Lucene search
K
PatchstackMost viewed

46578 matches found

Patchstack
Patchstack
added 2023/08/11 12:0 a.m.17 views

WordPress WP HTML Mail Plugin <= 3.4.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP HTML Mail Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-40202 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 21db8a0a2110 Credits István Márton Required...

8.8CVSS6.5AI score0.00208EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/10 12:0 a.m.17 views

WordPress ChatBot Plugin < 4.7.8 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions 4.7.8 Fixed in 4.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4253 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1272ce44f1e5 Credits Nguyen Hoang Nam Required privileg...

4.8CVSS5.7AI score0.00416EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/10 12:0 a.m.17 views

WordPress Avada Theme <= 7.11.1 is vulnerable to Arbitrary File Upload

Software Avada Type Theme Vulnerable versions = 7.11.1 Fixed in 7.11.2 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-39312 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID 1d3152e6549b Credits Rafie Muhammad Patchstack Required privilege...

9.1CVSS7.2AI score0.00465EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/08/09 12:0 a.m.17 views

WordPress User Activity Tracking and Log Plugin < 4.0.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software User Activity Tracking and Log Type Plugin Vulnerable versions 4.0.9 Fixed in 4.0.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8eda0dc496af Credits Erwan L...

4.3CVSS6.6AI score0.00218EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/07/24 12:0 a.m.17 views

WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Software CodeBard's Patron Button and Widgets for Patreon Type Plugin Vulnerable versions = 2.1.8 Fixed in 2.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30491 Patch priority Medium CVSS severity Medium 7.1 Developer Codebard PSID 9bd81d51b303...

7.1CVSS5.7AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/20 12:0 a.m.17 views

WordPress WpStream – Live Streaming, Video on Demand, Pay Per View Plugin <= 4.5.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software WpStream – Live Streaming, Video on Demand, Pay Per View Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A6: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-38512 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership...

8.8CVSS6.6AI score0.00209EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/20 12:0 a.m.17 views

WordPress Media Library Categories Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Media Library Categories Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36382 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3d7aad62f83d Credits Jeong Seong Ho...

5.9CVSS6AI score0.00339EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/20 12:0 a.m.17 views

WordPress Integration for WooCommerce and Zoho CRM Plugin < 1.3.7 is vulnerable to Open Redirection

Software Integration for WooCommerce and Zoho CRM Type Plugin Vulnerable versions 1.3.7 Fixed in 1.3.7 OWASP Top 10 A5: Security Misconfiguration Classification Open Redirection CVE CVE-2023-38481 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 39fbc1d90c72 Credits Phd...

6.1CVSS6.9AI score0.00406EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/17 12:0 a.m.17 views

WordPress Contact Form Generator Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Generator Type Plugin Vulnerable versions = 2.5.5 Fixed in 2.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37988 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4da7e4864bf8 Credits Arvandy...

7.1CVSS5.6AI score0.01231EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2023/07/17 12:0 a.m.17 views

WordPress WPBulky Plugin < 1.0.10 is vulnerable to Cross Site Scripting (XSS)

Software WPBulky Type Plugin Vulnerable versions 1.0.10 Fixed in 1.0.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30482 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f12e0267c313 Credits Abde Ouabala Required privilege...

6.5CVSS5.7AI score0.0031EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/12 12:0 a.m.17 views

WordPress FluentForm Plugin <= 4.3.25 is vulnerable to SQL Injection

Software FluentForm Type Plugin Vulnerable versions = 4.3.25 Fixed in 5.0.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-24410 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 40a669c23487 Credits Ravi Dharmawan Required privilege Administrator...

9.8CVSS6.9AI score0.00585EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/10 12:0 a.m.17 views

WordPress WP Default Feature Image Plugin <= 1.0.1.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Default Feature Image Type Plugin Vulnerable versions = 1.0.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25488 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 82470384fb0a Credits Nithissh S...

5.9CVSS5.8AI score0.00379EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2023/07/10 12:0 a.m.17 views

WordPress Download IP2Location Country Blocker Plugin <= 2.29.1 is vulnerable to Bypass Vulnerability

Software Download IP2Location Country Blocker Type Plugin Vulnerable versions = 2.29.1 Fixed in 2.29.2 OWASP Top 10 A3: Injection Classification Bypass Vulnerability CVE CVE-2023-37865 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a1b65359a367 Credits Mika Required...

5.3CVSS6.9AI score0.0035EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/07 12:0 a.m.17 views

WordPress Buy Me a Coffee Plugin <= 3.7 is vulnerable to Broken Access Control

Software Buy Me a Coffee Type Plugin Vulnerable versions = 3.7 Fixed in 3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25030 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID efd2e1e73286 Credits Abdi Pranata Required privilege...

4.3CVSS6.4AI score0.00237EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/05 12:0 a.m.17 views

WordPress Media Library Helper by Codexin Plugin <= 1.2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Media Library Helper by Codexin Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-37386 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 31c3323d9133 Credits...

8.8CVSS6.6AI score0.00208EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.17 views

WordPress Super Socializer Plugin < 7.13.52 is vulnerable to Cross Site Scripting (XSS)

Software Super Socializer Type Plugin Vulnerable versions 7.13.52 Fixed in 7.13.52 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2779 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID e9ffcc5c9c45 Credits 40826d Required...

6.1CVSS5.6AI score0.05991EPSS
Exploits4References4Affected Software1
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.17 views

WordPress MojoPlug Slide Panel Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software MojoPlug Slide Panel Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23807 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a537c89d392b Credits Rio Darmawan Require...

5.9CVSS5.7AI score0.00418EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.17 views

WordPress SupportCandy Plugin < 3.1.7 is vulnerable to SQL Injection

Software SupportCandy Type Plugin Vulnerable versions 3.1.7 Fixed in 3.1.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2805 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID a697ebaed446 Credits dc11 Required privilege Administrator Published 19 June...

7.2CVSS6.9AI score0.0085EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.17 views

WordPress Photo Gallery by 10Web Plugin <= 1.8.15 is vulnerable to Broken Access Control

Software Photo Gallery by 10Web Type Plugin Vulnerable versions = 1.8.15 Fixed in 1.8.16 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-33995 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0293acc0bbe3 Credits Rafshanzani Suhada...

6.5AI score0.00498EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/15 12:0 a.m.17 views

WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access Control

Software MasterStudy LMS Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-35093 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID fe9a14774ad1 Credits Rafshanzani Suhada...

6.5CVSS6.5AI score0.00555EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/13 12:0 a.m.17 views

WordPress WP Directory Kit Plugin <= 1.2.3 is vulnerable to Broken Access Control

Software WP Directory Kit Type Plugin Vulnerable versions = 1.2.3 Fixed in 1.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2351 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID ab7cb35f6371 Credits Lana Codes Required privile...

6.5CVSS6.5AI score0.0064EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/06/13 12:0 a.m.17 views

WordPress All Bootstrap Blocks Plugin <= 1.3.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software All Bootstrap Blocks Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35047 Patch priority Low CVSS severity Low 4.3 Developer AREOI PSID 8b9a52ad65ee Credits LEE SE HYOUNG...

6.5CVSS6.5AI score0.0022EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/12 12:0 a.m.17 views

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.0 is vulnerable to CSV Injection

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2023-0721 Patch priority Low CVSS severity Low 4.7 Developer Wpmet PSID 2f722b3f2145 Credits Ramuel Gall Required privilege...

8.3CVSS7.2AI score0.0071EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/06/02 12:0 a.m.17 views

WordPress Advanced Flat rate shipping Woocommerce Plugin <= 1.6.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Advanced Flat rate shipping Woocommerce Type Plugin Vulnerable versions = 1.6.4.4 Fixed in 1.6.4.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-34015 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 47ba6a8a749f...

8.8CVSS6.6AI score0.00246EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/31 12:0 a.m.17 views

WordPress Brizy Plugin <= 2.4.18 is vulnerable to Bypass Vulnerability

Software Brizy Type Plugin Vulnerable versions = 2.4.18 Fixed in 2.4.19 OWASP Top 10 A6: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-2897 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID 87bc729adcaa Credits Alex Thomas Required privilege...

5.3CVSS6.9AI score0.00295EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/05/31 12:0 a.m.17 views

WordPress Feather Login Page Plugin 1.0.7-1.1.1 is vulnerable to Broken Access Control

Software Feather Login Page Type Plugin Vulnerable versions 1.0.7-1.1.1 Fixed in 1.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2545 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 109ff0ae5394 Credits Lana Codes Required...

8.8CVSS6.8AI score0.00714EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/05/30 12:0 a.m.17 views

WordPress TPG Redirect Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software TPG Redirect Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32093 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ab7d6bc34f7d Credits Taihei Shimamine...

8.8CVSS6.6AI score0.00272EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/30 12:0 a.m.17 views

WordPress Dynamic QR Code Generator Plugin <= 0.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Dynamic QR Code Generator Type Plugin Vulnerable versions = 0.0.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34022 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 663371fa0bd1 Credits thiennv...

7.1CVSS6.1AI score0.00454EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2023/05/30 12:0 a.m.17 views

WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Request Forgery (CSRF)

Software bbPress Toolkit Type Plugin Vulnerable versions = 1.0.12 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-34031 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 97325c505989 Credits thiennv Required...

8.8CVSS7AI score0.00312EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/24 12:0 a.m.17 views

WordPress Download Plugin Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Download Plugin Type Plugin Vulnerable versions = 2.0.4 Fixed in 2.0.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-36345 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8585091ec14a Credits István Márton...

8.8CVSS6.6AI score0.00271EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/22 12:0 a.m.17 views

WordPress Rank Math SEO PRO Plugin <= 3.0.35 is vulnerable to Cross Site Scripting (XSS)

Software Rank Math SEO PRO Type Plugin Vulnerable versions = 3.0.35 Fixed in 3.0.36 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32800 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 436b3db030cf Credits Rafie Muhamma...

7.1CVSS5.6AI score0.00382EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/18 12:0 a.m.17 views

WordPress Scripts n Styles Plugin <= 3.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Scripts n Styles Type Plugin Vulnerable versions = 3.5.7 Fixed in 3.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-31236 Patch priority Low CVSS severity Low 5.9 Developer unFocus Projects PSID 915405d90808 Credits konagash Required...

5.9CVSS5.7AI score0.00369EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.17 views

WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Server Side Request Forgery (SSRF)

Software Essential Addons for Elementor Pro Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A5: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2023-32245 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 6f79f41d4291 Credits...

8.8CVSS6.6AI score0.00271EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.17 views

WordPress WPCS Plugin <= 1.1.9 is vulnerable to Broken Access Control

Software WPCS Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2556 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 05cf802e36e5 Credits Alex Thomas Required privilege...

4.3CVSS6.5AI score0.00434EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/05/11 12:0 a.m.17 views

WordPress Injection Guard Plugin <= 1.2.1 is vulnerable to Broken Access Control

Software Injection Guard Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-32574 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1c70e6bd7c94 Credits Abdi Pranata Required privile...

6.3AI score0.004EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/11 12:0 a.m.17 views

WordPress Woodmart Core Plugin <= 1.0.36 is vulnerable to Privilege Escalation

Software Woodmart Core Type Plugin Vulnerable versions = 1.0.36 Fixed in 1.0.37 OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE CVE-2023-32244 Patch priority High CVSS severity High 9.8 Developer Xtemos PSID a0b94835d329 Credits Dave Jong Patchstack Required privile...

9.8CVSS6.6AI score0.00789EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/11 12:0 a.m.17 views

WordPress Dyslexiefont Free Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Dyslexiefont Free Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32589 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fb7c8442b1dc Credits Yash Kanchhal...

8.8CVSS7AI score0.00271EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/05 12:0 a.m.17 views

WordPress Advanced Custom Fields PRO Plugin <= 6.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields PRO Type Plugin Vulnerable versions = 6.1.5 Fixed in 6.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30777 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 007d3de805e3 Credits Rafie...

7.1CVSS6.4AI score0.38768EPSS
Exploits3References2Affected Software1
Patchstack
Patchstack
added 2023/05/05 12:0 a.m.17 views

WordPress TheGem Theme < 5.8.1.1 is vulnerable to Broken Access Control

Software TheGem Type Theme Vulnerable versions 5.8.1.1 Fixed in 5.8.1.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-32238 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID dc2acc465d5c Credits Dave Jong Patchstack Required privile...

6.2AI score0.00167EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/02 12:0 a.m.17 views

WordPress Product Catalog Feed by PixelYourSite Plugin < 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Product Catalog Feed by PixelYourSite Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1804 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 27de0c95fe70 Credits...

6.1CVSS5.9AI score0.00519EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/05/02 12:0 a.m.17 views

WordPress Ninja Forms Plugin < 3.6.22 is vulnerable to Cross Site Scripting (XSS)

Software Ninja Forms Type Plugin Vulnerable versions 3.6.22 Fixed in 3.6.22 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1835 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 6f98d6f740b2 Credits Erwan LR WPScan Required...

6.1CVSS5.9AI score0.00925EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.17 views

WordPress NEX-Forms – Ultimate Form Builder Plugin < 8.4 is vulnerable to SQL Injection

Software NEX-Forms – Ultimate Form Builder Type Plugin Vulnerable versions 8.4 Fixed in 8.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2114 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 633a726244b6 Credits Alexander Schmid Required privilege...

7.2CVSS7.2AI score0.43042EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
added 2023/04/20 12:0 a.m.17 views

WordPress WP Cerber Security Plugin <= 9.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Cerber Security Type Plugin Vulnerable versions = 9.1 Fixed in 9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4712 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 381a6dfeb33d Credits Ramuel Gall Required...

7.2CVSS5.9AI score0.00478EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.17 views

WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Motors – Car Dealer & Classified Ads Type Plugin Vulnerable versions = 1.4.4 Fixed in 1.4.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-38716 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 076e6b4c8854 Credit...

8.8CVSS7AI score0.00248EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.17 views

WordPress The School Management – Education & Learning Management Plugin <= 4.1 is vulnerable to SQL Injection

Software The School Management – Education & Learning Management Type Plugin Vulnerable versions = 4.1 Fixed in 4.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-47430 Patch priority Low CVSS severity Low 6.7 Developer Claim ownership PSID 25a7149a9ecc Credits minhtuanact...

9.8CVSS7.2AI score0.00681EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/16 12:0 a.m.17 views

WordPress Quiz And Survey Master Plugin <= 8.1.4 is vulnerable to SQL Injection

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.1.4 Fixed in 8.1.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-28787 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 34ea65c01c78 Credits Rafie Muhammad Patchstack Required...

9.3CVSS7.2AI score0.01977EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/12 12:0 a.m.17 views

WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin < 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions 1.3.1 Fixed in 1.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28664 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 65753b42e2e6...

5.4CVSS5.6AI score0.00441EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/04/11 12:0 a.m.17 views

WordPress WP Tiles Plugin <= 1.1.2 is vulnerable to Sensitive Data Exposure

Software WP Tiles Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-1426 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 0ecd1ecdc31a Credits Erwan LR WPScan Required...

6.5CVSS6.5AI score0.00795EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/04/06 12:0 a.m.17 views

WordPress MapPress Maps for WordPress Plugin <= 2.85.4 is vulnerable to SQL Injection

Software MapPress Maps for WordPress Type Plugin Vulnerable versions = 2.85.4 Fixed in 2.85.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-26015 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID dfda53627d56 Credits Rafie Muhammad Patchstack Required...

9.8CVSS7.3AI score0.00734EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/03 12:0 a.m.17 views

WordPress WP VR Plugin < 8.3.0 is vulnerable to Broken Access Control

Software WP VR Type Plugin Vulnerable versions 8.3.0 Fixed in 8.3.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-1414 Patch priority Medium CVSS severity Medium 4.3 Developer WPFunnels Team PSID 08ad2733ea1e Credits Erwan LR WPScan Required privilege...

4.3CVSS6.8AI score0.00247EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities5000