Lucene search
K
PatchstackMost viewed

46606 matches found

Patchstack
Patchstack
added 2014/03/21 12:0 a.m.29 views

WordPress XCloner Standalone Plugin <= 3.5 - Multiple CSRF

Because of these multiple vulnerabilities, the attackers can hijack the authentication of administrators for requests that change the administrator password via the config task to index2.php. Solution Update the plugin...

7.6CVSS4.6AI score0.0621EPSS
Exploits6References1Affected Software1
Patchstack
Patchstack
added 2014/01/20 12:0 a.m.29 views

WordPress <= 3.0.1

wp-includes/comment.php does not properly whitelist trackbacks and pingbacks in the blogroll. In that way the attackers can bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match. Solution Update WordPress...

5.8CVSS4.6AI score0.0253EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2013/12/06 12:0 a.m.29 views

WordPress WP Cron Dashboard Plugin <= 1.1.5 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "procname" parameter to wp-admin/tools.php. Solution Update the plugin...

4.3CVSS2.5AI score0.02035EPSS
Exploits4References1Affected Software1
Patchstack
Patchstack
added 2013/12/03 12:0 a.m.29 views

WordPress <= 3.8.1 - Privilege Escalation

Because of this vulnerability, authenticated users can publish posts. Solution Update the plugin...

4CVSS3.8AI score0.02368EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2013/04/01 12:0 a.m.29 views

WordPress BackupBuddy Plugin <= 2.2.25 - Sensitive Data Exposure

This vulnerability is in importbuddy.php. It allows remote attackers to obtain configuration information via a step 0 phpinfo action. Solution Update the plugin...

5CVSS5.5AI score0.02136EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2012/05/21 12:0 a.m.29 views

WordPress User Photo Plugin <= 0.9.5.1 - XSS

Because of this vulnerability in user-photo.php, attackers can inject arbitrary web script or HTML via the PATHINFO to wp-admin/options-general.php. Solution Update the plugin...

4.3CVSS2.9AI score0.02165EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2012/01/04 12:0 a.m.29 views

WordPress <= 0.7 - SQL injection

Because of this vulnerability in log.header.php, the attackers can execute arbitrary SQL commands via the posts variable. Solution Update the plugin...

7.5CVSS7AI score0.02903EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2009/08/27 12:0 a.m.29 views

WordPress WP-Syntax Plugin <= 0.9.1 - Remote Command Execution

In general, WP-Syntax plugin is the most popular plugin for WordPress to provide clean syntax highlighting for embedding source code within pages or posts. It uses the library, called GeShi, that implements all the functionality to review the syntax for each language HTML-code. The vulnerability ...

6.8CVSS1.4AI score0.04805EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2009/07/05 12:0 a.m.29 views

WordPress <= 2.8.0 - Multiple Existing/Non-Existing Username Enumeration Weaknesses

Because of this vulnerability, the attackers can enumerate valid usernames. Solution Update WordPress...

5CVSS3.6AI score0.05412EPSS
Exploits8References1Affected Software1
Patchstack
Patchstack
added 2008/10/24 12:0 a.m.29 views

WordPress WP Comment Remix Plugin <= 1.4.3 - SQL Injection

Because of this vulnerability in ajaxcomments.php, the attackers can execute arbitrary SQL commands via the "p" parameter. Solution Update the plugin...

7.5CVSS6.6AI score0.03468EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2007/05/11 12:0 a.m.29 views

WordPress - Cross Site Scripting

This vulnerability is in sidebar.php. It allows the attackers to inject arbitrary web script or HTML via the query string. Solution Update WordPress...

6.8CVSS3.8AI score0.02327EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2007/01/08 12:0 a.m.29 views

WordPress <= 2.0.5 - Dictionnary & Bruteforce attack

In WordPress 2.0.5 and previous versions, there's a different error message if a user exists or not, which allows attackers to obtain sensitive information. Solution Update the WordPress to the latest available version at least 2.0.6...

5CVSS4.4AI score0.03137EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2005/10/27 12:0 a.m.29 views

WordPress <= 1.2 - Remote Code Execution

Because of this vulnerability in The httpsrequest function in Snoopy, the attackers can execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, that is not properly handled by the fetch function. Solution Update the WordPress to the latest available versi...

7.5CVSS4.2AI score0.17194EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2005/06/08 12:0 a.m.29 views

WordPress <= 1.3.0 - Eval Injection

Because of this vulnerability in PEAR XMLRPC, attackers can execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement. Solution Update the WordPress to the latest available version at least 1.4...

7.5CVSS5.8AI score0.79071EPSS
Exploits5References1Affected Software1
Patchstack
Patchstack
added 2 days ago28 views

WordPress Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin <= 5.0.4 - Authenticated (Custom+) Stored Cross-Site Scripting vulnerability

Authenticated Custom+ Stored Cross-Site Scripting vulnerability discovered by hackthesoul - TossBank in WordPress Plugin Dokan versions = 5.0.4...

6.4CVSS5.8AI score0.0022EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 4:51 p.m.28 views

WordPress Sunshine Photo Cart plugin <= 3.6.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Sunshine Photo Cart versions = 3.6.7...

6.3CVSS5.8AI score0.00202EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/21 12:0 a.m.28 views

WordPress Multilingual CMS Plugin <= 4.6.12 is vulnerable to Remote Code Execution (RCE)

Software Multilingual CMS Type Plugin Vulnerable versions = 4.6.12 Fixed in 4.6.13 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-6386 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 31c994cd7315 Credits stealthcopter Required...

9.9CVSS7.2AI score0.25013EPSS
Exploits3References2Affected Software1
Patchstack
Patchstack
added 2024/07/02 12:0 a.m.28 views

WordPress LearnPress Plugin <= 4.2.6.8.1 is vulnerable to Broken Access Control

Software LearnPress Type Plugin Vulnerable versions = 4.2.6.8.1 Fixed in 4.2.6.8.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-6099 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b7595fc9b77e Credits shaman0x01 Required privile...

5.3CVSS6.6AI score0.0042EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/01 12:0 a.m.28 views

WordPress Slider Revolution Plugin <= 6.7.7 is vulnerable to Cross Site Scripting (XSS)

Software Slider Revolution Type Plugin Vulnerable versions = 6.7.7 Fixed in 6.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4092 Patch priority Low CVSS severity Low 6.5 Developer ThemePunch PSID 82a59957f3ec Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/02/23 12:0 a.m.28 views

WordPress Ultimate Member Plugin 2.1.3-2.8.2 is vulnerable to SQL Injection

Software Ultimate Member Type Plugin Vulnerable versions 2.1.3-2.8.2 Fixed in 2.8.3 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-1071 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID d52d7ae096c8 Credits Christiaan Swiers Required privilege...

9.8CVSS6.9AI score0.89431EPSS
Exploits8References3Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.28 views

WordPress BuddyBoss Theme Theme <= 2.4.60 is vulnerable to Settings Change

Software BuddyBoss Theme Type Theme Vulnerable versions = 2.4.60 Fixed in 2.4.61 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2023-51477 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 91b38329ee46 Credits Dave Jong Patchstack Required...

9.8CVSS6.5AI score0.00697EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.28 views

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Arbitrary File Deletion

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A4: Insecure Design Classification Arbitrary File Deletion CVE CVE-2023-5212 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID cac6c246df55 Credits Marco Wotschka Chloe Chamberland Require...

9.6CVSS6.4AI score0.01626EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/16 12:0 a.m.28 views

WordPress Post grid and filter ultimate Plugin <= 1.5.2 is vulnerable to Broken Access Control

Software Post grid and filter ultimate Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e3f31b8b5385 Credits Abdi Pranata...

5.8AI score0.00188EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.28 views

WordPress Cream Magazine Theme <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Cream Magazine Type Theme Vulnerable versions = 2.1.4 Fixed in 2.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28687 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a491754a1a0 Credits László Radnai...

7.1CVSS5.9AI score0.00467EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/23 12:0 a.m.28 views

WordPress WooCommerce Payments Plugin <= 5.6.1 is vulnerable to Privilege Escalation

Software WooCommerce Payments Type Plugin Vulnerable versions = 5.6.1 Fixed in 5.6.2 OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE CVE-2023-28121 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID af825d1466e0 Credits Michael Mazzolini...

9.8CVSS6.8AI score0.86919EPSS
Exploits9References6Affected Software1
Patchstack
Patchstack
added 2023/03/16 12:0 a.m.28 views

WordPress Sales Report for WooCommerce Plugin <= 3.5.7.6 is vulnerable to Broken Access Control

Software Sales Report for WooCommerce Type Plugin Vulnerable versions = 3.5.7.6 Fixed in 3.5.7.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45813 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 203694b99e41 Credits István Márto...

5.9AI score0.00227EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/24 12:0 a.m.28 views

WordPress Watu Quiz Plugin < 3.3.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Watu Quiz Type Plugin Vulnerable versions 3.3.8.3 Fixed in 3.3.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0429 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5337ca5b2dc2 Credits Felipe Restrepo Rodriguez...

4.8CVSS5.8AI score0.0047EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2022/11/23 12:0 a.m.28 views

WordPress Image Map Pro premium plugin <= 5.5.0 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS discovered by Dave Jong Patchstack in the WordPress Image Map Pro premium plugin versions = 5.5.0. Solution No patched version is available. No reply from the vendor for a long time...

1.8AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/22 12:0 a.m.28 views

WordPress All In One WP Security plugin <= 5.1.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Rafie Muhammad Patchstack in the WordPress All In One WP Security plugin versions = 5.1.0. Solution Update the WordPress All In One WP Security & Firewall plugin to the latest available version at least 5.1.1...

2.5AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/22 12:0 a.m.28 views

WordPress WP Stripe Checkout plugin <= 1.2.2.20 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Lana Codes in WordPress WP Stripe Checkout plugin versions = 1.2.2.20. Solution Update the WordPress WP Stripe Checkout plugin to the latest available version at least 1.2.2.21...

2.1AI score0.00471EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/11/16 12:0 a.m.28 views

WordPress BeCustom premium plugin <= 1.0.5.2 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin settings change discovered by Julien Ahrens RCE Security in the WordPress BeCustom premium plugin versions = 1.0.5.2. Solution Update the WordPress BeCustom plugin to the latest available version at least 1.0.5.3...

2.7AI score0.00781EPSS
Exploits5References1Affected Software1
Patchstack
Patchstack
added 2022/11/09 12:0 a.m.28 views

WordPress Seed Social plugin <= 2.0.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by zhangyunpei in the WordPress Seed Social plugin versions = 2.0.3. Solution Update the WordPress Seed Social plugin to the latest available version at least 2.0.4...

2.5AI score0.00497EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/11/09 12:0 a.m.28 views

WordPress REST API Authentication plugin <= 2.4.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin settings change discovered by Lana Codes Patchstack Alliance in WordPress REST API Authentication plugin versions = 2.4.0. Solution Update the WordPress WordPress REST API Authentication plugin to the latest available version at leas...

8.8CVSS3.9AI score0.00264EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/02 12:0 a.m.28 views

WordPress OWM Weather plugin <= 5.6.8 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Kunal Sharma University of Kaiserslautern and Daniel Krohmer Fraunhofer IESE in the WordPress OWM Weather plugin versions = 5.6.8. Solution Update the WordPress OWM Weather plugin to the latest available version at least 5.6.9...

3.6AI score0.01053EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/10/31 12:0 a.m.28 views

WordPress Event Monster plugin <= 1.2.0 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Thura Moe Myint in the WordPress Event Monster plugin versions = 1.2.0. Solution Update the WordPress Event Management Tickets Booking plugin to the latest available version at least 1.2.1...

7.2CVSS3.6AI score0.00962EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/10/30 12:0 a.m.28 views

WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to Plugin Settings Import was discovered by Muhammad Daffa Patchstack Alliance in WordPress Advanced Dynamic Pricing for WooCommerce plugin versions = 4.1.5. Solution Update the WordPress Advanced Dynamic Pricing for WooCommerce plugin to the...

5.4CVSS3.8AI score0.00277EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/28 12:0 a.m.28 views

WordPress Ultimate Member plugin <= 2.5.0 - Auth. Remote Code Execution vulnerability

Auth. Remote Code Execution vulnerability discovered by Ruijie Li in WordPress Ultimate Member plugin versions = 2.5.0. Solution Update the WordPress Ultimate Member plugin to the latest available version at least 2.5.1...

5AI score0.0278EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/10/27 12:0 a.m.28 views

WordPress BuddyForms plugin <= 2.7.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in the WordPress BuddyForms plugin versions = 2.7.2. Solution No patched version is available...

2.9AI score0.00402EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/20 12:0 a.m.28 views

WordPress Mantenimiento web plugin <= 0.13 - Auth. Cross-Site Scripting (XSS) vulnerability

Auth. Cross-Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in the WordPress Mantenimiento web plugin versions = 0.13. Solution Update the WordPress Mantenimiento web plugin to the latest available version at least 0.14...

4.8CVSS3.3AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/22 12:0 a.m.28 views

WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control vulnerability

Authenticated Broken Access Control vulnerability leading to review export discovered by Muhammad Daffa Patchstack Alliance in WordPress Customer Reviews for WooCommerce plugin versions = 5.3.5. Solution Update the WordPress Customer Reviews for WooCommerce plugin to the latest available version ...

8.8CVSS3.9AI score0.00775EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/08 12:0 a.m.28 views

WordPress Culture Object plugin <= 4.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress Culture Object plugin versions = 4.0.1. Solution Update the WordPress Culture Object plugin to the latest available version at least 4.1.1...

4.8CVSS2.7AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/05 12:0 a.m.28 views

WordPress Login Block IPs plugin <= 1.0.0 - Arbitrary Setting Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Setting Update via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress Login Block IPs plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of September 5, 2022 and is not available for download. This closure is temporar...

4.3CVSS2.8AI score0.00267EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/01 12:0 a.m.28 views

WordPress Blossom Recipe Maker plugin <= 1.0.7 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Ngo Van Thien Patchstack Alliance in the WordPress Blossom Recipe Maker plugin versions = 1.0.7. Solution Deactivate and delete. No reply from the vendor...

5.4CVSS3AI score0.00414EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/22 12:0 a.m.28 views

WordPress WP-UserOnline plugin <= 2.88.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Juampa Rodríguez in WordPress WP-UserOnline plugin versions = 2.88.0. Solution Update the WordPress User Online plugin to the latest available version at least 2.88.1...

5.5CVSS2.1AI score0.05094EPSS
Exploits6References1Affected Software1
Patchstack
Patchstack
added 2022/08/22 12:0 a.m.28 views

WordPress Ajax Load More plugin <= 5.5.3 - Authenticated Arbitrary File Read vulnerability

Authenticated Arbitrary File Read vulnerability discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress Ajax Load More plugin versions = 5.5.3. Solution Update the WordPress Ajax Load More plugin to the latest available version at least 5.5.4...

4.9CVSS2.9AI score0.01279EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/08/12 12:0 a.m.28 views

WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Arbitrary File Upload vulnerability

Authenticated Arbitrary File Upload vulnerability discovered by Universe Patchstack Alliance in WordPress Uploading SVG, WEBP and ICO files plugin versions = 1.0.1. Solution No patched version is available. Ignored by the vendor...

7.2CVSS3.5AI score0.00946EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/02 12:0 a.m.28 views

WordPress Download Manager plugin <= 3.2.48 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to template status change discovered by Muhammad Daffa Patchstack Alliance in WordPress Download Manager plugin versions = 3.2.48. Solution Update the WordPress Download Manager plugin to the latest available version at least 3.2.49...

8.8CVSS4.4AI score0.00309EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/01 12:0 a.m.28 views

WordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to API key change discovered by Muhammad Daffa Patchstack Alliance in WordPress MailerLite – Signup forms official plugin versions = 1.5.7. Solution Update the WordPress MailerLite – Signup forms plugin to the latest available version at least...

8.8CVSS3.9AI score0.00303EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/08/01 12:0 a.m.28 views

WordPress Download Manager plugin <= 3.2.49 - Bypass IP Address Blocking Restriction vulnerability

Bypass IP Address Blocking Restriction vulnerability discovered by Raad Haddad in WordPress Download Manager plugin versions = 3.2.49. Solution Update the WordPress Download Manager plugin to the latest available version at least 3.2.50...

7.5CVSS2.1AI score0.00958EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/07/18 12:0 a.m.28 views

WordPress Inspiro Pro premium theme < 7.2.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Fortune Sam Okon in WordPress Inspiro Pro premium theme versions 7.2.3. Solution Update the WordPress Inspiro premium theme to the latest available version at least 7.2.3...

5.4CVSS2.3AI score0.00495EPSS
Exploits2References1Affected Software1
Total number of security vulnerabilities5000