Lucene search
K

22 matches found

Metasploit
Metasploit
added 2022/01/05 5:42 p.m.155 views

Wordpress Plugin Catch Themes Demo Import RCE

The Wordpress Plugin Catch Themes Demo Import versions use exploit/multi/http/wpcatchthemesdemoimport msf exploitwpcatchthemesdemoimport show targets ...targets... msf exploitwpcatchthemesdemoimport set TARGET msf exploitwpcatchthemesdemoimport show options ...show and set options... msf...

7.2CVSS7.1AI score0.55729EPSS
Exploits6
Patchstack
Patchstack
added 2021/11/18 12:0 a.m.19 views

WordPress Easy Registration Forms plugin <= 2.1.1 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Thinkland Security Team in WordPress Easy Registration Forms plugin versions = 2.1.1. Solution Deactivate and delete. This plugin has been closed as of November 12, 2021 and is not available for...

8.8CVSS1AI score0.00698EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2021/11/01 12:0 a.m.15 views

WordPress Easy Google Maps plugin <= 1.9.33 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Easy Google Maps plugin versions = 1.9.33. Solution Update the WordPress Easy Google Maps plugin to the latest available version at least 1.10.1...

1.9AI score0.00944EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/25 12:0 a.m.18 views

WordPress Notification plugin <= 7.2.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Notification plugin versions = 7.2.4. Solution Update the WordPress Notification plugin to the latest available version at least 8.0.0...

4.8CVSS2.1AI score0.00901EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/21 12:0 a.m.34 views

WordPress Catch Themes Demo Import plugin <= 1.7 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Thinkland Security Team in WordPress Catch Themes Demo Import plugin versions = 1.7. Solution Update the WordPress Catch Themes Demo Import plugin to the latest available version at least 1.8...

7.2CVSS2.7AI score0.55729EPSS
Exploits6References3Affected Software1
Patchstack
Patchstack
added 2021/10/21 12:0 a.m.19 views

WordPress Easy Digital Downloads plugin <= 2.11.2 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Easy Digital Downloads plugin versions = 2.11.2. Solution Update the WordPress Easy Digital Downloads plugin to the latest available version at least 2.11.2.1...

4.8CVSS3AI score0.00902EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/10/21 12:0 a.m.22 views

WordPress Simple Job Board plugin <= 2.9.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Simple Job Board plugin versions = 2.9.4. Solution Update the WordPress Simple Job Board plugin to the latest available version at least 2.9.5...

5.5CVSS1.8AI score0.00886EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/18 12:0 a.m.24 views

WordPress LearnPress plugin <= 4.1.3.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress LearnPress plugin versions = 4.1.3.1. Solution Update the WordPress LearnPress plugin to the latest available version at least 4.1.3.2...

5.5CVSS1.9AI score0.05037EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/18 12:0 a.m.21 views

WordPress Content Staging <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Content Staging versions = 2.0.1. Solution Deactivate and delete. This plugin has been closed as of October 15, 2021 and is not available for download. This closure is temporary, pending...

5.5CVSS2AI score0.00957EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/18 12:0 a.m.17 views

WordPress Leaky Paywall plugin <= 4.16.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Leaky Paywall plugin versions = 4.16.5. Solution Update the WordPress Leaky Paywall plugin to the latest available version at least 4.16.6...

5.5CVSS2.1AI score0.00886EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/15 12:0 a.m.24 views

WordPress MPL-Publisher – Self-publish your book & ebook plugin <= 1.30.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress MPL-Publisher – Self-publish your book & ebook plugin versions = 1.30.2. Solution Update the WordPress MPL-Publisher – Self-publish your book & ebook plugin to the latest available versi...

5.5CVSS1.9AI score0.01003EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/15 12:0 a.m.16 views

WordPress Indeed Job Importer plugin <= 1.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Indeed Job Importer plugin versions = 1.0.5. Solution Deactivate and delete. This plugin has been closed as of October 14, 2021 and is not available for download. This closure is...

5.5CVSS1.4AI score0.00957EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.20 views

WordPress MyBB Cross-Poster plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress MyBB Cross-Poster plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...

5.5CVSS2.1AI score0.00916EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.16 views

WordPress WpGenius Job Listing plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress WpGenius Job Listing plugin versions = 1.0.3. Solution Update the WordPress WpGenius Job Listing plugin to the latest available version at least 1.0.4...

5.5CVSS1.7AI score0.0088EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.17 views

WordPress KJM Admin Notices plugin <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress KJM Admin Notices plugin versions = 2.0.1. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary...

5.5CVSS1.9AI score0.01045EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.23 views

WordPress HAL plugin <= 2.1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress HAL plugin versions = 2.1.1. Solution Update the WordPress HAL plugin to the latest available version at least 2.2...

5.5CVSS1.1AI score0.00922EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.17 views

WordPress Author Bio Box plugin <= 3.4.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Author Bio Box plugin versions = 3.4.0. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...

5.5CVSS1.9AI score0.011EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.12 views

WordPress Job Board Vanila plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Job Board Vanila plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...

5.5CVSS1.6AI score0.0088EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.16 views

WordPress Job Manager plugin <= 0.7.25 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Job Manager plugin versions = 0.7.25. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...

5.5CVSS1.8AI score0.0088EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/13 12:0 a.m.29 views

WordPress Formidable Forms plugin <= 5.0.06 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Formidable Forms plugin versions = 5.0.06. Solution Update the WordPress Formidable Forms plugin to the latest available version at least 5.0.07...

1.8AI score
Exploits1References3Affected Software1
Rows per page
Query Builder