Lucene search
K
PatchstackMost viewed

46677 matches found

Patchstack
Patchstack
•added 2023/11/28 12:0 a.m.•25 views

WordPress Button Generator – easily Button Builder Plugin <= 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Button Generator – easily Button Builder Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-49155 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f69c6cdb268...

8.8CVSS6.6AI score0.00294EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/11/07 12:0 a.m.•25 views

WordPress Amazonify Plugin <= 0.8.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Amazonify Type Plugin Vulnerable versions = 0.8.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5818 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a36688b74e5b Credits Ala Arfaoui Required privile...

4.3CVSS6.5AI score0.00234EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/10/30 12:0 a.m.•25 views

WordPress Left right image slideshow gallery Plugin <= 12.0 is vulnerable to SQL Injection

Software Left right image slideshow gallery Type Plugin Vulnerable versions = 12.0 Fixed in 12.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5431 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID a8ec43c6fd5b Credits István Márton Required privilege...

8.8CVSS6.8AI score0.00797EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
•added 2023/08/02 12:0 a.m.•25 views

WordPress Stripe Payment Gateway for WooCommerce Plugin <= 3.7.7 is vulnerable to Privilege Escalation

Software Stripe Payment Gateway for WooCommerce Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-3162 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID...

9.8CVSS6.5AI score0.00966EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
•added 2023/06/28 12:0 a.m.•25 views

WordPress Houzez CRM Plugin <= 1.3.4 is vulnerable to SQL Injection

Software Houzez CRM Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-36529 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 5387270a680b Credits Dave Jong Patchstack Required privilege Subscriber...

9.8CVSS6.8AI score0.0055EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/06/27 12:0 a.m.•25 views

WordPress File Manager Advanced Shortcode Plugin <= 2.3.2 is vulnerable to Remote Code Execution (RCE)

Software File Manager Advanced Shortcode Type Plugin Vulnerable versions = 2.3.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-2068 Patch priority High CVSS severity High 10 Developer Claim ownership PSID f57871788c33 Credits Mateus Machado Tesser...

9.8CVSS7.1AI score0.3962EPSS
Exploits8References2Affected Software1
Patchstack
Patchstack
•added 2023/06/27 12:0 a.m.•25 views

WordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software The7 Type Theme Vulnerable versions = 11.7.3 Fixed in 11.7.3.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32123 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID 3ecb876f7b93 Credits Dave Jong Patchstack Requir...

7.1CVSS6.7AI score0.00203EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/04/25 12:0 a.m.•25 views

WordPress Cream Blog Theme <= 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Cream Blog Type Theme Vulnerable versions = 2.1.3 Fixed in 2.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28687 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 08758c27269b Credits László Radnai Required...

7.1CVSS5.9AI score0.00467EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2022/12/29 12:0 a.m.•25 views

WordPress bolster Theme < 10 is vulnerable to Arbitrary File Upload

Software bolster Type Theme Vulnerable versions 10 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2022-0316 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 8b3d84068dc9 Credits Joshua Small Required privilege...

9.8CVSS9.3AI score0.02084EPSS
Exploits12References2Affected Software1
Patchstack
Patchstack
•added 2022/11/23 12:0 a.m.•25 views

WordPress Image Map Pro premium plugin <= 5.5.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Dave Jong Patchstack in the WordPress Image Map Pro premium plugin versions = 5.5.0. Solution No patched version is available. No reply from the vendor for a long time...

2.6AI score0.00253EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/11/21 12:0 a.m.•25 views

WordPress Anti Hacker plugin <= 4.19 - Auth. Arbitrary Plugin Installation vulnerability

Auth. Arbitrary Plugin Installation vulnerability discovered by Lana Codes in WordPress Anti Hacker plugin versions = 4.19. Solution Update the WordPress Anti Hacker plugin to the latest available version at least 4.20...

3AI score0.0034EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/11/21 12:0 a.m.•25 views

WordPress Welcart e-Commerce plugin <= 2.8.3 - Auth. Arbitrary Shipping Method Creation/Update/Deletion vulnerability

Auth. Arbitrary Shipping Method Creation/Update/Deletion vulnerability discovered by Lana Codes in WordPress Welcart e-Commerce plugin versions = 2.8.3. Solution Update the WordPress Welcart e-Commerce plugin to the latest available version at least 2.8.4...

2.8AI score0.00329EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/11/17 12:0 a.m.•25 views

WordPress wpForo Forum plugin <= 2.0.9 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by dhakalananda Patchstack Alliance in WordPress wpForo Forum plugin versions = 2.0.9. Solution Update the WordPress wpForo Forum plugin to the latest available version at least 2.1.0...

8.8CVSS3.8AI score0.00436EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/11/17 12:0 a.m.•25 views

WordPress News Announcement Scroll plugin <= 8.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in the WordPress News Announcement Scroll plugin versions = 8.8.8. Solution Update the WordPress News Announcement Scroll plugin to the latest available version at least 9.0.0...

4.8CVSS3AI score0.00392EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/11/17 12:0 a.m.•25 views

WordPress Betheme theme <= 26.5.1.4 - Auth. PHP Object Injection vulnerability

Auth. PHP Object Injection vulnerability discovered by Dave Jong Patchstack in the WordPress Betheme theme versions = 26.5.1.4. Solution Update the WordPress Betheme theme to the latest available version at least 26.6...

8.8CVSS2.9AI score0.00615EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2022/11/07 12:0 a.m.•25 views

WordPress WPSmartContracts plugin <= 1.3.11 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Kunal Sharma University of Kaiserslautern and Daniel Krohmer Fraunhofer IESE in the WordPress WPSmartContracts plugin versions = 1.3.11 Solution Update the WordPress WPSmartContracts plugin to the latest available version at least 1.3.12...

3AI score0.03663EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/11/01 12:0 a.m.•25 views

WordPress Homepage PopUp plugin <= 1.2.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Mika Patchstack Alliance in the WordPress Homepage Pop-up plugin versions = 1.2.5. Solution No patched version is available. No reply from the vendor...

2.9AI score0.00264EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/10/31 12:0 a.m.•25 views

WordPress WP User Frontend plugin <= 3.5.28 - Obscure Registration as Admin vulnerability

Obscure Registration as Admin vulnerability discovered by AyeCode Ltd in WordPress WP User Frontend plugin versions = 3.5.28. Solution Update the WordPress WP User Frontend plugin to the latest available version at least 3.5.29...

9.8CVSS2.4AI score0.00646EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/10/31 12:0 a.m.•25 views

WordPress Gallery Images Ape plugin <= 2.2.8 - Auth. Cross-Site Scripting (XSS) vulnerability

Auth. Cross-Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Gallery Images Ape plugin versions = 2.2.8. Solution No patched version is available. No reply from the vendor...

3.1AI score0.00383EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/10/28 12:0 a.m.•25 views

WordPress Ask Me premium theme < 6.8.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to Post Deletion discovered by Srijan Adhikari in WordPress Ask Me premium theme versions 6.8.7. Solution Update the WordPress Ask Me theme to the latest available version at least 6.8.7...

4.7CVSS3.1AI score0.00355EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
•added 2022/10/27 12:0 a.m.•25 views

WordPress Web Stories plugin <= 1.24.0 - Auth. Server-Side Request Forgery (SSRF) vulnerability

Auth. Server-Side Request Forgery SSRF vulnerability discovered by Aymen Borgi in the WordPress Web Stories plugin versions = 1.24.0. Solution Update the WordPress Web Stories plugin to the latest available version at least 1.25.0...

9.6CVSS3.2AI score0.00694EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2022/10/24 12:0 a.m.•25 views

WordPress Newsmag premium theme 5.2.1 - Unauthenticated Account Takeover vulnerability

Unauthenticated Account Takeover vulnerability discovered by Truoc Phan in the WordPress Newsmag premium theme version 5.2.1. Solution Update the WordPress NewsMag theme to the latest available version at least 5.2.2...

9.8CVSS3.2AI score0.03546EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/10/24 12:0 a.m.•25 views

WordPress Auto Upload Images plugin <= 3.3 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Rasi Patchstack Alliance in the WordPress Auto Upload Images plugin versions = 3.3. Solution No patched version is available. No reply from the vendor...

2.6AI score0.00216EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/10/10 12:0 a.m.•25 views

WordPress Rock Convert plugin <= 2.10.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by José Ricardo in the WordPress Rock Convert plugin versions = 2.10.2. Solution Update the WordPress Rock Convert plugin to the latest available version at least 2.11.0...

6.1CVSS2.1AI score0.00486EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/09/29 12:0 a.m.•25 views

WordPress Analytics Cat plugin <= 1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Vlad Vector Patchstack in WordPress Analytics Cat plugin versions = 1.0.9. Solution Update the WordPress Analytics Cat plugin to the latest available version at least 1.1.0...

4.8CVSS2.4AI score0.00412EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/29 12:0 a.m.•25 views

WordPress Accordions plugin <= 2.0.3 - Authenticated WordPress Options Change vulnerability

Authenticated WordPress Options Change vulnerability discovered by Vlad Vector Patchstack in WordPress Accordions plugin versions = 2.0.3. Solution Update the WordPress Accordions plugin to the latest available version at least 2.1.0...

7.2CVSS3.5AI score0.00881EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/27 12:0 a.m.•25 views

WordPress Pop-Up Chop Chop plugin <= 2.1.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Pop-Up Chop Chop plugin versions = 2.1.7. Solution No patched version is available. No reply from the vendor...

5.4CVSS2.5AI score0.00413EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/27 12:0 a.m.•25 views

WordPress Social Media Follow Buttons Bar plugin <= 4.73 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress Social Media Follow Buttons Bar plugin versions = 4.73. Solution No patched version is available. No reply from the vendor...

4.8CVSS3.7AI score0.00396EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/27 12:0 a.m.•25 views

WordPress TH Advance Product Search plugin <= 1.1.4 - Unauthenticated Plugin Settings Reset vulnerability

Unauthenticated Plugin Settings Reset vulnerability discovered by Rasi Afeef Patchstack Alliance in WordPress TH Advance Product Search plugin versions = 1.1.4. Solution No patched version is available. Ignored by the vendor since Aug 2, 2022...

4AI score0.006EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/26 12:0 a.m.•25 views

WordPress Frontend File Manager plugin <= 21.3 - File Upload via Cross-Site Request Forgery (CSRF) vulnerability

File Upload via Cross-Site Request Forgery CSRF vulnerability was discovered by Raad Haddad Cloudyrion GmbH in the WordPress Frontend File Manager plugin versions = 21.3. Solution Update the WordPress Frontend File Manager plugin to the latest available version at least 21.4...

4.3CVSS2.8AI score0.00267EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/09/23 12:0 a.m.•25 views

WordPress Seriously Simple Podcasting plugin <= 2.16.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin settings change discovered by Muhammad Daffa Patchstack Alliance in WordPress Seriously Simple Podcasting plugin versions = 2.16.0. Solution Update the WordPress Seriously Simple Podcasting plugin to the latest available version at...

5.4CVSS3.6AI score0.00301EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/20 12:0 a.m.•25 views

WordPress Import all XML, CSV & TXT plugin <= 6.5.7 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Sanjay Das in WordPress Import all XML, CSV & TXT plugin versions = 6.5.7. Solution Update the WordPress WP Ultimate CSV Importer plugin to the latest available version at least 6.5.8...

7.2CVSS2.6AI score0.00992EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/09/12 12:0 a.m.•25 views

WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability leading to plugin settings change discovered by Tien Nguyen Anh Patchstack Alliance in WordPress Photospace Gallery plugin versions = 2.3.5. Solution No patched version is available. No reply from the vendor...

5.4CVSS4.4AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/12 12:0 a.m.•25 views

WordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress Read more By Adam plugin versions = 1.1.8. Solution No patched version is available. No reply from the vendor...

8.8CVSS4.1AI score0.00287EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/09/07 12:0 a.m.•25 views

WordPress Frontend File Manager plugin <= 21.2 - Unauthenticated File Renaming vulnerability

Unauthenticated File Renaming vulnerability discovered by Raad Haddad Cloudyrion GmbH in WordPress Frontend File Manager plugin versions = 21.2. Solution Update the WordPress Frontend File Manager plugin to the latest available version at least 21.3...

5.3CVSS1.8AI score0.06199EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/08/25 12:0 a.m.•25 views

WordPress About Rentals plugin <= 1.5 - Missing Access Control vulnerability

Missing Access Control vulnerability leading to Unauthenticated Stored XSS and plugin settings change discovered by ptsfence in WordPress About Rentals plugin versions = 1.5. Solution Deactivate and delete. This plugin has been closed as of August 24, 2022 and is not available for download. This...

9.8CVSS2.5AI score0.00659EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/08/22 12:0 a.m.•25 views

WordPress WP Taxonomy Import plugin <= 1.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by kaikaix in WordPress WP Taxonomy Import plugin versions = 1.0.4. Solution Deactivate and delete. This plugin has been closed as of August 5, 2022 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.6AI score0.00491EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/08/09 12:0 a.m.•25 views

WordPress Contest Gallery plugin <= 17.0.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Nguy Minh Tuan Patchstack Alliance in WordPress Contest Gallery plugin versions = 17.0.4. Solution Update the WordPress Contest Gallery plugin to the latest available version at least 17.0.5...

8.8CVSS3.6AI score0.00737EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/08/09 12:0 a.m.•25 views

WordPress amCharts: Charts and Maps plugin <= 1.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress amCharts: Charts and Maps plugin versions = 1.4. Solution Update the WordPress amCharts: Charts and Maps plugin to the latest available version at least 1.4.1...

5.4CVSS2.8AI score0.00449EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/08/08 12:0 a.m.•25 views

WordPress Simply Schedule Appointments plugin <= 1.5.7.6 - Unauthenticated Email Address Disclosure vulnerability

Unauthenticated Email Address Disclosure vulnerability discovered by Raad Haddad in WordPress Simply Schedule Appointments plugin versions = 1.5.7.6. Solution Update the WordPress Simply Schedule Appointments plugin to the latest available version at least 1.5.7.7...

5.3CVSS2.1AI score0.01424EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/08/04 12:0 a.m.•25 views

WordPress Duplicator plugin <= 1.4.6 - Unauthenticated Backup Download vulnerability

Unauthenticated Backup Download vulnerability discovered by Ihsan Sencan in WordPress Duplicator plugin versions = 1.4.6. Solution Update the WordPress Duplicator plugin to the latest available version at least 1.4.7...

7.5CVSS3.3AI score0.12485EPSS
Exploits5References2Affected Software1
Patchstack
Patchstack
•added 2022/08/01 12:0 a.m.•25 views

WordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Multiple Improper Access Control vulnerabilities

Multiple Improper Access Control vulnerabilities were discovered by Gennady Kovshenin Patchstack Alliance in the WordPress Affiliate For WooCommerce premium plugin versions = 4.7.0. Solution Update the WordPress Affiliate For WooCommerce premium plugin to the latest available version at least 4.8...

8.8CVSS4.6AI score0.00693EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2022/08/01 12:0 a.m.•25 views

WordPress Better Search Replace plugin <= 1.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Christiaan Swiers in WordPress Better Search Replace plugin versions = 1.4. Solution Update the WordPress Better Search Replace plugin to the latest available version at least 1.4.1...

7.2CVSS3.3AI score0.01066EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/08/01 12:0 a.m.•25 views

WordPress Student Result or Employee Database plugin <= 1.7.9 - Unauthorized REST Calls vulnerability

Unauthorized REST Calls vulnerability discovered by WPScanTeam in WordPress Student Result or Employee Database plugin versions = 1.7.9. Solution Update the WordPress Student Result or Employee Database plugin to the latest available version at least 1.8.0...

2.7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2022/07/25 12:0 a.m.•25 views

WordPress Transposh WordPress Translation plugin <= 1.0.8.1 - Unauthorized Settings Change vulnerability

Unauthorized Settings Change vulnerability discovered by Julien Ahrens in WordPress Transposh WordPress Translation plugin versions = 1.0.8.1. Solution Deactivate and delete. This plugin has been closed as of February 7, 2022 and is not available for download. Reason: Security Issue...

5.3CVSS2.4AI score0.03508EPSS
Exploits6References1Affected Software1
Patchstack
Patchstack
•added 2022/07/23 12:0 a.m.•25 views

WordPress TranslatePress plugin <= 2.3.2 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Elias Hohl in WordPress TranslatePress plugin versions = 2.3.2. Solution Update the WordPress TranslatePress plugin to the latest available version at least 2.3.3...

8.8CVSS2.9AI score0.03851EPSS
Exploits5References1Affected Software1
Patchstack
Patchstack
•added 2022/07/18 12:0 a.m.•25 views

WordPress Rough Chart plugin <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Siddhant Suresh Ughade in WordPress Rough Chart plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of July 14, 2022 and is not available for download. This closure is temporary, pending ...

4.8CVSS1.7AI score0.00493EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
•added 2022/07/11 12:0 a.m.•25 views

WordPress YaySMTP plugin <= 2.2 - Authenticated SMTP Credentials Leak vulnerability

Authenticated SMTP Credentials Leak vulnerability discovered by Rafshanzani Suhada in WordPress YaySMTP plugin versions = 2.2. Solution Update the WordPress YaySMTP plugin to the latest available version at least 2.2.1...

6.5CVSS3AI score0.00744EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/07/07 12:0 a.m.•25 views

WordPress Simple Membership plugin <= 4.1.2 - Membership Privilege Escalation vulnerability

Membership Privilege Escalation vulnerability discovered by Jet Infosystems in WordPress Simple Membership plugin versions = 4.1.2. Solution Update the WordPress Simple Membership plugin to the latest available version at least 4.1.3...

8.8CVSS3AI score0.00935EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
•added 2022/06/29 12:0 a.m.•25 views

WordPress SP Project & Document Manager plugin <= 4.57 - Sensitive File Disclosure vulnerability

Sensitive File Disclosure vulnerability discovered by Viktor Markopoulos in WordPress SP Project & Document Manager plugin versions = 4.57. Solution Update the WordPress SP Project & Document Manager plugin to the latest available version at least 4.58...

6.5CVSS2.4AI score0.00807EPSS
Exploits2References1Affected Software1
Total number of security vulnerabilities5000