Lucene search
K
PatchstackMost viewed

46571 matches found

Patchstack
Patchstack
added 2026/06/18 2:26 p.m.56 views

NPM: npm PraisonAI SandboxExecutor allowedCommands bypass via shell chaining

NPM: npm PraisonAI SandboxExecutor allowedCommands bypass via shell chaining vulnerability discovered by ? in WordPress Npm praisonai versions = 1.2.3, = 1.7.1...

5.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/10 12:0 a.m.56 views

WordPress Serial Numbers for WooCommerce – License Manager Plugin <= 2.1.0 is vulnerable to Broken Access Control

Software Serial Numbers for WooCommerce – License Manager Type Plugin Vulnerable versions = 2.1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35173 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID bf9d2a7b076f Credit...

6.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/10/10 12:0 a.m.56 views

WordPress Smart Slider 3 plugin <= 3.5.1.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Nguyen Duy Quoc Khanh in WordPress Smart Slider 3 plugin versions = 3.5.1.9. Solution Update the WordPress Smart Slider 3 plugin to the latest available version at least 3.5.1.11...

8.8CVSS1.9AI score0.01903EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2022/10/03 12:0 a.m.56 views

WordPress WP ALL Export Pro plugin <= 1.7.8 - Authenticated Code Injection vulnerability

Authenticated Code Injection vulnerability discovered by Sanjay Das in WordPress WP ALL Export Pro plugin versions = 1.7.8. Solution Update the WordPress WP ALL Export Pro plugin to the latest available version at least 1.7.9...

7.2CVSS2.6AI score0.01307EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/08/04 12:0 a.m.56 views

WordPress Gutenberg plugin <= 14.5.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Jitendra Patro in WordPress Gutenberg plugin versions = 14.5.4. Solution No patched version available...

3CVSS2.2AI score0.00555EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/04/04 12:0 a.m.56 views

WordPress FV Flowplayer Video Player plugin <= 7.5.18.727 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Ex.Mi Patchstack in WordPress FV Flowplayer Video Player plugin versions = 7.5.18.727. Solution Update the WordPress FV Flowplayer Video Player plugin to the latest available version at least 7.5.19.727...

5.4CVSS3.1AI score0.00549EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.56 views

WordPress SEO URL Redirects LlamasApps plugin <= 2.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress SEO URL Redirects LlamasApps plugin versions = 2.0. Solution No patched version available...

1.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2018/01/03 12:0 a.m.56 views

WordPress Smart Google Code Inserter plugin <=3.4 - SQL injection (SQLi) vulnerability

SQL injection SQLi vulnerability found by Benjamin Lim in WordPress Smart Google Code Inserter plugin versions =3.4. Plugin function saveGoogleAdWords function in smartgooglecode.php file passes unsanitized $POST"oId" input into the SQL query. Solution Update the WordPress Smart Google Code...

9.8CVSS3.6AI score0.42911EPSS
Exploits5References1Affected Software1
Patchstack
Patchstack
added 2023/03/02 12:0 a.m.55 views

WordPress Saan World Clock Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)

Software Saan World Clock Type Plugin Vulnerable versions = 1.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0145 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cb720ac68691 Credits Lana Codes Required...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2022/04/14 12:0 a.m.55 views

WordPress Admin Menu Editor plugin <= 1.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Ran Crane in WordPress Admin Menu Editor plugin versions = 1.0.4. Solution Deactivate and delete. This plugin has been closed as of March 9, 2022 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.7AI score0.00757EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/11 12:0 a.m.55 views

WordPress Photo Gallery by 10Web plugin <= 1.6.2 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by JrXnm in WordPress Photo Gallery by 10Web plugin versions = 1.6.2. Solution Update the WordPress Photo Gallery by 10Web plugin to the latest available version at least 1.6.3...

9.8CVSS3.3AI score0.23459EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/01 12:0 a.m.55 views

WordPress Conversios.io plugin <= 4.6.1 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by JrXnm in WordPress Conversios.io plugin versions = 4.6.1. Solution Update the WordPress Conversios.io plugin to the latest available version at least 4.6.2...

8.8CVSS3AI score0.01297EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/31 12:0 a.m.55 views

WordPress WS Form LITE plugin <= 1.8.175 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Felipe Restrepo Rodriguez in WordPress WS Form LITE plugin versions = 1.8.175. Solution Update the WordPress WS Form LITE plugin to the latest available version at least 1.8.176...

4.8CVSS1.6AI score0.00588EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.55 views

WordPress Wordfence Plugin <= 3.8.6 - Stored XSS

This plugin is prone to lib/IPTraf.php User-Agent header stored cross site scripting vulnerability. Solution Update plugin...

1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/06/06 12:0 a.m.54 views

WordPress NextCellent Gallery plugin <= 1.9.35 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by lucy in WordPress NextCellent Gallery plugin versions = 1.9.35. Solution Deactivate and delete. This plugin has been closed as of June 1, 2022 and is not available for download. This closure is temporary, pending a full...

4.8CVSS2.2AI score0.00552EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/01/06 12:0 a.m.54 views

WordPress <= 5.8.2 - Authenticated Object Injection in Multisites

Authenticated Object Injection in Multisites discovered by Simon Scannell SonarSource in WordPress versions = 5.8.2. Solution Update WordPress to the latest available version at least 5.8.3...

7.2CVSS3.3AI score0.03695EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2021/11/15 12:0 a.m.54 views

WordPress Modern Events Calendar Lite plugin <= 6.1.0 - Unauthenticated Blind SQL Injection (SQLi) vulnerability

Unauthenticated Blind SQL Injection SQLi vulnerability discovered by Krzysztof Zając in WordPress Modern Events Calendar Lite plugin versions = 6.1.0. Solution Update the WordPress Modern Events Calendar Lite plugin to the latest available version at least 6.1.5...

9.8CVSS3AI score0.73413EPSS
Exploits7References3Affected Software1
Patchstack
Patchstack
added 2011/09/24 12:0 a.m.54 views

WordPress Web Minimalist Theme 1.1 - Cross Site Scripting

WordPress Web Minimalist theme's "index.php" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can ste...

4.3CVSS2.5AI score0.03429EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/06/23 11:58 a.m.53 views

WordPress National Weather Service Alerts plugin <= 1.3.5 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin National Weather Service Alerts versions = 1.3.5...

8.1CVSS6.7AI score0.00397EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/02/16 12:0 a.m.53 views

WordPress WP Statistics plugin <= 13.1.5 - Unauthenticated Blind SQL Injection (SQLi) vulnerability

Unauthenticated Blind SQL Injection SQLi vulnerability via IP discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress WP Statistics plugin versions = 13.1.5. Solution Update the WordPress WP Statistics plugin to the latest available version at least 13.1.6...

9.8CVSS3AI score0.77956EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2019/08/08 12:0 a.m.53 views

WordPress JoomSport plugin <= 3.3 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Pablo Santiago in WordPress JoomSport plugin versions = 3.3. Solution Update the WordPress JoomSport plugin to the latest available version at least 3.4...

9.8CVSS3.4AI score0.21091EPSS
Exploits5References1Affected Software1
Patchstack
Patchstack
added 2014/06/23 12:0 a.m.53 views

WordPress Any Font Plugin <= 2.2.3 - XSS

Because of this vulnerability in mceanyfont/dialog.php, the attackers can inject arbitrary web script or HTML via the "text" parameter. Solution Update the plugin...

4.3CVSS2.7AI score0.01618EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/06/11 1:39 a.m.52 views

WordPress WordPress Automatic plugin <= 3.115.0 - Authenticated (Author+) Arbitrary File Upload vulnerability

Authenticated Author+ Arbitrary File Upload vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Automatic versions = 3.115.0...

8.8CVSS6.8AI score0.00628EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/10/31 12:0 a.m.52 views

WordPress Popup Maker plugin <= 1.16.10 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by c3p0d4y in WordPress Popup Maker plugin versions = 1.16.10. Solution Update the WordPress Popup Maker plugin to the latest available version at least 1.16.11...

5.5CVSS1.9AI score0.00622EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/02/07 12:0 a.m.52 views

WordPress Real Cookie Banner plugin <= 2.14.1 - Settings Reset via Cross-Site Request Forgery (CSRF) vulnerability

Settings Reset via Cross-Site Request Forgery CSRF vulnerability discovered by Krzysztof Zając in WordPress Real Cookie Banner plugin versions = 2.14.1. Solution Update the WordPress Real Cookie Banner plugin to the latest available version at least 2.14.2...

6.5CVSS3.9AI score0.00523EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2021/11/28 12:0 a.m.52 views

WordPress Enlighten theme <= 1.3.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Enlighten theme versions = 1.3.5. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores t...

8.8CVSS2.1AI score0.01652EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2021/06/21 12:0 a.m.52 views

WordPress Glass plugin <= 1.3.2 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by ABISHEIK M in WordPress Glass plugin versions = 1.3.2. Solution This plugin has been closed as of May 26, 2021 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.2AI score0.00412EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.51 views

WordPress Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor Plugin < 1.7.6 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor Type Plugin Vulnerable versions 1.7.6 Fixed in 1.7.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/10/31 12:0 a.m.51 views

WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to Checkout Files Deletion discovered by WPScan in WordPress Booster for WooCommerce plugin versions = 5.6.6. Solution Update the WordPress Booster for WooCommerce plugin to the latest available version at least 5.6.7...

8.1CVSS3.7AI score0.00371EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/27 12:0 a.m.51 views

WordPress Oceanwp sticky header plugin <= 1.0.8 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to a header style change discovered by Rasi Afeef Patchstack Alliance in WordPress Oceanwp sticky header plugin versions = 1.0.8. Solution No patched version is available. No reply from the vendor...

2.6AI score0.00234EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/22 12:0 a.m.51 views

WordPress Ajax Load More plugin <= 5.5.3 - PHAR Deserialization via Cross-Site Request Forgery (CSRF) vulnerability

PHAR Deserialization via Cross-Site Request Forgery CSRF vulnerability discovered by Rasoul Jahanshahi in WordPress Ajax Load More plugin versions = 5.5.3. Solution Update the WordPress Ajax Load More plugin to the latest available version at least 5.5.4...

8.8CVSS4AI score0.0118EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/05/10 12:0 a.m.51 views

WordPress WPQA premium plugin < 5.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Veshraj Ghimire in WordPress WPQA premium plugin versions 5.4. Solution Update the WordPress WPQA premium plugin to the latest available version at least 5.4...

6.1CVSS2.3AI score0.0291EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2016/03/22 12:0 a.m.51 views

WordPress Brandfolder Plugin 3.0 - Remote and Local File Inclusion

Brandfolder plugin is prone to remote and local files inclusion vulnerability. It allows an attacker to host on a server "wp-load.php" file and disable it by using "htaccess". Solution Upgrade the plugin...

2AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.51 views

WordPress Sahifa Theme <= 2.4.0 - Multiple Vulnerabilities

This theme is prone to a cross site request forgery and full path disclosure vulnerabilities. Because of CSRF you can lost your site settings. Because of full path disclosure, the attackers can obtain sensitive information via an invalid upload request. Solution Update the theme...

3.5AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2011/08/03 12:0 a.m.51 views

WordPress TimThumb Plugin 1.32 - Remote Code Execution

This TimThumb plugin is prone to a Remote Code Execution vulnerability because script does not check remotely cached files properly. Solution Update this plugin to the latest version or just delete the "timthumb" file...

6.8CVSS4.1AI score0.23165EPSS
Exploits17References1Affected Software1
Patchstack
Patchstack
added yesterday50 views

WordPress Frisbii Pay plugin <= 1.8.9 - Missing Authorization to Authenticated (Subscriber+) Payment Token Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Payment Token Modification vulnerability discovered by momopon1415 in WordPress Plugin Frisbii Pay versions = 1.8.9...

6.5CVSS5.8AI score0.00276EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/05/11 2:50 p.m.50 views

NPM: Facebook React has a Denial of Service Vulnerability in React Server Components

NPM: Facebook React has a Denial of Service Vulnerability in React Server Components discovered by ? in WordPress Npm react-server-dom-webpack versions = 19.0.0, 19.0.6...

7.5CVSS5.8AI score0.01533EPSS
Exploits1References5Affected Software1
Patchstack
Patchstack
added 2022/10/24 12:0 a.m.50 views

WordPress SearchWP premium plugin <= 4.2.5 - Broken Authentication vulnerability

Broken Authentication vulnerability via Nonce Token Leakage Leading to Plugin Settings Change discovered by Dave Jong Patchstack in the WordPress SearchWP premium plugin versions = 4.2.5. Solution Update the WordPress SearchWP plugin to the latest available version at least 4.2.6...

5.4CVSS3.1AI score0.00443EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/04/05 12:0 a.m.50 views

WordPress Ad Invalid Click Protector (AICP) plugin <= 1.2.5.2 - Cross-Site Request Forgery (CSRF) vulnerability

Banned users deletion via Cross-Site Request Forgery CSRF vulnerability in WordPress Ad Invalid Click Protector AICP plugin versions = 1.2.5.2. Solution Update the WordPress Ad Invalid Click Protector AICP plugin to the latest available version at least 1.2.6...

4.2AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/02/23 12:0 a.m.50 views

WordPress Yoast SEO <= 17.2.1 - Unauthenticated Full Path Disclosure vulnerability

Unauthenticated Full Path Disclosure vulnerability discovered by Fariq Fadillah Gusti Insani in WordPress Yoast SEO versions = 17.2.1. Solution Update the WordPress Yoast SEO to the latest available version at least 17.3...

5.3CVSS2.5AI score0.05632EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.50 views

WordPress Pinterest Plugin <= 1.3.1 - Multiple Vulnerabilities

This plugin is prone to multiple unspecified vulnerabilities. Solution Update the plugin...

2.7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/19 12:0 a.m.49 views

WordPress Simple Backup Plugin <= 2.7.10 - Arbitrary File Download

This plugin is prone to an arbitrary file download vulnerability. Solution Update the plugin...

2.7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/05/04 12:0 a.m.48 views

WordPress Slideshow, Image Slider by 2J plugin <= 1.3.54 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Tien Nguyen Ahn aka vigov5 Patchstack Alliance in WordPress Slideshow, Image Slider by 2J plugin versions = 1.3.54. Solution No patched version is available. No reply from the vendor...

5.4CVSS3.6AI score0.00494EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/20 12:0 a.m.48 views

WordPress Country Selector premium plugin <= 1.6.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered in WordPress Country Selector premium plugin versions = 1.6.5. Solution Update the WordPress Country Selector premium plugin to the latest available version at least 1.6.6...

6.1CVSS2.3AI score0.01409EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/06/11 12:0 a.m.48 views

WordPress Popular Posts plugin <= 5.3.2 - Authenticated Code Injection vulnerability leading to Remote Code Execution (RCE)

Authenticated Code Injection vulnerability leading to Remote Code Execution RCE discovered by NinTechNet in WordPress Popular Posts plugin versions = 5.3.2. Solution Update the WordPress Popular Posts plugin to the latest available version at least 5.3.3...

8.8CVSS4.8AI score0.79823EPSS
Exploits5References3Affected Software1
Patchstack
Patchstack
added 2020/10/07 12:0 a.m.48 views

WordPress WPBakery Page Builder premium plugin <= 6.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by Chloe Chamberland in WordPress WPBakery Page Builder premium plugin versions = 6.4. Solution Update the WordPress WPBakery Page Builder premium plugin to the latest available version at least 6.4.1...

6.4CVSS2.1AI score0.00691EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2020/09/01 12:0 a.m.48 views

WordPress File Manager plugin <= 6.8 - Unauthenticated Arbitrary File Upload leading to RCE vulnerability

Unauthenticated Arbitrary File Upload leading to RCE vulnerability found by w4fz5uck5 in WordPress File Manager plugin versions = 6.8. Solution Update the WordPress File Manager plugin to the latest available version at least 6.9...

10CVSS3.9AI score0.97328EPSS
Exploits14References3Affected Software1
Patchstack
Patchstack
added 2016/06/06 12:0 a.m.48 views

WordPress Uncode Theme 1.3.1 - Arbitrary File Upload

WordPress Uncode theme is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary files to the affected computer. Solution Update the theme...

3.8AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/14 12:0 a.m.47 views

WordPress Really Simple Security Pro multisite Plugin 9.0.0-9.1.1.1 is vulnerable to Broken Authentication

Software Really Simple Security Pro multisite Type Plugin Vulnerable versions 9.0.0-9.1.1.1 Fixed in 9.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10924 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 976349dfad8d Credits...

9.8CVSS6.2AI score0.81722EPSS
Exploits21References2Affected Software1
Patchstack
Patchstack
added 2022/06/28 12:0 a.m.47 views

WordPress Custom Product Tabs for WooCommerce plugin <= 1.7.7 - Broken Access Control vulnerability leading to &yikes-the-content-toggle option update

Broken Access Control vulnerability leading to &yikes-the-content-toggle option update discovered by Tien Nguyen Anh Patchstack Alliance in WordPress Custom Product Tabs for WooCommerce plugin versions = 1.7.7. Solution Update the WordPress Custom Product Tabs for WooCommerce plugin to the latest...

5.3CVSS3.3AI score0.01226EPSS
Exploits1Affected Software1
Total number of security vulnerabilities5000