Lucene search
K

5103 matches found

Patchstack
Patchstack
added 2023/08/29 12:0 a.m.17 views

WordPress Forminator Plugin <= 1.24.6 is vulnerable to Arbitrary File Upload

Software Forminator Type Plugin Vulnerable versions = 1.24.6 Fixed in 1.25.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-4596 Patch priority High CVSS severity High 9.8 Developer WPMU DEV PSID c13bf0eea10b Credits mehmet Required privilege Unauthenticated Publishe...

9.8CVSS6.7AI score0.12749EPSS
Exploits3References4Affected Software1
Patchstack
Patchstack
added 2023/08/29 12:0 a.m.20 views

WordPress Slimstat Analytics Plugin <= 5.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Slimstat Analytics Type Plugin Vulnerable versions = 5.0.9 Fixed in 5.0.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4597 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5f7946c39456 Credits István Márton Requir...

6.4CVSS5.7AI score0.00576EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/29 12:0 a.m.7 views

WordPress Arya Multipurpose Pro Theme <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Arya Multipurpose Pro Type Theme Vulnerable versions = 1.0.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41237 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 17b111a67e25 Credits László Radnai...

7.1CVSS5.6AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/08/28 12:0 a.m.7 views

WordPress LuckyWP Scripts Control Plugin <= 1.2.1 is vulnerable to Broken Access Control

Software LuckyWP Scripts Control Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-29239 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID e65baeeaa808 Credits Elliot Required...

6.6AI score0.00343EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/28 12:0 a.m.10 views

WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software MakeStories for Google Web Stories Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.0.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27448 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 422c8d1d0b2a Credits...

8.8CVSS6.6AI score0.00208EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/25 12:0 a.m.13 views

WordPress Herd Effects Plugin < 5.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Herd Effects Type Plugin Vulnerable versions 5.2.4 Fixed in 5.2.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4318 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3c6da81b7acf Credits Erwan LR WPScan Required...

4.3CVSS6.6AI score0.00218EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/25 12:0 a.m.13 views

WordPress URL Shortify Plugin < 1.7.6 is vulnerable to Cross Site Scripting (XSS)

Software URL Shortify Type Plugin Vulnerable versions 1.7.6 Fixed in 1.7.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4294 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 91200df1978f Credits Bartlomiej Marek and...

6.1CVSS5.6AI score0.00735EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/24 12:0 a.m.10 views

WordPress WP Adminify Plugin < 3.1.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Adminify Type Plugin Vulnerable versions 3.1.6 Fixed in 3.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4060 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5e42dd53e8bc Credits dipak panchal Required privile...

4.8CVSS5.7AI score0.00399EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/24 12:0 a.m.9 views

WordPress Premmerce User Roles Plugin <= 1.0.12 is vulnerable to Broken Access Control

Software Premmerce User Roles Type Plugin Vulnerable versions = 1.0.12 Fixed in 1.0.13 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41130 Patch priority High CVSS severity High 8.1 Developer Premmerce PSID 8954c8b59cab Credits Nguyen Xuan Chien Required...

6.6AI score0.0046EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/24 12:0 a.m.9 views

WordPress WP VK Plugin < 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP VK Type Plugin Vulnerable versions 1.3.4 Fixed in 1.3.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 35c374f0a596 Credits WordFence Required privilege Unauthenticat...

7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/23 12:0 a.m.12 views

WordPress Min Max Control Plugin < 4.6 is vulnerable to Cross Site Scripting (XSS)

Software Min Max Control Type Plugin Vulnerable versions 4.6 Fixed in 4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4270 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f355d50b63c9 Credits Animesh Gaurav Required...

6.1CVSS5.6AI score0.00396EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/22 12:0 a.m.19 views

WordPress Charitable Plugin <= 1.7.0.12 is vulnerable to Privilege Escalation

Software Charitable Type Plugin Vulnerable versions = 1.7.0.12 Fixed in 1.7.0.13 OWASP Top 10 A3: Injection Classification Privilege Escalation CVE CVE-2023-4404 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 52fac3028e4c Credits István Márton Required privilege...

9.8CVSS6.7AI score0.00765EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/08/22 12:0 a.m.17 views

WordPress JupiterX Core Plugin <= 3.3.8 is vulnerable to Privilege Escalation

Software JupiterX Core Type Plugin Vulnerable versions = 3.3.8 Fixed in 3.4.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-38389 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID bb67776164d1 Credits Rafie...

9.8CVSS6.5AI score0.01153EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/22 12:0 a.m.10 views

WordPress Slimstat Analytics Plugin <= 5.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Slimstat Analytics Type Plugin Vulnerable versions = 5.0.8 Fixed in 5.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40676 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 02d370df713c Credits Rio Darmawan Require...

5.9CVSS5.7AI score0.00354EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/21 12:0 a.m.8 views

WordPress Save as Image plugin by Pdfcrowd Plugin <= 2.16.0 is vulnerable to Cross Site Scripting (XSS)

Software Save as Image plugin by Pdfcrowd Type Plugin Vulnerable versions = 2.16.0 Fixed in 2.16.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40665 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cfe00b0b6985 Credits Mahe...

5.9CVSS5.8AI score0.00335EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/21 12:0 a.m.6 views

WordPress DoLogin Security Plugin <= 3.6 is vulnerable to Bypass Vulnerability

Software DoLogin Security Type Plugin Vulnerable versions = 3.6 Fixed in 3.7 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e4651ef4e7a2 Credits WordFence Required privilege Unauthenticated...

6.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/18 12:0 a.m.13 views

WordPress Cookies and Content Security Policy Plugin <= 2.15 is vulnerable to Sensitive Data Exposure

Software Cookies and Content Security Policy Type Plugin Vulnerable versions = 2.15 Fixed in 2.16 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-40662 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1727f4bf0e4c Credits Mika...

7.5CVSS6.6AI score0.00552EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/18 12:0 a.m.12 views

WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS)

Software Donations Made Easy – Smart Donations Type Plugin Vulnerable versions = 4.0.12 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40664 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f2b34d09c3af...

7.1CVSS5.6AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/08/18 12:0 a.m.7 views

WordPress Smart SEO Tool Plugin < 4.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Smart SEO Tool Type Plugin Vulnerable versions 4.0.2 Fixed in 4.0.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7f5302fb053b Credits WordFence Required privilege...

7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/17 12:0 a.m.10 views

WordPress Contact form 7 Custom validation Plugin <= 1.1.3 is vulnerable to SQL Injection

Software Contact form 7 Custom validation Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-40609 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID b7c9ad699602 Credits minhtuanact Required privilege...

9.8CVSS6.8AI score0.00566EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder