length arguments

Impact concat may skip evaluation of side effects when the length of an argument is zero. this is due to a fastpath in the implementation which skips evaluation of argument expressions when their length is zero:...

6.3CVSS6.8AI score0.00371EPSS
Exploits0References5Affected Software1
Patchstack
Patchstack
added 2025/05/16 1:4 p.m.6 views

WordPress Magic Responsive Slider and Carousel WordPress plugin < 1.6 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Magic Responsive Slider and Carousel WordPress versions 1.6...

8.5CVSS8.8AI score0.00351EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/16 12:57 p.m.7 views

WordPress QuickCal plugin <= 1.0.15 - CSRF to Privilege Escalation vulnerability

CSRF to Privilege Escalation vulnerability discovered by Bonds in WordPress Plugin QuickCal - Appointment Booking Calendar for WordPress versions = 1.0.15...

8.8CVSS8.4AI score0.00213EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/07 3:2 p.m.3 views

WordPress EasyMe Connect plugin <= 3.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin EasyMe Connect versions = 3.0.3...

4.3CVSS8AI score0.0014EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/05 8:56 p.m.6 views

WordPress AHAthat Plugin plugin <= 1.6 - Cross-Site Request Forgery to AHA Page Deletion vulnerability

Cross-Site Request Forgery to AHA Page Deletion vulnerability discovered by Régis SENET in WordPress Plugin AHAthat versions = 1.6...

4.3CVSS8AI score0.00133EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/02 8:58 p.m.6 views

WordPress Abundatrade Plugin plugin <= 1.8.02 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Abundatrade versions = 1.8.02...

6.1CVSS6.9AI score0.00155EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/22 11:37 a.m.10 views

WordPress Custom Related Posts plugin <= 1.7.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Custom Related Posts versions = 1.7.4...

6.5CVSS7.1AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/18 1:50 p.m.6 views

WordPress KiotViet Sync plugin <= 1.8.5 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin KiotViet Sync versions = 1.8.5...

7.1CVSS7.5AI score0.00127EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/17 1:22 p.m.3 views

WordPress JetElements For Elementor plugin <= 2.7.4.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetElements For Elementor versions = 2.7.4.1...

7.5CVSS8.2AI score0.00296EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/17 9:20 a.m.10 views

WordPress WPCafe plugin <= 2.2.32 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin WPCafe versions = 2.2.32...

7.5CVSS8.4AI score0.00686EPSS
Exploits0Affected Software1
Rows per page
Query Builder