Lucene search
+L

572 matches found

Patchstack
Patchstack
added 2024/11/15 12:0 a.m.15 views

WordPress BulkPress Plugin <= 0.3.5 is vulnerable to Cross Site Scripting (XSS)

Software BulkPress Type Plugin Vulnerable versions = 0.3.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9615 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 569ddc3d9617 Credits vgo0 Required privilege...

6.1CVSS5.9AI score0.00372EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/14 12:0 a.m.49 views

WordPress Really Simple Security Pro multisite Plugin 9.0.0-9.1.1.1 is vulnerable to Broken Authentication

Software Really Simple Security Pro multisite Type Plugin Vulnerable versions 9.0.0-9.1.1.1 Fixed in 9.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10924 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 976349dfad8d Credits...

9.8CVSS6.2AI score0.81722EPSS
Exploits21References2Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.22 views

WordPress User Extra Fields Plugin <= 16.6 is vulnerable to Arbitrary File Deletion

Software User Extra Fields Type Plugin Vulnerable versions = 16.6 Fixed in 16.7 OWASP Top 10 A2: Broken Authentication Classification Arbitrary File Deletion CVE CVE-2024-11150 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 5b9352f46ad9 Credits Chloe Chamberland Require...

9.8CVSS6.6AI score0.01339EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.9 views

WordPress Xin Theme <= 1.0.8.1 is vulnerable to PHP Object Injection

Software Xin Type Theme Vulnerable versions = 1.0.8.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52412 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID da7dd1423a5a Credits Mika Required privilege Unauthenticated Published 13...

9.8CVSS7.2AI score0.00509EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.20 views

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.7 is vulnerable to Broken Access Control

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10530 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 918318d433d6 Credits Tieu Pham Tro...

4.3CVSS6.7AI score0.00438EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.10 views

WordPress Countdown Timer Plugin <= 1.2.4 is vulnerable to Sensitive Data Exposure

Software Countdown Timer Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Sensitive Data Exposure CVE CVE-2024-10669 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 97d2e3a5c021 Credits Francesco Carlucci Required privilege...

4.3CVSS6.8AI score0.003EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.11 views

WordPress Inline Click To Tweet Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Inline Click To Tweet Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51803 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e9a9fcb00d6e Credits SOPROBRO Required privilege...

6.5CVSS6.5AI score0.00374EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.9 views

WordPress Custom URL Shortener Plugin <= 0.3.6 is vulnerable to Cross Site Scripting (XSS)

Software Custom URL Shortener Type Plugin Vulnerable versions = 0.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51930 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 721373a7389e Credits SOPROBRO Required privilege...

6.5CVSS6.9AI score0.00231EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.10 views

WordPress Shortcode Collection Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software Shortcode Collection Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51864 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a79b02ce6496 Credits SOPROBRO Required privilege Contribut...

6.5CVSS6.5AI score0.00302EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2024/10/31 2:10 a.m.4 views

CVE-2020-12828

creationtimestamp| type| source ---|---|--- 2024-10-31 02:10:22+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1349...

10CVSS8.7AI score0.03278EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.8 views

WordPress Audio Comparison Lite Plugin <= 3.4 is vulnerable to Cross Site Scripting (XSS)

Software Audio Comparison Lite Type Plugin Vulnerable versions = 3.4 Fixed in 3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51627 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0a5a84c2cb69 Credits SOPROBRO Required privilege...

6.5CVSS9.4AI score0.00243EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2024/10/29 6:43 p.m.21 views

CVE-2020-4046

creationtimestamp| type| source ---|---|--- 2024-10-29 18:43:58+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1299...

5.4CVSS5.6AI score0.02359EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/28 12:0 a.m.15 views

WordPress SEUR Oficial Plugin <= 2.2.11 is vulnerable to Cross Site Scripting (XSS)

Software SEUR Oficial Type Plugin Vulnerable versions = 2.2.11 Fixed in 2.2.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9438 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09ee4a264f33 Credits vgo0 Required...

6.1CVSS5.6AI score0.0036EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.14 views

WordPress Signup Page Plugin <= 1.0 is vulnerable to Privilege Escalation

Software Signup Page Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50475 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 15ed63623277 Credits Mika Required...

9.8CVSS6.5AI score0.01219EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.10 views

WordPress Cozy Blocks Plugin <= 2.0.18 is vulnerable to Cross Site Scripting (XSS)

Software Cozy Blocks Type Plugin Vulnerable versions = 2.0.18 Fixed in 2.0.19 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50502 Patch priority Low CVSS severity Low 6.5 Developer CozyThemes PSID 2887e7a845fe Credits Michael Required privilege Contributor...

6.5CVSS6.9AI score0.00239EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.12 views

WordPress EventPrime Plugin <= 4.0.4.7 is vulnerable to Cross Site Scripting (XSS)

Software EventPrime Type Plugin Vulnerable versions = 4.0.4.7 Fixed in 4.0.4.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9865 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b2193c9ee308 Credits zer0gh0st Required...

6.1CVSS5.9AI score0.0036EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.20 views

WordPress WC Marketplace Plugin <= 4.2.4 is vulnerable to Broken Access Control

Software WC Marketplace Type Plugin Vulnerable versions = 4.2.4 Fixed in 4.2.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9531 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7dab4da2d17f Credits Tieu Pham Trong Nhan Required...

4.3CVSS6.5AI score0.00334EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2024/10/18 4:21 p.m.7 views

CVE-2020-9375

creationtimestamp| type| source ---|---|--- 2024-10-18 16:21:45+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/856...

7.8CVSS7.3AI score0.28223EPSS
Exploits5References1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.16 views

WordPress Debrandify Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Debrandify Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9674 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0ed7b307aa52 Credits Francesco Carlucci Required...

6.4CVSS6AI score0.00288EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.14 views

WordPress Royal Elementor Addons Plugin <= 1.3.986 is vulnerable to Sensitive Data Exposure

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.986 Fixed in 1.3.987 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-7417 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 4060f71c187f Credits stealthcopter Required...

4.3CVSS6.5AI score0.00403EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder