Lucene search
K

518 matches found

Patchstack
Patchstack
added 2024/10/21 12:0 a.m.18 views

WordPress Product Filter by WBW Plugin <= 2.7.0 is vulnerable to SQL Injection

Software Product Filter by WBW Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49691 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 6688f0876dc2 Credits Hakiduck Required privilege Administrator...

7.6CVSS6.8AI score0.00406EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.12 views

WordPress Event Manager for WooCommerce Plugin <= 4.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 4.2.5 Fixed in 4.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49703 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e6440b4e0449 Credits João Pedro S Alcântara...

6.5CVSS6.8AI score0.00235EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.11 views

WordPress Robo Gallery Plugin <= 3.2.21 is vulnerable to Cross Site Scripting (XSS)

Software Robo Gallery Type Plugin Vulnerable versions = 3.2.21 Fixed in 3.2.22 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49696 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 364c0d5e3b1f Credits Robert DeVore Required privilege Author...

5.9CVSS6.5AI score0.00253EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.14 views

WordPress All-in-One WP Migration Plugin <= 7.86 is vulnerable to Sensitive Data Exposure

Software All-in-One WP Migration Type Plugin Vulnerable versions = 7.86 Fixed in 7.87 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8852 Patch priority Low CVSS severity Low 5.3 Developer ServMask, Inc PSID 1b517ae2c2c6 Credits villu164 Required...

5.3CVSS6.5AI score0.01175EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.23 views

WordPress Google Language Translator Plugin < 6.0.10 is vulnerable to Cross Site Scripting (XSS)

Software Google Language Translator Type Plugin Vulnerable versions 6.0.10 Fixed in 6.0.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2021-4452 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3695267a00ad Credits Ram Required...

7.1CVSS5.8AI score0.00471EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.11 views

WordPress PeproDev Ultimate Invoice Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS)

Software PeproDev Ultimate Invoice Type Plugin Vulnerable versions = 2.0.6 Fixed in 2.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49298 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ec8d635fcc13 Credits LVT-tholv2k Required privile...

6.5CVSS6.9AI score0.00249EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.18 views

WordPress ElementInvader Addons for Elementor Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)

Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9888 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2293b37c11ea Credits Coli...

5.4CVSS5.8AI score0.00256EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.16 views

WordPress ProfileGrid Plugin <= 5.9.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software ProfileGrid Type Plugin Vulnerable versions = 5.9.3 Fixed in 5.9.3.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49273 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8da39e4aabe3 Credits Trương Hữu Phúc...

6.5CVSS6.6AI score0.00297EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/13 12:0 a.m.14 views

WordPress ShortPixel Image Optimizer Plugin <= 5.6.3 is vulnerable to SQL Injection

Software ShortPixel Image Optimizer Type Plugin Vulnerable versions = 5.6.3 Fixed in 5.6.4 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-48043 Patch priority Low CVSS severity Low 7.6 Developer ShortPixel PSID d284fe203395 Credits Rafie Muhammad Patchstack Required privileg...

7.6CVSS6.8AI score0.00438EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/10 12:0 a.m.18 views

WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 5.6.11 is vulnerable to Sensitive Data Exposure

Software The Plus Addons for Elementor Page Builder Lite Type Plugin Vulnerable versions = 5.6.11 Fixed in 5.6.12 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8913 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID...

4.3CVSS6.5AI score0.00368EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.20 views

WordPress Advanced Custom Fields Plugin < 5.11 is vulnerable to Broken Access Control

Software Advanced Custom Fields Type Plugin Vulnerable versions 5.11 Fixed in 5.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-20866 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3c61745fb42a Credits Keitaro Yamazaki Required...

6.5CVSS6.4AI score0.01662EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.7 views

WordPress LocateAndFilter Plugin <= 1.6.14 is vulnerable to Cross Site Scripting (XSS)

Software LocateAndFilter Type Plugin Vulnerable versions = 1.6.14 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9304 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 26e76d650a46 Credits Francesco Carlucci Requir...

6.4CVSS5.8AI score0.00317EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.19 views

WordPress Cost Calculator Builder Plugin < 3.2.29 is vulnerable to SQL Injection

Software Cost Calculator Builder Type Plugin Vulnerable versions 3.2.29 Fixed in 3.2.29 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-8379 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 0f5b1e009da9 Credits Kientt Required privilege Administrator...

7.2CVSS6.9AI score0.00532EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.13 views

WordPress Strong Testimonials Plugin <= 3.1.16 is vulnerable to Broken Access Control

Software Strong Testimonials Type Plugin Vulnerable versions = 3.1.16 Fixed in 3.1.17 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47362 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 46ea28be2188 Credits Joshua Chan Required...

8.8CVSS6.5AI score0.00396EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.19 views

WordPress Payflex Payment Gateway Plugin <= 2.6.1 is vulnerable to Open Redirection

Software Payflex Payment Gateway Type Plugin Vulnerable versions = 2.6.1 Fixed in 2.6.2 OWASP Top 10 A3: Injection Classification Open Redirection CVE CVE-2024-47646 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID ac682bcd42a4 Credits Muhamad Agil Fachrian Required privile...

4.7CVSS5.2AI score0.00308EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/27 12:0 a.m.16 views

WordPress AI ChatBot with ChatGPT and Content Generator by AYS Plugin <= 2.0.9 is vulnerable to Sensitive Data Exposure

Software AI ChatBot with ChatGPT and Content Generator by AYS Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A4: Insecure Design Classification Sensitive Data Exposure CVE CVE-2024-7713 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID 5f8161e14afa Credi...

7.5CVSS6.6AI score0.00305EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.13 views

WordPress Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads Plugin <= 2.0.84 is vulnerable to Broken Access Control

Software Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads Type Plugin Vulnerable versions = 2.0.84 Fixed in 2.0.85 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47317 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3ea101b7f4e3...

8.8CVSS6.5AI score0.00375EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.12 views

WordPress Wheel of Life Plugin <= 1.1.8 is vulnerable to Broken Access Control

Software Wheel of Life Type Plugin Vulnerable versions = 1.1.8 Fixed in 1.1.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47311 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dc57c1e20b9a Credits hunter85 Required privilege...

9.8CVSS6.5AI score0.00385EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.16 views

WordPress Revolut Gateway for WooCommerce Plugin <= 4.17.3 is vulnerable to Broken Access Control

Software Revolut Gateway for WooCommerce Type Plugin Vulnerable versions = 4.17.3 Fixed in 4.17.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8678 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID bd0a5653f5e8 Credits WordFence...

5.3CVSS6.7AI score0.00327EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.10 views

WordPress AnWP Football Leagues Plugin <= 0.16.7 is vulnerable to Cross Site Scripting (XSS)

Software AnWP Football Leagues Type Plugin Vulnerable versions = 0.16.7 Fixed in 0.16.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8917 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1862a8d1a35e Credits Francesco Carluc...

6.4CVSS5.8AI score0.0037EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder