Lucene search
K

12 matches found

Patchstack
Patchstack
added 2025/05/07 12:39 p.m.13 views

WordPress XT Event Widget for Social Events plugin <= 1.1.7 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by timomangcut in WordPress Plugin XT Event Widget for Social Events versions = 1.1.7...

8.8CVSS8.2AI score0.00549EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/04 1:24 p.m.5 views

WordPress Beds24 Online Booking plugin <= 2.0.28 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Beds24 Online Booking versions = 2.0.28...

7.5CVSS8.5AI score0.00823EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.8 views

WordPress Responsive Lightbox Plugin <= 2.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Lightbox Type Plugin Vulnerable versions = 2.4.8 Fixed in 2.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49282 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0929b0920fa2 Credits Robert DeVore Required privilege...

5.9CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.13 views

WordPress Qi Blocks Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Qi Blocks Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38712 Patch priority Low CVSS severity Low 6.5 Developer Qode Interactive PSID 2769fd09ee1f Credits João Pedro S Alcântara Kinorth Required...

6.5CVSS6.6AI score0.00263EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.4 views

WordPress Contact Form by TotalForm Plugin <= 1.0.0 is vulnerable to Backdoor

Software Contact Form by TotalForm Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0dad1dc6ec75 Credits Sansec.io Required privilege Unauthenticated Published ...

7.2AI score
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.12 views

WordPress Advanced Woo Labels Plugin <= 1.93 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Woo Labels Type Plugin Vulnerable versions = 1.93 Fixed in 1.94 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35675 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0ad89d9224a2 Credits savphill Required privilege...

6.5CVSS6.6AI score0.00254EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.18 views

WordPress Import Users from CSV Plugin <= 1.2 is vulnerable to PHP Object Injection

Software Import Users from CSV Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-32431 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID e3f19c84ef38 Credits Trình Vũ Sonicrrrr from VNPT-VCI Require...

7.2CVSS6.8AI score0.00384EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/02/14 12:0 a.m.9 views

WordPress WooCommerce Easy Checkout Field Editor, Fees & Discounts Plugin <= 3.5.12 is vulnerable to Arbitrary File Upload

Software WooCommerce Easy Checkout Field Editor, Fees & Discounts Type Plugin Vulnerable versions = 3.5.12 Fixed in 3.5.13 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-25925 Patch priority High CVSS severity High 10 Developer Claim ownership PSID a8071054e8b4 Credi...

10CVSS6.8AI score0.0063EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/26 12:0 a.m.14 views

WordPress Brizy Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS)

Software Brizy Type Plugin Vulnerable versions = 2.4.29 Fixed in 2.4.30 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51396 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a61ae26c3500 Credits emad Required privilege Contributor Published ...

6.5CVSS6.6AI score0.00321EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/06 12:0 a.m.14 views

WordPress iPages Flipbook Plugin <= 1.4.8 is vulnerable to SQL Injection

Software iPages Flipbook Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.5.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-47236 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID ca6f53544a70 Credits Muhammad Daffa Required privilege Administrator...

7.6CVSS6.9AI score0.0054EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/07 12:0 a.m.13 views

WordPress Themesflat Addons For Elementor Plugin <= 2.0.0 is vulnerable to PHP Object Injection

Software Themesflat Addons For Elementor Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-37390 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 27be6a2ff8c6 Credits Robert R Required...

9.8CVSS6.8AI score0.00632EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.9 views

WordPress Client Invoicing by Sprout Invoices Plugin <= 19.0 is vulnerable to Cross Site Scripting (XSS)

Software Client Invoicing by Sprout Invoices Type Plugin Vulnerable versions = 19.0 Fixed in 19.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 631ad2b39f71 Credits Rafie Muhammad...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder