Lucene search
+L

572 matches found

Patchstack
Patchstack
added 2024/06/14 12:0 a.m.20 views

WordPress Folders Plugin <= 3.0 is vulnerable to Path Traversal

Software Folders Type Plugin Vulnerable versions = 3.0 Fixed in 3.0.1 OWASP Top 10 A1: Broken Access Control Classification Path Traversal CVE CVE-2024-2023 Patch priority Medium CVSS severity Medium 4.1 Developer Claim ownership PSID 79dd420f62c9 Credits Colin Xu Required privilege Author...

4.3CVSS4.5AI score0.00673EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/14 12:0 a.m.16 views

WordPress Folders Pro Plugin <= 3.0.2 is vulnerable to Arbitrary File Upload

Software Folders Pro Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.0.3 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-2024 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 56270bd65a1a Credits Colin Xu Required privilege Author Publish...

8.8CVSS6.8AI score0.03303EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/14 12:0 a.m.10 views

WordPress Restaurant Menu – Food Ordering System – Table Reservation Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Restaurant Menu – Food Ordering System – Table Reservation Type Plugin Vulnerable versions = 2.4.0 Fixed in 2.4.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1399 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID...

6.4CVSS5.8AI score0.00274EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2024/06/13 6:47 p.m.12 views

janmitchellproperties.co.uk Cross Site Scripting vulnerability OBB-3934974

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Patchstack
Patchstack
added 2024/06/11 12:0 a.m.14 views

WordPress Premium Addons for Elementor Plugin <= 4.10.33 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.33 Fixed in 4.10.34 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5553 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 89dccdfaef3d Credits wesley wcraft...

5.4CVSS5.8AI score0.00364EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/07 12:0 a.m.13 views

WordPress SKT Addons for Elementor Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software SKT Addons for Elementor Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5091 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 81d64b5eccce Credits stealthcopter...

7.4CVSS5.8AI score0.00298EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/07 12:0 a.m.12 views

WordPress ARForms Plugin < 6.6 is vulnerable to Cross Site Scripting (XSS)

Software ARForms Type Plugin Vulnerable versions 6.6 Fixed in 6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4621 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 54c970f6100c Credits Bob Matyas Required privilege...

4.8CVSS5.7AI score0.00351EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.23 views

WordPress Sensei Pro (WC Paid Courses) Plugin <= 4.23.1.1.23.1 is vulnerable to Cross Site Scripting (XSS)

Software Sensei Pro WC Paid Courses Type Plugin Vulnerable versions = 4.23.1.1.23.1 Fixed in 4.24.0.1.24.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34765 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ffa624f39abc Credits Rafie...

6.5CVSS6.5AI score0.00353EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.14 views

WordPress Testimonial Carousel For Elementor Plugin <= 10.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Testimonial Carousel For Elementor Type Plugin Vulnerable versions = 10.1.1 Fixed in 10.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-35713 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID be0db57f0489 Credits...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.12 views

WordPress Rotating Tweets Plugin <= 1.9.10 is vulnerable to Cross Site Scripting (XSS)

Software Rotating Tweets Type Plugin Vulnerable versions = 1.9.10 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5141 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 44a4d93efa2c Credits Krzysztof Zając Required...

6.4CVSS5.8AI score0.00257EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.18 views

WordPress WooCommerce Tools Plugin <= 1.2.9 is vulnerable to Broken Access Control

Software WooCommerce Tools Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.2.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1689 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID dd5e30ec3dbb Credits Lucio Sá Required privilege...

5.3CVSS6.6AI score0.00335EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.16 views

WordPress Brizy Plugin <= 2.4.43 is vulnerable to Cross Site Scripting (XSS)

Software Brizy Type Plugin Vulnerable versions = 2.4.43 Fixed in 2.4.44 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3667 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cff58ae2952e Credits Webbernaut Required privilege...

7.4CVSS5.8AI score0.00322EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.11 views

WordPress Five Star Restaurant Menu Plugin <= 2.4.16 is vulnerable to Broken Access Control

Software Five Star Restaurant Menu Type Plugin Vulnerable versions = 2.4.16 Fixed in 2.4.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5459 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d3ee7a9da89d Credits Lucio Sá Required...

4.3CVSS6.6AI score0.00368EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/29 12:0 a.m.13 views

WordPress Yumpu ePaper publishing Plugin <= 2.0.24 is vulnerable to Broken Access Control

Software Yumpu ePaper publishing Type Plugin Vulnerable versions = 2.0.24 Fixed in 3.0.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3277 Patch priority Low CVSS severity Low 5 Developer Claim ownership PSID 08c9f70d34e3 Credits Lucio Sá Required...

5CVSS6.6AI score0.00316EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/24 12:0 a.m.9 views

WordPress Advanced iFrame Plugin <= 2024.3 is vulnerable to Cross Site Scripting (XSS)

Software Advanced iFrame Type Plugin Vulnerable versions = 2024.3 Fixed in 2024.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4365 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 184566715b3a Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00335EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/24 12:0 a.m.11 views

WordPress EmbedPress Plugin <= 3.9.12 is vulnerable to Broken Access Control

Software EmbedPress Type Plugin Vulnerable versions = 3.9.12 Fixed in 3.9.13 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1803 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 58b21d9fa99a Credits WordFence Required privilege...

4.3CVSS6.6AI score0.0028EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/23 12:0 a.m.12 views

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.107 is vulnerable to SQL Injection

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.107 Fixed in 1.5.108 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4779 Patch priority Low CVSS severity Low 8.5 Developer Unlimited Elements PSID 2c76236c1b5c...

8.8CVSS6.8AI score0.00454EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/21 12:0 a.m.10 views

WordPress Logo Slider Plugin < 4.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Logo Slider Type Plugin Vulnerable versions 4.0.0 Fixed in 4.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3288 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e6ccc99c3b05 Credits Krugov Artyom Required privile...

5.4CVSS5.7AI score0.00295EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/05/20 12:0 a.m.13 views

WordPress FluentForm Plugin <= 5.1.16 is vulnerable to Cross Site Scripting (XSS)

Software FluentForm Type Plugin Vulnerable versions = 5.1.16 Fixed in 5.1.17 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4709 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5a184173f5e7 Credits Tobias Weißhaar kun19...

7.2CVSS5.8AI score0.00387EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/20 12:0 a.m.18 views

WordPress Automatic Plugin <= 3.94.0 is vulnerable to Cross Site Scripting (XSS)

Software Automatic Type Plugin Vulnerable versions = 3.94.0 Fixed in 3.95.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4849 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c71dc29444f6 Credits haidv35 Required privilege...

6.4CVSS5.8AI score0.00274EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder