Lucene search
K
PatchstackMost viewed

46704 matches found

Patchstack
Patchstack
added 2022/04/06 12:0 a.m.21 views

WordPress Events Shortcodes For The Events Calendar plugin <= 1.9 - Arbitrary Plugin Installation vulnerability

Arbitrary Plugin Installation vulnerability discovered by Jerome Bruandet NinTechNet in WordPress Events Shortcodes For The Events Calendar plugin versions = 1.9. Solution Update the WordPress Events Shortcodes For The Events Calendar plugin to the latest available version at least 2.0...

2.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/03/29 12:0 a.m.21 views

WordPress Donations plugin <= 1.8 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Donations plugin versions = 1.8. Solution Deactivate and delete. This plugin has been closed as of February 28, 2022 and is not available for download. This closure is temporary, pending a full review...

9.8CVSS3.2AI score0.01743EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/29 12:0 a.m.21 views

WordPress Master Elements plugin <= 8.0 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Master Elements plugin versions = 8.0. Solution Deactivate and delete. This plugin has been closed as of March 9, 2022 and is not available for download. This closure is temporary, pending a full review...

9.8CVSS3.2AI score0.07184EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/21 12:0 a.m.21 views

WordPress Yoo Slider plugin <= 2.0.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Yoo Slider plugin versions = 2.0.0. Solution Update the WordPress Yoo Slider plugin to the latest available version at least 2.1.0...

5.4CVSS2.6AI score0.00514EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/03/14 12:0 a.m.21 views

WordPress MapPress Maps for WordPress plugin <= 2.73.12 - Admin+ File Upload leading to Remote Code Execution vulnerability

Admin+ File Upload leading to Remote Code Execution vulnerability discovered by qerogram in WordPress MapPress Maps for WordPress plugin versions = 2.73.12. Solution Update the WordPress MapPress Maps for WordPress plugin to the latest available version at least 2.73.13...

7.2CVSS3.8AI score0.01484EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/07 12:0 a.m.21 views

WordPress Church Admin plugin <= 3.4.134 - Unauthenticated Plugin's Backup Disclosure vulnerability

Unauthenticated Plugin's Backup Disclosure vulnerability discovered by cydave in WordPress Church Admin plugin versions = 3.4.134. Solution Update the WordPress Church Admin plugin to the latest available version at least 3.4.135...

4.3CVSS2.9AI score0.00487EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/07 12:0 a.m.21 views

WordPress Title Experiments Free plugin <= 9.0 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Title Experiments Free plugin versions = 9.0. Solution Update the WordPress Title Experiments Free plugin to the latest available version at least 9.0.1...

9.8CVSS3.1AI score0.10352EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Menu Image, Icons made easy plugin <= 3.0.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Menu Image, Icons made easy plugin versions = 3.0.5. Solution Update the WordPress Menu Image, Icons made easy plugin to the latest available version at least 3.0.6...

2.5AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Prime Slider – Addons For Elementor plugin <= 2.6.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Prime Slider – Addons For Elementor plugin versions = 2.6.2. Solution Update the WordPress Prime Slider – Addons For Elementor plugin to the latest available version at least 2.7.0...

2.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Elasta theme < 1.0.8 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Elasta theme versions 1.0.8. Solution Update the WordPress Elasta theme to the latest available version at least 1.0.8...

2.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Projectopia – WordPress Project Management Plugin plugin < 5.0.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Projectopia – WordPress Project Management Plugin plugin versions 5.0.7. Solution Update the WordPress Projectopia – WordPress Project Management Plugin plugin to the latest available version at least 5.0.7...

3.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress DIVI Enhancer – DIVI Modules and Options plugin <= 5.0.9 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress DIVI Enhancer – DIVI Modules and Options plugin versions = 5.0.9. Solution No patched version available...

2.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin <= 1.7.9 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin versions = 1.7.9. Solution Update the WordPress AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin to the latest available version at least 1.7.91...

3.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Display WP Admin Pages in the Frontend – WP Frontend Admin plugin < 1.17.0.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Display WP Admin Pages in the Frontend – WP Frontend Admin plugin versions 1.17.0.4. Solution Update the WordPress Display WP Admin Pages in the Frontend – WP Frontend Admin plugin to the latest...

3.5AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Page Builder Gutenberg Blocks – Kioken Blocks plugin <= 1.3.9 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Page Builder Gutenberg Blocks – Kioken Blocks plugin versions = 1.3.9. Solution No patched version available...

2.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Product Size Charts Plugin for WooCommerce plugin <= 2.2.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Product Size Charts Plugin for WooCommerce plugin versions = 2.2.2. Solution Update the WordPress Product Size Charts Plugin for WooCommerce plugin to the latest available version at least 2.2.3...

4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.21 views

WordPress Impexium Single Sign On plugin <= 1.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Impexium Single Sign On plugin versions = 1.1. Solution No patched version available...

2.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/22 12:0 a.m.21 views

WordPress BulletProof Security plugin <= 5.7 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Mika in WordPress BulletProof Security plugin versions = 5.7. Solution Update the WordPress BulletProof Security plugin to the latest available version at least 5.8...

4.8CVSS2.4AI score0.00588EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/21 12:0 a.m.21 views

WordPress Patreon WordPress plugin <= 1.8.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by José Aguilera in WordPress Patreon WordPress plugin versions = 1.8.1. Solution Update the WordPress Patreon WordPress plugin to the latest available version at least 1.8.2...

5.5CVSS1.6AI score0.00689EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/21 12:0 a.m.21 views

WordPress Master Addons for Elementor plugin <= 1.8.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Master Addons for Elementor plugin versions = 1.8.1. Solution Update the WordPress Master Addons for Elementor plugin to the latest available version at least 1.8.2...

6.1CVSS2.4AI score0.00783EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/16 12:0 a.m.21 views

WordPress WP Content Copy Protection & No Right Click plugin <= 3.4.4 - Cross-Site Request Forgery (CSRF) leads to Settings Update vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP Content Copy Protection & No Right Click plugin versions = 3.4.4 by Muhammad Daffa. Solution Update the WordPress WP Content Copy Protection & No Right Click plugin to the latest available version at least 3.4.5...

8.8CVSS2.8AI score0.00415EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/02 12:0 a.m.21 views

WordPress Custom Content Shortcode plugin <= 4.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Francesco Carlucci in WordPress Custom Content Shortcode plugin versions = 4.0.1. Solution Update the WordPress Custom Content Shortcode plugin to the latest available version at least 4.0.2...

5.4CVSS2.1AI score0.00595EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/27 12:0 a.m.21 views

WordPress Price Table plugin <= 0.2.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien in WordPress Price Table plugin versions = 0.2.2. Solution Deactivate and delete. This plugin has been closed as of January 27, 2022 and is not available for download. This closure is temporary, pending a full review...

5.4CVSS2.6AI score0.00546EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/01/26 12:0 a.m.21 views

WordPress Embed Swagger plugin <= 1.0.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress Embed Swagger plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of January 24, 2022 and is not available for download. This closure is temporary, pending a...

6.1CVSS3.1AI score0.03865EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.21 views

WordPress Database Backup for WordPress plugin <= 2.5 - SQL Injection (SQL) vulnerability

SQL Injection SQL vulnerability discovered by JrXnm in WordPress Database Backup for WordPress plugin versions = 2.5. Solution Update the WordPress Database Backup for WordPress plugin to the latest available version at least 2.5.1...

7.2CVSS2.6AI score0.01265EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/18 12:0 a.m.21 views

WordPress The Buffer Button plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Rutuja D Shirke in WordPress The Buffer Button plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of January 3, 2022 and is not available for download. This closure is temporary, pending a...

5.4CVSS2.4AI score0.00591EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/13 12:0 a.m.21 views

WordPress NewStatPress plugin <= 1.3.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress NewStatPress plugin versions = 1.3.5. Solution Update the WordPress NewStatPress plugin to the latest available version at least 1.3.6...

6.1CVSS1.8AI score0.01484EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/13 12:0 a.m.21 views

WordPress Spider Calendar plugin <= 1.5.65 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Spider Calendar plugin versions = 1.5.65. Solution Deactivate and delete. This plugin has been closed as of January 13, 2022 and is not available for download. This closure is permanent...

6.1CVSS2.9AI score0.02291EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/13 12:0 a.m.21 views

WordPress Side Cart Woocommerce (Ajax) plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Options Update

Cross-Site Request Forgery CSRF vulnerability leading to Arbitrary Options Update discovered by Chloe Chamberland in WordPress Side Cart Woocommerce Ajax plugin versions = 2.0. Solution Update the WordPress Side Cart Woocommerce Ajax plugin to the latest available version at least 2.1...

8.8CVSS2.9AI score0.0082EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/12 12:0 a.m.21 views

WordPress Download Manager plugin <= 3.2.33 - Authenticated SQL injection (SQLi) vulnerability to Reflected XSS vulnerability

Authenticated SQL injection SQLi vulnerability to Reflected XSS vulnerability discovered by Krzysztof Zając in WordPress Download Manager plugin versions = 3.2.33. Solution Update the WordPress Download Manager plugin to the latest available version at least 3.2.34...

8.8CVSS3.5AI score0.01464EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/12 12:0 a.m.21 views

WordPress Permalink Manager Lite plugin <= 2.2.14 - Unauthorized Reflected Cross-Site Scripting (XSS) vulnerability

Unauthorized Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Permalink Manager Lite plugin versions = 2.2.14. Solution Update the WordPress Permalink Manager Lite plugin to the latest available version at least 2.2.15...

6.1CVSS2.5AI score0.03368EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/05 12:0 a.m.21 views

WordPress WHMCS Bridge plugin <= 6.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered in WordPress WHMCS Bridge plugin versions = 6.1. Solution Update the WordPress WHMCS Bridge plugin to the latest available version at least 6.3...

6.4CVSS1.8AI score0.00558EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/01/05 12:0 a.m.21 views

WordPress SupportCandy plugin <= 2.2.6 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress SupportCandy plugin versions = 2.2.6. Solution Update the WordPress SupportCandy plugin to the latest available version at least 2.2.7...

5.4CVSS1.9AI score0.00604EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/04 12:0 a.m.21 views

WordPress Advanced Cron Manager Pro premium plugin <= 2.5.2 - Arbitrary Events/Schedules Creation/Deletion vulnerability

Arbitrary Events/Schedules Creation/Deletion vulnerability discovered by Krzysztof Zając in WordPress Advanced Cron Manager Pro premium plugin versions = 2.5.2. Solution Update the WordPress Advanced Cron Manager Pro premium plugin to the latest available version at least 2.5.3...

4.3CVSS3.3AI score0.0065EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/03 12:0 a.m.21 views

WordPress Contact Form 7 Skins plugin <= 2.5.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Contact Form 7 Skins plugin versions = 2.5.0. Solution Update the WordPress Contact Form 7 Skins plugin to the latest available version at least 2.5.1...

6.1CVSS2.5AI score0.02412EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/29 12:0 a.m.21 views

WordPress Rearrange Woocommerce Products plugin <= 3.0.7 - SQL injection (SQLi) vulnerability

SQL injection SQLi vulnerability discovered by Krzysztof Zając in WordPress Rearrange Woocommerce Products plugin versions = 3.0.7. Solution Update the WordPress Rearrange Woocommerce Products plugin to the latest available version at least 3.0.8...

6.5CVSS2.9AI score0.00889EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/29 12:0 a.m.21 views

WordPress NextScripts plugin <= 4.3.24 - Post Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Post Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by Krzysztof Zając in WordPress NextScripts plugin versions = 4.3.24. Solution Update the WordPress NextScripts plugin to the latest available version at least 4.3.25...

6.5CVSS3.7AI score0.00531EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/28 12:0 a.m.21 views

WordPress UpdraftPlus plugin <= 1.16.66 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress UpdraftPlus plugin versions = 1.16.66. Solution Update the WordPress UpdraftPlus plugin to the latest available version at least 1.16.69...

6.1CVSS2AI score0.008EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/27 12:0 a.m.21 views

WordPress AF Companion plugin <= 1.1.2 - Arbitrary Plugin Installation and Activation via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Plugin Installation and Activation via Cross-Site Request Forgery CSRF vulnerability discovered by WPScanTeam in WordPress AF Companion plugin versions = 1.1.2. Solution Update the WordPress AF Companion plugin to the latest available version at least 1.2.0...

4.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2021/12/22 12:0 a.m.21 views

WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue plugin <= 3.1.24 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered in WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue plugin versions = 3.1.24. Solution Update the WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue plugin to the latest available...

1.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2021/12/21 12:0 a.m.21 views

WordPress Simple Download Monitor plugin <= 3.9.10 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Simple Download Monitor plugin versions = 3.9.10. Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.9.11...

5.4CVSS2.4AI score0.00611EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/20 12:0 a.m.21 views

WordPress Contest Gallery plugin <= 13.1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien in WordPress Contest Gallery plugin versions = 13.1.0.9. Solution Update the WordPress Contest Gallery plugin to the latest available version at least 14.0.0...

4.8CVSS2.3AI score0.00499EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2021/12/05 12:0 a.m.21 views

WordPress WP Coder plugin <= 2.5.1 - Remote File Inclusion (RFI) leading to Remote Code Execution (RCE) via CSRF vulnerability

Remote File Inclusion RFI leading to Remote Code Execution RCE via CSRF vulnerability discovered by Krzysztof Zając in WordPress WP Coder plugin versions = 2.5.1. Solution Update the WordPress WP Coder plugin to the latest available version at least 2.5.2...

8.8CVSS4.9AI score0.0067EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/11/29 12:0 a.m.21 views

WordPress Buttonizer plugin <= 2.5.4 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Dipak Panchal in WordPress Buttonizer plugin versions = 2.5.4. Solution Update the WordPress Buttonizer plugin to the latest available version at least 2.5.5...

4.8CVSS1.6AI score0.00598EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/11/28 12:0 a.m.21 views

WordPress Zigcy Cosmetics theme <= 1.0.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Zigcy Cosmetics theme versions = 1.0.5. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor...

8.8CVSS2.8AI score0.01652EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/11/28 12:0 a.m.21 views

WordPress AccessPress Root theme <= 2.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress AccessPress Root theme versions = 2.5. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor...

8.8CVSS2.9AI score0.01652EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2021/11/28 12:0 a.m.21 views

WordPress Swing Lite theme <= 1.1.9 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Swing Lite theme versions = 1.1.9. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores...

8.8CVSS2.4AI score0.01652EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2021/11/22 12:0 a.m.21 views

WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 4.7 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by Krzysztof Zając in WordPress WP Visitor Statistics Real Time Traffic plugin versions = 4.7. Solution Update the WordPress WP Visitor Statistics Real Time Traffic plugin to the latest available version at least 4.8...

8.8CVSS2.9AI score0.38298EPSS
Exploits5References3Affected Software1
Patchstack
Patchstack
added 2021/11/15 12:0 a.m.21 views

WordPress Pixel Cat plugin <= 2.6.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Pixel Cat plugin versions = 2.6.2. Solution Update the WordPress Pixel Cat plugin to the latest available version at least 2.6.3...

4.8CVSS2.3AI score0.00598EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/11/08 12:0 a.m.21 views

WordPress LoginWP plugin <= 3.0.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress LoginWP plugin versions = 3.0.0.4. Solution Update the WordPress LoginWP plugin to the latest available version at least 3.0.0.5...

6.1CVSS2AI score0.008EPSS
Exploits2References3Affected Software1
Total number of security vulnerabilities5000