Lucene search
K

56 matches found

Patchstack
Patchstack
added 2025/08/01 10:16 p.m.7 views

WordPress Custom Word Cloud plugin <= 0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via angle Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via angle Parameter vulnerability discovered by muhammad yudha in WordPress Plugin Custom Word Cloud versions = 0.3...

6.4CVSS5.5AI score0.00218EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/29 12:30 p.m.6 views

WordPress StreamWeasels Kick Integration plugin <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gai Tanaka in WordPress Plugin SW Kick Integration versions = 1.1.4...

5.4CVSS5.5AI score0.00198EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/23 9:36 p.m.6 views

WordPress Station Pro plugin <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via width and height Parameters vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via width and height Parameters vulnerability discovered by Peter Thaleikis in WordPress Plugin Station Pro versions = 2.4.2...

6.4CVSS5.5AI score0.0038EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/16 12:11 p.m.6 views

WordPress JetPopup plugin <= 2.0.15.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetPopup versions = 2.0.15.1...

6.5CVSS5.9AI score0.00204EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/07 8:19 p.m.6 views

WordPress Easy restaurant menu manager plugin <= 2.0.1 - Authenticated (Contributot+) Stored Cross-Site Scripting via `nsc_eprm_menu_link` Shortcode vulnerability

Authenticated Contributot+ Stored Cross-Site Scripting via nsceprmmenulink Shortcode vulnerability discovered by Alex Thomas in WordPress Plugin Easy pdf restaurant menu upload versions = 2.0.1...

6.4CVSS5.6AI score0.00218EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/04 10:15 a.m.6 views

WordPress OwnerRez API plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin OwnerRez API versions = 1.2.1...

6.5CVSS6AI score0.00156EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/04 10:14 a.m.5 views

WordPress Video Gallery Block plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Prissy in WordPress Plugin Video Gallery Block versions = 1.1.0...

6.5CVSS6AI score0.00156EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/01 11:20 p.m.9 views

WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via button+modal Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via button+modal Widget vulnerability discovered by Webbernaut in WordPress Plugin WidgetKit versions = 2.5.4...

6.4CVSS5.5AI score0.00216EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/27 11:20 a.m.6 views

WordPress FL3R Accessibility Suite plugin <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via fl3raccessibilitysuite Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via fl3raccessibilitysuite Shortcode vulnerability discovered by Gilang in WordPress Plugin FL3R Accessibility Suite versions = 1.4...

6.4CVSS5.5AI score0.00165EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/26 12:23 p.m.10 views

WordPress WP Wall plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Wall versions = 1.7.3...

7.1CVSS5.8AI score0.00222EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/26 1:5 a.m.8 views

WordPress WP-PhotoNav plugin <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photonav Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via photonav Shortcode vulnerability discovered by Gilang in WordPress Plugin WP-PhotoNav versions = 1.2.2...

6.4CVSS5.5AI score0.0017EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/06/20 3:3 p.m.10 views

CVE-2025-50043 WordPress Code Engine plugin <= 0.3.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jordy Meow Code Engine code-engine allows Stored XSS.This issue affects Code Engine: from n/a through = 0.3.2...

6.5CVSS0.00192EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/19 4:29 p.m.8 views

WordPress Inventory Presser plugin <= 15.2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by greenhats in WordPress Plugin Inventory Presser versions = 15.2.6...

5.9CVSS5.9AI score0.00218EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/19 3:38 p.m.9 views

WordPress ANON::form embedded secure form plugin <= 1.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin ANON::form embedded secure form versions = 1.7...

6.5CVSS5.9AI score0.00156EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/13 6:40 a.m.6 views

WordPress IndieBlocks plugin <= 0.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via kind Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via kind Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin IndieBlocks versions = 0.13.2...

6.4CVSS5.5AI score0.00209EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/06 8:55 p.m.6 views

WordPress Domain For Sale plugin <= 3.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via classname Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Domain For Sale versions = 3.0.10...

6.4CVSS5.5AI score0.00252EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/05 1:37 a.m.6 views

WordPress Simple Google Static Map plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Chu The Anh Blue Rock in WordPress Plugin Simple Google Static Map versions = 1.0.1...

6.5CVSS6AI score0.00215EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/28 2:53 p.m.12 views

WordPress Tournamatch plugin <= 4.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Chuck in WordPress Plugin Tournamatch versions = 4.6.1...

6.4CVSS5.5AI score0.00221EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/23 12:43 p.m.9 views

CVE-2025-46518 WordPress IGIT Related Posts With Thumb Image After Posts <= 4.5.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phpaddicted IGIT Related Posts With Thumb Image After Posts allows Stored XSS. This issue affects IGIT Related Posts With Thumb Image After Posts: from n/a through 4.5.3...

6.5CVSS6.7AI score0.00209EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:22 a.m.6 views

CVE-2024-6498

The Chatbot for WordPress by Collect.chat ⚡️ WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS6AI score0.00313EPSS
Exploits1References1
Rows per page
Query Builder