Lucene search
K

397 matches found

Patchstack
Patchstack
added 2025/08/19 12:15 p.m.24 views

WordPress Funnel Builder by FunnelKit Plugin <= 3.11.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin Funnel Builder by FunnelKit versions = 3.11.1...

7.5CVSS6.7AI score0.00469EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/15 11:28 p.m.14 views

WordPress StoryChief plugin <= 1.0.42 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by mikemyers in WordPress Plugin StoryChief versions = 1.0.42...

9.8CVSS6.7AI score0.37349EPSS
Exploits8References1Affected Software1
Patchstack
Patchstack
added 2025/08/13 11:58 p.m.8 views

WordPress Latepoint plugin < 5.1.94 - Unauthenticated LFI vulnerability

Unauthenticated LFI vulnerability discovered by wesley wcraft in WordPress Plugin LatePoint versions 5.1.94...

9.8CVSS6.7AI score0.0053EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/08/13 11:46 a.m.4 views

WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability

Arbitrary Content Deletion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin WordPress Event Manager, Event Calendar and Booking Plugin versions = 4.0.24...

7.5CVSS6.8AI score0.00341EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/13 11:29 a.m.7 views

WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Responsive Posts Carousel Pro versions = 15.0...

7.5CVSS6.8AI score0.00458EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/12 12:18 p.m.5 views

WordPress Membership For WooCommerce Plugin <= 2.9.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by hamza alhababseh in WordPress Plugin Membership For WooCommerce versions = 2.9.0...

7.5CVSS6.7AI score0.00341EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/08 7:27 a.m.5 views

WordPress GravityWP - Merge Tags <= 1.4.4 - Local File Inclusion Vulnerability

WordPress GravityWP - Merge Tags = 1.4.4 - Local File Inclusion Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin GravityWP - Merge Tags versions = 1.4.4...

7.5CVSS4.7AI score0.00417EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/08 7:20 a.m.9 views

WordPress FundEngine Plugin <= 1.7.4 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Peter Thaleikis in WordPress Plugin FundEngine versions = 1.7.4...

7.5CVSS4.6AI score0.00462EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/08 7:15 a.m.5 views

WordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin IDonatePro versions = 2.1.9...

7.5CVSS4.6AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/07 12:28 p.m.5 views

WordPress Easy Form Builder Plugin <= 3.8.15 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Easy Form Builder versions = 3.8.15...

9.3CVSS5.5AI score0.00285EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/06 12:0 a.m.7 views

WordPress Urna Theme <= 2.5.7 is vulnerable to Local File Inclusion

Software Urna Type Theme Vulnerable versions = 2.5.7 Fixed in 2.5.8 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-54689 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 1413940e912e Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

7.2AI score0.00393EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/28 12:0 a.m.4 views

WordPress Platform Theme < 1.4.4 is vulnerable to Broken Access Control

Software Platform Type Theme Vulnerable versions 1.4.4 Fixed in 1.4.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2015-10143 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 04b827207d59 Credits Marc-Alexandre Montpas Required...

9.8CVSS6AI score0.01805EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2025/07/18 4:18 a.m.20 views

WordPress MasterStudy LMS Pro plugin <= 4.7.9 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Thái An in WordPress Plugin MasterStudy LMS Pro versions = 4.7.9...

7.5CVSS6.8AI score0.00594EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/08 8:45 p.m.9 views

WordPress Support Board plugin <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability

Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability discovered by Foxyyy in WordPress Plugin Support Board versions = 3.8.0...

9.8CVSS6.6AI score0.00338EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/01 12:0 a.m.8 views

WordPress Home Villas Theme <= 2.8 is vulnerable to Arbitrary File Deletion

Software Home Villas Type Theme Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Deletion CVE CVE-2025-5014 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID cba250cec63a Credits Thái An Required privilege Subscriber Published...

8.8CVSS6.8AI score0.00659EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2025/06/25 12:0 a.m.7 views

WordPress Blogvy Theme <= 1.0.7 is vulnerable to Local File Inclusion

Software Blogvy Type Theme Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-49279 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 32ad01b31638 Credits Le Ngoc Anh Required privilege Unauthenticated...

8.1CVSS6.4AI score0.00397EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/23 12:0 a.m.10 views

WordPress Sofass Theme <= 1.3.4 is vulnerable to Local File Inclusion

Software Sofass Type Theme Vulnerable versions = 1.3.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-24760 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 97dd93e076df Credits Phat RiO - BlueRock Required privilege Unauthenticat...

7.2AI score0.00489EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/11 12:0 a.m.6 views

WordPress Maia Theme <= 1.1.15 is vulnerable to Local File Inclusion

Software Maia Type Theme Vulnerable versions = 1.1.15 Fixed in 1.1.16 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-49258 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 17919a5d64c7 Credits Phat RiO - BlueRock Required privilege...

8.1CVSS6.8AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/11 12:0 a.m.7 views

WordPress Lasa Theme <= 1.1 is vulnerable to Local File Inclusion

Software Lasa Type Theme Vulnerable versions = 1.1 Fixed in 1.1.1 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-49253 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 146f1b55407b Credits Phat RiO - BlueRock Required privilege...

8.1CVSS6.8AI score0.00397EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/10 12:48 p.m.5 views

WordPress FW Gallery plugin <= 8.0.0 - Arbitrary File Deletion Vulnerability

Arbitrary File Deletion Vulnerability discovered by LVT-tholv2k in WordPress Plugin FW Gallery versions = 8.0.0...

8.6CVSS6.7AI score0.00403EPSS
Exploits0Affected Software1
Rows per page
Query Builder