Lucene search
K

7 matches found

Patchstack
Patchstack
added 2024/04/25 12:0 a.m.12 views

WordPress Easy Accept Payments Plugin <= 4.9.10 is vulnerable to Broken Access Control

Software Easy Accept Payments Type Plugin Vulnerable versions = 4.9.10 Fixed in 5.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33591 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID dc8baebcdbf1 Credits Joshua Chan Required...

7.5CVSS6.6AI score0.00469EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/25 12:0 a.m.11 views

WordPress Absolutely Glamorous Custom Admin Plugin < 7.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Absolutely Glamorous Custom Admin Type Plugin Vulnerable versions 7.2.2 Fixed in 7.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2907 Patch priority Low CVSS severity Low 5.9 Developer Cusmin PSID c9b7d9956a4d Credits Dikshita Trivedi...

6.8CVSS5.7AI score0.00548EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/04/25 12:0 a.m.17 views

WordPress XStore Core Plugin <= 5.3.8 is vulnerable to Arbitrary File Upload

Software XStore Core Type Plugin Vulnerable versions = 5.3.8 Fixed in 5.3.9 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Upload CVE CVE-2024-33556 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 108b732f3dae Credits Rafie Muhammad Patchstack...

9.8CVSS6.5AI score0.00583EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/25 12:0 a.m.15 views

WordPress WP Portfolio Theme <= 2.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Portfolio Type Theme Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33537 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 960b34eee068 Credits stealthcopter Required privilege Contributor...

6.5CVSS6.6AI score0.00351EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.13 views

WordPress Everest News Theme <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Everest News Type Theme Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27421 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c15b03e345f4 Credits László Radnai Required...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.7 views

WordPress Viable blog Theme <= 1.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Viable blog Type Theme Vulnerable versions = 1.1.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27419 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bc9810b2a616 Credits László Radnai Required...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.11 views

WordPress Mocho Blog Theme <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Mocho Blog Type Theme Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27412 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 085597533752 Credits László Radnai Required...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder