Lucene search
K

466 matches found

Patchstack
Patchstack
added 2025/06/05 12:15 a.m.8 views

WordPress Greenshift plugin <= 11.5.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Greenshift versions = 11.5.5...

6.5CVSS6AI score0.00215EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/04 11:50 a.m.13 views

WordPress MC Woocommerce Wishlist plugin <= 1.9.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin MC Woocommerce Wishlist versions = 1.9.1...

7.1CVSS5.9AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/30 9:23 p.m.9 views

WordPress Product Subtitle for WooCommerce plugin <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via htmlTag Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via htmlTag Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Product Subtitle for WooCommerce versions = 1.3.9...

6.4CVSS5.5AI score0.00231EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/28 9:58 p.m.11 views

WordPress Map Block Leaflet plugin <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via url Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Map Block Leaflet versions = 3.2.1...

6.4CVSS5.5AI score0.0032EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:3 a.m.7 views

CVE-2024-49231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cyclop WordPress Video wordpress-video allows Stored XSS.This issue affects WordPress Video: from n/a through = 1.0...

6.5CVSS5.9AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:23 a.m.7 views

CVE-2024-24929

Cross-Site Request Forgery CSRF vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6...

8.8CVSS6.3AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:40 a.m.8 views

CVE-2024-50520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Peter J. Herrel Ancient World Linked Data ancient-world-linked-data-for-wordpress allows DOM-Based XSS.This issue affects Ancient World Linked Data: from n/a through = 0.2.1...

6.5CVSS5.9AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:16 a.m.4 views

CVE-2023-47650

Cross-Site Request Forgery CSRF vulnerability in Peter Sterling Add Local Avatar.This issue affects Add Local Avatar: from n/a through 12.1...

8.8CVSS8AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.8 views

CVE-2023-44240

Cross-Site Request Forgery CSRF vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin = 1.54 versions...

8.8CVSS7.1AI score0.00227EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:45 p.m.9 views

CVE-2022-47588

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tips and Tricks HQ, Peter Petreski Simple Photo Gallery simple-photo-gallery allows SQL Injection.This issue affects Simple Photo Gallery: from n/a through v1.8.1...

9.8CVSS8.9AI score0.00717EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/19 4:27 p.m.8 views

WordPress bunny.net plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin bunny.net versions = 2.3.0...

8.5CVSS5.9AI score0.00384EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/26 5:43 p.m.17 views

CVE-2025-46470

Missing Authorization vulnerability in Peter Raschendorfer Smart Hashtags hashtagger hashtagger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Hashtags hashtagger: from n/a through = 7.2.3...

4.3CVSS7.2AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:8 p.m.47 views

CVE-2025-46470

CVE-2025-46470 concerns WordPress Smart Hashtags [#hashtagger] plugin (versions up to 7.2.3) with a Missing Authorization vulnerability due to incorrectly configured access control. The public details identify a Medium severity (CVSS 3.1 base 4.3) , exploitable remotely without user interaction. ...

4.3CVSS7.2AI score0.00241EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/21 6:39 p.m.7 views

WordPress Tax Switch for WooCommerce plugin <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Tax Switch for WooCommerce versions = 1.4.2...

6.4CVSS6.3AI score0.00262EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/18 1:29 p.m.7 views

WordPress Sirat theme <= 1.5.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Theme Sirat versions = 1.5.1...

4.3CVSS7AI score0.00262EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/09 5:40 p.m.8 views

WordPress Rich Table of Contents plugin <= 1.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Rich Table of Contents versions = 1.4.0...

4.3CVSS8.5AI score0.0038EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 2:7 p.m.4 views

WordPress Cal.com plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Cal.com versions = 1.0.0...

6.5CVSS6.1AI score0.00193EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 2:4 p.m.4 views

WordPress WP Date and Time Shortcode plugin <= 2.6.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Date and Time Shortcode versions = 2.6.7...

6.5CVSS6.1AI score0.00237EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 1:58 p.m.3 views

WordPress Fusion plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Fusion versions = 1.6.4...

6.5CVSS6.1AI score0.00237EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 1:57 p.m.4 views

WordPress Swiss Toolkit For WP plugin <= 1.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Swiss Toolkit For WP versions = 1.4.0...

4.3CVSS7AI score0.00346EPSS
Exploits0Affected Software1
Rows per page
Query Builder