CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1404 matches found

Patchstack•added 2022/04/29 12:0 a.m.•20 views

WordPress WP Subscribe plugin <= 1.2.12 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress WP Subscribe plugin versions = 1.2.12. Solution Update the WordPress WP Subscribe plugin to the latest available version at least 1.2.13...

4.8CVSS2.6AI score0.00304EPSS

Exploits1References2Affected Software1

Patchstack•added 2022/04/28 12:0 a.m.•22 views

WordPress Countdown & Clock plugin <= 2.4.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Jeong Wonjun aka Pongchi Patchstack Alliance in WordPress Countdown & Clock plugin versions = 2.4.7. Solution No patched version is available...

5.9CVSS3.6AI score0.00282EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/26 12:0 a.m.•19 views

WordPress Tripetto plugin <= 5.1.4 - Unauthenticated Cross-Site Scripting (XSS) vulnerability via SVG image upload

Unauthenticated Cross-Site Scripting XSS vulnerability via SVG image upload discovered by Ngo Van Thien Patchstack Alliance in WordPress Tripetto plugin versions = 5.1.4. Solution Update the WordPress Tripetto plugin to the latest available version at least 5.2.0...

6.1CVSS3.4AI score0.0031EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/26 12:0 a.m.•22 views

WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Psychological tests & quizzes plugin versions = 0.21.19. Solution No patched version...

5.4CVSS3AI score0.0018EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/25 12:0 a.m.•20 views

WordPress ShortPixel Adaptive Images plugin <= 3.3.1 - Subscriber+ Plugin Settings Update vulnerability

Subscriber+ Plugin Settings Update vulnerability discovered by Tien Nguyen Anh Patchstack Alliance in WordPress ShortPixel Adaptive Images plugin versions = 3.3.1. Solution Update the WordPress ShortPixel Adaptive Images plugin to the latest available version at least 3.4.0...

4.3CVSS3.5AI score0.00135EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/25 12:0 a.m.•28 views

WordPress 3xSocializer plugin <= 0.98.22 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Lenon Leite Patchstack Alliance in WordPress 3xSocializer plugin versions = 0.98.22. Solution No patched version is available. Deactivate and delete. This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may n...

8.8CVSS3AI score0.00373EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/15 12:0 a.m.•28 views

WordPress Webba Booking plugin <= 4.2.21 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress Webba Booking plugin versions = 4.2.21. Solution Update the WordPress Webba Booking plugin to the latest available version at least 4.2.22...

4.8CVSS3AI score0.00322EPSS

Exploits0Affected Software1

Patchstack•added 2022/04/15 12:0 a.m.•16 views

WordPress WP Maintenance plugin <= 6.0.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress WP Maintenance plugin versions = 6.0.7. Solution Update the WordPress WP Maintenance plugin to the latest available version at least 6.0.8...

4.8CVSS3AI score0.00304EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/12 12:0 a.m.•16 views

WordPress CalderaWP License Manager plugin <= 1.2.11 - Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Reflected Cross-Site Scripting XSS discovered by mirphak Patchstack Alliance in WordPress CalderaWP License Manager plugin versions = 1.2.11. Solution Deactivate and delete. The plugin is closed and no more maintained...

6.1CVSS2.8AI score0.00162EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/11 12:0 a.m.•31 views

WordPress Responsive Tabs plugin <= 4.0.5 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability was discovered by Ngo Van Thien Patchstack Alliance in WordPress Responsive Tabs plugin versions = 4.0.5. Solution No patched version is available...

4.8CVSS2.7AI score0.00224EPSS

Exploits1References2Affected Software1

Patchstack•added 2022/04/08 12:0 a.m.•26 views

WordPress Chaty plugin <= 2.8.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress Chaty plugin versions = 2.8.3. Solution No patched version is available...

4.8CVSS2.8AI score0.00224EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/07 12:0 a.m.•19 views

WordPress Plausible Analytics plugin <= 1.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by José Aguilera Patchstack Alliance in WordPress Plausible Analytics plugin versions = 1.2.2. Solution Update the WordPress Plausible Analytics plugin to the latest available version at least 1.2.3...

4.8CVSS3.1AI score0.00498EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/07 12:0 a.m.•24 views

WordPress WPvivid plugin <= 0.9.70 - Arbitrary File Read vulnerability

Arbitrary File Read vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress WPvivid plugin versions = 0.9.70. Solution Update the WordPress WPvivid plugin to the latest available version at least 0.9.71...

7.5CVSS4.1AI score0.00879EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/05 12:0 a.m.•15 views

WordPress WP-Appbox plugin <= 4.3.20 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by mirphak Patchstack Alliance in WordPress WP-Appbox plugin versions = 4.3.20. Solution Update the WordPress WP-Appbox plugin to the latest available version at least 4.4.0...

4.8CVSS2.9AI score0.00224EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/04/05 12:0 a.m.•26 views

WordPress Pricing Table plugin <= 1.5.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Pricing Table plugin versions = 1.5.2. Solution No patched version is available...

4.8CVSS3AI score0.00224EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/03/30 12:0 a.m.•72 views

WordPress Use Any Font plugin <= 6.1.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability was discovered by Rasi Afeef Patchstack Alliance in WordPress Use Any Font plugin versions = 6.1.7. Solution Update the WordPress Use Any Font plugin to the latest available version at least 6.1.8...

5.4CVSS3.7AI score0.00103EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/03/23 12:0 a.m.•18 views

WordPress Simple Event Planner plugin <= 1.5.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Simple Event Planner plugin versions = 1.5.4. Solution Update the WordPress Simple Event Planner plugin to the latest available version at least 1.5.5...

5.4CVSS2.9AI score0.0022EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/03/21 12:0 a.m.•13 views

WordPress Yoo Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to slider Duplicate/Delete

Cross-Site Request Forgery CSRF vulnerability leading to slider Duplicate/Delete discovered by Ngo Van Thien Patchstack Alliance in WordPress Yoo Slider plugin versions = 2.0.0. Solution Update the WordPress Yoo Slider plugin to the latest available version at least 2.1.0...

5.4CVSS3.7AI score0.00106EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/03/21 12:0 a.m.•17 views

WordPress Yoo Slider plugin <= 2.0.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Yoo Slider plugin versions = 2.0.0. Solution Update the WordPress Yoo Slider plugin to the latest available version at least 2.1.0...

5.4CVSS2.6AI score0.0018EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/03/08 12:0 a.m.•25 views

WordPress Analytics Cat plugin <= 1.0.9 - Plugin Settings change via Cross-Site Request Forgery (CSRF) vulnerability

Plugin Settings change via Cross-Site Request Forgery CSRF vulnerability discovered by Rasi Afeef Patchstack Alliance in WordPress Analytics Cat plugin versions = 1.0.9. Solution Update the WordPress Analytics Cat plugin to the latest available version at least 1.1.0...

5.4CVSS4.6AI score0.00103EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by