Lucene search
K

11 matches found

Patchstack
Patchstack
added 2025/04/28 7:27 a.m.12 views

WordPress AI Autotagger plugin < 3.30.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin TaxoPress versions 3.30.0...

3.5CVSS7.4AI score0.00219EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.9 views

WordPress Checkout Mestres WP Plugin <= 8.6 is vulnerable to Local File Inclusion

Software Checkout Mestres WP Type Plugin Vulnerable versions = 8.6 Fixed in 8.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-44030 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 15bf1846430c Credits tahu.datar Required privilege...

7.2CVSS6.9AI score0.00631EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.16 views

WordPress Import Users from CSV Plugin <= 1.2 is vulnerable to PHP Object Injection

Software Import Users from CSV Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-32431 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID e3f19c84ef38 Credits Trình Vũ Sonicrrrr from VNPT-VCI Require...

7.2CVSS6.8AI score0.00384EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/03/27 12:0 a.m.17 views

WordPress Simple Ajax Chat Plugin <= 20231101 is vulnerable to Cross Site Scripting (XSS)

Software Simple Ajax Chat Type Plugin Vulnerable versions = 20231101 Fixed in 20240216 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2956 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1403f71c8e2b Credits Fourcade Required...

4.4CVSS5.8AI score0.0033EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.11 views

WordPress CRM Perks Forms Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software CRM Perks Forms Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51536 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e48c62e620dc Credits Huynh Tien Si Required privilege...

5.9CVSS6.5AI score0.00336EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/01 12:0 a.m.11 views

WordPress Admin Bar & Dashboard Access Control Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Admin Bar & Dashboard Access Control Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47184 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7931d5b9940f Credits Rachit Arora...

4.8CVSS6.5AI score0.00357EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/10/30 12:0 a.m.11 views

WordPress Advanced Booking Calendar Plugin <= 3.2.11 is vulnerable to SQL Injection

Software Advanced Booking Calendar Type Plugin Vulnerable versions = 3.2.11 Fixed in 3.2.12 OWASP Top 10 A1: Injection Classification SQL Injection CVE N/A Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID cef456031167 Credits N/A Required privilege Administrator Published 3...

7.2AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/03 12:0 a.m.14 views

WordPress Video Gallery – YouTube Gallery Plugin <= 2.2.5 is vulnerable to SQL Injection

Software Video Gallery – YouTube Gallery Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.2.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-45069 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 3d253c27c06d Credits Ravi Dharmawan Required privilege...

9.8CVSS6.8AI score0.00551EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/24 12:0 a.m.10 views

WordPress WP Adminify Plugin < 3.1.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Adminify Type Plugin Vulnerable versions 3.1.6 Fixed in 3.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4060 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5e42dd53e8bc Credits dipak panchal Required privile...

4.8CVSS5.7AI score0.00399EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/03/31 12:0 a.m.10 views

WordPress Conditional extra fees for woocommerce Plugin <= 1.0.96 is vulnerable to Cross Site Scripting (XSS)

Software Conditional extra fees for woocommerce Type Plugin Vulnerable versions = 1.0.96 Fixed in 1.0.97 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-29093 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 14551fbb2b7d Credit...

5.9CVSS6AI score0.00369EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/16 12:0 a.m.11 views

WordPress Custom 404 Pro Plugin <= 3.7.0 is vulnerable to SQL Injection

Software Custom 404 Pro Type Plugin Vulnerable versions = 3.7.0 Fixed in 3.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-47605 Patch priority Low CVSS severity Low 8.3 Developer Kunal Nagar PSID 960f40facc61 Credits minhtuanact Required privilege Administrator Published...

8.3CVSS6.9AI score0.00668EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder