Lucene search
K
PatchstackMost viewed

46606 matches found

Patchstack
Patchstack
added 2024/06/07 12:0 a.m.31 views

WordPress WS Form LITE Plugin <= 1.9.217 is vulnerable to CSV Injection

Software WS Form LITE Type Plugin Vulnerable versions = 1.9.217 Fixed in 1.9.218 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2023-5424 Patch priority Low CVSS severity Low 4.7 Developer WS Form PSID 7d55c6663718 Credits Duc Manh Required privilege Unauthenticated Published 7...

8.8CVSS8.8AI score0.00493EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/28 12:0 a.m.31 views

WordPress Slider Revolution Plugin < 6.7.0 is vulnerable to Broken Access Control

Software Slider Revolution Type Plugin Vulnerable versions 6.7.0 Fixed in 6.7.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34444 Patch priority Medium CVSS severity Medium 7.1 Developer ThemePunch PSID de1987954a97 Credits Rafie Muhammad Patchstack...

8.8CVSS6.5AI score0.00331EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.31 views

WordPress Payment Forms for Paystack Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Payment Forms for Paystack Type Plugin Vulnerable versions = 4.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32130 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bdaaf2a9d240 Credits Ngô Thiên An ancorn from...

6.5CVSS6.6AI score0.00291EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/16 12:0 a.m.31 views

WordPress Pagination Styler for WooCommerce Plugin <= 3.5.7.6 is vulnerable to Broken Access Control

Software Pagination Styler for WooCommerce Type Plugin Vulnerable versions = 3.5.7.6 Fixed in 3.5.7.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45813 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9700cfe7197b Credits István...

5.9AI score0.00227EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/11/23 12:0 a.m.31 views

WordPress ARForms Form Builder plugin <= 1.5.4 - Unauth. Stored Cross-Site Scripting (XSS) vulnerability

Unauth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in the WordPress ARForms Form Builder plugin versions = 1.5.4. Solution No reply from the vendor...

3AI score0.00406EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/23 12:0 a.m.31 views

WordPress Activello theme <= 1.4.4 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability

Auth. Reflected Cross-Site Scripting XSS vulnerability in the ajax action 'activellodismissrequiredaction' discovered by Brandon Roldan Patchstack Alliance in WordPress Activello theme versions = 1.4.4. Solution No patched version available...

3.3AI score0.00393EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/23 12:0 a.m.31 views

WordPress Smart Slider 3 plugin <= 3.5.1.9 - Auth. PHP Object Injection vulnerability

Auth. PHP Object Injection vulnerability discovered by Dave Jong Patchstack in WordPress Smart Slider 3 plugin versions = 3.5.1.9. Solution Update the WordPress Smart Slider 3 plugin to the latest available version at least 3.5.1.11...

2.4AI score0.00538EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/21 12:0 a.m.31 views

WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability

Broken Access Control vulnerability leading to post/page status change to draft or published discovered by Dave Jong Patchstack in the WordPress Betheme premium theme versions = 26.6.1. Solution Update the WordPress Betheme theme to the latest available version at least 26.6.3...

3AI score0.00465EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/15 12:0 a.m.31 views

WordPress WPB Show Core plugin <= 2.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Abdulali AlDurazi in WordPress WPB Show Core plugin versions = 2.2. Solution No patched version is available...

6.1CVSS2.8AI score0.00902EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/11/08 12:0 a.m.31 views

WordPress Blog2Social plugin <= 6.9.11 - Missing Authorization to Auth. Settings Update vulnerability

Missing Authorization to Auth. Settings Update vulnerability discovered by Marco Wotschka in the WordPress Blog2Social plugin versions = 6.9.11. Solution Update the WordPress Blog2Social plugin to the latest available version at least 6.9.12...

3.9AI score0.00595EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/10/28 12:0 a.m.31 views

WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin settings reset discovered by Muhammad Daffa Patchstack Alliance in the WordPress Creative Mail plugin versions = 1.5.4. Solution Update the WordPress Creative Mail plugin to the latest available version at least 1.6.0...

8.8CVSS4.2AI score0.00707EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/24 12:0 a.m.31 views

WordPress Traffic Manager plugin <= 1.4.5 - Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS)

Broken Access Control vulnerability leading to Stored Cross-Site Scripting XSS discovered by Lana Codes Patchstack Alliance in the WordPress Traffic Manager plugin versions = 1.4.5. Solution Deactivate and delete. This plugin has been closed as of September 19, 2022 and is not available for...

6.5CVSS1.6AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/18 12:0 a.m.31 views

WordPress core <= 6.0.2 - Open redirect vulnerability

Open redirect vulnerability in wpnonceays discovered by devrayn in WordPress core versions = 6.0.2 Solution Update the WordPress to the latest available version at least 6.0.3...

2.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/10/12 12:0 a.m.31 views

WordPress 5 Anker Connect plugin <= 1.2.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress 5 Anker Connect plugin versions = 1.2.6. Solution Update the WordPress 5 Anker Connect plugin to the latest available version at least 1.2.7...

4.8CVSS3.2AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/12 12:0 a.m.31 views

WordPress PCA Predict plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress PCA Predict plugin versions = 1.0.3. Solution Deactivate and delete. This plugin has been closed as of September 5, 2022 and is not available for download. This closure is temporary...

4.8CVSS2.9AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/02 12:0 a.m.31 views

WordPress WP Cerber Security plugin <= 9.0 - User Enumeration Bypass vulnerability

User Enumeration Bypass vulnerability discovered by Margaux DABERT Intrinsec in WordPress WP Cerber Security plugin versions = 9.0. Solution Update the WordPress to the latest available version at least 9.1...

5.3CVSS2.5AI score0.00662EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/08/09 12:0 a.m.31 views

WordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Read vulnerability

Authenticated Arbitrary File Read vulnerability discovered by Brandon James Roldan Patchstack Alliance in WordPress WPide plugin versions = 2.6. Solution Update the WordPress WPIDE – File Manager & Code Editor plugin to the latest available version at least 3.0...

4.9CVSS3.6AI score0.00901EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/04 12:0 a.m.31 views

WordPress Sensei LMS plugin <= 4.4.3 - Unauthenticated Private Messages Disclosure via Rest API vulnerability

Unauthenticated Private Messages Disclosure via Rest API vulnerability discovered by Veshraj Ghimire in WordPress Sensei LMS plugin versions = 4.4.3. Solution Update the WordPress Sensei LMS plugin to the latest available version at least 4.5.0...

5.3CVSS3.7AI score0.01868EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/08/01 12:0 a.m.31 views

WordPress Enable SVG, WebP & ICO Upload plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability via malicious SVG file upload discovered by Kim Jong Min aka Universe Patchstack Alliance in WordPress Enable SVG, WebP & ICO Upload plugin versions = 1.0.3. Solution No patched version available...

5.4CVSS2.3AI score0.00446EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/07/29 12:0 a.m.31 views

WordPress Team plugin <= 4.1.1 - Authenticated Arbitrary File Read and Deletion vulnerability

Authenticated Arbitrary File Read and Deletion vulnerability discovered by Nhật Nam in WordPress Team plugin versions = 4.1.1. Solution Update the WordPress Team plugin to the latest available version at least 4.1.2...

8.8CVSS3.3AI score0.0129EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/02 12:0 a.m.31 views

WordPress HTML2WP plugin <= 1.0.0 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Daniel Ruf in WordPress HTML2WP plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of May 4, 2022 and is not available for download. This closure is temporary, pending a full review...

9.8CVSS3.8AI score0.11866EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/05/27 12:0 a.m.31 views

WordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability was discovered by Rasi Afeef Patchstack Alliance in the WordPress Social Share Buttons by Supsystic plugin versions = 2.2.3. Solution Update the WordPress Social Share Buttons by Supsystic plugin to the latest available version at least 2.2.4...

4.3CVSS3.5AI score0.00396EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/05/23 12:0 a.m.31 views

WordPress Core Control plugin <= 1.2.1 - Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Settings Update via Cross-Site Request Forgery CSRF vulnerability was discovered by Daniel Ruf in the WordPress Core Control plugin versions = 1.2.1. Solution Deactivate and delete. This plugin has been closed as of May 18, 2022 and is not available for download. This closure is permane...

4.2AI score0.00285EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/23 12:0 a.m.31 views

WordPress Filr Secure Document Library plugin <= 1.2.2 - Subscriber+ AJAX Calls vulnerability

Subscriber+ AJAX Calls vulnerability discovered by dc11 in WordPress Filr - Secure Document Library plugin versions = 1.2.2. Solution Update the WordPress Filr - Secure Document Library plugin to the latest available version at least 1.2.2.1...

8.8CVSS2.8AI score0.01263EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/16 12:0 a.m.31 views

WordPress User Meta plugin <= 2.4.3 - Local File Enumeration via Path Traversal vulnerability

Local File Enumeration via Path Traversal vulnerability discovered by Julien Ahrens in WordPress User Meta plugin versions = 2.4.3. Solution Update the WordPress User Meta plugin to the latest available version at least 2.4.4...

6.5CVSS3.8AI score0.02233EPSS
Exploits5References3Affected Software1
Patchstack
Patchstack
added 2022/05/02 12:0 a.m.31 views

WordPress WP Meta SEO plugin <= 4.4.6 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Victor Pasman in WordPress WP Meta SEO plugin versions = 4.4.6. Solution Update the WordPress WP Meta SEO plugin to the latest available version at least 4.4.7...

4.8CVSS2.2AI score0.00646EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/28 12:0 a.m.31 views

WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Ex.Mi Patchstack in WordPress Hermit 音乐播放器 plugin versions = 3.1.6. Solution Deactivate and delete. This plugin has been closed as of April 25, 2022 and is not available for download. This closure is temporary, pending a...

5.8CVSS2AI score0.00393EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/21 12:0 a.m.31 views

WordPress WPQA - Builder forms Addon plugin < 5.2 - Private Message Disclosure via IDOR vulnerability

Private Message Disclosure via IDOR vulnerability discovered by Veshraj Ghimire in WordPress WPQA - Builder forms Addon plugin versions 5.2. Solution Update the WordPress WPQA - Builder forms Addon plugin to the latest available version at least 5.2...

4.3CVSS3.6AI score0.00756EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/04/21 12:0 a.m.31 views

WordPress WPQA - Builder forms Addon plugin < 5.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Veshraj Ghimire in WordPress WPQA - Builder forms Addon plugin versions 5.2. Solution Update the WordPress WPQA - Builder forms Addon plugin to the latest available version at least 5.2...

5.4CVSS1.9AI score0.01221EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/15 12:0 a.m.31 views

WordPress Webba Booking plugin <= 4.2.21 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress Webba Booking plugin versions = 4.2.21. Solution Update the WordPress Webba Booking plugin to the latest available version at least 4.2.22...

4.8CVSS3AI score0.00475EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/04/11 12:0 a.m.31 views

WordPress Sitemap by click5 plugin <= 1.0.35 - Unauthenticated Arbitrary Options Update vulnerability

Unauthenticated Arbitrary Options Update vulnerability discovered by cydave in WordPress Sitemap by click5 plugin versions = 1.0.35. Solution Update the WordPress Sitemap by click5 plugin to the latest available version at least 1.0.36...

8.8CVSS3.1AI score0.13329EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/30 12:0 a.m.31 views

WordPress Advanced Custom Fields plugin <= 5.12 - Database Information Access vulnerability

Database Information Access vulnerability was discovered by Keitaro Yamazaki Ierae Security Inc in the WordPress Advanced Custom Fields plugin versions = 5.12. Solution Update the WordPress Advanced Custom Fields plugin to the latest available version at least 5.12.1...

6.5CVSS3AI score0.01437EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2022/03/29 12:0 a.m.31 views

WordPress Nimble Page Builder plugin < 3.2.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Nimble Page Builder plugin versions 3.2.2. Solution Update the WordPress Nimble Page Builder plugin to the latest available version at least 3.2.3...

6.1CVSS2.1AI score0.00788EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/28 12:0 a.m.31 views

WordPress Caldera Forms plugin <= 1.9.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Caldera Forms plugin versions = 1.9.6. Solution Update the WordPress Caldera Forms plugin to the latest available version at least 1.9.7...

6.1CVSS2.4AI score0.01168EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/28 12:0 a.m.31 views

WordPress Page Security & Membership plugin <= 1.5.15 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Ankur Bakre in WordPress Page Security & Membership plugin versions = 1.5.15. Solution Deactivate and delete. This plugin has been closed as of March 25, 2022 and is not available for download. This closure is temporary, pending a full...

4.8CVSS1.9AI score0.00577EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/09 12:0 a.m.31 views

WordPress Profile Builder plugin <= 3.6.7 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Abhinav Porwal in WordPress Profile Builder plugin versions = 3.6.7. Solution Update the WordPress Profile Builder plugin to the latest available version at least 3.6.8...

4.8CVSS1.8AI score0.00644EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/01/31 12:0 a.m.31 views

WordPress Logo Showcase with Slick Slider plugin <= 2.0 - Arbitrary Media Title/Description/Alt Text/URL Update via CSRF vulnerability

Arbitrary Media Title/Description/Alt Text/URL Update via CSRF vulnerability discovered by apple502j in WordPress Logo Showcase with Slick Slider plugin versions = 2.0. Solution Update the WordPress Logo Showcase with Slick Slider plugin to the latest available version at least 2.0.1...

4.3CVSS4.8AI score0.00464EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/28 12:0 a.m.31 views

WordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Set Featured Brand vulnerability

Set Featured Brand vulnerability discovered by Dave Jong Patchstack in WordPress Perfect Brands for WooCommerce plugin versions = 2.0.4. Solution Update the WordPress Perfect Brands for WooCommerce plugin to the latest available version at least 2.0.5...

4.3CVSS2.9AI score0.00621EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.31 views

WordPress Classic Editor Addon plugin <= 2.6.3 - Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery CSRF vulnerability discovered by Jan w Oleju in WordPress Classic Editor Addon plugin versions = 2.6.3. Solution Update the WordPress Classic Editor Addon plugin to the latest available version at least 2.6.4...

3.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/01/12 12:0 a.m.31 views

WordPress Ibtana plugin <= 1.1.4.8 - Plugin Settings Update vulnerability leading to Stored Cross-Site Scripting (XSS)

Plugin Settings Update vulnerability leading to Stored Cross-Site Scripting XSS discovered by Krzysztof Zając in WordPress Ibtana plugin versions = 1.1.4.8. Solution Update the WordPress Ibtana plugin to the latest available version at least 1.1.4.9...

3.5CVSS2.7AI score0.00581EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/13 12:0 a.m.31 views

WordPress The Plus Addons for Elementor Pro premium plugin <= 5.0.6 - Sensitive Data Disclosure vulnerability

Sensitive Data Disclosure vulnerability discovered by Nicolas Vidal from TEHTRIS in WordPress The Plus Addons for Elementor Pro premium plugin versions = 5.0.6. Solution Update the WordPress The Plus Addons for Elementor Pro premium plugin to the latest available version at least 5.0.7...

7.5CVSS2.3AI score0.01815EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/02 12:0 a.m.31 views

WordPress Customize Login Image plugin <= 3.5.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Cyber Security Works Pvt. Ltd in WordPress Customize Login Image plugin versions = 3.5.2. Solution Update the WordPress Customize Login Image plugin to the latest available version at least 3.5.3...

5.4CVSS2AI score0.01318EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/10/11 12:0 a.m.31 views

WordPress Similar Posts plugin <= 3.1.5 - Arbitrary PHP Code Execution vulnerability

Arbitrary PHP Code Execution vulnerability discovered by bl4derunner in WordPress Similar Posts plugin versions = 3.1.5. Solution Update the WordPress Similar Posts plugin to the latest available version at least 3.1.6...

7.2CVSS3.9AI score0.01514EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/05/09 12:0 a.m.31 views

WordPress All In One SEO Pack plugin <= 4.1.0.1 - Authenticated Remote Code Execution (RCE) vulnerability

Authenticated Remote Code Execution RCE vulnerability discovered by darkpills in WordPress All In One SEO Pack plugin versions = 4.1.0.1. Solution Update the WordPress All In One SEO Pack plugin to the latest available version at least 4.1.0.2...

9CVSS4.7AI score0.53274EPSS
Exploits3References2Affected Software1
Patchstack
Patchstack
added 2020/10/29 12:0 a.m.31 views

WordPress <= 5.5.1 - Mishandling Embeds From Disabled Sites On a Multisite Network vulnerability

Mishandling Embeds From Disabled Sites On a Multisite Network vulnerability found by David Binovec in WordPress versions = 5.5.1. Solution Update the WordPress to the latest available version at least 5.5.2...

7.5CVSS2.5AI score0.02622EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2020/09/16 12:0 a.m.31 views

WordPress Hueman theme <= 3.6.3 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Jerome Bruandet NinTechNet in WordPress Hueman theme versions = 3.6.3. Solution Update the WordPress Hueman theme to the latest available version at least 3.6.4...

2.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/03/24 12:0 a.m.31 views

WordPress gboutique plugin <= 1.3 - Unauthenticated Local File Inclusion (LFI) vulnerability

Unauthenticated Local File Inclusion LFI vulnerability discovered by Random Robbie in WordPress gboutique plugin versions = 1.3. Solution Plugin closed. Deactivate and delete...

6.8CVSS3.1AI score0.39374EPSS
Exploits6References2Affected Software1
Patchstack
Patchstack
added 2020/01/30 12:0 a.m.31 views

WordPress Elementor Page Builder plugin <= 2.8.4 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability found by Impenetrable in WordPress Elementor Page Builder plugin versions = 2.8.4. Solution Update the WordPress Elementor Page Builder plugin to the latest available version at least 2.8.5...

5.4CVSS2.3AI score0.01288EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2018/10/03 12:0 a.m.31 views

WordPress Wechat Broadcast plugin <= 1.2.0 - Local/Remote File Inclusion vulnerability

Local/Remote File Inclusion vulnerability found by Manuel Garcia Cardenas in WordPress Wechat Broadcast plugin versions = 1.2.0. Solution 2018 October 3rd - no patched version available to download. We recommend to deactivate and uninstall...

9.8CVSS3.8AI score0.6307EPSS
Exploits4References1Affected Software1
Patchstack
Patchstack
added 2017/12/04 12:0 a.m.31 views

WordPress Apocalypse Meow plugin <=21.2.7 - BCrypt Authentication Bypass vulnerability

BCrypt Authentication Bypass vulnerability found by Steve Sc00bzT in WordPress Apocalypse Meow plugin versions =21.2.7. Solution Update the WordPress Apocalypse Meow plugin to the latest available version at least 21.2.8...

3.7AI score
Exploits0References1Affected Software1
Total number of security vulnerabilities5000