Lucene search
K

438 matches found

Patchstack
Patchstack
added 2024/10/21 12:0 a.m.12 views

WordPress Category and Taxonomy Meta Fields Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Category and Taxonomy Meta Fields Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-9588 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bde2763e61f5 Credits Istv...

5.4CVSS7AI score0.00165EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.10 views

WordPress StreamWeasels Twitch Integration Plugin <= 1.8.6 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels Twitch Integration Type Plugin Vulnerable versions = 1.8.6 Fixed in 1.8.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9897 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 924e5605229d Credits Peter...

6.4CVSS5.7AI score0.00321EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.13 views

WordPress Royal Elementor Addons Plugin <= 1.3.986 is vulnerable to Sensitive Data Exposure

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.986 Fixed in 1.3.987 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-7417 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 4060f71c187f Credits stealthcopter Required...

4.3CVSS6.5AI score0.00403EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.15 views

WordPress Linked Variation for WooCommerce Plugin <= 1.0.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Linked Variation for WooCommerce Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Request Forgery CSRF CVE CVE-2024-48047 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 314234821b77 Credits Marek Mikita...

4.3CVSS7.3AI score0.00169EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.12 views

WordPress WP Post Author Plugin <= 3.8.1 is vulnerable to SQL Injection

Software WP Post Author Type Plugin Vulnerable versions = 3.8.1 Fixed in 3.8.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-8757 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 459e7e4ad115 Credits Lesor101 Required privilege Administrator Published...

7.2CVSS6.9AI score0.0051EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.23 views

WordPress Advanced Custom Fields PRO Plugin <= 6.3.7 is vulnerable to Arbitrary Code Execution

Software Advanced Custom Fields PRO Type Plugin Vulnerable versions = 6.3.7 Fixed in 6.3.8 OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-9529 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID aa150d72013d Credits Automattic Security Team...

6.6CVSS6.7AI score0.00435EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.17 views

WordPress Responsive Poll Plugin <= 2.3.9 is vulnerable to SQL Injection

Software Responsive Poll Type Plugin Vulnerable versions = 2.3.9 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9022 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 2e687784b00a Credits WordFence Required privilege Administrator Published...

7.2CVSS7.2AI score0.02277EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2024/10/08 12:0 a.m.16 views

WordPress Backup and Staging by WP Time Capsule Plugin <= 1.22.21 is vulnerable to SQL Injection

Software Backup and Staging by WP Time Capsule Type Plugin Vulnerable versions = 1.22.21 Fixed in 1.22.22 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-48020 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 257cfd27ce2c Credits Hakiduck Required...

8.5CVSS7.2AI score0.00473EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.9 views

WordPress Starbox Plugin < 3.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Starbox Type Plugin Vulnerable versions 3.5.3 Fixed in 3.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8239 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 03e73e132e18 Credits Dmitrii Ignatyev Required privileg...

5.4CVSS5.8AI score0.00346EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.11 views

WordPress Elementor Addon Elements Plugin <= 1.13.6 is vulnerable to Broken Access Control

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.13.6 Fixed in 1.13.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47361 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 2e7a1c5b31a1 Credits Rafie Muhammad Patchstack...

8.8CVSS6.5AI score0.00433EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.7 views

WordPress WP MyLinks Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software WP MyLinks Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47371 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a980ce4c70f6 Credits SOPROBRO Required privilege Editor Publishe...

5.9CVSS6.5AI score0.00251EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.12 views

WordPress Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Plugin <= 1.27 is vulnerable to Cross Site Scripting (XSS)

Software Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Type Plugin Vulnerable versions = 1.27 Fixed in 1.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47647 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aac881dee8e9 Credits...

5.9CVSS6.1AI score0.00251EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.8 views

WordPress Premium Blocks – Gutenberg Blocks for WordPress Plugin <= 2.1.33 is vulnerable to Cross Site Scripting (XSS)

Software Premium Blocks – Gutenberg Blocks for WordPress Type Plugin Vulnerable versions = 2.1.33 Fixed in 2.1.34 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47368 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID f6e2745653a5 Credits João Pedro ...

6.5CVSS6.8AI score0.00235EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.13 views

WordPress Use Any Font Plugin <= 6.3.08 is vulnerable to Cross Site Request Forgery (CSRF)

Software Use Any Font Type Plugin Vulnerable versions = 6.3.08 Fixed in 6.3.09 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-47305 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 15cf8c1d7c9e Credits Rafie Muhammad...

8.8CVSS6.7AI score0.00197EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.11 views

WordPress Bit Form – Contact Form Plugin Plugin <= 2.13.10 is vulnerable to Arbitrary File Upload

Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions = 2.13.10 Fixed in 2.13.11 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-47319 Patch priority Low CVSS severity Low 8 Developer Claim ownership PSID 4ad1bd9ca230 Credits Certus Cybersecurity...

8CVSS6.8AI score0.00426EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.20 views

WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.3.3 is vulnerable to SQL Injection

Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.3.3 Fixed in 1.3.3.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-8624 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 72c934040045 Credits Krzysztof Zając...

9.9CVSS6.9AI score0.00482EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.10 views

WordPress Easy PayPal Events Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Easy PayPal Events Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8476 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 61a92fe21d38 Credits Krzysztof Zając...

4.3CVSS6.7AI score0.00218EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/17 12:0 a.m.11 views

WordPress Share This Image Plugin <= 2.03 is vulnerable to Open Redirection

Software Share This Image Type Plugin Vulnerable versions = 2.03 Fixed in 2.04 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2024-8761 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 2b483c93b8d5 Credits Krzysztof Zając Required privilege Unauthenticat...

7.2CVSS6.9AI score0.00444EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/12 12:0 a.m.10 views

WordPress Flipping Cards Plugin <= 1.30 is vulnerable to Cross Site Scripting (XSS)

Software Flipping Cards Type Plugin Vulnerable versions = 1.30 Fixed in 1.31 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-45460 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a59a35b1803e Credits Jorge Diaz ddiax Required privilege...

5.9CVSS6.6AI score0.00247EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/02 12:0 a.m.18 views

WordPress WP Cerber Security Plugin <= 9.4 is vulnerable to Bypass Vulnerability

Software WP Cerber Security Type Plugin Vulnerable versions = 9.4 Fixed in 9.5 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2022-4100 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e81948cda6a5 Credits chihyu Required privilege...

5.3CVSS6.6AI score0.00347EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder