Lucene search
K
PatchstackMost viewed

46677 matches found

Patchstack
Patchstack
added 2024/10/15 12:0 a.m.18 views

WordPress Cooked Pro Plugin < 1.8.0 is vulnerable to Arbitrary File Upload

Software Cooked Pro Type Plugin Vulnerable versions 1.8.0 Fixed in 1.8.0 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49291 Patch priority High CVSS severity High 10 Developer Claim ownership PSID ca91d1c3c8bf Credits RE-ALTER Required privilege Unauthenticated...

10CVSS6.8AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.18 views

WordPress BuddyPress Better Registration Plugin <= 1.6 is vulnerable to Broken Authentication

Software BuddyPress Better Registration Type Plugin Vulnerable versions = 1.6 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-49247 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4288fed05f70...

9.8CVSS6.5AI score0.0052EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/13 12:0 a.m.18 views

WordPress Contact Form by Supsystic Plugin <= 1.7.28 is vulnerable to Remote Code Execution (RCE)

Software Contact Form by Supsystic Type Plugin Vulnerable versions = 1.7.28 Fixed in 1.7.29 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-48042 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 062050e33e8e Credits Hakiduck Required privile...

9.1CVSS7.2AI score0.01126EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/10 12:0 a.m.18 views

WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 5.6.11 is vulnerable to Sensitive Data Exposure

Software The Plus Addons for Elementor Page Builder Lite Type Plugin Vulnerable versions = 5.6.11 Fixed in 5.6.12 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8913 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID...

4.3CVSS6.5AI score0.00368EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.18 views

WordPress wp-Monalisa Plugin <= 6.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software wp-Monalisa Type Plugin Vulnerable versions = 6.4 Fixed in 6.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-48038 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f42673584f5d Credits SOPROBRO Required privilege...

4.3CVSS6.6AI score0.0016EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:0 a.m.18 views

WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.16.3 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes and extra features for Phlox theme Type Plugin Vulnerable versions = 2.16.3 Fixed in 2.16.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8486 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b44af62239ce...

6.4CVSS5.9AI score0.00354EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.18 views

WordPress Popularis Extra Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Popularis Extra Type Plugin Vulnerable versions = 1.2.6 Fixed in 1.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9353 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a36990b7c214 Credits vgo0 Required...

6.1CVSS5.9AI score0.00355EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.18 views

WordPress Advanced Custom Fields PRO Plugin < 5.11 is vulnerable to Broken Access Control

Software Advanced Custom Fields PRO Type Plugin Vulnerable versions 5.11 Fixed in 5.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-20865 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 148c8b46d288 Credits Keitaro Yamazaki...

7.5CVSS7.5AI score0.02462EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.18 views

WordPress Display Medium Posts Plugin <= 5.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Display Medium Posts Type Plugin Vulnerable versions = 5.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9445 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 06e0b332337b Credits theviper17y Required...

6.4CVSS6AI score0.00288EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/02 12:0 a.m.18 views

WordPress SEOPress Plugin <= 8.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SEOPress Type Plugin Vulnerable versions = 8.1.1 Fixed in 8.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9225 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 788a715fcbd5 Credits vgo0 Required privilege...

6.1CVSS5.7AI score0.00415EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.18 views

WordPress Loggedin Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Loggedin Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9228 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ab329401c416 Credits vgo0 Required privilege...

6.1CVSS6.1AI score0.0036EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.18 views

WordPress MaxSlider Plugin <= 1.2.3 is vulnerable to Local File Inclusion

Software MaxSlider Type Plugin Vulnerable versions = 1.2.3 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-47351 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID f9c913e9044c Credits João Pedro S Alcântara Kinorth Required privileg...

7.5CVSS7.8AI score0.00474EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.18 views

WordPress Web Directory Free Plugin <= 1.7.3 is vulnerable to Cross Site Scripting (XSS)

Software Web Directory Free Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.7.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47379 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7db5790f7ffc Credits Certus Cybersecurity Required...

7.1CVSS6.5AI score0.00292EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.18 views

WordPress LiteSpeed Cache Plugin <= 6.5.0.2 is vulnerable to Cross Site Scripting (XSS)

Software LiteSpeed Cache Type Plugin Vulnerable versions = 6.5.0.2 Fixed in 6.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47374 Patch priority Medium CVSS severity Medium 7.1 Developer Hai Zheng / Lite Speed Cache PSID b2ad66b394ec Credits TaiYou Required...

7.1CVSS6.5AI score0.0141EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.18 views

WordPress Full frame Theme <= 2.7.2 is vulnerable to Cross Site Scripting (XSS)

Software Full frame Type Theme Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44010 Patch priority Low CVSS severity Low 5.1 Developer Claim ownership PSID e76845de4c18 Credits Michael Required privilege Author Published ...

5.1CVSS6.5AI score0.00204EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.18 views

WordPress ElementsReady Addons for Elementor Plugin <= 6.4.0 is vulnerable to Cross Site Scripting (XSS)

Software ElementsReady Addons for Elementor Type Plugin Vulnerable versions = 6.4.0 Fixed in 6.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47329 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 79bbffb3d8c7 Credits João Pedro S...

6.5CVSS6.8AI score0.00254EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.18 views

WordPress Classic Editor and Classic Widgets Plugin <= 1.4.1 is vulnerable to SQL Injection

Software Classic Editor and Classic Widgets Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-47312 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID bea053e6b42c Credits Hakiduck Required privilege...

8.5CVSS6.8AI score0.00407EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.18 views

WordPress ThemeHunk Plugin <= 1.0.9 is vulnerable to Broken Access Control

Software ThemeHunk Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8434 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 0bcea717beb5 Credits Lucio Sá Required privilege Subscrib...

4.3CVSS6.6AI score0.00341EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.18 views

WordPress Primary Addon for Elementor Plugin <= 1.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Primary Addon for Elementor Type Plugin Vulnerable versions = 1.5.7 Fixed in 1.5.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44033 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8b7b50340583 Credits João Pedro S Alcântara...

6.5CVSS6.8AI score0.0029EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.18 views

WordPress WPZOOM Shortcodes Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software WPZOOM Shortcodes Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9027 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 023d928af205 Credits Peter Thaleikis Required...

6.4CVSS5.8AI score0.00333EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.18 views

WordPress Webba Booking Plugin <= 5.0.48 is vulnerable to Broken Access Control

Software Webba Booking Type Plugin Vulnerable versions = 5.0.48 Fixed in 5.0.50 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8432 Patch priority Low CVSS severity Low 4.3 Developer Webba Plugins PSID fd2912e23a57 Credits Lucio Sá Required privilege...

4.3CVSS6.6AI score0.00395EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/23 12:0 a.m.18 views

WordPress Photo Gallery by 10Web Plugin <= 1.8.27 is vulnerable to Cross Site Scripting (XSS)

Software Photo Gallery by 10Web Type Plugin Vulnerable versions = 1.8.27 Fixed in 1.8.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44043 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 58bdb83f52ba Credits Robert DeVore Required...

5.9CVSS6.5AI score0.00287EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/16 12:0 a.m.18 views

WordPress Blogvi Theme <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Blogvi Type Theme Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35715 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 148848988fb4 Credits stealthcopter Required privilege Contributor...

6.5CVSS6.6AI score0.00254EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/10 12:0 a.m.18 views

WordPress Frontend Dashboard Plugin <= 2.2.4 is vulnerable to Arbitrary Code Execution

Software Frontend Dashboard Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-8268 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 9cb7568890b1 Credits Lucio Sá Required privilege...

8.8CVSS7AI score0.00706EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/05 12:0 a.m.18 views

WordPress Content Blocks (Custom Post Widget) Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS)

Software Content Blocks Custom Post Widget Type Plugin Vulnerable versions = 3.3.5 Fixed in 3.3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44051 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b50c32e861c5 Credits lowol ngo Required...

6.5CVSS6.6AI score0.00263EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/04 12:0 a.m.18 views

WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 3.0.8 is vulnerable to Sensitive Data Exposure

Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8106 Patch priority Medium CVSS severity Medium 6.5 Developer WP Extended PSID 027663c0c476...

6.5CVSS9.3AI score0.00461EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/03 12:0 a.m.18 views

WordPress WP Job Portal Plugin <= 2.1.6 is vulnerable to Broken Access Control

Software WP Job Portal Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-7950 Patch priority High CVSS severity High 9.8 Developer Ahmad PSID 3162f7bd55ec Credits Connor Billings Required privilege...

9.8CVSS9.4AI score0.01197EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/29 12:0 a.m.18 views

WordPress The Post Grid Plugin <= 7.7.11 is vulnerable to Sensitive Data Exposure

Software The Post Grid Type Plugin Vulnerable versions = 7.7.11 Fixed in 7.7.12 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7418 Patch priority Low CVSS severity Low 4.3 Developer Mamunur Rashid PSID 5912b382937d Credits stealthcopter Required...

4.3CVSS6.6AI score0.00495EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/27 12:0 a.m.18 views

WordPress Reviews Feed Plugin <= 1.1.2 is vulnerable to Broken Access Control

Software Reviews Feed Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8199 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID eb3754a5f963 Credits Sajjad Ahmad jacksparrow Required...

4.3CVSS6.6AI score0.00401EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/20 12:0 a.m.18 views

WordPress Bit Form – Contact Form Plugin Plugin 2.0 - 2.13.9 is vulnerable to Cross Site Scripting (XSS)

Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions 2.0 - 2.13.9 Fixed in 2.13.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-7775 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a79665250a6a Credits siunam Required...

5.5CVSS6.6AI score0.00243EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.18 views

WordPress ReviewX Plugin <= 1.6.28 is vulnerable to Broken Access Control

Software ReviewX Type Plugin Vulnerable versions = 1.6.28 Fixed in 1.6.29 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43323 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID aac7e9823c91 Credits Manab Jyoti Dowarah Required...

9.8CVSS6.3AI score0.00472EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.18 views

WordPress Brave Popup Builder Plugin <= 0.7.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Brave Popup Builder Type Plugin Vulnerable versions = 0.7.0 Fixed in 0.7.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43337 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 04312f740763 Credits Ananda Dhakal...

4.3CVSS6.6AI score0.00172EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.18 views

WordPress myCred Plugin <= 2.7.2 is vulnerable to PHP Object Injection

Software myCred Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-43354 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID d4c5d0fdee74 Credits LVT-tholv2k Required privilege Unauthenticated...

9.8CVSS6.8AI score0.00528EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/15 12:0 a.m.18 views

WordPress Insert PHP Code Snippet Plugin <= 1.3.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Insert PHP Code Snippet Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43275 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f6953adb666a Credits Rafie...

8.8CVSS6.9AI score0.00222EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.18 views

WordPress Smart Online Order for Clover Plugin <= 1.5.6 is vulnerable to Broken Access Control

Software Smart Online Order for Clover Type Plugin Vulnerable versions = 1.5.6 Fixed in 1.5.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43254 Patch priority Low CVSS severity Low 4.3 Developer Zaytech PSID 156828c345a0 Credits Dhabaleshwar Das Requir...

8.8CVSS6.3AI score0.00417EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.18 views

WordPress DearFlip Plugin <= 2.2.55 is vulnerable to Cross Site Scripting (XSS)

Software DearFlip Type Plugin Vulnerable versions = 2.2.55 Fixed in 2.2.56 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8b20eae5d21 Credits m3ez Required...

6.5AI score0.72648EPSS
Exploits15References2Affected Software1
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.18 views

WordPress Christmasify! Plugin <= 1.5.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Christmasify! Type Plugin Vulnerable versions = 1.5.5 Fixed in 1.5.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7574 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1de3d7f2fe0e Credits vgo0 Required privileg...

6.1CVSS6.7AI score0.00184EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.18 views

WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) Plugin < 1.7.0 is vulnerable to SQL Injection

Software Docket WooCommerce Collections / Wishlist / Watchlist Type Plugin Vulnerable versions 1.7.0 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43132 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 952a5b0e08da Credits Dave Jong...

9.8CVSS6.8AI score0.00534EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/01 12:0 a.m.18 views

WordPress Extensions for Elementor Plugin <= 2.0.31 is vulnerable to Cross Site Scripting (XSS)

Software Extensions for Elementor Type Plugin Vulnerable versions = 2.0.31 Fixed in 2.0.32 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39668 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5c0f52c8e53f Credits Khalid Yusuf Required...

6.5CVSS6.6AI score0.00279EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/01 12:0 a.m.18 views

WordPress Swift Framework Page Builder Plugin < 2024.04.30 is vulnerable to Cross Site Scripting (XSS)

Software Swift Framework Page Builder Type Plugin Vulnerable versions 2024.04.30 Fixed in 2024.04.30 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2872 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a6a23937e22a Credits Bob...

4.8CVSS6AI score0.00312EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.18 views

WordPress Ninja Forms Plugin <= 3.8.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ninja Forms Type Plugin Vulnerable versions = 3.8.6 Fixed in 3.8.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-39628 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d4c57bafbe6c Credits Rafie Muhammad Patchsta...

8.8CVSS6.7AI score0.0019EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.18 views

WordPress AMP for WP Plugin <= 1.0.96.1 is vulnerable to Cross Site Scripting (XSS)

Software AMP for WP Type Plugin Vulnerable versions = 1.0.96.1 Fixed in 1.0.97 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6896 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0ff929ad7ead Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00313EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.18 views

WordPress Social Auto Poster Plugin <= 5.3.14 is vulnerable to Arbitrary File Upload

Software Social Auto Poster Type Plugin Vulnerable versions = 5.3.14 Fixed in 5.3.15 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6756 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 10970b4a81a6 Credits István Márton Required privileg...

8.8CVSS6.8AI score0.00786EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/22 12:0 a.m.18 views

WordPress Redux Framework Plugin <= 4.4.17 is vulnerable to Cross Site Scripting (XSS)

Software Redux Framework Type Plugin Vulnerable versions = 4.4.17 Fixed in 4.4.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6828 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3b2115820306 Credits villu164 Require...

7.2CVSS5.7AI score0.01028EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/22 12:0 a.m.18 views

WordPress Himalayas Theme <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Himalayas Type Theme Vulnerable versions = 1.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39629 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a02569ebfb01 Credits Michael Required privilege Administrator...

5.9CVSS6.6AI score0.00245EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/19 12:0 a.m.18 views

WordPress JetWidgets for Elementor and WooCommerce Plugin <= 1.1.7 is vulnerable to Local File Inclusion

Software JetWidgets for Elementor and WooCommerce Type Plugin Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-38772 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8f1a24339fa6 Credits João...

6.5CVSS6.6AI score0.00498EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/17 12:0 a.m.18 views

WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.20 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Addons for WPBakery Page Builder Type Plugin Vulnerable versions = 3.19.20 Fixed in 3.19.20.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5251 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 581cfa0b62a8...

6.4CVSS5.8AI score0.00295EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/16 12:0 a.m.18 views

WordPress WP Event Manager Plugin <= 3.1.43 is vulnerable to Cross Site Scripting (XSS)

Software WP Event Manager Type Plugin Vulnerable versions = 3.1.43 Fixed in 3.1.44 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2691 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 244e2b26df97 Credits Krzysztof Zając...

6.4CVSS5.8AI score0.00316EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/15 12:0 a.m.18 views

WordPress OpenPGP Form Encryption Plugin < 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software OpenPGP Form Encryption Type Plugin Vulnerable versions 1.5.1 Fixed in 1.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3919 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 357d35b3d36d Credits Bob Matyas Require...

4.6CVSS6AI score0.00253EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/07/15 12:0 a.m.18 views

WordPress Shortcodes Ultimate Pro Plugin < 7.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Pro Type Plugin Vulnerable versions 7.1.5 Fixed in 7.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4217 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b6182f916e0f Credits Dmitrii Ignatyev...

4.7CVSS6AI score0.00461EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities5000