Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3797 matches found

Patchstack
Patchstackadded 2022/10/20 12:0 a.m.12 views

WordPress Welcart eCommerce plugin <= 2.7.7 - Unauth. Directory Traversal vulnerability

Unauth. Directory Traversal vulnerability discovered by Tien Nguyen Anh Patchstack Alliance in the WordPress Welcart e-Commerce plugin versions = 2.7.6. Solution Update the WordPress Welcart e-Commerce plugin to the latest available version at least 2.7.8...

9.8CVSS3.9AI score0.65737EPSS
Exploits2Affected Software1
Patchstack
Patchstackadded 2022/10/20 12:0 a.m.18 views

WordPress Advanced Order Export For WooCommerce plugin <= 3.3.2 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to export file download discovered by Lana Codes Patchstack Alliance in WordPress Advanced Order Export For WooCommerce plugin versions = 3.3.2. Solution Update the WordPress Advanced Order Export For WooCommerce plugin to the latest available...

6.5CVSS3.2AI score0.00116EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/20 12:0 a.m.20 views

WordPress Avada premium theme <= 7.8.1 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability Leading to Arbitrary Plugin Installation/Activation discovered by Dave Jong Patchstack in WordPress Avada theme versions = 7.8.1. Solution Update the WordPress Avada theme to the latest available version at least 7.8.2...

8.8CVSS4AI score0.0054EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2022/10/20 12:0 a.m.19 views

WordPress Mantenimiento web plugin <= 0.13 - Auth. Cross-Site Scripting (XSS) vulnerability

Auth. Cross-Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in the WordPress Mantenimiento web plugin versions = 0.13. Solution Update the WordPress Mantenimiento web plugin to the latest available version at least 0.14...

4.8CVSS3.3AI score0.00218EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/13 12:0 a.m.19 views

WordPress Shortcodes Ultimate plugin <= 5.12.0 - CSRF vulnerability leading to Stored XSS

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Shortcodes Ultimate plugin versions = 5.12.0. Solution Update the WordPress Shortcodes Ultimate plugin to the latest available version at least...

8.8CVSS1.9AI score0.00108EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/13 12:0 a.m.17 views

WordPress Rock Convert plugin <= 2.11.0 - Auth. Cross-Site Scripting (XSS) vulnerability

Auth. Cross-Site Scripting XSS vulnerability was discovered by Mika Patchstack Alliance in the WordPress Rock Convert plugin versions = 2.11.0. Solution Update the WordPress Rock Convert plugin to the latest available version at least 3.0.0...

4.8CVSS2.9AI score0.00218EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/12 12:0 a.m.19 views

WordPress Accessibility plugin <= 1.0.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress Accessibility plugin versions = 1.0.3. Solution Update the WordPress Accessibility plugin to the latest available version at least 1.0.4...

4.8CVSS3.8AI score0.00218EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/12 12:0 a.m.17 views

WordPress AB Press Optimizer plugin <= 1.1.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress AB Press Optimizer plugin versions = 1.1.1. Solution No patched version is available. No reply from the vendor...

4.8CVSS2.9AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/12 12:0 a.m.25 views

WordPress 3com – Asesor de Cookies plugin <= 3.4.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress 3com – Asesor de Cookies plugin versions = 3.4.3. Solution No patched version is available. No reply from the vendor...

2.9AI score0.00298EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/12 12:0 a.m.28 views

WordPress 5 Anker Connect plugin <= 1.2.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress 5 Anker Connect plugin versions = 1.2.6. Solution Update the WordPress 5 Anker Connect plugin to the latest available version at least 1.2.7...

4.8CVSS3.2AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/12 12:0 a.m.12 views

WordPress Optinly plugin <= 1.0.11 - Broken Access Control vulnerability

Broken Access Control leading to plugin settings change by the subscriber or higher role user vulnerability discovered by ptsfence Patchstack in WordPress Optinly plugin versions = 1.0.11. Solution No patched version is available. No reply from the vendor...

1.7AI score
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/12 12:0 a.m.29 views

WordPress ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium plugin <= 1.1.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Dave Jong Patchstack in WordPress ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium plugin versions = 1.1.0. Solution Update the WordPress ALD - AliExpress Dropshipping and Fulfillment for WooCommerce plugin to the latest...

7.5CVSS3AI score0.00537EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2022/10/12 12:0 a.m.17 views

WordPress Optinly plugin <= 1.0.11 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin settings change discovered by ptsfence Patchstack Alliance in WordPress Optinly plugin = 1.0.11 Solution No patched version is available. No reply from the vendor...

3.9AI score0.00104EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/06 12:0 a.m.12 views

WordPress Post Slider plugin <= 1.6.7 - Broken Access Control vulnerability

Broken Access Control vulnerability leading to plugin settings change by the subscriber or higher role users discovered by ptsfence Patchstack Alliance in WordPress Post Slider plugin versions = 1.6.7. Solution No patched version is available. No reply from the vendor...

2.1AI score0.00107EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/10/02 12:0 a.m.40 views

WordPress Shortcodes Ultimate plugin <= 5.12.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to Preset Settings Change discovered by Dave Jong Patchstack in WordPress Shortcodes Ultimate plugin versions = 5.12.0. Solution Update the WordPress Shortcodes Ultimate plugin to the latest available version at least 5.12.1...

5.4CVSS2.9AI score0.00115EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/09/30 12:0 a.m.23 views

WordPress CRM Perks Forms plugin <= 1.1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Tien Nguyen Anh Patchstack Alliance in WordPress CRM Perks Forms plugin versions = 1.1.0. Solution Update the WordPress CRM Perks Forms plugin to the latest available version at least 1.1.1...

2.7AI score0.12129EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/09/30 12:0 a.m.16 views

WordPress WZone – Lite Version plugin <= 3.1 Lite - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress WZone – Lite Version plugin versions = 3.1 Lite. Solution No patched version is available. No reply from the vendor since Jul 29, 2022...

3.3AI score0.00097EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/09/29 12:0 a.m.25 views

WordPress Profile Builder plugin <= 3.6.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability was discovered by mirphak Patchstack Alliance in the WordPress Profile Builder plugin versions = 3.6.0. Solution Update the WordPress Profile Builder plugin to the latest available version at least 3.6.1...

4.3CVSS3.7AI score0.00329EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/09/29 12:0 a.m.21 views

WordPress Redirection for Contact Form 7 plugin <= 2.4.0 - Unauthenticated Options Change and Content Injection vulnerability

Unauthenticated Options Change vulnerability discovered by mirphak Patchstack Alliance in WordPress Redirection for Contact Form 7 plugin versions = 2.4.0. Successful exploitation requires an additional extension plugin AccessiBe. An attacker can inject a script into the footer. Solution Update t...

7.5CVSS3.1AI score0.00492EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/09/29 12:0 a.m.18 views

WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Auth. Stored Cross-Site Scripting XSS vulnerabilities discovered by Vlad Vector Patchstack in WordPress Accordions plugin versions = 2.0.3. Solution Update the WordPress Accordions plugin to the latest available version at least 2.1.0...

4.8CVSS3.1AI score0.00218EPSS
Exploits0Affected Software1
Rows per page
Query Builder