Lucene search
+L

1527 matches found

Patchstack
Patchstack
added 2024/11/08 12:0 a.m.21 views

WordPress WPLMS Theme <= 4.962 is vulnerable to Path Traversal

Software WPLMS Type Theme Vulnerable versions = 4.962 Fixed in 4.963 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2024-10470 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 63557cc0ea32 Credits Foxyyy Required privilege Unauthenticated Published 8...

9.8CVSS6.9AI score0.33856EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.17 views

WordPress Super Socializer Plugin <= 7.13.68 is vulnerable to Broken Authentication

Software Super Socializer Type Plugin Vulnerable versions = 7.13.68 Fixed in 7.14 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9946 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 3feff8ece72e Credits wesle...

8.1CVSS6.8AI score0.00609EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.21 views

WordPress Heateor Social Login Plugin <= 1.1.35 is vulnerable to Broken Authentication

Software Heateor Social Login Type Plugin Vulnerable versions = 1.1.35 Fixed in 1.1.36 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10020 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0cb2e3c4d2f1 Credits...

8.1CVSS6.8AI score0.00504EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.15 views

WordPress Loginizer Security Plugin <= 1.9.2 is vulnerable to Broken Authentication

Software Loginizer Security Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10097 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 39d130db7003 Credits...

8.1CVSS8AI score0.00666EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.17 views

WordPress Don't Break The Code Plugin <= .3.1 is vulnerable to Cross Site Scripting (XSS)

Software Don't Break The Code Type Plugin Vulnerable versions = .3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5611bdb41d7 Credits João Pedro S Alcântara Kinorth...

7.1CVSS6.9AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.12 views

WordPress Otter - Gutenberg Block Plugin <= 3.0.3 is vulnerable to Broken Access Control

Software Otter - Gutenberg Block Type Plugin Vulnerable versions = 3.0.3 Fixed in 3.0.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-51671 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 1f22a7b87ab8 Credits Rafie Muhammad...

2.7CVSS6.5AI score0.00464EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.10 views

WordPress Paytium Plugin <= 4.4.10 is vulnerable to Broken Access Control

Software Paytium Type Plugin Vulnerable versions = 4.4.10 Fixed in 4.4.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-51667 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f67b49ade6f3 Credits Trương Hữu Phúc truonghuuphuc...

6.5AI score0.0031EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.26 views

WordPress BetterLinks Plugin <= 2.1.7 is vulnerable to SQL Injection

Software BetterLinks Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-51672 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 159a4550c364 Credits Marek Mikita Required privilege Administrator Publish...

7.6CVSS7.2AI score0.00456EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.14 views

WordPress WP Hotel Booking Plugin <= 2.1.4 is vulnerable to Local File Inclusion

Software WP Hotel Booking Type Plugin Vulnerable versions = 2.1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-51582 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 5c0a345b0a12 Credits ghsinfosec Required privilege Contributor...

8.8CVSS6.9AI score0.0051EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.13 views

WordPress MPG Plugin <= 4.0.1 is vulnerable to Broken Access Control

Software MPG Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7424 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 61dc998feee8 Credits Rafshanzani Suhada Required privilege...

5.4CVSS9.4AI score0.00321EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.9 views

WordPress amazing neo icon font for elementor Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software amazing neo icon font for elementor Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50543 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 973c64009b42 Credits Gab Required privile...

6.5CVSS6.6AI score0.00332EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.8 views

WordPress Audio Comparison Lite Plugin <= 3.4 is vulnerable to Cross Site Scripting (XSS)

Software Audio Comparison Lite Type Plugin Vulnerable versions = 3.4 Fixed in 3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51627 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0a5a84c2cb69 Credits SOPROBRO Required privilege...

6.5CVSS9.4AI score0.00243EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.17 views

WordPress Bigmart Elements Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Bigmart Elements Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51589 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 12ab0da677da Credits Gab Required privilege Contributor...

6.5CVSS6.5AI score0.00229EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/30 12:0 a.m.15 views

WordPress Administrator Z Plugin <= 2024.11.20 is vulnerable to SQL Injection

Software Administrator Z Type Plugin Vulnerable versions = 2024.11.20 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-50524 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 23203529cd48 Credits stealthcopter Required privilege Subscriber...

8.5CVSS8.5AI score0.00384EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/30 12:0 a.m.13 views

WordPress ID-SK Toolkit Plugin <= 1.7.2 is vulnerable to Cross Site Scripting (XSS)

Software ID-SK Toolkit Type Plugin Vulnerable versions = 1.7.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50517 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8f37480f4086 Credits Gab Required privilege Contributor Publish...

6.5CVSS6.5AI score0.00332EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/30 12:0 a.m.11 views

WordPress Get Quote For Woocommerce Plugin <= 1.0.0 is vulnerable to Broken Access Control

Software Get Quote For Woocommerce Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9430 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ed4687422c20 Credits stehled Required...

5.3CVSS6.6AI score0.0035EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.22 views

WordPress FileOrganizer Plugin <= 1.0.9 is vulnerable to Arbitrary File Upload

Software FileOrganizer Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7985 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9a28a4363098 Credits TANG Cheuk Hei siunam Required privilege...

8.8CVSS6.8AI score0.02235EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.8 views

WordPress Easy Pricing Tables Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Easy Pricing Tables Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8871 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 642ead38dfc7 Credits vgo0 Required...

6.1CVSS5.6AI score0.00355EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.16 views

WordPress Crypto Plugin <= 2.18 is vulnerable to Broken Authentication

Software Crypto Type Plugin Vulnerable versions = 2.18 Fixed in 2.19 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9989 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a98b5d070482 Credits István Márton...

9.8CVSS9.5AI score0.07217EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/28 12:0 a.m.25 views

WordPress Wp Social Plugin <= 3.0.7 is vulnerable to Broken Authentication

Software Wp Social Type Plugin Vulnerable versions = 3.0.7 Fixed in 3.0.8 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2024-9501 Patch priority High CVSS severity High 9.8 Developer Wpmet PSID 239b8bacd5e7 Credits wesley wcraft Required privilege...

9.8CVSS6.6AI score0.00782EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder