Lucene search
K
PatchstackMost viewed

46606 matches found

Patchstack
Patchstack
added 2024/11/25 12:0 a.m.17 views

WordPress CM Business Directory Plugin – Business Listing Directory Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software CM Business Directory Plugin – Business Listing Directory Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

6.1CVSS5.9AI score0.00584EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/23 12:0 a.m.17 views

WordPress Blizzard Quotes Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blizzard Quotes Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53729 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ed471ac7b5ce Credits SOPROBRO Required...

6.9AI score0.00152EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/23 12:0 a.m.17 views

WordPress April's Call Posts Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software April's Call Posts Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53730 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 5fa9ffdca641 Credits SOPROBRO Required...

7AI score0.00152EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.17 views

WordPress Community by PeepSo Plugin <= 6.4.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Community by PeepSo Type Plugin Vulnerable versions = 6.4.6.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11447 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9789945f6fbd Credits rajanhoyr...

6.1CVSS5.9AI score0.0055EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.17 views

WordPress Run Contests, Raffles, and Giveaways with ContestsWP Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Run Contests, Raffles, and Giveaways with ContestsWP Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11456 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

6.1CVSS5.9AI score0.00416EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.17 views

WordPress Sky Addons for Elementor Plugin <= 2.6.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sky Addons for Elementor Type Plugin Vulnerable versions = 2.6.1 Fixed in 2.6.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-11601 Patch priority Low CVSS severity Low 4.3 Developer Shahidul Islam PSID d5ecb4a73f9b Credits vgo0 Requir...

8.1CVSS6.6AI score0.00314EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.17 views

WordPress Contact Form 7 Email Add on Plugin <= 1.9 is vulnerable to Local File Inclusion

Software Contact Form 7 Email Add on Type Plugin Vulnerable versions = 1.9 Fixed in N/A OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-10898 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 980fef2f1e67 Credits Le Ngoc Anh Required privilege...

8.8CVSS7.2AI score0.01266EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.17 views

WordPress Lock User Account Plugin <= 1.0.5 is vulnerable to Broken Authentication

Software Lock User Account Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-11197 Patch priority Low CVSS severity Low 4.2 Developer Claim ownership PSID 83b2ce1638c9 Credits Francesc...

4.2CVSS4.4AI score0.00407EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.17 views

WordPress Ashe Theme <= 2.243 is vulnerable to Cross Site Scripting (XSS)

Software Ashe Type Theme Vulnerable versions = 2.243 Fixed in 2.244 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9777 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1ba0e6cd8ae8 Credits vgo0 Required privilege...

6.1CVSS5.9AI score0.00383EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.17 views

WordPress WPB Popup for Contact Form 7 Plugin <= 1.7.5 is vulnerable to Broken Access Control

Software WPB Popup for Contact Form 7 Type Plugin Vulnerable versions = 1.7.5 Fixed in 1.7.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-11038 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 9b3456d161fd Credits Arkadiusz...

7.3CVSS6.8AI score0.0057EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.17 views

WordPress Save as PDF plugin by Pdfcrowd Plugin <= 4.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Save as PDF plugin by Pdfcrowd Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10891 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bc2c8b0bae5b Credits Peter...

6.4CVSS5.7AI score0.0027EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.17 views

WordPress Customer Reviews for WooCommerce Plugin <= 5.61.0 is vulnerable to Broken Access Control

Software Customer Reviews for WooCommerce Type Plugin Vulnerable versions = 5.61.0 Fixed in 5.62.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10614 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ce10b4d9cbd7 Credits incognito...

4.3CVSS6.7AI score0.00272EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.17 views

WordPress UserPlus Plugin <= 2.0 is vulnerable to Privilege Escalation

Software UserPlus Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-52442 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 1a20cf86d1cd Credits João Pedro S...

9.8CVSS6.6AI score0.00488EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.17 views

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.7 is vulnerable to Broken Access Control

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10530 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 918318d433d6 Credits Tieu Pham Tro...

4.3CVSS6.7AI score0.00438EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.17 views

WordPress AJAX Random Posts Plugin <= 0.3.3 is vulnerable to PHP Object Injection

Software AJAX Random Posts Type Plugin Vulnerable versions = 0.3.3 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52409 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 88448bab09ca Credits Bonds Required privilege Unauthenticated...

9.8CVSS7.2AI score0.00509EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.17 views

WordPress WP Githuber MD Plugin <= 1.16.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Githuber MD Type Plugin Vulnerable versions = 1.16.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52422 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 80930d0544eb Credits Fazle Mawla Required privilege Contribut...

6.5CVSS6.9AI score0.00233EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/12 12:0 a.m.17 views

WordPress Luna Web Radio Player Plugin <= 6.24.01.24 is vulnerable to Directory Traversal

Software Luna Web Radio Player Type Plugin Vulnerable versions = 6.24.01.24 Fixed in 6.24.11.07 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2024-10816 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 24e0a47712fe Credits Tonn Required privilege...

7.5CVSS6.8AI score0.01105EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/12 12:0 a.m.17 views

WordPress Buy one click WooCommerce Plugin <= 2.2.9 is vulnerable to Broken Access Control

Software Buy one click WooCommerce Type Plugin Vulnerable versions = 2.2.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10852 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a5a826444a0c Credits incognito Required...

4.3CVSS6.5AI score0.00388EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/11 12:0 a.m.17 views

WordPress WP Photo Album Plus Plugin <= 8.8.08.007 is vulnerable to Broken Access Control

Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.8.08.007 Fixed in 8.9.01.001 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-10958 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d60c5fd2604a Credits Arkadiusz...

7.3CVSS6.8AI score0.01577EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress Th Shop Mania Theme <= 1.4.9 is vulnerable to Arbitrary Code Execution

Software Th Shop Mania Type Theme Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Arbitrary Code Execution CVE CVE-2024-10674 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 314680b4b995 Credits Sean...

8.8CVSS6.7AI score0.01683EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress drop in image slideshow gallery Plugin <= 12.0 is vulnerable to Cross Site Scripting (XSS)

Software drop in image slideshow gallery Type Plugin Vulnerable versions = 12.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51914 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a71fbc384972 Credits Zlrqh Required privilege...

6.5CVSS6.9AI score0.00285EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress L Squared Hub WP Plugin <= 1.0 is vulnerable to SQL Injection

Software L Squared Hub WP Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-51820 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID b1c1c7bbdde2 Credits LVT-tholv2k Required privilege Contributor Published...

8.5CVSS6.8AI score0.00406EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress CE21 Suite Plugin <= 2.2.0 is vulnerable to Sensitive Data Exposure

Software CE21 Suite Type Plugin Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Sensitive Data Exposure CVE CVE-2024-10285 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 6f3d12b67220 Credits István Márton Required privilege...

9.8CVSS6.5AI score0.00604EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress Algori PDF Viewer Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Algori PDF Viewer Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2018-5158 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f9da283093fc Credits Colin Xu Required...

8.8CVSS5.8AI score0.10576EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress CE21 Suite Plugin <= 2.2.0 is vulnerable to Broken Access Control

Software CE21 Suite Type Plugin Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10294 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 61161cac4b51 Credits István Márton Required privile...

7.5CVSS6.5AI score0.00276EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress Posts Search Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Posts Search Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51884 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c9222a2124ac Credits SOPROBRO Required privilege Contributor...

6.5CVSS6.5AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress Stylish Internal Links Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Stylish Internal Links Type Plugin Vulnerable versions = 1.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51939 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 514970e5a542 Credits Zlrqh Required privilege Contributo...

6.5CVSS6.9AI score0.00231EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.17 views

WordPress HB AUDIO GALLERY Plugin <= 3.0 is vulnerable to Arbitrary File Upload

Software HB AUDIO GALLERY Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-51790 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 40d2c24127c2 Credits stealthcopter Required privilege...

10CVSS6.8AI score0.00527EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/06 12:0 a.m.17 views

WordPress Event post Plugin <= 5.9.6 is vulnerable to Cross Site Scripting (XSS)

Software Event post Type Plugin Vulnerable versions = 5.9.6 Fixed in 5.9.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10186 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f5c01437fb3d Credits Peter Thaleikis Required...

6.4CVSS5.8AI score0.00295EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.17 views

WordPress Saragna Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Saragna Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51711 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 521f5ad254b7 Credits João Pedro S Alcântara Kinorth Required...

7.1CVSS6.9AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.17 views

WordPress Narnoo Commerce Manager Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Narnoo Commerce Manager Type Plugin Vulnerable versions = 1.6.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51708 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1daa09058da0 Credits João Pedro S Alcântara...

7.1CVSS6.9AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.17 views

WordPress Media Library Assistant Plugin <= 3.19 is vulnerable to Remote Code Execution (RCE)

Software Media Library Assistant Type Plugin Vulnerable versions = 3.19 Fixed in 3.20 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-51661 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID a84f9b05189b Credits Certus Cybersecurity Required...

9.1CVSS7.3AI score0.01087EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.17 views

WordPress Black Widgets For Elementor Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software Black Widgets For Elementor Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51662 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b85ed5e8e929 Credits João Pedro S Alcântara...

6.5CVSS6.8AI score0.00248EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/30 12:0 a.m.17 views

WordPress Events Manager Pro – extended Plugin <= 0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Events Manager Pro – extended Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-50532 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 6e38b5b027b3 Credits SOPROBRO...

7.1CVSS6.6AI score0.00394EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/30 12:0 a.m.17 views

WordPress Gift Vouchers Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Gift Vouchers Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9165 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 05e5caabd7d5 Credits Francesco Carlucci Require...

6.4CVSS8.5AI score0.00333EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.17 views

WordPress Uix Shortcodes Plugin <= 1.9.9 is vulnerable to Arbitrary Code Execution

Software Uix Shortcodes Type Plugin Vulnerable versions = 1.9.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-9772 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID a42f828d9a99 Credits Francesco Carlucci Required privilege...

7.3CVSS7AI score0.01411EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.17 views

WordPress Meetup Plugin <= 0.1 is vulnerable to Broken Authentication

Software Meetup Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50483 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 6432286e77c7 Credits Bonds Required...

9.8CVSS6.8AI score0.02382EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.17 views

WordPress WatchTowerHQ Plugin <= 3.10.1 is vulnerable to Broken Authentication

Software WatchTowerHQ Type Plugin Vulnerable versions = 3.10.1 Fixed in 3.10.4 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9933 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 5b771d8428a0 Credits István...

9.8CVSS9.4AI score0.01935EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.17 views

WordPress Multi Purpose Mail Form Plugin <= 1.0.2 is vulnerable to Arbitrary File Upload

Software Multi Purpose Mail Form Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50484 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 3feda20596e4 Credits Bonds Required privilege...

10CVSS7.2AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.17 views

WordPress Namaste! LMS Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Namaste! LMS Type Plugin Vulnerable versions = 2.6.2 Fixed in 2.6.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50409 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 084203fa02ee Credits Hakiduck Required privilege Student...

6.5CVSS6.2AI score0.00269EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.17 views

WordPress WooCommerce UPS Shipping – Live Rates and Access Points Plugin <= 2.3.11 is vulnerable to Broken Access Control

Software WooCommerce UPS Shipping – Live Rates and Access Points Type Plugin Vulnerable versions = 2.3.11 Fixed in 3.0.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9109 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b3cccbff59...

4.3CVSS6.5AI score0.00386EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.17 views

WordPress WP Abstracts Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Abstracts Type Plugin Vulnerable versions = 2.7.1 Fixed in 2.7.2 OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-50411 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6551529121f6 Credits UKO Required privilege Administrato...

5.9CVSS5.6AI score0.00255EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.17 views

WordPress WPS Telegram Chat Plugin <= 4.5.4 is vulnerable to Broken Access Control

Software WPS Telegram Chat Type Plugin Vulnerable versions = 4.5.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-9628 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 35d166ea4c51 Credits...

6.5CVSS6.5AI score0.00267EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.17 views

WordPress DearFlip Plugin <= 2.3.32 is vulnerable to Cross Site Scripting (XSS)

Software DearFlip Type Plugin Vulnerable versions = 2.3.32 Fixed in 2.3.42 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8717 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f4b31b90d091 Credits Noah Stead TurtleBurg...

6.1CVSS5.6AI score0.00421EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.17 views

WordPress TI WooCommerce Wishlist Plugin <= 2.9.0 is vulnerable to SQL Injection

Software TI WooCommerce Wishlist Type Plugin Vulnerable versions = 2.9.0 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9156 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 2b353481dee7 Credits John Castro Required privilege...

7.5CVSS6.8AI score0.00391EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.17 views

WordPress Todo Custom Field Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Todo Custom Field Type Plugin Vulnerable versions = 3.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49642 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 03eb6add369b Credits Mika Required privilege...

7.1CVSS6.5AI score0.00267EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.17 views

WordPress Product Website Showcase Plugin <= 1.0 is vulnerable to Arbitrary File Upload

Software Product Website Showcase Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49611 Patch priority High CVSS severity High 10 Developer Claim ownership PSID f26ca655ccfd Credits stealthcopter Required privilege...

10CVSS6.9AI score0.0053EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.17 views

WordPress SermonAudio Widgets Plugin <= 1.9.3 is vulnerable to SQL Injection

Software SermonAudio Widgets Type Plugin Vulnerable versions = 1.9.3 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49614 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID b36bd1fd3f06 Credits João Pedro S Alcântara Kinorth Required privile...

8.8CVSS8.8AI score0.00432EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/17 12:0 a.m.17 views

WordPress WP REST API FNS Plugin <= 1.0.0 is vulnerable to Privilege Escalation

Software WP REST API FNS Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-49328 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID b5035012904a Credits stealthcopter Required privilege...

9.8CVSS9.4AI score0.01461EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/10/17 12:0 a.m.17 views

WordPress Photo Gallery Builder Plugin <= 3.0 is vulnerable to Broken Access Control

Software Photo Gallery Builder Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-49325 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID db6c940f3de7 Credits Marek Mikita Required...

8.8CVSS6.6AI score0.00409EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities5000