Lucene search
K

5106 matches found

Patchstack
Patchstack
added 2023/02/14 12:0 a.m.17 views

WordPress Quick Event Manager Plugin <= 9.6.4 is vulnerable to Cross Site Scripting (XSS)

Software Quick Event Manager Type Plugin Vulnerable versions = 9.6.4 Fixed in 9.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46863 Patch priority Low CVSS severity Low 5.9 Developer Fullworks Plugins PSID 59c55fdc1246 Credits Justiice Required...

5.9CVSS5.8AI score0.00369EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.13 views

WordPress WPGlobus Translate Options Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)

Software WPGlobus Translate Options Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25711 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID 62953df5e274 Credits thienn...

6.1CVSS5.7AI score0.0034EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.9 views

WordPress Robots.txt optimization Plugin <= 1.4.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Robots.txt optimization Type Plugin Vulnerable versions = 1.4.5 Fixed in 1.4.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25706 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1bba120cb645 Credits Abdi Pranat...

6.5CVSS6.6AI score0.0022EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.10 views

WordPress ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Plugin <= 1.0.21 is vulnerable to Broken Access Control

Software ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Type Plugin Vulnerable versions = 1.0.21 Fixed in 1.0.22 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-46811 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSI...

6.3AI score0.00512EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.12 views

WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Broken Access Control

Software Quick Paypal Payments Type Plugin Vulnerable versions = 5.7.25 Fixed in 5.7.26 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25714 Patch priority High CVSS severity High 7.5 Developer Fullworks Plugins PSID 70f3386a0525 Credits yuyudhn Required...

6.8AI score0.00754EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.11 views

WordPress Opt-Out for Google Analytics Plugin <= 2.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Opt-Out for Google Analytics Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25712 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2387d8d69039 Credits Rio Darmaw...

5.9CVSS5.8AI score0.00369EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.11 views

WordPress GamiPress Plugin <= 2.5.7 is vulnerable to SQL Injection

Software GamiPress Type Plugin Vulnerable versions = 2.5.7 Fixed in 2.5.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-24000 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 3c1780f1edaa Credits Dave Jong Patchstack Required privilege...

9.8CVSS6.8AI score0.0257EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/13 12:0 a.m.15 views

WordPress Portfolio – WordPress Portfolio Plugin Plugin <= 2.8.10 is vulnerable to Cross Site Scripting (XSS)

Software Portfolio – WordPress Portfolio Plugin Type Plugin Vulnerable versions = 2.8.10 Fixed in 2.8.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23685 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 518a0520e6c9 Credit...

6.5CVSS5.7AI score0.00361EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/13 12:0 a.m.9 views

WordPress GamiPress Plugin <= 2.5.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software GamiPress Type Plugin Vulnerable versions = 2.5.6 Fixed in 2.5.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25697 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 466ccc666256 Credits Dave Jong Patchstack...

6.3CVSS7AI score0.00191EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/13 12:0 a.m.10 views

WordPress RSVPMarker Plugin <= 9.9.3 is vulnerable to SQL Injection

Software RSVPMarker Type Plugin Vulnerable versions = 9.9.3 Fixed in 9.9.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-25045 Patch priority Low CVSS severity Low 6.7 Developer Claim ownership PSID b21a0533c506 Credits Aldo Dimas Anugrah K Required privilege Administrator...

7.2CVSS6.8AI score0.0055EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/12 12:0 a.m.9 views

WordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.0.7 Fixed in 8.0.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-46862 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bcb98ded3ded Credits Oliver K...

8.8CVSS6.6AI score0.00384EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/10 12:0 a.m.9 views

WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.12.6 Fixed in 5.12.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25040 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7acc7c74ae4b Credits Rafie Muhammad...

6.5CVSS5.8AI score0.00414EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/10 12:0 a.m.11 views

WordPress All-in-one Floating Contact Form – My Sticky Elements Plugin < 2.0.9 is vulnerable to SQL Injection

Software All-in-one Floating Contact Form – My Sticky Elements Type Plugin Vulnerable versions 2.0.9 Fixed in 2.0.9 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0487 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID cdb7568b0dc6 Credits qerogramat Kak...

7.2CVSS6.9AI score0.01482EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2023/02/10 12:0 a.m.9 views

WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Arbitrary File Download

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.12.6 Fixed in 5.12.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Arbitrary File Download CVE CVE-2023-25050 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 547ac1ab598f Credits Rafie Muhammad...

7.1CVSS6.5AI score0.00591EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/02/10 12:0 a.m.14 views

WordPress Rank Math SEO Plugin <= 1.0.107.2 is vulnerable to Local File Inclusion

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.107.2 Fixed in 1.0.107.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-23888 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID e3a7d6a3381a Credits Rafie Muhammad Patchstack Required...

7.6CVSS6.9AI score0.00948EPSS
Exploits0References2Affected Software1
Talos Blog
Talos Blog
added 2023/02/09 1:9 p.m.21 views

Beyond the basics: Implementing an active defense

Active defense a key approach to protecting against major threats Having an active defense posture, where the defenders actively use threat intelligence and their own environment telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting...

0.5AI score
Exploits0
Patchstack
Patchstack
added 2023/02/08 12:0 a.m.20 views

WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Cross Site Request Forgery (CSRF)

Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0722 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 7e061023b7ce Credits Marco Wotschka...

5.4CVSS6.9AI score0.00308EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/02/08 12:0 a.m.11 views

WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Broken Access Control

Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0716 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID e2bdc56150c0 Credits Marco Wotschka Requir...

5.4CVSS6.8AI score0.00576EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/02/08 12:0 a.m.12 views

WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Broken Access Control

Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0711 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID f6e0caeea0c4 Credits Marco Wotschka Requir...

5.4CVSS6.5AI score0.00576EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/02/08 12:0 a.m.20 views

WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Broken Access Control

Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0717 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID db3e0ac8c3e4 Credits Marco Wotschka Requir...

5.4CVSS6.8AI score0.00576EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder