Lucene search
+L

1527 matches found

Patchstack
Patchstack
added 2024/10/10 12:0 a.m.16 views

WordPress WordPress Comments Import & Export Plugin <= 2.3.7 is vulnerable to Directory Traversal

Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2024-7514 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 06055d28d8b6 Credits scottaglia Required...

6.5CVSS6.8AI score0.01085EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.11 views

WordPress External featured image from bing Plugin <= 1.0.2 is vulnerable to Remote Code Execution (RCE)

Software External featured image from bing Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Remote Code Execution RCE CVE CVE-2024-48027 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID dfcd7085e39e Credits João...

9.9CVSS9.5AI score0.00482EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.10 views

WordPress pretix widget Plugin <= 1.0.5 is vulnerable to Local File Inclusion

Software pretix widget Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2024-9575 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 3a2933f81cf6 Credits João Pedro S Alcântara Kinorth Required...

8.5CVSS8AI score0.00522EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/08 12:0 a.m.21 views

WordPress Limit Login Attempts Plugin <= 5.3 is vulnerable to Bypass Vulnerability

Software Limit Login Attempts Type Plugin Vulnerable versions = 5.3 Fixed in 5.4 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2022-4534 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 03e4ff962fd9 Credits rezaduty Required privilege Publishe...

5.3CVSS5.6AI score0.00341EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/08 12:0 a.m.9 views

WordPress ThemeHunk Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software ThemeHunk Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8433 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c1773d3ddeac Credits Lucio Sá Required...

6.4CVSS5.6AI score0.00342EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/08 12:0 a.m.20 views

WordPress Backup and Staging by WP Time Capsule Plugin <= 1.22.21 is vulnerable to SQL Injection

Software Backup and Staging by WP Time Capsule Type Plugin Vulnerable versions = 1.22.21 Fixed in 1.22.22 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-48020 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 257cfd27ce2c Credits Hakiduck Required...

8.5CVSS7.2AI score0.00487EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:0 a.m.36 views

WordPress FluentForm Plugin <= 5.1.19 is vulnerable to Cross Site Scripting (XSS)

Software FluentForm Type Plugin Vulnerable versions = 5.1.19 Fixed in 5.1.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9528 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 973bb3afee30 Credits Ivan Kuzymchak Required...

4.9CVSS5.8AI score0.00378EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:0 a.m.26 views

WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to Broken Access Control

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.228 Fixed in 1.0.229 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9161 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ca30124e345e Credits Leo Required privilege...

6.5CVSS6.5AI score0.02131EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:0 a.m.34 views

WordPress Bit File Manager Plugin <= 6.5.7 is vulnerable to Arbitrary File Upload

Software Bit File Manager Type Plugin Vulnerable versions = 6.5.7 Fixed in 6.5.8 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-8743 Patch priority High CVSS severity High 6.8 Developer Claim ownership PSID c3b2ce42763f Credits TANG Cheuk Hei siunam Required privileg...

6.8CVSS6.9AI score0.00788EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.18 views

WordPress Advanced Custom Fields Plugin < 5.11 is vulnerable to Broken Access Control

Software Advanced Custom Fields Type Plugin Vulnerable versions 5.11 Fixed in 5.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-20865 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a4b648ba0bb Credits Keitaro Yamazaki Required...

7.5CVSS7.5AI score0.02462EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/10/02 12:0 a.m.16 views

WordPress PWA Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

Software PWA Type Plugin Vulnerable versions = 1.6.3 Fixed in 1.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8967 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c235cb7639b9 Credits Francesco Carlucci Required privileg...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/02 12:0 a.m.10 views

WordPress RabbitLoader Plugin <= 2.21.0 is vulnerable to Cross Site Scripting (XSS)

Software RabbitLoader Type Plugin Vulnerable versions = 2.21.0 Fixed in 2.21.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8800 Patch priority Medium CVSS severity Medium 7.1 Developer RabbitLoader PSID 60a2212deaee Credits vgo0 Required privileg...

6.1CVSS5.7AI score0.00364EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/02 12:0 a.m.21 views

WordPress SEOPress Plugin <= 8.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SEOPress Type Plugin Vulnerable versions = 8.1.1 Fixed in 8.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9225 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 788a715fcbd5 Credits vgo0 Required privilege...

6.1CVSS5.7AI score0.00426EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.20 views

WordPress Hello World Plugin <= 2.1.1 is vulnerable to Arbitrary File Download

Software Hello World Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-9224 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 936cc3342bfb Credits yudha Required privilege...

6.5CVSS6.5AI score0.0146EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.12 views

WordPress Stars Testimonials Plugin <= 3.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Stars Testimonials Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8989 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b53073d7e5ac Credits Peter Thaleikis...

6.4CVSS5.8AI score0.00342EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.10 views

WordPress AVIF & SVG Uploader Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software AVIF & SVG Uploader Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9060 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6e662df81c43 Credits Francesco Carlucci...

6.4CVSS5.8AI score0.00387EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.8 views

WordPress WP MyLinks Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software WP MyLinks Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47371 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a980ce4c70f6 Credits SOPROBRO Required privilege Editor Publishe...

5.9CVSS6.5AI score0.00261EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.11 views

WordPress Starbox Plugin < 3.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Starbox Type Plugin Vulnerable versions 3.5.3 Fixed in 3.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8239 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 03e73e132e18 Credits Dmitrii Ignatyev Required privileg...

5.4CVSS5.8AI score0.00355EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.20 views

WordPress LiteSpeed Cache Plugin <= 6.5.0.2 is vulnerable to Cross Site Scripting (XSS)

Software LiteSpeed Cache Type Plugin Vulnerable versions = 6.5.0.2 Fixed in 6.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47374 Patch priority Medium CVSS severity Medium 7.1 Developer Hai Zheng / Lite Speed Cache PSID b2ad66b394ec Credits TaiYou Required...

7.1CVSS6.5AI score0.0138EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.14 views

WordPress Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Plugin <= 1.27 is vulnerable to Cross Site Scripting (XSS)

Software Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Type Plugin Vulnerable versions = 1.27 Fixed in 1.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47647 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aac881dee8e9 Credits...

5.9CVSS6.1AI score0.00261EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder