Lucene search
K

22 matches found

Patchstack
Patchstack
added 2025/05/19 4:6 a.m.11 views

WordPress Plugin Oficial – Getnet para WooCommerce plugin < 1.8.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Plugin Oficial – Getnet para WooCommerce versions 1.8.1...

6.1CVSS6.3AI score0.00525EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/05/06 9:5 p.m.6 views

WordPress Relevanssi plugin <= 4.24.3 - Unauthenticated Stored Cross-Site Scripting via Search Highlights vulnerability

Unauthenticated Stored Cross-Site Scripting via Search Highlights vulnerability discovered by Jack Taylor in WordPress Plugin Relevanssi versions = 4.24.3...

6.1CVSS6.3AI score0.00378EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/15 6:45 a.m.9 views

WordPress JetPopup plugin <= 2.0.11 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetPopup versions = 2.0.11...

7.5CVSS8.1AI score0.00296EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.11 views

WordPress Product Input Fields for WooCommerce Plugin <= 1.9 is vulnerable to Path Traversal

Software Product Input Fields for WooCommerce Type Plugin Vulnerable versions = 1.9 Fixed in 2.0 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2024-10857 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1aed7531d6f7 Credits 1337Wannabe Required...

6.5CVSS6.8AI score0.0075EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.9 views

WordPress WooCommerce Price Alert Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Price Alert Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52469 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 64532f957694 Credits Mika Required privilege...

6.5AI score0.0032EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.10 views

WordPress Post Status Notifier Premium Plugin <= 1.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Post Status Notifier Premium Type Plugin Vulnerable versions = 1.11.6 Fixed in 1.11.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5dcdb37cb71e Credits...

6.1CVSS5.5AI score0.00291EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.13 views

WordPress CJ Change Howdy Plugin <= 3.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software CJ Change Howdy Type Plugin Vulnerable versions = 3.3.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49223 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1b937179167 Credits SOPROBRO Requir...

7.1CVSS6.9AI score0.00156EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.12 views

WordPress Templately Plugin <= 3.1.2 is vulnerable to Broken Access Control

Software Templately Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47308 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e4f1c6a95d39 Credits Joshua Chan Required privile...

9.8CVSS6.5AI score0.01695EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/21 12:0 a.m.12 views

WordPress Smart Online Order for Clover Plugin <= 1.5.6 is vulnerable to Broken Access Control

Software Smart Online Order for Clover Type Plugin Vulnerable versions = 1.5.6 Fixed in 1.5.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7032 Patch priority Medium CVSS severity Medium 6.5 Developer Zaytech PSID 1d01355fa1e4 Credits Lucio Sá Required...

6.5CVSS6.5AI score0.00482EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/06 12:0 a.m.10 views

WordPress Cooked Plugin <= 1.8.0 is vulnerable to Cross Site Scripting (XSS)

Software Cooked Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-41816 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 18a7c8d0faab Credits re-alter Required privilege Subscriber...

5.4CVSS6.5AI score0.00359EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.19 views

WordPress Widget Options - Extended Plugin <= 5.1.0 is vulnerable to Sensitive Data Exposure

Software Widget Options - Extended Type Plugin Vulnerable versions = 5.1.0 Fixed in 5.1.3 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-35691 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 80da7493f574 Credits Dave Jong...

6.5CVSS6.4AI score0.00422EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/15 12:0 a.m.8 views

WordPress Access Category Password Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Access Category Password Type Plugin Vulnerable versions = 1.5.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32535 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c844ee6de29c Credits Dimas Maulana Required...

7.1CVSS6.5AI score0.00333EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/24 12:0 a.m.21 views

WordPress Yoast SEO Plugin <= 21.0 is vulnerable to Cross Site Scripting (XSS)

Software Yoast SEO Type Plugin Vulnerable versions = 21.0 Fixed in 21.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-40680 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID c49205f84c75 Credits Rafie Muhammad Patchstack Required...

5.9CVSS6.8AI score0.00427EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/23 12:0 a.m.16 views

WordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File Upload

Software Mollie Payments for WooCommerce Type Plugin Vulnerable versions = 7.3.11 Fixed in 7.3.12 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-6090 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID 5c0982698e82 Credits Rafie Muhammad...

9.1CVSS7.2AI score0.00603EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/10/24 12:0 a.m.17 views

WordPress DoLogin Security Plugin <= 3.7.1 is vulnerable to Broken Access Control

Software DoLogin Security Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-46608 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 5adc7395b967 Credits Mika Required privilege...

6.5AI score0.00378EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.9 views

WordPress Blog Sidebar Widget Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Blog Sidebar Widget Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7ae8bbf8a06a Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/03 12:0 a.m.9 views

WordPress URL Params Plugin < 2.5 is vulnerable to Cross Site Scripting (XSS)

Software URL Params Type Plugin Vulnerable versions 2.5 Fixed in 2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0274 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c07bdc476562 Credits Lana Codes Required privilege...

5.4CVSS5.6AI score0.00503EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/04/13 12:0 a.m.9 views

WordPress Forminator Plugin <= 1.22.1 is vulnerable to Broken Access Control

Software Forminator Type Plugin Vulnerable versions = 1.22.1 Fixed in 1.23.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 5.4 Developer WPMU DEV PSID 38229dd9fbd0 Credits Unknown Required privilege Subscriber...

6.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/12 12:0 a.m.18 views

WordPress PowerPress Podcasting Plugin <= 10.0 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 10.0 Fixed in 10.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1917 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2e844f252ce9 Credits Alex Thomas...

5.4CVSS5.6AI score0.00529EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/03/29 12:0 a.m.13 views

WordPress HappyFiles Pro Plugin <= 1.8.1 is vulnerable to Broken Access Control

Software HappyFiles Pro Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25445 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 518a5cea4b57 Credits Dave Jong Patchstack...

6.6AI score0.0021EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder