Lucene search
K
PatchstackMost viewed

46606 matches found

Patchstack
Patchstack
added 2022/11/07 12:0 a.m.27 views

WordPress WP User Merger plugin <= 1.5.2 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Kunal Sharma University of Kaiserslautern and Daniel Krohmer Fraunhofer IESE in the WordPress WP User Merger plugin versions = 1.5.2. Solution Update the WordPress WP User Merger plugin to the latest available version at least 1.5.3...

2.1AI score0.01053EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/11/03 12:0 a.m.27 views

WordPress Beautiful Cookie Consent Banner plugin <= 2.9.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by zhangyunpei in the WordPress Beautiful Cookie Consent Banner plugin versions = 2.9.0. Solution Update the WordPress Beautiful Cookie Consent Banner plugin to the latest available version at least 2.9.1...

2.5AI score0.00459EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/11/01 12:0 a.m.27 views

WordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Deletion vulnerability

Unauth. Arbitrary File Deletion vulnerability discovered by Dave Jong Patchstack in the WordPress WatchTowerHQ plugin versions = 3.6.15. Solution Update the WordPress WatchTowerHQ plugin to the latest available version at least 3.6.16...

9.1CVSS3.7AI score0.00819EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/30 12:0 a.m.27 views

WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to Rule Type Migration discovered by Muhammad Daffa Patchstack Alliance in WordPress Advanced Dynamic Pricing for WooCommerce plugin versions = 4.1.5. Solution Update the WordPress Advanced Dynamic Pricing for WooCommerce plugin to the latest...

5.4CVSS3.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/30 12:0 a.m.27 views

WordPress Appointment Booking Calendar plugin <= 1.3.69 - Missing Authorization vulnerability

Missing Authorization vulnerability leading to Feedback Submission discovered by Lana Codes Patchstack Alliance in the WordPress Appointment Booking Calendar plugin versions = 1.3.69. Solution Update the WordPress Appointment Booking Calendar plugin to the latest available version at least 1.3.70...

8.8CVSS4.2AI score0.00494EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/27 12:0 a.m.27 views

WordPress Testimonials plugin <= 2.6 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Testimonials plugin versions = 2.6. Solution Update the WordPress Testimonials plugin to the latest available version at least 2.7...

4.8CVSS3.3AI score0.00412EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/24 12:0 a.m.27 views

WordPress 2kb Amazon Affiliates Store plugin <= 2.1.5 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress 2kb Amazon Affiliates Store plugin versions = 2.1.5. Solution No patched version is available. No reply from the vendor...

3AI score0.00392EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/24 12:0 a.m.27 views

WordPress tagDiv Composer plugin < 3.5 - Unauthenticated Account Takeover vulnerability

Unauthenticated Account Takeover vulnerability discovered by Truoc Phan Techlab Corporation in WordPress tagDiv Composer plugin versions 3.5. Solution Update the WordPress tagDiv Composer plugin to the latest available version at least 3.5...

9.8CVSS3.2AI score0.03546EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/10/21 12:0 a.m.27 views

WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability discovered by Dhakal Ananda Patchstack Alliance in WordPress Better Messages plugin versions = 1.9.10.68. Solution Update the WordPress BP Better Messages plugin to the latest available version at least 1.9.10.69...

8.8CVSS3.5AI score0.00535EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/30 12:0 a.m.27 views

WordPress CRM Perks Forms plugin <= 1.1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Tien Nguyen Anh Patchstack Alliance in WordPress CRM Perks Forms plugin versions = 1.1.0. Solution Update the WordPress CRM Perks Forms plugin to the latest available version at least 1.1.1...

2.7AI score0.0081EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/29 12:0 a.m.27 views

WordPress Profile Builder plugin <= 3.6.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability was discovered by mirphak Patchstack Alliance in the WordPress Profile Builder plugin versions = 3.6.0. Solution Update the WordPress Profile Builder plugin to the latest available version at least 3.6.1...

4.3CVSS3.7AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/22 12:0 a.m.27 views

WordPress Tabs plugin <= 3.7.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Vlad Vector Patchstack in the WordPress Tabs plugin versions = 3.7.1. Solution Update the WordPress Tabs plugin to the latest available version at least 3.7.2...

5.4CVSS2.4AI score0.0041EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/14 12:0 a.m.27 views

WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin settings change discovered by Muhammad Daffa Patchstack Alliance in WordPress Advanced Dynamic Pricing for WooCommerce plugin versions = 4.1.3 Solution Update the WordPress Advanced Dynamic Pricing for WooCommerce plugin to the lates...

5.4CVSS3.8AI score0.00261EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/14 12:0 a.m.27 views

WordPress Awesome Support plugin <= 6.0.7 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Vlad Vector Patchstack in WordPress Awesome Support plugin versions = 6.0.7. Solution Update the WordPress Awesome Support plugin to the latest available version at least 6.0.8...

5.4CVSS2.4AI score0.0047EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/01 12:0 a.m.27 views

WordPress CallRail Phone Call Tracking plugin <= 0.4.9 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Rasi Afeef Patchstack Alliance in WordPress CallRail Phone Call Tracking plugin versions = 0.4.9. Solution Update the WordPress CallRail Phone Call Tracking plugin to the latest available versio...

6.1CVSS2.3AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/25 12:0 a.m.27 views

WordPress Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 - Authenticated Cross-Site Scripting (XSS) vulnerability

Authenticated Cross-Site Scripting XSS vulnerability discovered by Kim Jong Min aka Universe Patchstack Alliance in WordPress Poll, Survey, Questionnaire and Voting system plugin versions = 1.7.4. Solution No patched version available...

4.8CVSS3.1AI score0.00432EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/18 12:0 a.m.27 views

WordPress Titan Anti Spam & Security Plugin <= 7.3.0 - Protection Bypass due to IP Spoofing vulnerability

Protection Bypass due to IP Spoofing vulnerability discovered by Daniel Ruf in Titan Anti-spam & Security versions = 7.3.0 Solution Update the WordPress Titan Anti-spam & Security plugin to the latest available version at least 7.3.1...

5.3CVSS2.3AI score0.00615EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/07/25 12:0 a.m.27 views

WordPress Shortcode Addons plugin <= 3.1.2 - Authenticated WordPress Options Change vulnerability

Authenticated WordPress Options Change vulnerability discovered by m0ze Patchstack in WordPress Shortcode Addons plugin versions = 3.1.2. Solution Update the WordPress Shortcode Addons plugin to the latest available version at least 3.2.0...

7.2CVSS2.9AI score0.00904EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/07/18 12:0 a.m.27 views

WordPress MultiSafepay plugin for WooCommerce plugin <= 4.15.0 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by Brandon Roldan in WordPress MultiSafepay plugin for WooCommerce plugin versions = 4.15.0. Solution Update the WordPress MultiSafepay plugin for WooCommerce plugin to the latest available version at least 4.16.0...

7.5CVSS3.1AI score0.02193EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/07/14 12:0 a.m.27 views

WordPress YaySMTP – Simple WP SMTP Mail plugin <= 2.2.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Rafshanzani Suhada in WordPress YaySMTP – Simple WP SMTP Mail plugin versions = 2.2.1. Solution Update the WordPress YaySMTP plugin to the latest available version at least 2.2.2...

4.8CVSS1.5AI score0.00493EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2022/07/11 12:0 a.m.27 views

WordPress Youzify plugin <= 1.1.9 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Youzify plugin versions = 1.1.9. Solution Update the WordPress Youzify plugin to the latest available version at least 1.2.0...

9.8CVSS3.2AI score0.04109EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/07/11 12:0 a.m.27 views

WordPress Featured Image from URL plugin <= 4.0.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Raad Haddad in WordPress Featured Image from URL plugin versions = 4.0.0. Solution Update the WordPress Featured Image from URL plugin to the latest available version at least 4.0.1...

4.8CVSS1.1AI score0.00493EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/27 12:0 a.m.27 views

WordPress Accept Stripe Payments plugin <= 2.0.63 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by iohex in WordPress Accept Stripe Payments plugin versions = 2.0.63. Solution Update the WordPress Stripe Payments plugin to the latest available version at least 2.0.64...

4.8CVSS2.1AI score0.00493EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/06/14 12:0 a.m.27 views

WordPress XO Slider plugin <= 3.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress XO Slider plugin versions = 3.3.2. Solution Update the WordPress XO Slider plugin to the latest available version at least 3.3.3...

5.4CVSS2.9AI score0.00482EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/06/07 12:0 a.m.27 views

WordPress Download Manager plugin <= 3.2.42 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Rafie Muhammad Yeraisci in WordPress Download Manager plugin versions = 3.2.42. Solution Update the WordPress Download Manager plugin to the latest available version at least 3.2.43...

6.1CVSS3.1AI score0.01138EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2022/05/26 12:0 a.m.27 views

WordPress Hotel Booking plugin <= 3.0 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Ngo Van Thien Patchstack Alliance in the WordPress Hotel Booking plugin versions = 3.0. Solution Deactivate and delete. This plugin has been closed as of May 6, 2022 and is not available for download. This...

5.4CVSS1.5AI score0.00482EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/05/09 12:0 a.m.27 views

WordPress No Future Posts plugin <= 1.4 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability was discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in WordPress No Future Posts plugin versions = 1.4. Solution Deactivate and delete. This plugin has been closed as of April 18, 2022 and is not available for download. This closure i...

4.8CVSS1.3AI score0.00565EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/28 12:0 a.m.27 views

WordPress Countdown & Clock plugin <= 2.3.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Ex.Mi Patchstack in WordPress Countdown & Clock plugin versions = 2.3.2. Solution Update the WordPress Countdown & Clock plugin to the latest available version at least 2.3.3...

6.1CVSS3AI score0.00713EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/27 12:0 a.m.27 views

WordPress Better Click To Tweet plugin <= 5.10.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered in WordPress Better Click To Tweet plugin versions = 5.10.1. Solution Update the WordPress Better Click To Tweet plugin to the latest available version at least 5.10.2...

2.3AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/04/26 12:0 a.m.27 views

WordPress Gwyn's Imagemap Selector plugin <= 0.3.3 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Gwyn's Imagemap Selector plugin versions = 0.3.3 Solution Deactivate and delete. This plugin has been closed as of April 19, 2022 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.2AI score0.02002EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/04/26 12:0 a.m.27 views

WordPress Sliderby10Web plugin <= 1.2.51 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Fayçal CHENA in WordPress Sliderby10Web plugin versions = 1.2.51. Solution Update the WordPress Sliderby10Web plugin to the latest available version at least 1.2.52...

4.8CVSS1.9AI score0.00995EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/13 12:0 a.m.27 views

WordPress BadgeOS plugin <= 3.7.0 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress BadgeOS plugin versions = 3.7.0. Solution Update the WordPress BadgeOS plugin to the latest available version at least 3.7.1...

9.8CVSS3AI score0.11485EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/12 12:0 a.m.27 views

WordPress Popup Maker plugin <= 1.16.4 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Roel van Beurden in WordPress Popup Maker plugin versions = 1.16.4. Solution Update the WordPress Popup Maker plugin to the latest available version at least 1.16.5...

4.8CVSS1.7AI score0.539EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/08 12:0 a.m.27 views

WordPress Chaty plugin <= 2.8.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress Chaty plugin versions = 2.8.3. Solution No patched version is available...

4.8CVSS2.8AI score0.00576EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/07 12:0 a.m.27 views

WordPress SiteGround Security plugin <= 1.2.5 - Authorization Weakness to Authentication Bypass via 2-Factor Authentication Back-up Codes vulnerability

Authorization Weakness to Authentication Bypass via 2-Factor Authentication Back-up Codes vulnerability discovered by Chloe Chamberland Wordfence in WordPress SiteGround Security plugin versions = 1.2.5. Solution Update the WordPress SiteGround Security plugin to the latest available version at...

9.8CVSS4.5AI score0.07467EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/07 12:0 a.m.27 views

WordPress WPvivid plugin <= 0.9.70 - Arbitrary File Read vulnerability

Arbitrary File Read vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress WPvivid plugin versions = 0.9.70. Solution Update the WordPress WPvivid plugin to the latest available version at least 0.9.71...

7.5CVSS4.1AI score0.01444EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/05 12:0 a.m.27 views

WordPress Advanced Page Visit Counter <= 6.1.1 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Advanced Page Visit Counter versions = 6.1.1. Solution Update the WordPress Advanced Page Visit Counter – Most Advanced WordPress Visit Counter Plugin to the latest available version at least...

6.1CVSS2.4AI score0.01277EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/04 12:0 a.m.27 views

WordPress Social comments by WpDevArt plugin <= 2.4.9 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Mika in WordPress Social comments by WpDevArt plugin versions = 2.4.9. Solution Update the WordPress Social comments by WpDevArt plugin to the latest available version at least 2.5.0...

4.8CVSS3AI score0.00577EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/04 12:0 a.m.27 views

WordPress Opensea plugin <= 1.0.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Mika in WordPress Opensea plugin versions = 1.0.2. Solution Update the WordPress Opensea plugin to the latest available version at least 1.0.3...

4.8CVSS2AI score0.00577EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/03/21 12:0 a.m.27 views

WordPress Easy Social Icons plugin <= 3.2.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by qerogram in WordPress Easy Social Icons plugin versions = 3.2.0. Solution Update the WordPress Easy Social Icons plugin to the latest available version at least 3.2.1...

4.8CVSS2.7AI score0.00588EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/16 12:0 a.m.27 views

WordPress Download Manager plugin <= 3.2.38 - Unauthenticated Brute Force of Files Master Key vulnerability

Unauthenticated Brute Force of Files Master Key vulnerability discovered by Diogo Real in WordPress Download Manager plugin versions = 3.2.38. Solution Update the WordPress Download Manager plugin to the latest available version at least 3.2.39...

7.5CVSS3.4AI score0.0151EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/16 12:0 a.m.27 views

WordPress Stop Bad Bots plugin <= 6.92 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Stop Bad Bots plugin versions = 6.92. Solution Update the WordPress Stop Bad Bots plugin to the latest available version at least 6.930...

9.8CVSS2.9AI score0.07867EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/14 12:0 a.m.27 views

WordPress Dropdown Menu Widget plugin <= 1.9.7 - Arbitrary Settings Update leading to Stored Cross-Site Scripting (XSS) vulnerability

Arbitrary Settings Update leading to Stored Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Dropdown Menu Widget plugin versions = 1.9.7. Solution Deactivate and delete. This plugin has been closed as of March 7, 2022 and is not available for download. This closu...

5.4CVSS1.2AI score0.00595EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/09 12:0 a.m.27 views

WordPress Booking Package plugin <= 1.5.28 - Unauthenticated Sensitive Data Disclosure vulnerability

Unauthenticated Sensitive Data Disclosure vulnerability discovered by Huli Cymetrics in WordPress Booking Package plugin versions = 1.5.28. Solution Update the WordPress Booking Package plugin to the latest available version at least 1.5.29...

7.5CVSS2.7AI score0.01594EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/08 12:0 a.m.27 views

WordPress Analytics Cat plugin <= 1.0.9 - Plugin Settings change via Cross-Site Request Forgery (CSRF) vulnerability

Plugin Settings change via Cross-Site Request Forgery CSRF vulnerability discovered by Rasi Afeef Patchstack Alliance in WordPress Analytics Cat plugin versions = 1.0.9. Solution Update the WordPress Analytics Cat plugin to the latest available version at least 1.1.0...

5.4CVSS4.6AI score0.00258EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/03/07 12:0 a.m.27 views

WordPress Stop Bad Bots plugin <= 6.87 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by Krzysztof Zając in WordPress Stop Bad Bots plugin versions = 6.87. Solution Update the WordPress Stop Bad Bots plugin to the latest available version at least 6.88...

9.8CVSS2.8AI score0.01583EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.27 views

WordPress CodeKit – Custom Codes Editor plugin <= 2.2.9 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress CodeKit – Custom Codes Editor plugin versions = 2.2.9. Solution Update the WordPress CodeKit – Custom Codes Editor plugin to the latest available version at least 2.3...

2.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.27 views

WordPress Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) plugin <= 1.0.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Internal Linking for SEO traffic & Ranking – Auto internal links 100% automatic plugin versions = 1.0.3. Solution Update the WordPress Internal Linking for SEO traffic & Ranking – Auto internal links...

4.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/17 12:0 a.m.27 views

WordPress WP Statistics plugin <= 13.1.5 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability via 'platform' discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress WP Statistics plugin versions = 13.1.5. Solution Update the WordPress WP Statistics plugin to the latest available version at least 13.1.6...

7.2CVSS2.6AI score0.01357EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/02/17 12:0 a.m.27 views

WordPress Sync QCloud COS plugin <= 2.0.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by fuzzyap1 in WordPress Sync QCloud COS plugin versions = 2.0.0. Solution Update the WordPress Sync QCloud COS plugin to the latest available version at least 2.0.1...

4.8CVSS1.7AI score0.00588EPSS
Exploits2References3Affected Software1
Total number of security vulnerabilities5000