CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

WordPress Customer Reviews Collector for WooCommerce Plugin <= 3.9 is vulnerable to Arbitrary File Upload

Software Customer Reviews Collector for WooCommerce Type Plugin Vulnerable versions = 3.9 Fixed in 4.0 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 9e0239dc9850 Credits Rafie Muhammad...

Patchstack•added 2023/11/28 12:0 a.m.•8 views

WordPress Widgets for Amazon Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for Amazon Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID d4ed9c5c2f5b Credits Rafie Muhammad Patchstack...

Patchstack•added 2023/11/28 12:0 a.m.•11 views

WordPress JetTabs Plugin <= 2.1.25.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software JetTabs Type Plugin Vulnerable versions = 2.1.25.1 Fixed in 2.1.25.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID 6d9f8f2ea4be Credits Rafie Muhammad Patchstack...

8.8CVSS6.5AI score0.00068EPSS

WordPress Widgets for Yelp Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for Yelp Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 323b86ec1718 Credits Rafie Muhammad Patchstack...

WordPress Widgets for Airbnb Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for Airbnb Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 17c7b7de54d5 Credits Rafie Muhammad Patchstack...

WordPress Widgets for Foursquare Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for Foursquare Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID b444fc328eac Credits Rafie Muhammad...

Patchstack•added 2023/11/28 12:0 a.m.•11 views

WordPress JetBlocks For Elementor Plugin <= 1.3.8 is vulnerable to Broken Access Control

Software JetBlocks For Elementor Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.8.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID fd2a2b07e17e Credits Rafie Muhammad...

6.3CVSS6.1AI score0.00104EPSS

Patchstack•added 2023/11/28 12:0 a.m.•9 views

WordPress JetTabs Plugin <= 2.1.25.1 is vulnerable to Broken Access Control

Software JetTabs Type Plugin Vulnerable versions = 2.1.25.1 Fixed in 2.1.25.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 05f1f67c4d40 Credits Rafie Muhammad Patchstack...

6.3CVSS6.4AI score0.00104EPSS

Patchstack•added 2023/11/28 12:0 a.m.•18 views

WordPress JetThemeCore Plugin <= 2.1.2.1 is vulnerable to Broken Access Control

Software JetThemeCore Type Plugin Vulnerable versions = 2.1.2.1 Fixed in 2.1.2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 81078e3aaad1 Credits Rafie Muhammad Patchstack...

6.3CVSS6.8AI score0.00104EPSS

Patchstack•added 2023/11/28 12:0 a.m.•14 views

WordPress JetBlocks For Elementor Plugin <= 1.3.8 is vulnerable to Broken Access Control

Software JetBlocks For Elementor Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.8.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID 51b603280bfd Credits Rafie Muhammad...

9.8CVSS9.3AI score0.00255EPSS

Patchstack•added 2023/11/28 12:0 a.m.•18 views

WordPress JetTricks Plugin <= 1.4.6.1 is vulnerable to Broken Access Control

Software JetTricks Type Plugin Vulnerable versions = 1.4.6.1 Fixed in 1.4.6.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID 1a049ca5510e Credits Rafie Muhammad Patchstack...

9.8CVSS9.3AI score0.00255EPSS

9.8CVSS6.8AI score0.00255EPSS

WordPress JetCompareWishlist Plugin <= 1.5.5.1 is vulnerable to Broken Access Control

Software JetCompareWishlist Type Plugin Vulnerable versions = 1.5.5.1 Fixed in 1.5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID c645a5e87be7 Credits Rafie Muhammad...

WordPress WP Tripadvisor Review Widgets Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software WP Tripadvisor Review Widgets Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID bf86f8d389e5 Credits Rafie Muhammad Patchsta...

Patchstack•added 2023/11/28 12:0 a.m.•12 views

WordPress Review Widgets for Szallas.hu Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Review Widgets for Szallas.hu Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 1d37efe52aa3 Credits Rafie Muhammad Patchsta...

9.8CVSS9.3AI score0.00255EPSS

WordPress JetElements For Elementor Plugin <= 2.6.13 is vulnerable to Broken Access Control

Software JetElements For Elementor Type Plugin Vulnerable versions = 2.6.13 Fixed in 2.6.13.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID e51e2e2e22ba Credits Rafie Muhammad...

Patchstack•added 2023/11/28 12:0 a.m.•9 views

WordPress JetPopup Plugin <= 2.0.2 is vulnerable to Broken Access Control

Software JetPopup Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 023e24c3cead Credits Rafie Muhammad Patchstack Require...

6.3CVSS6.1AI score0.00104EPSS

WordPress Widgets for Wordpress Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for Wordpress Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 382b3841f916 Credits Rafie Muhammad Patchsta...

Patchstack•added 2023/11/28 12:0 a.m.•8 views

WordPress Multiple Post Passwords Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Multiple Post Passwords Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49157 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e6267a0778ae Credits DoYeon Park p6rkdoye0n Require...

5.9CVSS6.6AI score0.00135EPSS

Patchstack•added 2023/11/28 12:0 a.m.•12 views

WordPress JetTricks Plugin <= 1.4.6.1 is vulnerable to Broken Access Control

Software JetTricks Type Plugin Vulnerable versions = 1.4.6.1 Fixed in 1.4.6.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 889841daf743 Credits Rafie Muhammad Patchstack...

6.3CVSS6.1AI score0.00104EPSS

Patchstack•added 2023/11/28 12:0 a.m.•16 views

WordPress JetProductGallery Plugin <= 2.1.13.1 is vulnerable to Broken Access Control

Software JetProductGallery Type Plugin Vulnerable versions = 2.1.13.1 Fixed in 2.1.13.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID 7e68b6745d20 Credits Rafie Muhammad...

9.8CVSS6.8AI score0.00255EPSS