Lucene search
K
PatchstackMost viewed

46629 matches found

Patchstack
Patchstack
•added 2023/10/12 12:0 a.m.•18 views

WordPress Video Playlist For YouTube Plugin <= 6.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Video Playlist For YouTube Type Plugin Vulnerable versions = 6.1 Fixed in 6.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45653 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1ce353f93318 Credits Mika Require...

8.8CVSS6.6AI score0.00214EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/10/06 12:0 a.m.•18 views

WordPress Profile Extra Fields by BestWebSoft Plugin <= 1.2.7 is vulnerable to Broken Access Control

Software Profile Extra Fields by BestWebSoft Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4469 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 924ab2d92750 Credits Alex Thoma...

5.3CVSS6.6AI score0.00467EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
•added 2023/10/03 12:0 a.m.•18 views

WordPress Short URL Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Short URL Type Plugin Vulnerable versions = 1.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45058 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 885f8c812def Credits Mika Required privilege...

8.8CVSS6.6AI score0.0021EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/10/03 12:0 a.m.•18 views

WordPress LeadSquared Suite Plugin <= 0.7.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software LeadSquared Suite Type Plugin Vulnerable versions = 0.7.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45047 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 660c9e832776 Credits yuyudhn Required...

8.8CVSS6.6AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/09/14 12:0 a.m.•18 views

WordPress WooCommerce EAN Payment Gateway Plugin < 6.1.0 is vulnerable to Broken Access Control

Software WooCommerce EAN Payment Gateway Type Plugin Vulnerable versions 6.1.0 Fixed in 6.1.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4947 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9bfa8f9c4e66 Credits Lana Codes Yan&C...

4.3CVSS6.9AI score0.00357EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/09/13 12:0 a.m.•18 views

WordPress WP User Control Plugin <= 1.5.3 is vulnerable to Other Vulnerability Type

Software WP User Control Type Plugin Vulnerable versions = 1.5.3 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Other Vulnerability Type CVE CVE-2023-4915 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5604d612e4e9 Credits Lana Codes Required privilege...

5.3CVSS6.8AI score0.00377EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/09/05 12:0 a.m.•18 views

WordPress WP Accessibility Helper (WAH) Plugin <= 0.6.2.4 is vulnerable to Broken Access Control

Software WP Accessibility Helper WAH Type Plugin Vulnerable versions = 0.6.2.4 Fixed in 0.6.2.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41869 Patch priority Low CVSS severity Low 4.3 Developer Alexander Volkov PSID e746c281667d Credits thiennv...

6.9AI score0.004EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/09/05 12:0 a.m.•18 views

WordPress SendPress Newsletters Plugin <= 1.23.11.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software SendPress Newsletters Type Plugin Vulnerable versions = 1.23.11.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41730 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID afb124386373 Credits yuyudhn...

8.8CVSS6.6AI score0.00211EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/09/04 12:0 a.m.•18 views

WordPress Woocommerce Support System Plugin <= 1.2.1 is vulnerable to SQL Injection

Software Woocommerce Support System Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-41685 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID c2b73ca8019a Credits Mika Required privilege Administrator...

9.8CVSS6.8AI score0.00547EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/09/04 12:0 a.m.•18 views

WordPress Tilda Publishing Plugin <= 0.3.23 is vulnerable to Broken Access Control

Software Tilda Publishing Type Plugin Vulnerable versions = 0.3.23 Fixed in 0.3.24 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-31234 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID f643ff3b43ab Credits spacecroupier Requir...

6.3CVSS6.5AI score0.00333EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/08/30 12:0 a.m.•18 views

WordPress All-in-One WP Migration Dropbox Extension Plugin <= 3.75 is vulnerable to Broken Access Control

Software All-in-One WP Migration Dropbox Extension Type Plugin Vulnerable versions = 3.75 Fixed in 3.76 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40004 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 517b1424056f Credits Raf...

7.3CVSS7AI score0.09666EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
•added 2023/08/29 12:0 a.m.•18 views

WordPress Forminator Plugin <= 1.24.6 is vulnerable to Arbitrary File Upload

Software Forminator Type Plugin Vulnerable versions = 1.24.6 Fixed in 1.25.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-4596 Patch priority High CVSS severity High 9.8 Developer WPMU DEV PSID c13bf0eea10b Credits mehmet Required privilege Unauthenticated Publishe...

9.8CVSS6.7AI score0.12749EPSS
Exploits3References4Affected Software1
Patchstack
Patchstack
•added 2023/08/28 12:0 a.m.•18 views

WordPress Easy Coming Soon Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Software Easy Coming Soon Type Plugin Vulnerable versions = 2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25483 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d32749ab7ef6 Credits Rio Darmawan Required...

5.9CVSS5.7AI score0.00316EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/08/16 12:0 a.m.•18 views

WordPress Tabs & Accordion Plugin <= 1.3.10 is vulnerable to Content Injection

Software Tabs & Accordion Type Plugin Vulnerable versions = 1.3.10 Fixed in N/A OWASP Top 10 A1: Injection Classification Content Injection CVE CVE-2023-40557 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2f516072a35d Credits Abdi Pranata Required privilege Contributor...

5.4CVSS6.9AI score0.00357EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/08/11 12:0 a.m.•18 views

WordPress MailChimp Forms by MailMunch Plugin <= 3.1.4 is vulnerable to Broken Access Control

Software MailChimp Forms by MailMunch Type Plugin Vulnerable versions = 3.1.4 Fixed in 3.1.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-40203 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1430c7736a5b Credits István Márton...

6.3AI score0.0056EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/08/11 12:0 a.m.•18 views

WordPress WP HTML Mail Plugin <= 3.4.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP HTML Mail Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-40202 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 21db8a0a2110 Credits István Márton Required...

8.8CVSS6.5AI score0.00208EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/08/10 12:0 a.m.•18 views

WordPress Avada Theme <= 7.11.1 is vulnerable to Server Side Request Forgery (SSRF)

Software Avada Type Theme Vulnerable versions = 7.11.1 Fixed in 7.11.2 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2023-39313 Patch priority Low CVSS severity Low 7.7 Developer Claim ownership PSID 8a9512654743 Credits Rafie Muhammad Patchstack...

7.7CVSS7AI score0.00462EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/08/03 12:0 a.m.•18 views

WordPress Advanced Custom Fields Plugin 6.1-6.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields Type Plugin Vulnerable versions 6.1-6.1.7 Fixed in 6.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40068 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ad8c9dc6f2b9 Credits Satoo Nakano...

5.4CVSS5.7AI score0.0148EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
•added 2023/07/27 12:0 a.m.•18 views

WordPress WP Brutal AI Plugin < 2.06 is vulnerable to Cross Site Scripting (XSS)

Software WP Brutal AI Type Plugin Vulnerable versions 2.06 Fixed in 2.06 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2606 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 658179337e78 Credits Taurus Omar Required privilege...

4.8CVSS6AI score0.01973EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
•added 2023/07/20 12:0 a.m.•18 views

WordPress Integration for WooCommerce and Zoho CRM Plugin < 1.3.7 is vulnerable to Open Redirection

Software Integration for WooCommerce and Zoho CRM Type Plugin Vulnerable versions 1.3.7 Fixed in 1.3.7 OWASP Top 10 A5: Security Misconfiguration Classification Open Redirection CVE CVE-2023-38481 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 39fbc1d90c72 Credits Phd...

6.1CVSS6.9AI score0.00406EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/07/20 12:0 a.m.•18 views

WordPress WpStream – Live Streaming, Video on Demand, Pay Per View Plugin <= 4.5.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software WpStream – Live Streaming, Video on Demand, Pay Per View Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A6: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-38512 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership...

8.8CVSS6.6AI score0.00209EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/07/20 12:0 a.m.•18 views

WordPress Pinpoint Booking System Plugin <= 2.9.9.3.4 is vulnerable to Content Spoofing

Software Pinpoint Booking System Type Plugin Vulnerable versions = 2.9.9.3.4 Fixed in 2.9.9.3.5 OWASP Top 10 A1: Injection Classification Content Spoofing CVE CVE-2023-38520 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b94b02c0ce93 Credits yuyudhn Required privilege...

6.5CVSS6.9AI score0.00397EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/07/20 12:0 a.m.•18 views

WordPress Borderless Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Borderless Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-38518 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c49a317f00bf Credits Rio Darmawan Required...

5.9CVSS5.7AI score0.00316EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/07/14 12:0 a.m.•18 views

WordPress HT Mega Plugin <= 2.2.0 is vulnerable to Privilege Escalation

Software HT Mega Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-37999 Patch priority High CVSS severity High 9.8 Developer HTMega PSID bbe5238c947f Credits Rafie Muhammad Patchstac...

9.8CVSS6.6AI score0.03043EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
•added 2023/07/13 12:0 a.m.•18 views

WordPress Authors List Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Authors List Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-37981 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 38312864f014 Credits LEE SE HYOUNG hackintoanetwork...

7.1CVSS6.5AI score0.00331EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/07/10 12:0 a.m.•18 views

WordPress Download IP2Location Country Blocker Plugin <= 2.29.1 is vulnerable to Bypass Vulnerability

Software Download IP2Location Country Blocker Type Plugin Vulnerable versions = 2.29.1 Fixed in 2.29.2 OWASP Top 10 A3: Injection Classification Bypass Vulnerability CVE CVE-2023-37865 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a1b65359a367 Credits Mika Required...

5.3CVSS6.9AI score0.0035EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/07/10 12:0 a.m.•18 views

WordPress Premium Addons PRO Plugin <= 2.9.0 is vulnerable to Broken Access Control

Software Premium Addons PRO Type Plugin Vulnerable versions = 2.9.0 Fixed in 2.9.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-37869 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 09e72b9c3acf Credits Rafie Muhammad Patchstack...

8.8CVSS6.6AI score0.00503EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/07/04 12:0 a.m.•18 views

WordPress WP-Optimize Plugin < 3.2.13 is vulnerable to Cross Site Scripting (XSS)

Software WP-Optimize Type Plugin Vulnerable versions 3.2.13 Fixed in 3.2.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1119 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 74a58d2a57e4 Credits Paolo Elia Required...

6.1CVSS5.6AI score0.01099EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
•added 2023/06/28 12:0 a.m.•18 views

WordPress LiquidPoll – Advanced Polls for Creators and Brands Plugin <= 3.3.68 is vulnerable to Broken Access Control

Software LiquidPoll – Advanced Polls for Creators and Brands Type Plugin Vulnerable versions = 3.3.68 Fixed in 3.3.69 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-36531 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8bdf6fb868a6...

6.3AI score0.00856EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
•added 2023/06/27 12:0 a.m.•18 views

WordPress NOO Timetable Plugin <= 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software NOO Timetable Type Plugin Vulnerable versions = 2.1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-45821 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d615de5bc83f Credits Cat Required privilege...

6.5CVSS5.8AI score0.0031EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/06/26 12:0 a.m.•18 views

WordPress AutomateWoo Plugin <= 5.7.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software AutomateWoo Type Plugin Vulnerable versions = 5.7.5 Fixed in 5.7.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-36513 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID baa4f71a9406 Credits Rafie Muhammad Patchsta...

8.8CVSS6.6AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/06/23 12:0 a.m.•18 views

WordPress MaxButtons Plugin <= 9.5.3 is vulnerable to Cross Site Scripting (XSS)

Software MaxButtons Type Plugin Vulnerable versions = 9.5.3 Fixed in 9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36503 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24d386e76da8 Credits Rafshanzani Suhada Required...

6.5CVSS5.8AI score0.0038EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/06/20 12:0 a.m.•18 views

WordPress MonsterInsights Pro Plugin <= 8.14.1 is vulnerable to Cross Site Scripting (XSS)

Software MonsterInsights Pro Type Plugin Vulnerable versions = 8.14.1 Fixed in 8.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32291 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1c1883d581be Credits Rafie Muhammad...

6.5CVSS5.8AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/06/07 12:0 a.m.•18 views

WordPress Directorist Plugin <= 7.5.4 is vulnerable to Broken Access Control

Software Directorist Type Plugin Vulnerable versions = 7.5.4 Fixed in 7.5.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-1889 Patch priority High CVSS severity High 7.2 Developer Claim ownership PSID 3d986c80db6c Credits Alex Thomas Required privilege...

6.5CVSS6.4AI score0.00609EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
•added 2023/06/05 12:0 a.m.•18 views

WordPress Page Builder with Image Map by AZEXO Plugin <= 1.27.133 is vulnerable to Broken Access Control

Software Page Builder with Image Map by AZEXO Type Plugin Vulnerable versions = 1.27.133 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3053 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID bcb4f38dcc4d Credits...

5.4CVSS6.5AI score0.00503EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/06/02 12:0 a.m.•18 views

WordPress Advanced Flat rate shipping Woocommerce Plugin <= 1.6.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Advanced Flat rate shipping Woocommerce Type Plugin Vulnerable versions = 1.6.4.4 Fixed in 1.6.4.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-34015 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 47ba6a8a749f...

8.8CVSS6.6AI score0.00246EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/05/30 12:0 a.m.•18 views

WordPress Slider Revolution Plugin <= 6.6.12 is vulnerable to Arbitrary File Upload

Software Slider Revolution Type Plugin Vulnerable versions = 6.6.12 Fixed in 6.6.13 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Upload CVE CVE-2023-2359 Patch priority Low CVSS severity Low 9.1 Developer ThemePunch PSID 48e5307584b9 Credits Marco Frison Required privilege...

8.8CVSS6.9AI score0.0254EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
•added 2023/05/29 12:0 a.m.•18 views

WordPress Gravity Forms Plugin <= 2.7.3 is vulnerable to PHP Object Injection

Software Gravity Forms Type Plugin Vulnerable versions = 2.7.3 Fixed in 2.7.4 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-28782 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 97930c86f0b1 Credits Rafie Muhammad Patchstack Required privile...

9.8CVSS6.9AI score0.00616EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/05/22 12:0 a.m.•18 views

WordPress Rank Math SEO PRO Plugin <= 3.0.35 is vulnerable to Cross Site Scripting (XSS)

Software Rank Math SEO PRO Type Plugin Vulnerable versions = 3.0.35 Fixed in 3.0.36 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32800 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 436b3db030cf Credits Rafie Muhamma...

7.1CVSS5.6AI score0.00382EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/05/18 12:0 a.m.•18 views

WordPress WP htaccess Control Plugin <= 3.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP htaccess Control Type Plugin Vulnerable versions = 3.5.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25462 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 80f0815b94aa Credits Rio Darmawan Required...

5.9CVSS5.8AI score0.00369EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/05/18 12:0 a.m.•18 views

WordPress UpdraftPlus Plugin <= 1.23.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software UpdraftPlus Type Plugin Vulnerable versions = 1.23.3 Fixed in 1.23.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32960 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID d64e914c934f Credits Rafie Muhammad...

7.1CVSS6.7AI score0.00208EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/05/09 12:0 a.m.•18 views

WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.1.23 is vulnerable to SQL Injection

Software Ultimate Addons for Contact Form 7 Type Plugin Vulnerable versions = 3.1.23 Fixed in 3.1.24 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-47586 Patch priority High CVSS severity High 8.2 Developer Themefic PSID 7a22cfa758d5 Credits minhtuanact Required privilege...

9.8CVSS6.8AI score0.00652EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/05/02 12:0 a.m.•18 views

WordPress Product Catalog Feed by PixelYourSite Plugin < 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Product Catalog Feed by PixelYourSite Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1804 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 27de0c95fe70 Credits...

6.1CVSS5.9AI score0.00519EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
•added 2023/04/24 12:0 a.m.•18 views

WordPress CMS Tree Page View Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software CMS Tree Page View Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30868 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 76d638e1b70d Credits LEE SE HYOUNG...

7.1CVSS5.9AI score0.03995EPSS
Exploits3References2Affected Software1
Patchstack
Patchstack
•added 2023/04/24 12:0 a.m.•18 views

WordPress Updraft Plugin <= 0.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Updraft Type Plugin Vulnerable versions = 0.6.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-26530 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc1184571b44 Credits Nguyen Xuan Hoa Required...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2023/04/12 12:0 a.m.•18 views

WordPress PowerPress Podcasting Plugin <= 10.0 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 10.0 Fixed in 10.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1917 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2e844f252ce9 Credits Alex Thomas...

5.4CVSS5.6AI score0.00529EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
•added 2023/04/11 12:0 a.m.•18 views

WordPress JetEngine Plugin < 3.1.3.1 is vulnerable to Remote Code Execution (RCE)

Software JetEngine Type Plugin Vulnerable versions 3.1.3.1 Fixed in 3.1.3.1 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-1406 Patch priority High CVSS severity High 9.1 Developer Crocoblock PSID a91fe4278b33 Credits R3zk0n Required privilege Author Published 11...

8.8CVSS7.2AI score0.01519EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
•added 2023/04/07 12:0 a.m.•18 views

WordPress Formidable Forms Plugin <= 6.1.2 is vulnerable to PHP Object Injection

Software Formidable Forms Type Plugin Vulnerable versions = 6.1.2 Fixed in 6.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1405 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID e0f1ba3999f1 Credits Nguyen Huu Do Required privilege...

7.5CVSS7.2AI score0.00702EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
•added 2023/04/06 12:0 a.m.•18 views

WordPress Product Catalog Simple Plugin <= 1.6.17 is vulnerable to Cross Site Scripting (XSS)

Software Product Catalog Simple Type Plugin Vulnerable versions = 1.6.17 Fixed in 1.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-29388 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 48939529292d Credits minhtuana...

7.1CVSS5.6AI score0.00382EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
•added 2023/04/06 12:0 a.m.•18 views

WordPress MapPress Maps for WordPress Plugin <= 2.85.4 is vulnerable to SQL Injection

Software MapPress Maps for WordPress Type Plugin Vulnerable versions = 2.85.4 Fixed in 2.85.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-26015 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID dfda53627d56 Credits Rafie Muhammad Patchstack Required...

9.8CVSS7.3AI score0.00734EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000