Lucene search
K

5105 matches found

Patchstack
Patchstack
added 2023/01/17 12:0 a.m.16 views

WordPress Widgets on Pages Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Widgets on Pages Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.8.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4488 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 86b237a22e6a Credits Lana Codes Requir...

6.8CVSS5.7AI score0.00707EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/17 12:0 a.m.10 views

WordPress MainWP File Uploader Extension Plugin <= 4.1 is vulnerable to Arbitrary File Upload

Software MainWP File Uploader Extension Type Plugin Vulnerable versions = 4.1 Fixed in 4.1.1 OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2023-23656 Patch priority High CVSS severity High 10 Developer Claim ownership PSID f49d8364bda5 Credits Dave Jong...

10CVSS6.5AI score0.00809EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/17 12:0 a.m.14 views

WordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 is vulnerable to Broken Access Control

Software MainWP UpdraftPlus Extension Type Plugin Vulnerable versions = 4.0.6 Fixed in 4.0.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23640 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 075f06640c08 Credits Dave Jong...

8.8CVSS6.5AI score0.00293EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/17 12:0 a.m.12 views

WordPress WP-CommentNavi Plugin <= 1.12.1 is vulnerable to Cross Site Scripting (XSS)

Software WP-CommentNavi Type Plugin Vulnerable versions = 1.12.1 Fixed in 1.12.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-22715 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f51dcf4c7b1f Credits Rio Darmawan Required...

5.9CVSS5.8AI score0.00392EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/16 12:0 a.m.17 views

WordPress Stream Plugin < 3.9.2 is vulnerable to Broken Access Control

Software Stream Type Plugin Vulnerable versions 3.9.2 Fixed in 3.9.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4384 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID ad3b89e6bfd1 Credits Krzysztof Zajac Required privilege...

6.5CVSS6.5AI score0.0091EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/16 12:0 a.m.11 views

WordPress Custom 404 Pro Plugin <= 3.7.0 is vulnerable to SQL Injection

Software Custom 404 Pro Type Plugin Vulnerable versions = 3.7.0 Fixed in 3.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-47605 Patch priority Low CVSS severity Low 8.3 Developer Kunal Nagar PSID 960f40facc61 Credits minhtuanact Required privilege Administrator Published...

8.3CVSS6.9AI score0.00668EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/16 12:0 a.m.14 views

WordPress YourChannel: Everything you want in a YouTube Plugin < 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software YourChannel: Everything you want in a YouTube Type Plugin Vulnerable versions 1.2.2 Fixed in 1.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0282 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID bf43a58f39a3...

5.4CVSS5.7AI score0.0051EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/01/14 12:0 a.m.20 views

WordPress Paid Memberships Pro Plugin <= 2.9.7 is vulnerable to SQL Injection

Software Paid Memberships Pro Type Plugin Vulnerable versions = 2.9.7 Fixed in 2.9.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-23488 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID ac5e3d7c8149 Credits Joshua Martinelle Required privilege...

9.8CVSS6.7AI score0.9246EPSS
Exploits6References3Affected Software1
Patchstack
Patchstack
added 2023/01/14 12:0 a.m.15 views

WordPress Easy Digital Downloads Plugin <= 3.1.0.3 is vulnerable to SQL Injection

Software Easy Digital Downloads Type Plugin Vulnerable versions = 3.1.0.3 Fixed in 3.1.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-23489 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 8ebed23bcf9a Credits Joshua Martinelle Required privilege...

9.8CVSS6.7AI score0.11172EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2023/01/13 12:15 a.m.4 views

CVE-2023-22391

A vulnerability in class-of-service CoS queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service DoS. Specific packets are being incorrectly routed to a queue used for other high-priority traffic such a...

7.5CVSS7.1AI score0.00616EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/01/13 12:0 a.m.12 views

WordPress WP Booklet Plugin <= 2.1.8 is vulnerable to Remote Code Execution (RCE)

Software WP Booklet Type Plugin Vulnerable versions = 2.1.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-22677 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 1a71e450e6f5 Credits Le Ngoc Anh Required privilege Subscriber...

8.8CVSS7.3AI score0.0074EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/01/13 12:0 a.m.11 views

WordPress ExactMetrics Plugin < 7.12.1 is vulnerable to Cross Site Scripting (XSS)

Software ExactMetrics Type Plugin Vulnerable versions 7.12.1 Fixed in 7.12.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0082 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 5eb38112ee75 Credits Lana Codes Required...

5.4CVSS5.6AI score0.00573EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/13 12:0 a.m.13 views

WordPress Materialis Companion Plugin < 1.3.40 is vulnerable to Cross Site Scripting (XSS)

Software Materialis Companion Type Plugin Vulnerable versions 1.3.40 Fixed in 1.3.40 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4762 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 80cd16937fbb Credits Lana Codes...

5.4CVSS5.6AI score0.00605EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/13 12:0 a.m.14 views

WordPress Map Multi Marker Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Map Multi Marker Type Plugin Vulnerable versions = 3.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47591 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0fa0897cb0de Credits minhtuanact Requir...

7.1CVSS5.7AI score0.00406EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/01/12 12:0 a.m.17 views

WordPress Annual Archive Plugin < 1.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Annual Archive Type Plugin Vulnerable versions 1.6.0 Fixed in 1.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0178 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e447b05c3b01 Credits Lana Codes Required...

5.4CVSS5.6AI score0.00573EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/01/12 12:0 a.m.11 views

WordPress jQuery T(-) Countdown Widget Plugin < 2.3.24 is vulnerable to Cross Site Scripting (XSS)

Software jQuery T- Countdown Widget Type Plugin Vulnerable versions 2.3.24 Fixed in 2.3.24 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0171 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6d69c46b235b Credits Lana...

5.4CVSS5.6AI score0.00562EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/01/12 12:0 a.m.16 views

WordPress WP Blog and Widget Plugin < 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Blog and Widget Type Plugin Vulnerable versions 2.3.1 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4824 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID db9b8648db51 Credits Lana Codes Requir...

5.4CVSS5.6AI score0.00649EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/12 12:0 a.m.14 views

WordPress Leaflet Maps Marker Plugin < 3.12.7 is vulnerable to Cross Site Scripting (XSS)

Software Leaflet Maps Marker Type Plugin Vulnerable versions 3.12.7 Fixed in 3.12.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4677 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 99a82b35c26d Credits Lana Codes...

5.4CVSS5.6AI score0.00562EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/11 12:0 a.m.14 views

WordPress Breadcrumb Plugin < 1.5.33 is vulnerable to Cross Site Scripting (XSS)

Software Breadcrumb Type Plugin Vulnerable versions 1.5.33 Fixed in 1.5.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4836 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 68e0f577b655 Credits Lana Codes Required...

5.4CVSS5.9AI score0.00588EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/11 12:0 a.m.10 views

WordPress GamiPress – Vimeo integration Plugin < 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software GamiPress – Vimeo integration Type Plugin Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0154 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID eece071753de Credits Lana...

5.4CVSS5.6AI score0.00695EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder