5106 matches found
WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Broken Access Control
Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0713 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 74dfca7bfe3c Credits Marco Wotschka Requir...
WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Cross Site Request Forgery (CSRF)
Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0726 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b813357081c1 Credits Marco Wotschka...
WordPress Plugin for Google Reviews Plugin <= 2.2.3 is vulnerable to SQL Injection
Software Plugin for Google Reviews Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-44580 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID 5131a96c12f6 Credits Rafie Muhammad Patchstack Required...
WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Broken Access Control
Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0712 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID a0b2e732bd9f Credits Marco Wotschka Requir...
WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Cross Site Request Forgery (CSRF)
Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0727 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1a19464c32ce Credits Marco Wotschka...
WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Broken Access Control
Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0715 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID bf9e7164b8aa Credits Marco Wotschka Requir...
WordPress Slider by Supsystic Plugin <= 1.8.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software Slider by Supsystic Type Plugin Vulnerable versions = 1.8.5 Fixed in 1.8.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47155 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7a6ba385ca1f Credits rezaduty Requir...
WordPress Responsive Pricing Table Plugin <= 5.1.6 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Pricing Table Type Plugin Vulnerable versions = 5.1.6 Fixed in 5.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46855 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8d5fffd282ff Credits Muhammad Daffa...
WordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV Injection
Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45370 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID aa57ae50e983 Credits Mika Required privilege...
WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Broken Access Control
Software Quick Contact Form Type Plugin Vulnerable versions = 8.0.3.1 Fixed in 8.0.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25035 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 4879b77b9e44 Credits yuyudhn Required...
WordPress Chained Quiz Plugin <= 1.3.2.5 is vulnerable to Cross Site Scripting (XSS)
Software Chained Quiz Type Plugin Vulnerable versions = 1.3.2.5 Fixed in 1.3.2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25027 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5cabf5b49c21 Credits yuyudhn Required...
WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Cross Site Scripting (XSS)
Software Quick Contact Form Type Plugin Vulnerable versions = 8.0.3.1 Fixed in 8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23885 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1ea94a82999e Credits yuyudhn Required...
WordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV Injection
Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.5.2 Fixed in 5.5.3 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45810 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID bc18fb9ece3e Credits Mika Required privilege...
WordPress Auto Affiliate Links Plugin <= 6.2.1.5 is vulnerable to Privilege Escalation
Software Auto Affiliate Links Type Plugin Vulnerable versions = 6.2.1.5 Fixed in 6.2.1.6 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2022-45840 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 552906959004 Credits Nguyen Anh Tien...
WordPress Redirection for Contact Form 7 Plugin <= 2.7.0 is vulnerable to Privilege Escalation
Software Redirection for Contact Form 7 Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.8.0 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2023-23990 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID 29717ecca8e6 Credits Rafie Muhamma...
WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS)
Software Visualizer Type Plugin Vulnerable versions = 3.9.1 Fixed in 3.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46848 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5d57cada7c6d Credits Muhammad Daffa Required...
WordPress Kraken.io Image Optimizer Plugin <= 2.6.8 is vulnerable to Broken Access Control
Software Kraken.io Image Optimizer Type Plugin Vulnerable versions = 2.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0619 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID b987322713b6 Credits Marco Wotschka -...
WordPress Podlove Podcast Publisher Plugin <= 3.8.2 is vulnerable to Cross Site Scripting (XSS)
Software Podlove Podcast Publisher Type Plugin Vulnerable versions = 3.8.2 Fixed in 3.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25046 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 491cd1d794bf Credits yuyudhn...
WordPress Posts and Users Stats Plugin <= 1.1.3 is vulnerable to CSV Injection
Software Posts and Users Stats Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-44738 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID adb9c8d12136 Credits Mika Required privilege Subscriber Publishe...
WordPress Jobs for WordPress Plugin <= 2.5.11.2 is vulnerable to Cross Site Scripting (XSS)
Software Jobs for WordPress Type Plugin Vulnerable versions = 2.5.11.2 Fixed in 2.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-44743 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9031f3e3273b Credits thiennv Required...