Lucene search
K

397 matches found

Patchstack
Patchstack
added 2025/04/09 5:45 p.m.5 views

WordPress WP Food ordering and Restaurant Menu plugin <= 1.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by theviper17 in WordPress Plugin WP Food ordering and Restaurant Menu versions = 1.1...

8.1CVSS8.2AI score0.01021EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/09 4:15 p.m.7 views

WordPress WooCommerce Pickupp plugin <= 2.4.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin WooCommerce Pickupp versions = 2.4.3...

8.1CVSS8.3AI score0.00868EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/09 2:37 p.m.4 views

WordPress Review Stars Count For WooCommerce plugin <= 2.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Aiden Thái An in WordPress Plugin Review Stars Count For WooCommerce versions = 2.0...

8.5CVSS8.8AI score0.00301EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/09 2:20 p.m.5 views

WordPress Database Toolset Plugin <= 1.8.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by LVT-tholv2k in WordPress Plugin Database Toolset versions = 1.8.4...

8.6CVSS8.4AI score0.00696EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/01 4:38 p.m.5 views

WordPress DigiWidgets Image Editor plugin <= 1.10 - Remote Code Execution (RCE) Vulnerability

Remote Code Execution RCE Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin DigiWidgets Image Editor versions = 1.10...

10CVSS8.3AI score0.00637EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 4:59 p.m.5 views

WordPress Ultimate Push Notifications plugin <= 1.2.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Ultimate Push Notifications versions = 1.2.0...

8.5CVSS8.9AI score0.00424EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 4:58 p.m.5 views

WordPress Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin <= 2.2.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by NAWardRox in WordPress Plugin Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One versions = 2.2.6...

8.5CVSS8.9AI score0.00424EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.40 views

WordPress Widget Options Plugin <= 4.0.7 is vulnerable to Remote Code Execution (RCE)

Software Widget Options Type Plugin Vulnerable versions = 4.0.7 Fixed in 4.0.8 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-8672 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 44c40aa090ca Credits Webbernaut Required privilege...

7.6AI score0.43797EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/26 12:0 a.m.34 views

WordPress RegistrationMagic Plugin <= 6.0.2.6 is vulnerable to Privilege Escalation

Software RegistrationMagic Type Plugin Vulnerable versions = 6.0.2.6 Fixed in 6.0.2.7 OWASP Top 10 A3: Injection Classification Privilege Escalation CVE CVE-2024-10508 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID fa83ac6f8527 Credits shaman0x01 Required privilege...

9.8CVSS6.8AI score0.01463EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.12 views

WordPress Security & Malware scan by CleanTalk Plugin <= 2.145 is vulnerable to SQL Injection

Software Security & Malware scan by CleanTalk Type Plugin Vulnerable versions = 2.145 Fixed in 2.145.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10570 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ceade72368ed Credits mikemyers Required...

7.5CVSS6.8AI score0.00544EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.25 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.44 is vulnerable to Broken Authentication

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.44 Fixed in 6.45 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bd21f35fe5e...

8.1CVSS6.3AI score0.03824EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.25 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.43.2 is vulnerable to Broken Authentication

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.43.2 Fixed in 6.44 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10542 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a624846c5f89...

9.8CVSS6.6AI score0.15236EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.31 views

WordPress AppPresser Plugin <= 4.4.6 is vulnerable to Privilege Escalation

Software AppPresser Type Plugin Vulnerable versions = 4.4.6 Fixed in 4.4.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-11024 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 25ae1391ba68 Credits shaman0x01...

9.8CVSS6.5AI score0.00678EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.22 views

WordPress InPost Gallery Plugin <= 2.1.4.2 is vulnerable to Arbitrary Code Execution

Software InPost Gallery Type Plugin Vulnerable versions = 2.1.4.2 Fixed in 2.1.4.3 OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-11002 Patch priority High CVSS severity High 6.3 Developer Claim ownership PSID 33afec67c5eb Credits Arkadiusz Hydzik Required privile...

6.3CVSS7AI score0.0057EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.15 views

WordPress Grip Theme <= 1.0.9 is vulnerable to Arbitrary File Upload

Software Grip Type Theme Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52488 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID b55cacdb5723 Credits Mika Required privilege Subscriber Published 20...

6.6AI score0.00471EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.16 views

WordPress Clone Plugin <= 2.4.6 is vulnerable to PHP Object Injection

Software Clone Type Plugin Vulnerable versions = 2.4.6 Fixed in 2.4.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-10913 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3676e7fb18ec Credits Webbernaut Required privilege Unauthenticated...

8.8CVSS6.8AI score0.0064EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.15 views

WordPress Distance Based Shipping Calculator Plugin <= 2.0.21 is vulnerable to SQL Injection

Software Distance Based Shipping Calculator Type Plugin Vulnerable versions = 2.0.21 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-52495 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID c1821da89db4 Credits João Pedro S Alcântara Kinort...

6.8AI score0.00408EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.15 views

WordPress Express Payments Module Plugin <= 1.1.8 is vulnerable to SQL Injection

Software Express Payments Module Type Plugin Vulnerable versions = 1.1.8 Fixed in 1.1.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-52474 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID d7d5c29bb8d4 Credits LVT-tholv2k Required privilege...

6.8AI score0.00524EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.15 views

WordPress PostX Plugin <= 4.1.16 is vulnerable to Broken Access Control

Software PostX Type Plugin Vulnerable versions = 4.1.16 Fixed in 4.1.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10728 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 29722a758707 Credits Sean Murphy Required privilege...

8.8CVSS6.5AI score0.36493EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.13 views

WordPress Quick Learn Plugin <= 1.0.1 is vulnerable to PHP Object Injection

Software Quick Learn Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52441 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 09d3039a1cf9 Credits LVT-tholv2k Required privilege Unauthenticated...

9.8CVSS6.9AI score0.0054EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder