Lucene search
K
PatchstackMost viewed

46606 matches found

Patchstack
Patchstack
added 2014/10/07 12:0 a.m.27 views

WordPress Pods Plugin <= 2.4 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "id" parameter in the pods page to wp-admin/admin.php. Solution Update the plugin...

4.3CVSS2.6AI score0.02041EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2014/07/10 12:0 a.m.27 views

WordPress Random Banner Plugin <= 1.1.2.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "buffercodeRBannerurlbanner1" parameter in an update action to wp-admin/options.php. Solution Update the plugin...

4.3CVSS3.1AI score0.01618EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2014/06/23 12:0 a.m.27 views

WordPress Pay Per Media Player Plugin <= 1.24 - Multiple XSS

Because of these vulnerabilities in payper/payper.php, the attackers to inject arbitrary web script or HTML. Solution Update the plugin...

4.3CVSS2.4AI score0.01618EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2014/01/20 12:0 a.m.27 views

WordPress <= 3.0.1 - BYPASS

wp-includes/capabilities.php does not require the Super Admin role for the deleteusers capability that allows remote authenticated administrators to bypass intended access restrictions via a delete action. Solution Update WordPress...

4.9CVSS5.7AI score0.01693EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2013/02/19 12:0 a.m.27 views

WordPress <= 3.5.1 - External Entity Injection

Because of this vulnerability, the attackers can read arbitrary files via an oEmbed XML provider response containing an external entity declaration in conjunction with an entity reference. Solution Update the plugin...

4.3CVSS4.8AI score0.0225EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2012/12/04 12:0 a.m.27 views

WordPress Nest Theme - SQL Injection

This WordPress Nest theme's "codigo" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the theme...

3.6AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2012/11/12 12:0 a.m.27 views

WordPress Uk Cookie plugin <= 1.0 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by nauty.me04 in WordPress Uk Cookie plugin versions = 1.0 Solution Update the WordPress Uk Cookie plugin to the latest available version at least 1.1...

4.3CVSS2.2AI score0.01948EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2012/08/21 12:0 a.m.27 views

WordPress <= 3.4.1 - BYPASS

Because of this vulnerability, remote authenticated users can bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol feature. Solution Update the plugin...

4CVSS3.3AI score0.01902EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2012/04/21 12:0 a.m.27 views

WordPress <= 3.3.1 - XSS #1

This vulnerability is in the wp-comments-post.php. It allows the attackers to conduct XSS attacks via unspecified vectors. Solution Update WordPress...

4.3CVSS5.4AI score0.02721EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2011/11/04 12:0 a.m.27 views

WordPress Bonus Theme 1.0 - Cross Site Scripting

WordPress Bonus theme's "s" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...

2.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2011/08/10 12:0 a.m.27 views

WordPress <= 3.1.2 - SQL Injection

wp-includes/taxonomy.php has unknown impact and attack vectors, that possibly involving SQL injection. Solution Update WordPress...

7.5CVSS6.8AI score0.01602EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2011/02/24 12:0 a.m.28 views

WordPress Forum Server Plugin 1.6.5 - SQL Injection

WordPress Forum Server plugin is prone to an SQL injection. This vulnerability exists because of failure in the "index.php" script to properly clean up user-supplied input in "searchmax" variable and in the "/wp-content/plugins/forum-server/feed.php" script to properly sanitize user-supplied inpu...

7.5CVSS1.5AI score0.05021EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2011/01/31 12:0 a.m.27 views

WordPress <= 3.0.4 - Multiple XSS

Because of these vulnerabilities, authenticated users can inject arbitrary web script or HTML. Solution Update WordPress...

3.5CVSS1AI score0.02669EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2009/04/28 12:0 a.m.27 views

WordPress <= 2.6.9 - Open Redirection

Because of this vulnerability in wp-admin/upgrade.php, the attackers can redirect users to arbitrary web sites and conduct phishing attacks via a URL in the "backto" parameter. Solution Update WordPress...

4.3CVSS5.1AI score0.02095EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2008/09/15 12:0 a.m.27 views

WordPress <= 2.6.1 - SQL Truncation Vulnerability #1

Because of this vulnerability, the attackers can leverage exposures in products that rely on these functions for security-relevant functionality. Solution Update WordPress...

5.1CVSS3.8AI score0.03013EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2007/08/22 12:0 a.m.27 views

WordPress Classic Theme <= 1.5 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML via the PATHINFO. Solution Update the theme...

4.3CVSS2.5AI score0.01923EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2007/04/09 12:0 a.m.27 views

WordPress <= 2.1.2 - SQL Injection vulnerability

Because of this vulnerability in xmlrpc, the authenticated users can execute arbitrary SQL commands. Solution Update the WordPress to the latest available version at least 2.1.3...

6.5CVSS4.9AI score0.07167EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2007/01/29 12:0 a.m.27 views

WordPress <= 2.0 - Denial of Service Attacks

The wpremotefopen function allows the attackers to cause a denial of service attacks via pingback service calls. Solution Update the WordPress to the latest available version at least 2.0.1...

7.8CVSS5.2AI score0.03384EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2005/07/01 12:0 a.m.27 views

WordPress <= 1.5.1.2 - SQL injection

Because of this vulnerability in XMLRPC server, attackers can execute arbitrary SQL commands via input that is not filtered in the HTTPRAWPOSTDATA variable, which stores the data in an XML file. Solution Update the WordPress to the latest available version at least 1.5.1.3...

7.5CVSS6.6AI score0.0932EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2005/02/20 12:0 a.m.27 views

WordPress <=1.2 - Multiple Cross-Site Scripting (XSS) vulnerabilities

Because of these vulnerabilities, attackers can inject arbitrary web script or HTML. Solution Update WordPress to the latest possible version...

4.3CVSS1.4AI score0.06465EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 5:56 a.m.26 views

WordPress SePay Gateway plugin <= 1.1.20 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by ParkHyunWoo in WordPress Plugin SePay Gateway versions = 1.1.20...

6.5CVSS5.8AI score0.00264EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/16 6:10 p.m.26 views

WordPress WP to LinkedIn Auto Publish plugin <= 1.9.8 - Reflected Cross-Site Scripting via PostMessage vulnerability

Reflected Cross-Site Scripting via PostMessage vulnerability discovered by Nicolai Hellesnes nico in WordPress Plugin WP to LinkedIn Auto Publish versions = 1.9.8...

6.1CVSS6.1AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/10/07 10:35 p.m.26 views

WordPress Chartify plugin <= 3.5.9 - Missing Authentication for Administrative Function vulnerability

Missing Authentication for Administrative Function vulnerability discovered by WordFence in WordPress Plugin Chartify versions = 3.5.9...

5.3CVSS5.9AI score0.00331EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2025/07/04 8:53 a.m.26 views

WordPress Service Finder Booking plugin <= 6.1 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by Bonds in WordPress Plugin Service Finder Booking versions = 6.1...

9.8CVSS6.7AI score0.0069EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.26 views

WordPress NextGEN Gallery Plugin < 3.59.5 is vulnerable to Cross Site Scripting (XSS)

Software NextGEN Gallery Type Plugin Vulnerable versions 3.59.5 Fixed in 3.59.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6393 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0e6857ff3928 Credits WPscan Required privileg...

4.8CVSS6AI score0.00455EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.26 views

WordPress JobSearch Plugin <= 2.6.7 is vulnerable to Arbitrary File Upload

Software JobSearch Type Plugin Vulnerable versions = 2.6.7 Fixed in 2.6.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-8614 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID d16b486be3a5 Credits Tonn Required privilege Subscriber Published 5...

9.9CVSS7.2AI score0.00764EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.26 views

WordPress Forms for Mailchimp by Optin Cat Plugin <= 2.5.6 is vulnerable to Cross Site Scripting (XSS)

Software Forms for Mailchimp by Optin Cat Type Plugin Vulnerable versions = 2.5.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8870 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 95ff17d053e3 Credits vgo...

6.1CVSS5.7AI score0.00494EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.26 views

WordPress Plugin Propagator Plugin <= 0.1 is vulnerable to Arbitrary File Upload

Software Plugin Propagator Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50495 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 8034c466a94c Credits stealthcopter Required privilege...

10CVSS7.2AI score0.00501EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.26 views

WordPress Acnoo Flutter API Plugin <= 1.0.5 is vulnerable to Privilege Escalation

Software Acnoo Flutter API Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50486 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 69fb59b59cf8 Credits...

9.8CVSS6.8AI score0.00525EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/11 12:0 a.m.26 views

WordPress Bridge Core Plugin <= 3.3 is vulnerable to Broken Access Control

Software Bridge Core Type Plugin Vulnerable versions = 3.3 Fixed in 3.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9860 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 06bde99f8c17 Credits István Márton Required privilege...

6.5CVSS6.5AI score0.00303EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/10 12:0 a.m.26 views

WordPress Hunk Companion Plugin <= 1.8.4 is vulnerable to Broken Access Control

Software Hunk Companion Type Plugin Vulnerable versions = 1.8.4 Fixed in 1.8.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9707 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 20cecbb53904 Credits Sean Murphy Required privileg...

9.8CVSS6.5AI score0.09137EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/09/18 12:0 a.m.26 views

WordPress WP Hardening Plugin <= 1.2.6 is vulnerable to Bypass Vulnerability

Software WP Hardening Type Plugin Vulnerable versions = 1.2.6 Fixed in 1.2.7 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-6641 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5e3f8dc1dce6 Credits Felipe Caon Required privilege...

5.3CVSS6.6AI score0.00381EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/12 12:0 a.m.26 views

WordPress Watu Quiz Plugin < 3.4.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Watu Quiz Type Plugin Vulnerable versions 3.4.1.2 Fixed in 3.4.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2640 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 617bfa58ba67 Credits Eunho Kim Required privilege...

6.8CVSS5.8AI score0.00394EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/05/10 12:0 a.m.26 views

WordPress Extra Theme <= 4.25.0 is vulnerable to Cross Site Scripting (XSS)

Software Extra Type Theme Vulnerable versions = 4.25.0 Fixed in 4.25.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4490 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bcfad4f5bb49 Credits Webbernaut Required privilege...

6.4CVSS6.1AI score0.00505EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/11 12:0 a.m.26 views

WordPress WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to fix Insecure Content Plugin <= 7.0 is vulnerable to Sensitive Data Exposure

Software WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to fix Insecure Content Type Plugin Vulnerable versions = 7.0 Fixed in 7.1.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-7046 Patch priority Low CVSS severity Low 7.5...

7.5CVSS6.5AI score0.00444EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/02 12:0 a.m.26 views

WordPress Template Kit – Import Plugin <= 1.0.14 is vulnerable to Cross Site Scripting (XSS)

Software Template Kit – Import Type Plugin Vulnerable versions = 1.0.14 Fixed in 1.0.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2334 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3ba95df4bab0 Credits Colin Xu Require...

6.4CVSS5.7AI score0.0045EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/03/23 12:0 a.m.26 views

WordPress Astra Theme <= 4.6.8 is vulnerable to Cross Site Scripting (XSS)

Software Astra Type Theme Vulnerable versions = 4.6.8 Fixed in 4.6.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-2347 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bd6f62042937 Credits stealthcopter Required privilege Contributor...

6.4CVSS6.6AI score0.00353EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/02/26 12:0 a.m.26 views

WordPress NotificationX Plugin <= 2.8.2 is vulnerable to SQL Injection

Software NotificationX Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.8.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1698 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 7d9025b61012 Credits Krzysztof Zając Required privilege Unauthenticated...

9.8CVSS6.7AI score0.77585EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.26 views

WordPress GPT3 AI Content Writer Plugin <= 1.8.12 is vulnerable to Cross Site Request Forgery (CSRF)

Software GPT3 AI Content Writer Type Plugin Vulnerable versions = 1.8.12 Fixed in 1.8.13 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51528 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 803ba388c710 Credits Brandon...

8.8CVSS6.6AI score0.00241EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/24 12:0 a.m.26 views

WordPress Export any WordPress data to XML/CSV Plugin < 1.4.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Export any WordPress data to XML/CSV Type Plugin Vulnerable versions 1.4.1 Fixed in 1.4.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5882 Patch priority Low CVSS severity Low 9.6 Developer Claim ownership PSID 699f0018c204 Credits...

8.8CVSS7AI score0.0055EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.26 views

WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to PHP Object Injection

Software Master Slider Pro Type Plugin Vulnerable versions = 3.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-47507 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 6df26bc223e4 Credits Rafie Muhammad Patchstack Required...

9.8CVSS6.8AI score0.00388EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/02 12:0 a.m.26 views

WordPress Icons Font Loader Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload

Software Icons Font Loader Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-5860 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID e7c1b6cac566 Credits Alex Thomas Required privilege...

7.2CVSS6.8AI score0.01023EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/10/13 12:0 a.m.26 views

WordPress RumbleTalk Live Group Chat Plugin <= 6.2.5 is vulnerable to Broken Access Control

Software RumbleTalk Live Group Chat Type Plugin Vulnerable versions = 6.2.5 Fixed in 6.2.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-45828 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 142311804af3 Credits Mika Require...

6.5AI score0.00783EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2023/08/22 12:0 a.m.26 views

WordPress JupiterX Core Plugin <= 3.3.5 is vulnerable to Arbitrary File Upload

Software JupiterX Core Type Plugin Vulnerable versions = 3.3.5 Fixed in 3.3.8 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-38388 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 8bc7c34302b7 Credits Rafie Muhammad Patchstack Required privileg...

9.8CVSS6.8AI score0.01374EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.26 views

WordPress WooCommerce Pre-Orders Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Pre-Orders Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32793 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 835a4691203f Credits Rafie Muhammad...

6.5CVSS5.7AI score0.00374EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2023/01/10 12:0 a.m.26 views

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4700 Patch priority Medium CVSS severity Medium 5.4 Developer WProyal PSID 423004fa0a2f Credits Ramuel Gall Required...

8.8CVSS6.8AI score0.00818EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/11/25 12:0 a.m.26 views

WordPress Community Events plugin <= 1.4.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Hoang Van Hiep sk4rl1ghT in the WordPress Community Events plugin versions = 1.4.8. Solution Update the WordPress Community Events plugin to the latest available version at least 1.4.9...

1.6AI score0.00392EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/24 12:0 a.m.26 views

WordPress WP ULike plugin <= 4.6.4 - Race Condition vulnerability

Race Condition vulnerability leading to rating increase/decrease discovered by Nguy Minh Tuan Patchstack Alliance in the WordPress WP ULike plugin versions = 4.6.3. Solution No patched version is available. No reply from the vendor since August 24th, 2022...

3.5AI score0.0033EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/23 12:0 a.m.26 views

WordPress miniOrange Two-Factor Authentication plugin <= 5.6.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Calvin Alkan in WordPress miniOrange Two-Factor Authentication plugin versions = 5.6.1. Solution Update the WordPress miniOrange's Google Authenticator plugin to the latest available version at least 5.6.2...

3.1AI score0.00694EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/17 12:0 a.m.26 views

WordPress Ezoic plugin <= 2.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by José Aguilera Patchstack Alliance in the WordPress Ezoic plugin versions = 2.8.8. Solution Update the WordPress Ezoic plugin to the latest available version at least 2.8.9...

4.8CVSS3.2AI score0.00392EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000