Lucene search
+L

572 matches found

Patchstack
Patchstack
added 2024/07/17 12:0 a.m.24 views

WordPress Keydatas Plugin <= 2.5.2 is vulnerable to Arbitrary File Upload

Software Keydatas Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.6.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6220 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 1095cb679b31 Credits Foxyyy Required privilege Unauthenticated...

9.8CVSS6.9AI score0.35708EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/16 12:0 a.m.11 views

WordPress WP RSS Aggregator Plugin <= 4.23.11 is vulnerable to Broken Access Control

Software WP RSS Aggregator Type Plugin Vulnerable versions = 4.23.11 Fixed in 4.23.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6621 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2954812636fe Credits Peter Thaleikis Required...

4.3CVSS6.9AI score0.0039EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/16 12:0 a.m.23 views

WordPress Brizy Plugin <= 2.4.44 is vulnerable to Broken Access Control

Software Brizy Type Plugin Vulnerable versions = 2.4.44 Fixed in 2.4.45 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1937 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 5274a9cc7b66 Credits stealthcopter Required privilege...

7.1CVSS6.6AI score0.00365EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/15 12:0 a.m.16 views

WordPress CM On Demand Search And Replace Plugin < 1.3.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software CM On Demand Search And Replace Type Plugin Vulnerable versions 1.3.9 Fixed in 1.3.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5028 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 576a4082c0ff Credits Felipe...

6.5CVSS6.7AI score0.00224EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/07/12 12:0 a.m.8 views

WordPress WP Total Branding Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Total Branding Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6625 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a7d5303cf6ee Credits Artem Polynko Artem Polynk...

5.5CVSS5.8AI score0.00365EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/12 12:0 a.m.15 views

WordPress Send Users Email Plugin <= 1.5.1 is vulnerable to Sensitive Data Exposure

Software Send Users Email Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-38760 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 13aaf3930e9f Credits Joshua...

5.3CVSS6.6AI score0.00364EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/12 12:0 a.m.18 views

WordPress Simple Video Directory Plugin < 1.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Simple Video Directory Type Plugin Vulnerable versions 1.4.4 Fixed in 1.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5811 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6334df1d47fc Credits Bob Matyas Required...

6.1CVSS5.8AI score0.00335EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.14 views

WordPress Academy LMS Plugin <= 2.0.4 is vulnerable to Broken Access Control

Software Academy LMS Type Plugin Vulnerable versions = 2.0.4 Fixed in 2.0.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38701 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1381c0d8b2d7 Credits filime Required privilege Academy...

8.8CVSS6.6AI score0.00372EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.10 views

WordPress Moloni Plugin <= 4.7.4 is vulnerable to Cross Site Scripting (XSS)

Software Moloni Type Plugin Vulnerable versions = 4.7.4 Fixed in 4.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38694 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c1c98bacc1ee Credits Yudistira Arya Required privilege...

7.1CVSS6.6AI score0.00287EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.16 views

WordPress Uncanny Automator Pro Plugin <= 5.3 is vulnerable to Cross Site Scripting (XSS)

Software Uncanny Automator Pro Type Plugin Vulnerable versions = 5.3 Fixed in 5.3.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37117 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9c1cb610bb3a Credits Dave Jong Patchstack...

7.1CVSS6.6AI score0.00327EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.16 views

WordPress Tutor LMS Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS)

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37947 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 54e1794329a4 Credits justakazh Required privilege editor and Tuto...

5.9CVSS6.6AI score0.00354EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/05 12:0 a.m.12 views

WordPress WS Contact Form Plugin <= 1.3.7 is vulnerable to Cross Site Scripting (XSS)

Software WS Contact Form Type Plugin Vulnerable versions = 1.3.7 Fixed in 1.3.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37537 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9166c1a50a0c Credits younsoung kim, SeoHyeon Lee, MyungJu...

5.9CVSS6.9AI score0.00274EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/04 12:0 a.m.13 views

WordPress The Post Grid Plugin <= 7.7.4 is vulnerable to Broken Access Control

Software The Post Grid Type Plugin Vulnerable versions = 7.7.4 Fixed in 7.7.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37481 Patch priority Medium CVSS severity Medium 6.5 Developer Mamunur Rashid PSID eb5b996e0113 Credits Rafie Muhammad Patchstack...

6.5CVSS6.3AI score0.00336EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/04 12:0 a.m.18 views

WordPress Nested Pages Plugin <= 3.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Nested Pages Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5943 Patch priority Low CVSS severity Low 8.3 Developer Claim ownership PSID ec525e948d0f Credits Bassem Essam Required...

8.8CVSS6.7AI score0.00295EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.4 views

WordPress Simply Show Hooks Plugin <= 1.2.1 is vulnerable to Backdoor

Software Simply Show Hooks Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9717f5492dd4 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 20...

7.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.7 views

WordPress YAHMAN Add-ons Plugin <= 0.9.28 is vulnerable to Backdoor

Software YAHMAN Add-ons Type Plugin Vulnerable versions = 0.9.28 Fixed in 0.9.29 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 26c7f39721f9 Credits Sansec.io Required privilege Unauthenticated Published 3 July,...

7.2AI score
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.17 views

WordPress Advanced File Manager Plugin <= 5.2.4 is vulnerable to Sensitive Data Exposure

Software Advanced File Manager Type Plugin Vulnerable versions = 5.2.4 Fixed in 5.2.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5598 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f0b48a6d68bd Credits emad Required...

7.5CVSS6.6AI score0.00561EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.25 views

WordPress Ultimate Bootstrap Elements for Elementor Plugin <= 1.4.2 is vulnerable to Local File Inclusion

Software Ultimate Bootstrap Elements for Elementor Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-37462 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID a8f9d8a5eba6 Credits João...

8.8CVSS6.6AI score0.00575EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/21 12:0 a.m.11 views

WordPress Book Landing Page Theme <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Book Landing Page Type Theme Vulnerable versions = 1.2.3 Fixed in 1.2.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37230 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b75fbc99c1f0 Credits Dhabaleshwar Das...

8.8CVSS7AI score0.00208EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.17 views

WordPress The Plus Addons for Elementor Pro Plugin <= 5.5.6 is vulnerable to Local File Inclusion

Software The Plus Addons for Elementor Pro Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5455 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 7768d7567cf0 Credits wesley wcraft Required...

8.8CVSS6.9AI score0.00619EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder