CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1404 matches found

Patchstack•added 2022/11/17 12:0 a.m.•19 views

WordPress News Announcement Scroll plugin <= 8.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in the WordPress News Announcement Scroll plugin versions = 8.8.8. Solution Update the WordPress News Announcement Scroll plugin to the latest available version at least 9.0.0...

4.8CVSS3AI score0.00314EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/17 12:0 a.m.•18 views

WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Nosa "apapedulimu" Shandy Patchstack Alliance in the WordPress Crowdsignal Dashboard plugin versions = 3.0.9. Solution Update the WordPress Polldaddy Polls & Ratings plugin to the latest available version at least 3.0.10...

8.8CVSS4.7AI score0.008EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/11/17 12:0 a.m.•16 views

WordPress ULTIMATE TABLES plugin <= 1.6.5 - Unauth. Reflected Cross-Site Scripting (XSS) vulnerability

Unauth. Reflected Cross-Site Scripting XSS vulnerability discovered by Tien Nguyen Anh Patchstack Alliance in WordPress ULTIMATE TABLES plugin versions = 1.6.5. Solution No patched version is available. No reply from the vendor...

6.1CVSS2.9AI score0.0021EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/17 12:0 a.m.•21 views

WordPress Anthologize plugin <= 0.8.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability by Hoang Van Hiep aka sk4rl1ghT Patchstack Alliance in the WordPress Anthologize plugin versions = 0.8.0. Solution Update the WordPress Anthologize plugin to the latest available version at least 0.8.1...

4.8CVSS2.1AI score0.00218EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/11 12:0 a.m.•17 views

WordPress AdRotate Banner Manager plugin <= 5.9 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities leading to resetting some of the maintenance settings Reset tasks, Disable the third party, Update Database were discovered by Muhammad Daffa Patchstack Alliance in the WordPress AdRotate Banner Manager plugin versions = 5.9. Solution...

2AI score0.00109EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/11 12:0 a.m.•16 views

WordPress Add Multiple Marker plugin <= 1.2 - Missing Access Control vulnerability

Missing Access Control vulnerability leading to unauth. plugin settings change discovered by ptsfence Patchstack Alliance in WordPress Add Multiple Marker plugin versions = 1.2. Solution No patched version is available...

Exploits0Affected Software1

Patchstack•added 2022/11/11 12:0 a.m.•15 views

WordPress Add Multiple Marker plugin <= 1.2 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress Add Multiple Marker plugin versions = 1.2. Solution No patched version is available...

4.1AI score0.00104EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/10 12:0 a.m.•17 views

WordPress S2W – Import Shopify to WooCommerce plugin <= 1.1.12 - Auth. Arbitrary File Read vulnerability

Auth. Arbitrary File Read vulnerability discovered by Tomasz Staszyszyn Patchstack Alliance in WordPress S2W – Import Shopify to WooCommerce plugin versions = 1.1.12. Solution Update the WordPress S2W – Import Shopify to WooCommerce plugin to the latest available version at least 1.1.13...

4.9CVSS4.1AI score0.00637EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/09 12:0 a.m.•20 views

WordPress Better Messages plugin <= 1.9.10.69 - Messaging Block Bypass vulnerability

Messaging Block Bypass vulnerability discovered by Dhakal Ananda Patchstack Alliance in WordPress Better Messages plugin versions = 1.9.10.69. Solution Update the WordPress BP Better Messages plugin to the latest available version at least 1.9.10.71...

6.5CVSS3.2AI score0.00156EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/09 12:0 a.m.•17 views

WordPress Quick Restaurant Reservations plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by thiennv Patchstack Alliance in WordPress Quick Restaurant Reservations plugin versions = 1.5.4. Solution Update the WordPress Quick Restaurant Reservations plugin to the latest available version at least 1.5.5...

4.6AI score0.001EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/09 12:0 a.m.•26 views

WordPress REST API Authentication plugin <= 2.4.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin settings change discovered by Lana Codes Patchstack Alliance in WordPress REST API Authentication plugin versions = 2.4.0. Solution Update the WordPress WordPress REST API Authentication plugin to the latest available version at leas...

8.8CVSS3.9AI score0.00083EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/07 12:0 a.m.•21 views

WordPress Cyklodev WP Notify plugin <= 1.2.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Hoang Van Hiep aka sk4rl1ghT Patchstack Alliance in the WordPress Cyklodev WP Notify plugin versions = 1.2.1. Solution No patched version is available...

2.1AI score0.00207EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/07 12:0 a.m.•13 views

WordPress Testimonial Slider plugin <= 1.3.1 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress Testimonial Slider plugin versions = 1.3.1. Solution No patched version is available. No reply from the vendor...

8.8CVSS3.8AI score0.00108EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/07 12:0 a.m.•22 views

WordPress LoginPress plugin <= 1.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability leading to unauth. changing of Opt-In or Opt-Out tracking settings discovered by Nguyen Anh Tien Patchstack Alliance in the WordPress LoginPress plugin versions = 1.6.2. Solution Update the WordPress LoginPress plugin to the latest available version at least...

5.3CVSS4.2AI score0.00207EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/02 12:0 a.m.•15 views

WordPress 4ECPS Web Forms plugin <= 0.2.17 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Hoang Van Hiep aka sk4rl1ghT Patchstack Alliance in WordPress 4ECPS Web Forms plugin versions = 0.2.17. Solution Update the WordPress 4ECPS Web Forms plugin to the latest available version at least 0.2.18...

4.8CVSS1.7AI score0.00218EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/02 12:0 a.m.•14 views

WordPress AM-HiLi plugin <= 1.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Hoang Van Hiep Patchstack Alliance in the WordPress AM-HiLi plugin versions = 1.0. Solution No patched version is available...

4.8CVSS2.1AI score0.00238EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/02 12:0 a.m.•24 views

WordPress AgentEasy Properties plugin <= 1.0.4 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Hoang Van Hiep Patchstack Alliance in the WordPress AgentEasy Properties plugin versions = 1.0.4. Solution Deactivate and delete. This plugin has been closed as of November 1, 2022 and is not available for download. This closure is...

4.8CVSS1.6AI score0.00238EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/01 12:0 a.m.•17 views

WordPress Permalink Manager Lite plugin <= 2.2.20 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Anh Tien Patchstack Alliance in the WordPress Permalink Manager Lite plugin versions = 2.2.20. Solution Update the WordPress Permalink Manager Lite plugin to the latest available version at least 2.2.20.1...

9.8CVSS4.1AI score0.0062EPSS

Exploits0Affected Software1

Patchstack•added 2022/11/01 12:0 a.m.•23 views

WordPress Homepage PopUp plugin <= 1.2.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Mika Patchstack Alliance in the WordPress Homepage Pop-up plugin versions = 1.2.5. Solution No patched version is available. No reply from the vendor...

2.9AI score0.00104EPSS

Exploits0Affected Software1

Patchstack•added 2022/10/31 12:0 a.m.•19 views

WordPress Subscribe to Category plugin <= 2.7.3 - Auth. Broken Access Control vulnerability

Auth. Broken Access Control vulnerability discovered by Nguyen Anh Tien Patchstack Alliance in the WordPress Subscribe to Category plugin versions = 2.7.1. Solution No patched version is available. No reply from the vendor...

4AI score0.0039EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by