Lucene search
+L

1527 matches found

Patchstack
Patchstack
added 2024/10/21 12:0 a.m.15 views

WordPress Bet WC 2018 Russia Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Software Bet WC 2018 Russia Type Plugin Vulnerable versions = 2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49637 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f4d264180c24 Credits Le Ngoc Anh Required privilege...

7.1CVSS6.8AI score0.00322EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.12 views

WordPress Simple Custom Admin Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Simple Custom Admin Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49647 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3970364b5682 Credits Mika Required privilege...

7.1CVSS6.5AI score0.00275EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.11 views

WordPress Schema & Structured Data for WP & AMP Plugin <= 1.3.5 is vulnerable to Sensitive Data Exposure

Software Schema & Structured Data for WP & AMP Type Plugin Vulnerable versions = 1.3.5 Fixed in 1.36 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-49683 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fb194b3fd454 Credits Joshua...

5.3CVSS6.5AI score0.00336EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.9 views

WordPress AI Image Generator for Your Content & Featured Images – AI Postpix Plugin <= 1.1.8 is vulnerable to Arbitrary File Upload

Software AI Image Generator for Your Content & Featured Images – AI Postpix Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2024-49671 Patch priority High CVSS severity High 9.9 Developer Claim ownership...

9.9CVSS6.5AI score0.00508EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.10 views

WordPress DocumentPress Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Software DocumentPress Type Plugin Vulnerable versions = 2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49656 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9ccb703f5e18 Credits Mika Required privilege Unauthenticate...

7.1CVSS6.5AI score0.00281EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.20 views

WordPress News Kit Elementor Addons Plugin <= 1.2.1 is vulnerable to Sensitive Data Exposure

Software News Kit Elementor Addons Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-9541 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1aff69c2a359 Credits Nishiv Required...

4.3CVSS6.5AI score0.00335EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.12 views

WordPress HD Quiz – Save Results Light Plugin <= 0.5 is vulnerable to Broken Access Control

Software HD Quiz – Save Results Light Type Plugin Vulnerable versions = 0.5 Fixed in 0.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-49689 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 904268a13b03 Credits Fariq Fadillah Gusti...

5.4CVSS6.5AI score0.00457EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.17 views

WordPress Debrandify Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Debrandify Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9674 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0ed7b307aa52 Credits Francesco Carlucci Required...

6.4CVSS6AI score0.00288EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.15 views

WordPress SW Contact Form Plugin <= 1.0 is vulnerable to SQL Injection

Software SW Contact Form Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49612 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 50cfc368b184 Credits João Pedro S Alcântara Kinorth Required privilege...

8.8CVSS8.8AI score0.00432EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.12 views

WordPress MyTweetLinks Plugin <= 1.1.1 is vulnerable to SQL Injection

Software MyTweetLinks Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49618 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 011544e8e2d0 Credits João Pedro S Alcântara Kinorth Required privilege...

8.8CVSS8.8AI score0.00432EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.21 views

WordPress Click to Chat – WP Support All-in-One Floating Widget Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Click to Chat – WP Support All-in-One Floating Widget Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10055 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID...

6.4CVSS5.8AI score0.00306EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.20 views

WordPress Photo Gallery Slideshow & Masonry Tiled Gallery Plugin <= 1.0.3 is vulnerable to SQL Injection

Software Photo Gallery Slideshow & Masonry Tiled Gallery Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2019-25218 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 6b8bcb14a865 Credits Ala Arfaoui...

4.9CVSS6.8AI score0.0047EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.16 views

WordPress ElementInvader Addons for Elementor Plugin <= 1.2.9 is vulnerable to Sensitive Data Exposure

Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.3.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-9889 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7d169fa5766f Credits Ankit...

4.3CVSS6.5AI score0.00335EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/17 12:0 a.m.12 views

WordPress DPD Baltic Shipping Plugin <= 1.2.83 is vulnerable to Cross Site Scripting (XSS)

Software DPD Baltic Shipping Type Plugin Vulnerable versions = 1.2.83 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9350 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6c5aa369cd88 Credits vgo0 Required...

6.1CVSS6AI score0.00382EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.10 views

WordPress WP Photo Album Plus Plugin <= 8.8.05.003 is vulnerable to Cross Site Scripting (XSS)

Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.8.05.003 Fixed in 8.8.07.004 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9951 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 361cb23fe9c7 Credits Noah...

6.1CVSS5.9AI score0.00291EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.10 views

WordPress Nextend Social Login Pro Plugin <= 3.1.14 is vulnerable to Broken Authentication

Software Nextend Social Login Pro Type Plugin Vulnerable versions = 3.1.14 Fixed in 3.1.15 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-9893 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 7fe16af79d00 Credits wesley wcraft...

9.8CVSS9.4AI score0.00645EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.17 views

WordPress Calculated Fields Form Plugin <= 5.2.45 is vulnerable to Content Injection

Software Calculated Fields Form Type Plugin Vulnerable versions = 5.2.45 Fixed in 5.2.46 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9940 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID bb237d0845c6 Credits Max Boll b0lli Required privile...

5.3CVSS7.2AI score0.00364EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.19 views

WordPress Miniorange OTP Verification with Firebase Plugin <= 3.6.0 is vulnerable to Broken Authentication

Software Miniorange OTP Verification with Firebase Type Plugin Vulnerable versions = 3.6.0 Fixed in 3.6.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9861 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID...

8.1CVSS6.5AI score0.00604EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.14 views

WordPress Miniorange OTP Verification with Firebase Plugin <= 3.6.0 is vulnerable to Broken Authentication

Software Miniorange OTP Verification with Firebase Type Plugin Vulnerable versions = 3.6.0 Fixed in 3.6.1 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-9862 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 712edfb96dcd Credits...

9.8CVSS6.5AI score0.00581EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.14 views

WordPress Royal Elementor Addons Plugin <= 1.3.986 is vulnerable to Sensitive Data Exposure

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.986 Fixed in 1.3.987 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-7417 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 4060f71c187f Credits stealthcopter Required...

4.3CVSS6.5AI score0.00403EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder