Lucene search
K

8 matches found

Patchstack
Patchstack
added 2025/08/21 1:49 p.m.4 views

WordPress WP Mailgun SMTP plugin <= 1.0.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin WP Mailgun SMTP versions = 1.0.7...

5.3CVSS6.8AI score0.0027EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.6 views

PT-2025-5672 · Uniapi · Uniapi

Name of the Vulnerable Software and Affected Versions: uniapi version 1.0.7 Description: The issue concerns code introduced in a specific version of the software that executes upon import of the module. This code downloads a script from a remote URL and then executes the downloaded script in a...

7.2AI score
Exploits0References3
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin Captchelfie – Captcha by Selfie 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Captchelfi...

7.1CVSS7.8AI score0.00303EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/05/29 12:0 a.m.8 views

WordPress Swiss Toolkit For WP Plugin <= 1.0.7 is vulnerable to Broken Authentication

Software Swiss Toolkit For WP Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2024-5204 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 07e08699642a Credits István Márton...

8.8CVSS6.5AI score0.00583EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.11 views

WordPress NewsXpress Theme <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software NewsXpress Type Theme Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31938 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fbdf2aa209f9 Credits Dhabaleshwar Das Required...

4.3CVSS6.6AI score0.002EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/03/20 12:0 a.m.15 views

WordPress GamiPress – Button Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software GamiPress – Button Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2460 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 46fbe1f93240 Credits Francesco Carlucci...

6.4CVSS6AI score0.00435EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/09/04 12:0 a.m.21 views

WordPress User Feedback Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software User Feedback Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-39308 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4cad82df326d Credits Revan Arifio Required privilege...

7.1CVSS6.5AI score0.00483EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Bani Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Bani Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 34cf7cd408a8 Credits Rafie Muhammad Patchstack Required privilege...

6.2AI score0.00284EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder