Lucene search
K
PatchstackMost viewed

46606 matches found

Patchstack
Patchstack
added 2022/05/18 12:0 a.m.18 views

WordPress Jupiter premium theme <= 6.10.1 - Authenticated Path Traversal and Local File Inclusion (LFI) vulnerability

Authenticated Path Traversal and Local File Inclusion LFI vulnerability discovered by Ramuel Gall Wordfence in WordPress Jupiter premium theme versions = 6.10.1. Solution Update the WordPress Jupiter premium theme to the latest available version at least 6.10.2...

8.8CVSS2.4AI score0.01624EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2022/05/17 12:0 a.m.18 views

WordPress Enqueue Anything plugin <= 1.0.1 - Arbitrary Asset/Post Deletion vulnerability

Arbitrary Asset/Post Deletion vulnerability discovered by Abhishek Bhoir in WordPress Enqueue Anything plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of April 26, 2022 and is not available for download. This closure is temporary, pending a full review...

6.5CVSS3.6AI score0.00408EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/17 12:0 a.m.18 views

WordPress Advanced Admin Search plugin <= 1.1.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Ran Crane in WordPress Advanced Admin Search plugin versions = 1.1.5. Solution Update the WordPress Advanced Admin Search plugin to the latest available version at least 1.1.6...

6.1CVSS2AI score0.00757EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/16 12:0 a.m.18 views

WordPress Throws SPAM Away plugin <= 3.3 - Comment Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Comment Deletion via Cross-Site Request Forgery CSRF vulnerability was discovered by Daniel Ruf in the WordPress Throws SPAM Away plugin versions = 3.3. Solution Update the WordPress Throws SPAM Away plugin to the latest available version at least 3.3.1...

4.3CVSS4.8AI score0.00412EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/16 12:0 a.m.18 views

WordPress Video Slider – Slider Carousel plugin <= 1.4.6 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Fayçal CHENA in WordPress Video Slider – Slider Carousel plugin versions = 1.4.6. Solution Update the WordPress Video Slider – Slider Carousel plugin to the latest available version at least 1.4.8...

4.8CVSS1.9AI score0.00565EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/12 12:0 a.m.18 views

WordPress Note Press plugin <= 0.1.10 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability was discovered by Daniel Krohmer and Shi Chen in the WordPress Note Press plugin versions = 0.1.10. Solution Deactivate and delete. This plugin has been closed as of May 12, 2022 and is not available for download. This closure is temporary, pending a...

4CVSS2.8AI score0.00764EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/10 12:0 a.m.18 views

WordPress Easy FAQ with Expanding Text plugin <= 3.2.8.3.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability was discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in WordPress Easy FAQ with Expanding Text plugin versions = 3.2.8.3.1. Solution Deactivate and delete. This plugin has been closed as of April 19, 2022 and is not available for...

4.8CVSS1.2AI score0.00565EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/09 12:0 a.m.18 views

WordPress Birthdays Widget plugin <= 1.7.18 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Rutuja Chaudhari in WordPress Birthdays Widget plugin versions = 1.7.18. Solution Deactivate and delete. This plugin has been closed as of April 8, 2022 and is not available for download. This closure is temporary, pending a full review...

4.8CVSS2.7AI score0.00565EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/04 12:0 a.m.18 views

WordPress StaffList plugin <= 3.1.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Hassan Khan Yusufzai in WordPress StaffList plugin versions = 3.1.5. Solution Update the WordPress StaffList plugin to the latest available version at least 3.1.6...

2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/05/04 12:0 a.m.18 views

WordPress StaffList plugin <= 3.1.5 - Arbitrary Staff Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Staff Deletion via Cross-Site Request Forgery CSRF vulnerability was discovered by Hassan Khan Yusufzai in the WordPress StaffList plugin versions = 3.1.5. Solution Update the WordPress StaffList plugin to the latest available version at least 3.1.6...

4.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/05/02 12:0 a.m.18 views

WordPress Nirweb support plugin <= 2.7.9 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Nirweb support plugin versions = 2.7.9. Solution Update the WordPress Nirweb support plugin to the latest available version at least 2.8.2...

9.8CVSS2.7AI score0.12408EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/26 12:0 a.m.18 views

WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ex.Mi Patchstack in WordPress Psychological tests & quizzes plugin versions = 0.21.19. Solution No patched version is available...

5.4CVSS2.2AI score0.0055EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/26 12:0 a.m.18 views

WordPress Turn off all comments plugin <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Turn off all comments plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of April 19, 2022 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.7AI score0.02953EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/25 12:0 a.m.18 views

WordPress WPC Smart Wishlist for WooCommerce plugin <= 2.9.8 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Utkarsh Agrawal in WordPress WPC Smart Wishlist for WooCommerce plugin versions = 2.9.8. Solution Update the WordPress WPC Smart Wishlist for WooCommerce plugin to the latest available version at least 2.9.9...

6.1CVSS2AI score0.00815EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/11 12:0 a.m.18 views

WordPress Wbcom Designs – BuddyPress Create Group Type plugin <= 2.7.0 - Arbitrary Plugin Installation, Activation and Deactivation vulnerability

Arbitrary Plugin Installation, Activation and Deactivation vulnerability discovered by Mary JJ Jay in WordPress Wbcom Designs – BuddyPress Create Group Type plugin versions = 2.7.0. Solution Deactivate and delete. This plugin has been closed as of March 9, 2022 and is not available for download...

1.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/11 12:0 a.m.18 views

WordPress Adrotate plugin <= 5.8.22 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by Muhamad Hidayat in WordPress Adrotate plugin versions = 5.8.22. Solution Update the WordPress Adrotate plugin to the latest available version at least 5.8.23...

4.8CVSS1.7AI score0.00577EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/05 12:0 a.m.18 views

WordPress WP-Appbox plugin <= 4.3.20 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by mirphak Patchstack Alliance in WordPress WP-Appbox plugin versions = 4.3.20. Solution Update the WordPress WP-Appbox plugin to the latest available version at least 4.4.0...

4.8CVSS2.9AI score0.00576EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/03/29 12:0 a.m.18 views

WordPress Web To Print Shop : uDraw plugin <= 3.3.32 - Unauthenticated Arbitrary File Access vulnerability

Unauthenticated Arbitrary File Access vulnerability discovered by cydave in WordPress Web To Print Shop : uDraw plugin versions = 3.3.32. Solution Update the WordPress Web To Print Shop : uDraw plugin to the latest available version at least 3.3.33...

7.5CVSS3AI score0.07736EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/22 12:0 a.m.18 views

WordPress WP Downgrade plugin <= 1.2.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Taurus Omar in WordPress WP Downgrade plugin versions = 1.2.2. Solution Update the WordPress WP Downgrade plugin to the latest available version at least 1.2.3...

4.8CVSS2.3AI score0.04902EPSS
Exploits4References3Affected Software1
Patchstack
Patchstack
added 2022/03/02 12:0 a.m.18 views

WordPress Limit Login Attempts (Spam Protection) plugin <= 4.9.1 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Limit Login Attempts Spam Protection plugin versions = 4.9.1. Solution Update the WordPress Limit Login Attempts Spam Protection plugin to the latest available version at least 5.1...

9.8CVSS3.7AI score0.08852EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more plugin <= 4.2.37 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more plugin versions = 4.2.37. Solution Update the WordPress Media Cloud for Amazon S3, Imgix, Google Cloud Storage,...

3.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Premmerce Wishlist for WooCommerce plugin versions = 1.1.7. Solution Update the WordPress Premmerce Wishlist for WooCommerce plugin to the latest available version at least 1.1.8...

2.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Magic Post Thumbnail plugin < 3.3.11 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Magic Post Thumbnail plugin versions 3.3.11. Solution Update the WordPress Magic Post Thumbnail plugin to the latest available version at least 3.3.11...

1.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress WP School Calendar plugin <= 3.5.10 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP School Calendar plugin versions = 3.5.10. Solution Update the WordPress WP School Calendar plugin to the latest available version at least 3.6...

1.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress WP-Cron Status Checker plugin <= 1.2.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP-Cron Status Checker plugin versions = 1.2.2. Solution Update the WordPress WP-Cron Status Checker plugin to the latest available version at least 1.2.4...

4.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress WooCommerce Role Based Pricing by Meow Crew plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Role Based Pricing by Meow Crew plugin versions = 1.0.1. Solution Update the WordPress WooCommerce Role Based Pricing by Meow Crew plugin to the latest available version at least 1.0.2...

2.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Smart Protect plugin <= 1.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Smart Protect plugin versions = 1.1. Solution No patched version available...

2.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Before and After Product Images for WooCommerce plugin <= 1.0.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Before and After Product Images for WooCommerce plugin versions = 1.0.3. Solution No patched version available...

2.5AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress WPHobby Demo Import plugin <= 1.1.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WPHobby Demo Import plugin versions = 1.1.2. Solution No patched version available...

4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Netforum Member Directory plugin <= 1.11 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Netforum Member Directory plugin versions = 1.11. Solution No patched version available...

2.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress ConeBlog – WordPress Blog Widgets plugin <= 1.4.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress ConeBlog – WordPress Blog Widgets plugin versions = 1.4.5. Solution Update the WordPress ConeBlog – WordPress Blog Widgets plugin to the latest available version at least 1.4.6...

1.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin <= 2.23.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin versions = 2.23.0. Solution Update the WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin to the latest available version at...

3.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.5.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Image Photo Gallery Final Tiles Grid plugin versions = 3.5.4. Solution Update the WordPress Image Photo Gallery Final Tiles Grid plugin to the latest available version at least 3.5.5...

2.5AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Modern Addons for Elementor Page Builder plugin <= 1.1.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Modern Addons for Elementor Page Builder plugin versions = 1.1.2. Solution Update the WordPress Modern Addons for Elementor Page Builder plugin to the latest available version at least 1.2.0...

4.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress "WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule" plugin <= 2020.1.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress "WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule" plugin versions = 2020.1.0. Solution No patched version available...

2.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress SEO Plugin by Squirrly SEO plugin <= 11.1.11 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress SEO Plugin by Squirrly SEO plugin versions = 11.1.11. Solution Update the WordPress SEO Plugin by Squirrly SEO plugin to the latest available version at least 11.1.12...

6.1CVSS2.2AI score0.00788EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Stripe Express plugin < 1.7.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Stripe Express plugin versions 1.7.7. Solution Update the WordPress Stripe Express plugin to the latest available version at least 1.7.7...

2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7 Database (CFDB7) Plugin plugin < 0.6.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7 Database CFDB7 Plugin plugin versions 0.6.7. Solution Update the WordPress Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7...

2.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Salon Booking System Pro plugin <= 7.6.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered by Huli Cymetrics in WordPress Salon Booking System Pro plugin versions = 7.6.1. Solution Update the WordPress Salon Booking System Pro plugin to the latest available version at least 7.6.3...

7.5CVSS1.5AI score0.01431EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin < 1.4.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin versions 1.4.2. Solution Update the WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin to the...

4.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Files Download Delay plugin < 1.0.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Files Download Delay plugin versions 1.0.4. Solution Update the WordPress Files Download Delay plugin to the latest available version at least 1.0.4...

2.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress BSD Split Pay for Stripe Connect on Woo plugin <= 3.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress BSD Split Pay for Stripe Connect on Woo plugin versions = 3.2.0. Solution Update the WordPress BSD Split Pay for Stripe Connect on Woo plugin to the latest available version at least 3.2.1...

2.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Greenshift – animation and page builder blocks plugin < 1.1.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Greenshift – animation and page builder blocks plugin versions 1.1.4. Solution Update the WordPress Greenshift – animation and page builder blocks plugin to the latest available version at least 1.1.4...

3.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Add Pinterest conversion tags for Pinterest Ads + Site verification plugin <= 1.2.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Add Pinterest conversion tags for Pinterest Ads + Site verification plugin versions = 1.2.2. Solution Update the Add Pinterest conversion tags for Pinterest Ads + Site verification plugin to the latest available version at lea...

2.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Cryptocurrency Product for WooCommerce plugin <= 3.14.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Cryptocurrency Product for WooCommerce plugin versions = 3.14.0. Solution Update the WordPress Cryptocurrency Product for WooCommerce plugin to the latest available version at least 3.14.6...

2.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress annasta Woocommerce Product Filters plugin < 1.5.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress annasta Woocommerce Product Filters plugin versions 1.5.0. Solution Update the WordPress annasta Woocommerce Product Filters plugin to the latest available version at least 1.5.0...

4.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress SLP – Extenders plugin < 5.9.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress SLP – Extenders plugin versions 5.9.1. Solution Update the WordPress SLP – Extenders plugin to the latest available version at least 5.9.1...

2.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress Smart Variations Images & Swatches for WooCommerce plugin < 5.1.10 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Smart Variations Images & Swatches for WooCommerce plugin versions 5.1.10. Solution Update the WordPress Smart Variations Images & Swatches for WooCommerce plugin to the latest available version at least 5.1.10...

3.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/22 12:0 a.m.18 views

WordPress WP Google Map plugin <= 4.2.3 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Ex.Mi Patchstack in WordPress WP Google Map plugin versions = 4.2.3. Solution Update the WordPress WP Google Map plugin to the latest available version at least 4.2.4...

8.8CVSS2.9AI score0.00545EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/21 12:0 a.m.18 views

WordPress GDMylist plugin <= 1.1.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by fuzzyap1 in WordPress GDMylist plugin versions = 1.1.1. Solution Deactivate and delete. This plugin has been closed as of February 15, 2022 and is not available for download. This closure is temporary, pending a full review...

4.8CVSS2.7AI score0.00612EPSS
Exploits2References3Affected Software1
Total number of security vulnerabilities5000