Lucene search
K

5110 matches found

Patchstack
Patchstack
added 2023/11/22 12:0 a.m.10 views

WordPress WCMultiShipping Plugin <= 2.3.5 is vulnerable to Broken Access Control

Software WCMultiShipping Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48274 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ae6198f38515 Credits Abdi Pranata Required...

6.8AI score0.00467EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.15 views

WordPress Userpro Plugin <= 5.1.1 is vulnerable to Sensitive Data Exposure

Software Userpro Type Plugin Vulnerable versions = 5.1.1 Fixed in 5.1.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-2446 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 60ff01fd740b Credits István Márton Required...

6.5CVSS6.8AI score0.00849EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.17 views

WordPress Userpro Plugin <= 5.1.1 is vulnerable to Broken Authentication

Software Userpro Type Plugin Vulnerable versions = 5.1.1 Fixed in 5.1.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2023-2437 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 9aac076e3030 Credits István Márton...

9.8CVSS6.8AI score0.06801EPSS
Exploits4References2Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.14 views

WordPress Preloader for Website Plugin <= 1.2.2 is vulnerable to Broken Access Control

Software Preloader for Website Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48273 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID d41468183f67 Credits Nguyen Xuan Chien...

5.3CVSS6.8AI score0.00511EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.19 views

WordPress Post Meta Data Manager Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5776 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be22b4c7158e Credits Francesco...

8.8CVSS7AI score0.00292EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.10 views

WordPress Userpro Plugin <= 5.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Userpro Type Plugin Vulnerable versions = 5.1.1 Fixed in 5.1.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-2447 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID f82d076bd579 Credits István Márton Required...

6.1CVSS7AI score0.00181EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.24 views

WordPress Userpro Plugin <= 5.1.4 is vulnerable to Privilege Escalation

Software Userpro Type Plugin Vulnerable versions = 5.1.4 Fixed in 5.1.5 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2023-6009 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 7046ef9feaa8 Credits István Márton Required privilege...

8.8CVSS6.8AI score0.00923EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.14 views

WordPress Contact Form to Any API Plugin <= 1.1.6 is vulnerable to Broken Access Control

Software Contact Form to Any API Type Plugin Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47871 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 81c0f0123458 Credits Arvandy Require...

6.8AI score0.00456EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.22 views

WordPress wpForo Forum Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software wpForo Forum Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47872 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID da62b115c79c Credits Jesse McNeil Required privilege...

6.5CVSS6.8AI score0.00377EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.11 views

WordPress PayTR Taksit Tablosu Plugin <= 1.3.1 is vulnerable to Broken Access Control

Software PayTR Taksit Tablosu Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47847 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9835cf00a16a Credits Abdi Pranata Required...

6.6AI score0.00401EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.14 views

WordPress WP Child Theme Generator Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload

Software WP Child Theme Generator Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A4: Insecure Design Classification Arbitrary File Upload CVE CVE-2023-47873 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID e915ca3d162f Credits Dateoljo of BoB 12th...

9.1CVSS6.9AI score0.02276EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.9 views

WordPress Grab & Save Plugin <= 1.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Grab & Save Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47845 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 10b2ddc4a429 Credits Dimas Maulana Required...

4.3CVSS6.6AI score0.00172EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.10 views

WordPress Audio Merchant Plugin <= 5.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Audio Merchant Type Plugin Vulnerable versions = 5.0.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6197 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b9deef5e9191 Credits Ala Arfaoui Required...

5.4CVSS6.6AI score0.00218EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.7 views

WordPress BlossomThemes Email Newsletter Plugin <= 2.2.4 is vulnerable to Broken Access Control

Software BlossomThemes Email Newsletter Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47849 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 051053384c38 Credits Abdi...

6.5AI score0.00355EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.10 views

WordPress wpForo Forum Plugin <= 2.2.3 is vulnerable to Privilege Escalation

Software wpForo Forum Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2023-47868 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 18839e0584f6 Credits Jesse McNeil Required privilege...

9.8CVSS6.5AI score0.00475EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.9 views

WordPress CataBlog Plugin <= 1.7.0 is vulnerable to Arbitrary File Upload

Software CataBlog Type Plugin Vulnerable versions = 1.7.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-47842 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID ca3ef4e541ae Credits Rafie Muhammad Patchstack Required privilege...

9.1CVSS6.8AI score0.00603EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.18 views

WordPress wpForo Forum Plugin <= 2.2.5 is vulnerable to Content Injection

Software wpForo Forum Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.2.6 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2023-47869 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e9607ec97842 Credits Jesse McNeil Required privilege...

6.9AI score0.0029EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/16 12:0 a.m.10 views

WordPress WP EXtra Plugin <= 6.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP EXtra Type Plugin Vulnerable versions = 6.4 Fixed in 6.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47825 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 19cbe9873db2 Credits Huynh Tien Si Required privile...

8.8CVSS6.6AI score0.00256EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/16 12:0 a.m.11 views

WordPress Restaurant & Cafe Addon for Elementor Plugin <= 1.5.3 is vulnerable to Broken Access Control

Software Restaurant & Cafe Addon for Elementor Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47826 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b97882725329 Credits...

6.6AI score0.00466EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/16 12:0 a.m.11 views

WordPress ARI Stream Quiz Plugin <= 1.2.32 is vulnerable to Cross Site Scripting (XSS)

Software ARI Stream Quiz Type Plugin Vulnerable versions = 1.2.32 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47835 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 60fc20d13481 Credits emad Required privilege Contributor...

6.5CVSS6.6AI score0.00377EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder