CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

5093 matches found

Patchstack•added 2024/10/24 12:0 a.m.•12 views

WordPress Firelight Lightbox Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Firelight Lightbox Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50460 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2edb2390ea9c Credits Robert DeVore Required privilege...

5.9CVSS6.5AI score0.00241EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•9 views

WordPress The Pack Elementor addons Plugin <= 2.0.9 is vulnerable to Local File Inclusion

Software The Pack Elementor addons Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-50453 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID e424fb066139 Credits João Pedro S Alcânta...

8.8CVSS7.6AI score0.00542EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•19 views

WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.3.4 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.3.4 Fixed in 1.3.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50451 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f23dd4816a6 Credits...

6.5CVSS6.5AI score0.00254EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•8 views

WordPress Envo's Elementor Templates & Widgets for WooCommerce Plugin <= 1.4.19 is vulnerable to Cross Site Scripting (XSS)

Software Envo's Elementor Templates & Widgets for WooCommerce Type Plugin Vulnerable versions = 1.4.19 Fixed in 1.4.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50447 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 28c4d14cb691 Credits...

6.5CVSS6.3AI score0.00239EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•9 views

WordPress Selection Lite Plugin <= 1.13 is vulnerable to Cross Site Scripting (XSS)

Software Selection Lite Type Plugin Vulnerable versions = 1.13 Fixed in 1.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50445 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d19a34cff88e Credits João Pedro S Alcântara Kinorth Required...

6.5CVSS6.3AI score0.00254EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•10 views

WordPress Church Admin Plugin < 5.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Church Admin Type Plugin Vulnerable versions 5.0.0 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50438 Patch priority Medium CVSS severity Medium 7.1 Developer Andy Moyle PSID 007d5118baff Credits Le Ngoc Anh Required privilege...

7.1CVSS6.5AI score0.003EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•6 views

WordPress Clean Retina Theme <= 3.0.6 is vulnerable to Local File Inclusion

Software Clean Retina Type Theme Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50436 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID e56d05b5bd53 Credits tahu.datar Required privilege Unauthenticate...

7.5CVSS6.8AI score0.00456EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•17 views

WordPress WP Booking System Plugin <= 2.0.19.10 is vulnerable to Broken Access Control

Software WP Booking System Type Plugin Vulnerable versions = 2.0.19.10 Fixed in 2.0.19.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-50425 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID ad36b04a505d Credits Trương Hữu Phúc...

6.5CVSS6.5AI score0.00423EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•11 views

WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.8.6 is vulnerable to Broken Access Control

Software WooCommerce PDF Invoices & Packing Slips Type Plugin Vulnerable versions = 3.8.6 Fixed in 3.8.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-50421 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b5246d239102 Credits Rafi...

5.3CVSS6.5AI score0.00398EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•22 views

WordPress Button contact VR Plugin <= 4.7.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Button contact VR Type Plugin Vulnerable versions = 4.7.9.1 Fixed in 4.7.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50414 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8a3582798f30 Credits UKO Required privilege...

5.9CVSS6.5AI score0.00284EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•12 views

WordPress Namaste! LMS Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Namaste! LMS Type Plugin Vulnerable versions = 2.6.2 Fixed in 2.6.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50407 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8fa25cac3b50 Credits Hakiduck Required privilege...

7.1CVSS6.6AI score0.003EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•13 views

WordPress Beaver Builder Plugin <= 2.8.3.7 is vulnerable to Cross Site Scripting (XSS)

Software Beaver Builder Type Plugin Vulnerable versions = 2.8.3.7 Fixed in 2.8.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50430 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0af9c27e34dd Credits João Pedro S Alcântara Kinorth...

5.9CVSS9.4AI score0.00253EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•6 views

WordPress File Upload Types Plugin <= 1.4.0 is vulnerable to Cross Site Scripting (XSS)

Software File Upload Types Type Plugin Vulnerable versions = 1.4.0 Fixed in 1.5.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10016 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d655bda3dd64 Credits Francesco Carlucci...

6.4CVSS5.7AI score0.00373EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•12 views

WordPress NewsCard Theme <= 1.3 is vulnerable to Local File Inclusion

Software NewsCard Type Theme Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50434 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ddf0621fd895 Credits tahu.datar Required privilege Unauthenticated...

7.5CVSS6.8AI score0.00443EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•12 views

WordPress 10Web Social Post Feed Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)

Software 10Web Social Post Feed Type Plugin Vulnerable versions = 1.2.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9607 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2a18b550a3d5 Credits vgo0 Required...

6.1CVSS5.6AI score0.00291EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/23 12:0 a.m.•18 views

WordPress WC Marketplace Plugin <= 4.2.4 is vulnerable to Broken Access Control

Software WC Marketplace Type Plugin Vulnerable versions = 4.2.4 Fixed in 4.2.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9531 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7dab4da2d17f Credits Tieu Pham Trong Nhan Required...

4.3CVSS6.5AI score0.00334EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/10/23 12:0 a.m.•9 views

WordPress Terms descriptions Plugin <= 3.4.6 is vulnerable to Cross Site Scripting (XSS)

Software Terms descriptions Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9374 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8fca607d99fe Credits vgo0 Required...

6.1CVSS5.9AI score0.00309EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/10/23 12:0 a.m.•11 views

WordPress EventPrime Plugin <= 4.0.4.7 is vulnerable to Cross Site Scripting (XSS)

Software EventPrime Type Plugin Vulnerable versions = 4.0.4.7 Fixed in 4.0.4.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9865 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b2193c9ee308 Credits zer0gh0st Required...

6.1CVSS5.9AI score0.0036EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/10/23 12:0 a.m.•15 views

WordPress DearFlip Plugin <= 2.3.32 is vulnerable to Cross Site Scripting (XSS)

Software DearFlip Type Plugin Vulnerable versions = 2.3.32 Fixed in 2.3.42 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8717 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f4b31b90d091 Credits Noah Stead TurtleBurg...

6.1CVSS5.6AI score0.00421EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/10/22 12:0 a.m.•12 views

WordPress ProfilePress Pro Plugin <= 4.11.1 is vulnerable to Broken Authentication

Software ProfilePress Pro Type Plugin Vulnerable versions = 4.11.1 Fixed in 4.11.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9947 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID adce137ed816 Credits wesl...

9.8CVSS6.5AI score0.00514EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by