Lucene search
K

397 matches found

Patchstack
Patchstack
added 2025/06/03 12:0 a.m.9 views

WordPress Arlo Theme <= 6.0.3 is vulnerable to Local File Inclusion

Software Arlo Type Theme Vulnerable versions = 6.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39475 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID eaea2827ac9d Credits Bonds Required privilege Unauthenticated Published 3...

8.1CVSS6.8AI score0.00443EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/03 12:0 a.m.4 views

WordPress Lesya Theme <= 1.7.2 is vulnerable to Local File Inclusion

Software Lesya Type Theme Vulnerable versions = 1.7.2 Fixed in 1.7.3 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-48290 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID b9712c5f2cb9 Credits Bonds Required privilege Unauthenticated Published ...

6.3AI score0.00441EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/02 12:0 a.m.6 views

WordPress Mr. Murphy Theme < 1.2.12.1 is vulnerable to PHP Object Injection

Software Mr. Murphy Type Theme Vulnerable versions 1.2.12.1 Fixed in 1.2.12.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-49072 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 743adbe763dd Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

9.8CVSS6.8AI score0.00396EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/29 12:34 p.m.10 views

WordPress Infility Global plugin <= 2.14.51 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Infility Global versions = 2.14.51...

8.5CVSS5.9AI score0.00267EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/23 10:8 p.m.8 views

WordPress eMagicOne Store Manager for WooCommerce plugin <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file() vulnerability

Unauthenticated Arbitrary File Upload via setfile vulnerability discovered by Ryan Kozak in WordPress Plugin eMagicOne Store Manager versions = 1.2.5...

9.8CVSS6.7AI score0.01125EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2025/05/21 12:14 p.m.6 views

WordPress Ads Pro plugin <= 4.89 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Nguyễn Trung Kiên anhchangmutrang in WordPress Plugin Ads Pro versions = 4.89...

8.1CVSS5.9AI score0.00669EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/21 11:47 a.m.6 views

WordPress Tourmaster plugin <= 5.3.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin Tourmaster versions = 5.3.8...

8.1CVSS6.7AI score0.00542EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/21 12:0 a.m.6 views

WordPress Ogami Theme <= 1.53 is vulnerable to Local File Inclusion

Software Ogami Type Theme Vulnerable versions = 1.53 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-31913 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID b4ec72647766 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity Requir...

8.1CVSS6.8AI score0.00669EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/20 12:10 p.m.11 views

WordPress DZS Video Gallery plugin <= 12.39 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin DZS Video Gallery versions = 12.39...

9.8CVSS5.5AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/07 9:52 a.m.8 views

WordPress PGS Core plugin <= 5.8.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by István Márton in WordPress Plugin PGS Core versions = 5.8.0...

7.5CVSS8.9AI score0.00347EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/25 9:33 p.m.12 views

WordPress Aeropage Sync for Airtable plugin <= 3.2.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Cheng Liu in WordPress Plugin Aeropage Sync for Airtable versions = 3.2.0...

8.8CVSS8.4AI score0.11399EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/04/24 9:37 p.m.5 views

WordPress BM Content Builder plugin <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by Tonn in WordPress Plugin BM Content Builder versions = 3.16.2.1...

8.8CVSS8.3AI score0.00323EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/21 12:0 a.m.7 views

WordPress Altair Theme <= 5.2.2 is vulnerable to PHP Object Injection

Software Altair Type Theme Vulnerable versions = 5.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-32928 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 644e001022df Credits Bonds Required privilege Unauthenticated Published 2...

9.8CVSS6.8AI score0.00396EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/17 9:2 a.m.6 views

WordPress FluentCommunity plugin <= 1.2.15 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin FluentCommunity versions = 1.2.15...

9.8CVSS8.3AI score0.00408EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/17 9:0 a.m.5 views

WordPress StoreContrl Woocommerce plugin <= 4.1.3 - Arbitrary File Download Vulnerability

Arbitrary File Download Vulnerability discovered by astra.r3verii in WordPress Plugin StoreContrl Woocommerce versions = 4.1.3...

7.5CVSS8.2AI score0.00427EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/17 12:0 a.m.4 views

WordPress Foton Theme <= 2.5.2 is vulnerable to Local File Inclusion

Software Foton Type Theme Vulnerable versions = 2.5.2 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39458 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e548d81179ab Credits Bonds Required privilege Unauthenticated Published ...

8.1CVSS6.8AI score0.00616EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/17 12:0 a.m.6 views

WordPress Dessau Theme < 1.9 is vulnerable to Local File Inclusion

Software Dessau Type Theme Vulnerable versions 1.9 Fixed in 1.9 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39463 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 0679c8533d71 Credits Bonds Required privilege Unauthenticated Published 17...

6.9AI score0.00506EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/17 12:0 a.m.3 views

WordPress Ivy School Theme <= 1.6.0 is vulnerable to Local File Inclusion

Software Ivy School Type Theme Vulnerable versions = 1.6.0 Fixed in 1.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39470 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 2982cc652634 Credits Bonds Required privilege Unauthenticated...

8.1CVSS6.8AI score0.00554EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/14 1:31 p.m.6 views

WordPress TuriTop Booking System Plugin <= 1.0.10 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin TuriTop Booking System versions = 1.0.10...

8.8CVSS8.6AI score0.00473EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/10 7:35 a.m.13 views

WordPress Sync Posts Plugin <= 1.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Sync Posts versions = 1.0...

9.9CVSS8.3AI score0.00634EPSS
Exploits1Affected Software1
Rows per page
Query Builder