Lucene search
K
PatchstackMost viewed

46606 matches found

Patchstack
Patchstack
added 2022/07/18 12:0 a.m.28 views

WordPress Feed Them Social plugin <= 2.9.8.5 - Unauthenticated PHAR Deserialization vulnerability

Unauthenticated PHAR Deserialization vulnerability discovered by Rasoul Jahanshahi in WordPress Feed Them Social plugin versions = 2.9.8.5. Solution Update the WordPress Feed Them Social plugin to the latest available version at least 2.9.8.6...

9.8CVSS3.2AI score0.0134EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/07/12 12:0 a.m.28 views

WordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Read via Export function vulnerability

Authenticated Arbitrary File Read via Export function vulnerability discovered by Rafie Muhammad aka Yeraisci Patchstack Alliance in WordPress GiveWP plugin versions = 2.20.2. Solution Update the WordPress GiveWP plugin to the latest available version at least 2.21.0...

5.5CVSS4AI score0.01451EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/07/12 12:0 a.m.28 views

WordPress WSM Downloader plugin <= 1.4.0 - Domain Name Restriction Bypass vulnerability

Domain Name Restriction Bypass vulnerability discovered by Raad Haddad in WordPress WSM Downloader plugin versions = 1.4.0. Solution Deactivate and delete. This plugin has been closed as of July 8, 2022 and is not available for download. This closure is temporary, pending a full review...

7.5CVSS2.4AI score0.00953EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/07/11 12:0 a.m.28 views

WordPress Event Timeline plugin <= 1.1.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Fayçal CHENA in WordPress Event Timeline plugin versions = 1.1.6. Solution No patched version available...

4.8CVSS2.2AI score0.00493EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/07/05 12:0 a.m.28 views

WordPress AnyMind Widget plugin <= 1.1 - Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS discovered by Sho Sakata in WordPress AnyMind Widget plugin versions = 1.1. Solution Deactivate and delete. This plugin has been closed as of June 30, 2022 and is not available for download. This closure is temporar...

1.6AI score0.01165EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/07/05 12:0 a.m.28 views

WordPress Visualizer plugin <= 3.7.9 - Authenticated PHAR Deserialization vulnerability

Authenticated PHAR Deserialization vulnerability discovered by Rasoul Jahanshahi in WordPress Visualizer plugin versions = 3.7.9. Solution Update the WordPress Visualizer plugin to the latest available version at least 3.7.10...

3.8CVSS3.7AI score0.0055EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/06/27 12:0 a.m.28 views

WordPress Jquery Validation For Contact Form 7 plugin <= 5.2 - Arbitrary Options Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Options Update via Cross-Site Request Forgery CSRF vulnerability discovered by Gibran Abdillah in WordPress Jquery Validation For Contact Form 7 plugin versions = 5.2. Solution Update the WordPress Jquery Validation For Contact Form 7 plugin to the latest available version at least 5.3...

4.3CVSS4.5AI score0.00368EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/20 12:0 a.m.28 views

WordPress Bold Page Builder plugin <= 4.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Nikhil Kapoor in WordPress Bold Page Builder plugin versions = 4.3.2. Solution Update the WordPress Bold Page Builder plugin to the latest available version at least 4.3.3...

4.8CVSS1.8AI score0.00935EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/20 12:0 a.m.28 views

WordPress WP Maintenance Mode & Coming Soon plugin <= 2.4.4 - Subscribed Users Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Subscribed Users Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress WP Maintenance Mode & Coming Soon plugin versions = 2.4.4. Solution Update the WordPress WP Maintenance Mode & Coming Soon plugin to the latest available version at least 2.4.5...

6.5CVSS3.8AI score0.00449EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/16 12:0 a.m.28 views

WordPress Core plugin for Kitestudio themes <= 2.3.0 - Reflected Cross-Site-Scripting (XSS) vulnerability

Reflected Cross-Site-Scripting XSS vulnerability discovered by cydave in WordPress Core plugin for Kitestudio themes versions = 2.3.0. Solution Update the WordPress Core plugin for Kitestudio themes to the latest available version at least 2.3.1...

6.1CVSS2.9AI score0.00657EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/10 12:0 a.m.28 views

WordPress Mitsol Social Post Feed plugin <= 1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Big Tiger in WordPress Mitsol Social Post Feed plugin versions = 1.10. Solution Deactivate and delete. This plugin has been closed as of and is not available for download. Reason: Security Issue...

4.8CVSS2.5AI score0.00578EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/06/09 12:0 a.m.28 views

WordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Multiple Broken Access Control vulnerabilities

Multiple Broken Access Control vulnerabilities were discovered by m0ze Patchstack in WordPress Social Share Buttons by Supsystic plugin versions = 2.2.3. Solution Update the WordPress Social Share Buttons by Supsystic plugin to the latest available version at least 2.2.4...

8.8CVSS4AI score0.00706EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/06/09 12:0 a.m.28 views

WordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities

Multiple Authenticated SQL Injection SQLi vulnerabilities were discovered by m0ze Patchstack in the WordPress Social Share Buttons by Supsystic plugin versions = 2.2.3. Solution Update the WordPress Social Share Buttons by Supsystic plugin to the latest available version at least 2.2.4...

8.8CVSS3.3AI score0.00765EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/05/18 12:0 a.m.28 views

WordPress Log WP_Mail plugin <= 0.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability was discovered by Daniel Ruf in the WordPress Log WPMail plugin versions = 0.1. Solution Deactivate and delete. This plugin has been closed as of April 20, 2022 and is not available for download. This closure is temporary, pending a full review...

7.5CVSS3.5AI score0.01394EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/17 12:0 a.m.28 views

WordPress iQ Block Country plugin <= 1.2.13 - Protection Bypass due to IP Spoofing vulnerability

Protection Bypass due to IP Spoofing vulnerability discovered by Daniel Ruf in WordPress iQ Block Country plugin versions = 1.2.13. Solution Deactivate and delete. This plugin has been closed as of April 20, 2022 and is not available for download. This closure is temporary, pending a full review...

2.7AI score0.01191EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/11 12:0 a.m.28 views

WordPress WP Fundraising Donation and Crowdfunding Platform plugin < 1.5.0 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress WP Fundraising Donation and Crowdfunding Platform plugin versions 1.5.0. Solution Update the WordPress WP Fundraising Donation and Crowdfunding Platform plugin to the latest available version at least 1.5.0...

9.8CVSS3.3AI score0.07879EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/03 12:0 a.m.28 views

WordPress Content Mask plugin <= 1.8.4 - Arbitrary Options Update vulnerability

Arbitrary Options Update vulnerability discovered by ptsfence in WordPress Content Mask plugin versions = 1.8.4. Solution Update the WordPress Content Mask plugin to the latest available version at least 1.8.4.1...

4.3CVSS3.2AI score0.01052EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
added 2022/04/25 12:0 a.m.28 views

WordPress ShortPixel Adaptive Images plugin <= 3.3.1 - Subscriber+ Plugin Settings Update vulnerability

Subscriber+ Plugin Settings Update vulnerability discovered by Tien Nguyen Anh Patchstack Alliance in WordPress ShortPixel Adaptive Images plugin versions = 3.3.1. Solution Update the WordPress ShortPixel Adaptive Images plugin to the latest available version at least 3.4.0...

4.3CVSS3.5AI score0.00595EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/18 12:0 a.m.28 views

WordPress Personal Dictionary plugin <= 1.3.3 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Personal Dictionary plugin versions = 1.3.3. Solution Update the WordPress Personal Dictionary plugin to the latest available version at least 1.3.4...

9.8CVSS3.1AI score0.06629EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/13 12:0 a.m.28 views

WordPress RSFirewall! plugin <= 1.1.24 - IP Block Bypass vulnerability

IP Block Bypass vulnerability discovered by Daniel Ruf in WordPress RSFirewall! plugin versions = 1.1.24. Solution Update the WordPress RSFirewall! plugin to the latest available version at least 1.1.25...

2.6AI score0.00509EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/04/11 12:0 a.m.28 views

WordPress HubSpot plugin <= 8.8.13 - Blind Server-Side Request Forgery (SSRF) vulnerability

Blind Server-Side Request Forgery SSRF vulnerability was discovered by Brandon Roldan in the WordPress HubSpot plugin versions = 8.8.13. Solution Update the WordPress HubSpot plugin to the latest available version at least 8.8.15...

8.8CVSS2.3AI score0.01413EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/05 12:0 a.m.28 views

WordPress Pricing Table plugin <= 1.5.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Pricing Table plugin versions = 1.5.2. Solution No patched version is available...

4.8CVSS3AI score0.00576EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/03/30 12:0 a.m.28 views

WordPress Be POPIA Compliant plugin <= 1.1.5 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Chris Meistre in WordPress Be POPIA Compliant plugin versions = 1.1.5. Solution Update the WordPress Be POPIA Compliant plugin to the latest available version at least 1.1.6...

5.3CVSS3.5AI score0.01083EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/03/28 12:0 a.m.28 views

WordPress Simple File List plugin <= 3.2.7 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Admavidhya N in WordPress Simple File List plugin versions = 3.2.7. Solution Update the WordPress Simple File List plugin to the latest available version at least 3.2.8...

7.5CVSS3.6AI score0.19613EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/21 12:0 a.m.28 views

WordPress One Click Demo Import plugin <= 3.0.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by YICHENG LIU-ZTE CHENFENG lab in WordPress One Click Demo Import plugin versions = 3.0.2. Solution Update the WordPress One Click Demo Import plugin to the latest available version at least 3.1.0...

7.2CVSS3AI score0.01653EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/21 12:0 a.m.28 views

WordPress Easy Smooth Scroll Links plugin <= 2.23.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Park won seok in WordPress Easy Smooth Scroll Links plugin versions = 2.23.0. Solution Update the WordPress Easy Smooth Scroll Links plugin to the latest available version at least 2.23.1...

4.8CVSS2.3AI score0.00588EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/07 12:0 a.m.28 views

WordPress String locator plugin <= 2.4.2 - Arbitrary File Read vulnerability

Arbitrary File Read vulnerability discovered by qerogram in WordPress String locator plugin versions = 2.4.2. Solution Update the WordPress String locator plugin to the latest available version at least 2.5.0...

4.9CVSS2.7AI score0.0136EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/03/02 12:0 a.m.28 views

WordPress MC4WP plugin <= 4.8.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress MC4WP plugin versions = 4.8.6. Solution Update the WordPress MC4WP plugin to the latest available version at least 4.8.7...

4.8CVSS3.1AI score0.00489EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.28 views

WordPress Modern Events Calendar Lite plugin <= 6.3.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Rohan Chaudhari in WordPress Modern Events Calendar Lite plugin versions = 6.3.0. Solution Update the WordPress Modern Events Calendar Lite plugin to the latest available version at least 6.4.0...

5.4CVSS2.4AI score0.67131EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.28 views

WordPress Passwordless Login with OTP / SMS & Email – Account Kit plugin <= 1.2.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Passwordless Login with OTP / SMS & Email – Account Kit plugin versions = 1.2.3. Solution No patched version available...

2.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.28 views

WordPress WUPO Group Attributes for WooCommerce plugin <= 2.0.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WUPO Group Attributes for WooCommerce plugin versions = 2.0.0. Solution Update the WordPress WUPO Group Attributes for WooCommerce plugin to the latest available version at least 2.1.0...

2.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.28 views

WordPress Floating Tiktok button (Tiktok Follow button)+ Tikcode (QrCode) for Tiktok followers plugin <= 1.0.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Floating Tiktok button Tiktok Follow button+ Tikcode QrCode for Tiktok followers plugin versions = 1.0.4. Solution Update the WordPress Floating Tiktok button Tiktok Follow button+ Tikcode QrCode for Tiktok followers plugin to...

3.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/25 12:0 a.m.28 views

WordPress Contact Form X plugin <= 2.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Ex.Mi Patchstack in WordPress Contact Form X plugin versions = 2.4. Solution Update the WordPress Contact Form X plugin to the latest available version at least 2.4.1...

6.1CVSS2.6AI score0.00978EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2022/02/23 12:0 a.m.28 views

WordPress Amelia plugin <= 1.0.45 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by qerogram in WordPress Amelia plugin versions = 1.0.45. Solution Update the WordPress Amelia plugin to the latest available version at least 1.0.46...

8.8CVSS5.7AI score0.01439EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/17 12:0 a.m.28 views

WordPress Profile Builder plugin <= 3.6.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Chloe Chamberland Wordfence in WordPress Profile Builder plugin versions = 3.6.1. Solution Update the WordPress Profile Builder plugin to the latest available version at least 3.6.2...

6.1CVSS1.9AI score0.02703EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
added 2022/01/25 12:0 a.m.28 views

WordPress AP Custom Testimonial plugin <= 1.4.7 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Rafael Castilho in WordPress AP Custom Testimonial plugin versions = 1.4.7. Solution Update the WordPress AP Custom Testimonial plugin to the latest available version at least 1.4.8...

6.1CVSS2.8AI score0.00853EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.28 views

WordPress Ad Inserter plugin <= 2.7.9 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Ad Inserter plugin versions = 2.7.9. Solution Update the WordPress Ad Inserter plugin to the latest available version at least 2.7.10...

6.1CVSS2.2AI score0.02389EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.28 views

WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.20.93 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Anti-Malware Security and Brute-Force Firewall plugin versions = 4.20.93. Solution Update the WordPress Anti-Malware Security and Brute-Force Firewall plugin to the latest available version at least 4.20.94...

4.8CVSS2AI score0.00588EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/18 12:0 a.m.28 views

WordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability was discovered by Brandon Roldan Patchstack Alliance in the WordPress Better Messages plugin versions = 1.9.9.148. Solution Update the WordPress Better Messages plugin to the latest available version at least 1.9.9.149...

4.3CVSS3.9AI score0.00251EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/01/17 12:0 a.m.28 views

WordPress MapPress Maps for WordPress plugin <= 2.73.3 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress MapPress Maps for WordPress plugin versions = 2.73.3. Solution Update the WordPress MapPress Maps for WordPress plugin to the latest available version at least 2.73.4...

6.1CVSS2.1AI score0.02021EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/10 12:0 a.m.28 views

WordPress GTranslate plugin <= 2.9.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress GTranslate plugin versions = 2.9.6. Solution Update the WordPress GTranslate plugin to the latest available version at least 2.9.7...

4.7CVSS2.3AI score0.00752EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/11/17 12:0 a.m.28 views

WordPress Preview E-mails for WooCommerce plugin <= 1.6.8 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Chloe Chamberland WordFence in WordPress Preview E-mails for WooCommerce plugin versions = 1.6.8. Solution Update the WordPress Preview E-mails for WooCommerce plugin to the latest available version at least 2.0.0...

6.1CVSS2.4AI score0.01131EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
added 2021/09/08 12:0 a.m.28 views

WordPress RentPress plugin <= 6.6.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress RentPress plugin versions = 6.6.4. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.4AI score0.00908EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/08/23 12:0 a.m.28 views

WordPress Shortcodes Ultimate plugin <= 5.10.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Shortcodes Ultimate plugin versions = 5.10.1. Solution Update the WordPress Shortcodes Ultimate plugin to the latest available version at least 5.10.2...

5.4CVSS1.7AI score0.00604EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/08/09 12:0 a.m.28 views

WordPress 4k Icons for Visual Composer plugin <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by iohex in WordPress 4k Icons for Visual Composer plugin versions = 1.0. Solution This plugin has been closed and is no longer available for download...

6.1CVSS3.1AI score0.01785EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/07/19 12:0 a.m.28 views

WordPress Social Tape plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Ashish Upsham in WordPress Social Tape plugin versions = 1.0. Solution This plugin has been closed as of June 15, 2021 and is not available for download. Reason: Security Issue...

6.1CVSS2.7AI score0.00412EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/05/31 12:0 a.m.28 views

WordPress Yes/No Chart plugin <= 1.0.11 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability discovered by Apple502j in WordPress Yes/No Chart plugin versions = 1.0.11. Solution Update the WordPress Yes/No Chart plugin to the latest available version at least 1.0.12...

6.5CVSS2.8AI score0.01164EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/05/26 12:0 a.m.28 views

WordPress Visitors plugin <= 0.3 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Mesut Cetin in WordPress Visitors plugin versions = 0.3. Solution This plugin has been closed as of May 26, 2021 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.8AI score0.01303EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/05/24 12:0 a.m.28 views

WordPress Easy Google Maps plugin <= 1.9.31 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by 0xB9 in WordPress Easy Google Maps plugin versions = 1.9.31. Solution Update the WordPress Easy Google Maps plugin to the latest available version at least 1.9.32...

6.1CVSS2.3AI score0.00773EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2021/05/10 12:0 a.m.28 views

WordPress LMS by LifterLMS plugin <= 4.21.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Amirmuhammad Vakili in WordPress LMS by LifterLMS plugin versions = 4.21.0. Solution Update the WordPress LMS by LifterLMS plugin to the latest available version at least 4.21.1...

5.4CVSS2.3AI score0.03249EPSS
Exploits5References3Affected Software1
Total number of security vulnerabilities5000