Lucene search
+L

572 matches found

Patchstack
Patchstack
added 2024/08/29 12:0 a.m.15 views

WordPress Filmix Theme <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Filmix Type Theme Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44060 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 23b9f7aa796e Credits justakazh Required privilege Unauthenticated...

7.1CVSS6.6AI score0.00258EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.12 views

WordPress Memberpress Plugin <= 1.11.34 is vulnerable to Broken Access Control

Software Memberpress Type Plugin Vulnerable versions = 1.11.34 Fixed in 1.11.35 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43956 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4067cee8925c Credits Ananda Dhakal Patchstack...

9.8CVSS6.3AI score0.00427EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.15 views

WordPress Shield Security Plugin < 20.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Shield Security Type Plugin Vulnerable versions 20.0.6 Fixed in 20.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7313 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID df05c396b592 Credits Krugov Artyom...

6.1CVSS5.6AI score0.01444EPSS
Exploits3References4Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.11 views

WordPress All Bootstrap Blocks Plugin <= 1.3.19 is vulnerable to Cross Site Scripting (XSS)

Software All Bootstrap Blocks Type Plugin Vulnerable versions = 1.3.19 Fixed in 1.3.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43349 Patch priority Low CVSS severity Low 6.5 Developer AREOI PSID 1ee70b8e314c Credits Ngô Thiên An ancorn from VNPT-VCI Require...

6.5CVSS6.6AI score0.00245EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.10 views

WordPress Recipe Card Blocks for Gutenberg & Elementor Plugin <= 3.3.1 is vulnerable to Broken Access Control

Software Recipe Card Blocks for Gutenberg & Elementor Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43293 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 19c361c53a3a Credits...

8.8CVSS6.3AI score0.00393EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/13 12:0 a.m.13 views

WordPress Element Pack Elementor Addons Plugin <= 5.7.2 is vulnerable to Cross Site Scripting (XSS)

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.7.2 Fixed in 5.7.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7247 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3540915b141a Credits Webbernaut...

6.4CVSS5.8AI score0.00451EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/09 12:0 a.m.15 views

WordPress Timeline and History slider Plugin <= 2.3 is vulnerable to Local File Inclusion

Software Timeline and History slider Type Plugin Vulnerable versions = 2.3 Fixed in 2.4 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-43232 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 2bac14a13b45 Credits João Pedro S Alcântara...

8.5CVSS6.6AI score0.00541EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/08 12:0 a.m.12 views

WordPress Amelia Plugin <= 1.2 is vulnerable to Sensitive Data Exposure

Software Amelia Type Plugin Vulnerable versions = 1.2 Fixed in 1.2.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6552 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 963ab0b19e24 Credits stealthcopter Required privilege...

5.3CVSS6.6AI score0.00439EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.14 views

WordPress Spectra Plugin <= 2.14.1 is vulnerable to Cross Site Scripting (XSS)

Software Spectra Type Plugin Vulnerable versions = 2.14.1 Fixed in 2.15.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-7590 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a51e418171d1 Credits João Pedro S Alcântara Kinorth Required...

6.5CVSS6.6AI score0.00308EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.15 views

WordPress 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery Plugin <= 1.15.6 is vulnerable to Cross Site Scripting (XSS)

Software 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery Type Plugin Vulnerable versions = 1.15.6 Fixed in 1.15.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43152 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c27b38c9e4e0...

6.1CVSS6.6AI score0.0028EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.10 views

WordPress Advanced Cron Manager – debug & control Plugin <= 2.5.9 is vulnerable to Broken Access Control

Software Advanced Cron Manager – debug & control Type Plugin Vulnerable versions = 2.5.9 Fixed in 2.5.10 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43154 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7331ca5ca4a8 Credits...

4.3CVSS6.3AI score0.00384EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.10 views

WordPress Football Pool Plugin <= 2.11.10 is vulnerable to Cross Site Scripting (XSS)

Software Football Pool Type Plugin Vulnerable versions = 2.11.10 Fixed in 2.12.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43130 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 286c38961ee5 Credits Ananda Dhakal Patchstack Required...

5.9CVSS6.6AI score0.00259EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/06 12:0 a.m.23 views

WordPress WPBakery Page Builder Plugin <= 7.7 is vulnerable to Local File Inclusion

Software WPBakery Page Builder Type Plugin Vulnerable versions = 7.7 Fixed in 7.8 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5709 Patch priority Low CVSS severity Low 6.6 Developer WPBakery PSID 1374f7b043bd Credits João Pedro Soares de Alcântara Required privileg...

8.8CVSS6.9AI score0.01021EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/29 12:0 a.m.11 views

WordPress Ultimate Classified Listings Plugin < 1.3 is vulnerable to Local File Inclusion

Software Ultimate Classified Listings Type Plugin Vulnerable versions 1.3 Fixed in 1.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5882 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID b49a98246fbf Credits Project Black Required privilege...

7.5CVSS6.8AI score0.00762EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.19 views

WordPress Social Auto Poster Plugin <= 5.3.14 is vulnerable to Arbitrary File Upload

Software Social Auto Poster Type Plugin Vulnerable versions = 5.3.14 Fixed in 5.3.15 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6756 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 10970b4a81a6 Credits István Márton Required privileg...

8.8CVSS6.8AI score0.00786EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.13 views

WordPress Contest Gallery Plugin <= 23.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Contest Gallery Type Plugin Vulnerable versions = 23.1.2 Fixed in 23.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39631 Patch priority Medium CVSS severity Medium 7.1 Developer Wasiliy Strecker PSID e98eae916e49 Credits CatFather Required privilege...

7.1CVSS6.6AI score0.00307EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.20 views

WordPress Royal Elementor Addons Plugin <= 1.3.980 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.980 Fixed in 1.3.981 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5818 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 21750c8b6654 Credits Webbernaut Required...

6.4CVSS5.8AI score0.00263EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/22 12:0 a.m.20 views

WordPress ListingPro Theme <= 2.9.4 is vulnerable to Local File Inclusion

Software ListingPro Type Theme Vulnerable versions = 2.9.4 Fixed in 2.9.5 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-39624 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 6fb79ea2aba1 Credits Rafie Muhammad Patchstack Required privilege...

8.8CVSS6.8AI score0.00525EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/22 12:0 a.m.17 views

WordPress ListingPro Theme <= 2.9.4 is vulnerable to SQL Injection

Software ListingPro Type Theme Vulnerable versions = 2.9.4 Fixed in 2.9.5 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-39622 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ecd756a53e31 Credits Rafie Muhammad Patchstack Required privilege...

9.8CVSS6.8AI score0.00462EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/19 12:0 a.m.10 views

WordPress Atarim Plugin <= 4.0 is vulnerable to Broken Access Control

Software Atarim Type Plugin Vulnerable versions = 4.0 Fixed in 4.0.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38771 Patch priority Medium CVSS severity Medium 6.5 Developer Atarim PSID 7e5566c5bcde Credits piro Required privilege Unauthenticated...

6.5CVSS6.3AI score0.00419EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder