Lucene search
K
PatchstackMost viewed

46684 matches found

Patchstack
Patchstack
added 2024/02/07 12:0 a.m.19 views

WordPress WP RSS Aggregator Plugin <= 4.23.5 is vulnerable to Server Side Request Forgery (SSRF)

Software WP RSS Aggregator Type Plugin Vulnerable versions = 4.23.5 Fixed in 4.23.6 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2024-0628 Patch priority Low CVSS severity Low 3.8 Developer Claim ownership PSID dd1943fc88ab Credits Colin Xu Requir...

3.8CVSS6.6AI score0.00363EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/02/02 12:0 a.m.19 views

WordPress Popup More Popups Plugin <= 2.2.4 is vulnerable to Local File Inclusion

Software Popup More Popups Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-0844 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 12b7d2f01a9e Credits 0x9567b Required privilege Administrator...

7.2CVSS6.8AI score0.00659EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/01/26 12:0 a.m.19 views

WordPress Dragfy Addons for Elementor Plugin <= 8.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Dragfy Addons for Elementor Type Plugin Vulnerable versions = 8.3.1 Fixed in 8.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0448 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 80155176471b Credits Webbernaut...

6.4CVSS5.8AI score0.00516EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/01/23 12:0 a.m.19 views

WordPress File Manager Plugin <= 7.2.1 is vulnerable to Sensitive Data Exposure

Software File Manager Type Plugin Vulnerable versions = 7.2.1 Fixed in 7.2.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0761 Patch priority Low CVSS severity Low 8.1 Developer Claim ownership PSID 8a9bf85057b9 Credits Yuki Haruma Required privileg...

8.1CVSS6.9AI score0.01029EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/01/16 12:0 a.m.19 views

WordPress WPZOOM Shortcodes Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software WPZOOM Shortcodes Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22162 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7480c3835543 Credits Dhabaleshwar Das Required...

7.1CVSS6.5AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/01/10 12:0 a.m.19 views

WordPress WPS Hide Login Plugin <= 1.9.11 is vulnerable to Bypass Vulnerability

Software WPS Hide Login Type Plugin Vulnerable versions = 1.9.11 Fixed in 1.9.12 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2023-49748 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID b95951ba6ec7 Credits Naveen Muthusamy Required privilege...

3.7CVSS6.5AI score0.00303EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/01/09 12:0 a.m.19 views

WordPress AI Engine: ChatGPT Chatbot Plugin <= 1.9.98 is vulnerable to Arbitrary File Upload

Software AI Engine: ChatGPT Chatbot Type Plugin Vulnerable versions = 1.9.98 Fixed in 1.9.99 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-51409 Patch priority High CVSS severity High 10 Developer Claim ownership PSID fdd4a788407b Credits Rafie Muhammad Patchstack...

10CVSS6.8AI score0.65046EPSS
Exploits4References2Affected Software1
Patchstack
Patchstack
added 2024/01/03 12:0 a.m.19 views

WordPress MapPress Maps for WordPress Plugin <= 2.88.13 is vulnerable to Cross Site Scripting (XSS)

Software MapPress Maps for WordPress Type Plugin Vulnerable versions = 2.88.13 Fixed in 2.88.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6524 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 602a4e053876 Credits Akbar...

6.4CVSS5.8AI score0.00547EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/01/03 12:0 a.m.19 views

WordPress WP 2FA Plugin <= 2.5.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP 2FA Type Plugin Vulnerable versions = 2.5.0 Fixed in 2.6.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6520 Patch priority Low CVSS severity Low 4.3 Developer Melapress PSID 95117a5d7a1e Credits Ulyses Saicha Required privilege...

4.3CVSS6.6AI score0.00248EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/12/28 12:0 a.m.19 views

WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure

Software 404 Solution Type Plugin Vulnerable versions = 2.33.0 Fixed in 2.33.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-52146 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8e10ffdc1b34 Credits Joshua Ch...

5.3CVSS6.5AI score0.00435EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/28 12:0 a.m.19 views

WordPress Product Feed Manager Plugin <= 7.3.15 is vulnerable to Directory Traversal

Software Product Feed Manager Type Plugin Vulnerable versions = 7.3.15 Fixed in 7.3.16 OWASP Top 10 A4: Insecure Design Classification Directory Traversal CVE CVE-2023-52144 Patch priority Low CVSS severity Low 5.5 Developer WPFunnels Team PSID 19683c0fecc1 Credits Muhammad Daffa Required privile...

5.5CVSS6.5AI score0.00423EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/26 12:0 a.m.19 views

WordPress Media File Renamer Plugin <= 5.7.7 is vulnerable to Arbitrary File Upload

Software Media File Renamer Type Plugin Vulnerable versions = 5.7.7 Fixed in 5.7.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-50897 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 364780c1ddc1 Credits Taihei Shimamine Required privilege...

6.9AI score0.00282EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/26 12:0 a.m.19 views

WordPress Everest Forms Plugin <= 2.0.3 is vulnerable to Broken Access Control

Software Everest Forms Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.3.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-51377 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8b5448fc86fc Credits Revan Arifio Required privile...

5.3CVSS6.6AI score0.00313EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/21 12:0 a.m.19 views

WordPress Pre* Party Resource Hints Plugin <= 1.8.19 is vulnerable to SQL Injection

Software Pre Party Resource Hints Type Plugin Vulnerable versions = 1.8.19 Fixed in 1.8.20 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50855 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 098859db7935 Credits Muhammad Daffa Required privilege...

7.6CVSS6.8AI score0.00534EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/21 12:0 a.m.19 views

WordPress BookingPress Plugin <= 1.0.72 is vulnerable to SQL Injection

Software BookingPress Type Plugin Vulnerable versions = 1.0.72 Fixed in 1.0.73 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50841 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID f0bdac9d74d8 Credits Ngô Thiên An ancorn from VNPT-VCI Required...

8.8CVSS6.8AI score0.00537EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/15 12:0 a.m.19 views

WordPress SpeedyCache Plugin <= 1.1.3 is vulnerable to Broken Access Control

Software SpeedyCache Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-6598 Patch priority Low CVSS severity Low 5.4 Developer SpeedyCache PSID 45d8ddb6c2e0 Credits Lucio Sá Required privilege Subscriber...

4.3CVSS6.5AI score0.00358EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/12/11 12:0 a.m.19 views

WordPress Welcart e-Commerce Plugin <= 2.9.6 is vulnerable to Path Traversal

Software Welcart e-Commerce Type Plugin Vulnerable versions = 2.9.6 Fixed in 2.9.7 OWASP Top 10 A5: Security Misconfiguration Classification Path Traversal CVE CVE-2023-6120 Patch priority Medium CVSS severity Medium 4.1 Developer Claim ownership PSID 545792f26683 Credits Marco Wotschka Required...

4.1CVSS6.4AI score0.00458EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/12/11 12:0 a.m.19 views

WordPress Ibtana Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Ibtana Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6684 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6212e7800b8c Credits István Márton Required privileg...

6.4CVSS5.7AI score0.00436EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/12/04 12:0 a.m.19 views

WordPress Couponis Demo Plugin < 2.2 is vulnerable to SQL Injection

Software Couponis Demo Type Plugin Vulnerable versions 2.2 Fixed in 2.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-49750 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 697cadbd26d0 Credits RE-ALTER Required privilege Unauthenticated Published 4...

9.8CVSS6.8AI score0.00764EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/01 12:0 a.m.19 views

WordPress Backup Migration Plugin <= 1.3.6 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-6266 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 7df0ea44f3d7 Credits Rafshanzani Suhada...

7.5CVSS6.5AI score0.02072EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/11/28 12:0 a.m.19 views

WordPress JetElements For Elementor Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software JetElements For Elementor Type Plugin Vulnerable versions = 2.6.13 Fixed in 2.6.13.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID 1a0a78a4df65 Credits Rafie...

8.8CVSS8.6AI score0.00237EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/22 12:0 a.m.19 views

WordPress Userpro Plugin <= 5.1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Userpro Type Plugin Vulnerable versions = 5.1.0 Fixed in 5.1.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-2497 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 7210ffe49db6 Credits István Márton Required...

8.8CVSS7AI score0.0027EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.19 views

WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Perfmatters Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47875 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 02a9c657f03b Credits Dave Jong Patchstack...

8.8CVSS7AI score0.0024EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.19 views

WordPress Post Meta Data Manager Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5776 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be22b4c7158e Credits Francesco...

8.8CVSS7AI score0.00292EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.19 views

WordPress myCred Plugin <= 2.6.1 is vulnerable to Cross Site Scripting (XSS)

Software myCred Type Plugin Vulnerable versions = 2.6.1 Fixed in 2.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47853 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7a775c0398b7 Credits Khalid Yusuf Required privilege Contributor...

6.5CVSS6.5AI score0.00385EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/15 12:0 a.m.19 views

WordPress WooCommerce Blocks Plugin <= 11.1.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Blocks Type Plugin Vulnerable versions = 11.1.1 Fixed in 11.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47777 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 99320ddb7175 Credits Rafie Muhammad Patchstack Require...

6.5CVSS6.5AI score0.00697EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2023/11/14 12:0 a.m.19 views

WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Scripting (XSS)

Software LayerSlider Type Plugin Vulnerable versions = 7.7.9 Fixed in 7.7.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47786 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID bc229172c2ce Credits Rafie Muhammad Patchstack Required...

6.5CVSS6.5AI score0.00368EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/09 12:0 a.m.19 views

WordPress Martins Free & Easy SEO Link buildings Plugin < 1.2.30 is vulnerable to Cross Site Scripting (XSS)

Software Martins Free & Easy SEO Link buildings Type Plugin Vulnerable versions 1.2.30 Fixed in 1.2.30 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5641 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b26e0b25f0b1...

6.1CVSS5.6AI score0.00444EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.19 views

WordPress Star CloudPRNT for WooCommerce Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Star CloudPRNT for WooCommerce Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47514 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0a1ab953b581 Credits Le...

7.1CVSS5.7AI score0.00412EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.19 views

WordPress URL Shortify Plugin < 1.7.9.1 is vulnerable to Cross Site Scripting (XSS)

Software URL Shortify Type Plugin Vulnerable versions 1.7.9.1 Fixed in 1.7.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5605 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 32b31c65bd12 Credits Bartlomiej Marek and Toma...

4.8CVSS6AI score0.00408EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/11/03 12:0 a.m.19 views

WordPress video carousel slider with lightbox Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software video carousel slider with lightbox Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5945 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1fb4a457923c Credits Al...

5.4CVSS6.6AI score0.00309EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/10/31 12:0 a.m.19 views

WordPress EventPrime Plugin < 3.2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software EventPrime Type Plugin Vulnerable versions 3.2.0 Fixed in 3.2.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4251 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3fee28172b5f Credits Alex Sanford Required...

4.3CVSS7AI score0.00231EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/10/30 12:0 a.m.19 views

WordPress Popup with fancybox Plugin <= 3.5 is vulnerable to SQL Injection

Software Popup with fancybox Type Plugin Vulnerable versions = 3.5 Fixed in 3.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5465 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 12bd56b92eb5 Credits István Márton Required privilege Contributor...

8.8CVSS6.8AI score0.0078EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/10/26 12:0 a.m.19 views

WordPress Neon text Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Neon text Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5817 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b1607d0a011 Credits Dmitrii Ignatyev Required privileg...

6.4CVSS5.7AI score0.00524EPSS
Exploits4References4Affected Software1
Patchstack
Patchstack
added 2023/10/26 12:0 a.m.19 views

WordPress Feather Login Page Plugin <= 1.1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Feather Login Page Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46777 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 62aa1ddd991f Credits Mika Required...

8.8CVSS6.6AI score0.0021EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/10/25 12:0 a.m.19 views

WordPress Custom Header Images Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom Header Images Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46636 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d852d829fc53 Credits Nguyen Xuan Chie...

8.8CVSS6.6AI score0.00254EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/18 12:0 a.m.19 views

WordPress Templately Plugin < 2.2.6 is vulnerable to Broken Access Control

Software Templately Type Plugin Vulnerable versions 2.2.6 Fixed in 2.2.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5454 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d43e1c889b21 Credits Krzysztof Zając CERT PL Require...

7.5CVSS6.4AI score0.00608EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/10/17 12:0 a.m.19 views

WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Settings Change

Software Themify Ultra Type Theme Vulnerable versions = 7.3.5 Fixed in 7.3.6 OWASP Top 10 A5: Broken Access Control Classification Settings Change CVE CVE-2023-46148 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 4e68744a5277 Credits Rafie Muhammad Patchstack Required...

8.8CVSS6.5AI score0.00444EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/17 12:0 a.m.19 views

WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload

Software Themify Ultra Type Theme Vulnerable versions = 7.3.5 Fixed in 7.3.6 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-46149 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 04def42b7ff1 Credits Rafie Muhammad Patchstack Required privile...

9.9CVSS6.8AI score0.00584EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/17 12:0 a.m.19 views

WordPress Spider Facebook Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)

Software Spider Facebook Type Plugin Vulnerable versions = 1.0.15 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-46090 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 44993b9d3d08 Credits LEE SE HYOUNG...

7.1CVSS5.6AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/13 12:0 a.m.19 views

WordPress is vulnerable to Cross Site Scripting (XSS)

Software WordPress Type WordPress Core Vulnerable versions 6.3.2 Fixed in 6.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-38000 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ac4da91c6db1 Credits Rafie Muhammad Patchstack Required...

6.5CVSS6.5AI score0.00788EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.19 views

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5534 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dd9ca26e2bc4 Credits Marco Wotschka Required...

5.4CVSS6.5AI score0.00206EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/10/11 12:0 a.m.19 views

WordPress cits-support-svg-webp-media-upload Plugin < 3.0 is vulnerable to Cross Site Scripting (XSS)

Software cits-support-svg-webp-media-upload Type Plugin Vulnerable versions 3.0 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5458 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c76219dcef8a Credits Bob Matyas...

5.4CVSS5.7AI score0.0039EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/10/11 12:0 a.m.19 views

WordPress IMPress Listings Plugin <= 2.6.2 is vulnerable to Broken Access Control

Software IMPress Listings Type Plugin Vulnerable versions = 2.6.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-45633 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 7bfb35b30d5c Credits Nguyen Anh Tien Required...

6.5AI score0.00311EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/04 12:0 a.m.19 views

WordPress WP Mail SMTP Pro Plugin <= 3.8.0 is vulnerable to Broken Access Control

Software WP Mail SMTP Pro Type Plugin Vulnerable versions = 3.8.0 Fixed in 3.8.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3213 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 55736a8f4b7c Credits Alex Thomas Required privileg...

5.3CVSS6.5AI score0.00429EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/09/18 12:0 a.m.19 views

WordPress Horizontal scrolling announcement Plugin <= 9.2 is vulnerable to SQL Injection

Software Horizontal scrolling announcement Type Plugin Vulnerable versions = 9.2 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-4999 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 360dd90299d7 Credits Lana Codes Required privilege...

8.8CVSS7.2AI score0.00725EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2023/09/14 12:0 a.m.19 views

WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Insecure Direct Object References (IDOR)

Software wpDiscuz Type Plugin Vulnerable versions = 7.6.3 Fixed in 7.6.4 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-3869 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e19751d1d189 Credits FearZzZz Required...

5.3CVSS6.8AI score0.00401EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/09/11 12:0 a.m.19 views

WordPress MapPress Maps for WordPress Plugin <= 2.88.4 is vulnerable to Cross Site Scripting (XSS)

Software MapPress Maps for WordPress Type Plugin Vulnerable versions = 2.88.4 Fixed in 2.88.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4840 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4fb9c1035c4b Credits Lana Codes...

6.4CVSS6.1AI score0.00467EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/09/06 12:0 a.m.19 views

WordPress WordPress Social Login Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Social Login Type Plugin Vulnerable versions = 3.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4773 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7be568b5c18c Credits Lana Codes Required...

6.4CVSS6AI score0.00359EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/09/05 12:0 a.m.19 views

WordPress Analytify Plugin <= 5.1.0 is vulnerable to Broken Access Control

Software Analytify Type Plugin Vulnerable versions = 5.1.0 Fixed in 5.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41695 Patch priority Low CVSS severity Low 3.5 Developer Claim ownership PSID cd9a143f3c57 Credits Abdi Pranata Required privilege...

6.6AI score0.00444EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000