Lucene search
K
PatchstackMost viewed

46578 matches found

Patchstack
Patchstack
added 2022/10/18 12:0 a.m.17 views

WordPress core <= 6.0.2 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability in the Search block discovered by Alex Concha WP Security team in WordPress core versions = 6.0.2. Solution Update the WordPress to the latest available version at least 6.0.3...

1.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/10/17 12:0 a.m.17 views

WordPress Easy Digital Downloads plugin <= 2.11.7 - Arbitrary Post Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Post Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by Krzysztof Zając in WordPress Easy Digital Downloads plugin versions = 2.11.7. Solution Update the WordPress Easy Digital Downloads plugin to the latest available version at least 3.0...

4.3CVSS4.7AI score0.00286EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/10/13 12:0 a.m.17 views

WordPress Account Manager for WooCommerce plugin <= 2.0.19 - Broken Access Control vulnerability

Broken Access Control vulnerability leading to the export of sensitive information user id, first name, last name by the subscriber or higher role user discovered by WordPress Account Manager for WooCommerce plugin versions = 2.0.19. Solution No patched version is available. No reply from the...

1.2AI score0.00218EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/10 12:0 a.m.17 views

WordPress PublishPress Capabilities plugin <= 2.5.1 - Auth. PHP Objection Injection vulnerability

Auth. PHP Objection Injection vulnerability discovered by Nguyen Pham Viet Nam in WordPress PublishPress Capabilities plugin versions = 2.5.1. Solution Update the WordPress PublishPress Capabilities plugin to the latest available version at least 2.5.2...

7.2CVSS2.5AI score0.01126EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/29 12:0 a.m.17 views

WordPress AdminPad plugin <= 2.1 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Raad Haddad Cloudyrion GmbH in WordPress AdminPad plugin versions = 2.1. Solution Update the WordPress AdminPad plugin to the latest available version at least 2.2...

6.5CVSS2.3AI score0.00337EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/28 12:0 a.m.17 views

WordPress Store Locator plugin <= 1.4.5 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability was discovered by Nguy Minh Tuan Patchstack Alliance in the WordPress Store Locator plugin versions = 1.4.5. Solution Update the WordPress Store Locator WordPress plugin to the latest available version at least 1.4.6...

6.1CVSS3.1AI score0.00227EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/27 12:0 a.m.17 views

WordPress TH Advance Product Search plugin <= 1.1.4 - Unauthenticated Plugin Settings Change vulnerability

Unauthenticated Plugin Settings Change vulnerability discovered by Rasi Affef in WordPress TH Advance Product Search plugin versions = 1.1.4. Solution Update the WordPress TH Advance Product Search plugin to the latest available version at least 1.1.5...

2.8AI score0.00486EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/26 12:0 a.m.17 views

WordPress Meks Easy Social Share plugin <= 1.2.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in WordPress Meks Easy Social Share plugin versions = 1.2.7. Solution Update the WordPress Meks Easy Social Share plugin to the latest available version at least 1.2.8...

4.8CVSS2.8AI score0.00532EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/19 12:0 a.m.17 views

WordPress Simple File List plugin <= 4.4.11 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Raad Haddad Cloudyrion GmbH in WordPress Simple File List plugin versions = 4.4.11. Solution Update the WordPress Simple File List plugin to the latest available version at least 4.4.12...

4.8CVSS1.4AI score0.0047EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/19 12:0 a.m.17 views

WordPress Download Monitor plugin <= 4.5.97 - Authenticated Arbitrary File Download vulnerability

Authenticated Arbitrary File Download vulnerability was discovered by Raad Haddad Cloudyrion GmbH in the WordPress Download Monitor plugin versions = 4.5.97. Solution Update the WordPress Download Monitor plugin to the latest available version at least 4.5.98...

4.9CVSS2.7AI score0.00859EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/14 12:0 a.m.17 views

WordPress NOTICE BOARD plugin <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress NOTICE BOARD plugin versions = 1.1. Solution No patched version is available...

5.4CVSS3.1AI score0.00439EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/06 12:0 a.m.17 views

WordPress Ketchup Restaurant Reservations plugin <= 1.0.0 - Unauthenticated Blind SQL Injection (SQLi) vulnerability

Unauthenticated Blind SQL Injection SQLi vulnerability discovered by Bastijn Ouwendijk in WordPress Ketchup Restaurant Reservations plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of August 29, 2022 and is not available for download. This closure is...

9.8CVSS2.3AI score0.37709EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/05 12:0 a.m.17 views

WordPress Scripts Organizer premium plugin < 3.0 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Ovidiu Maghetiu in WordPress Scripts Organizer premium plugin versions 3.0 Solution Update the WordPress Scripts Organizer plugin to the latest available version at least 3.0...

8.8CVSS2.7AI score0.00457EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/09/02 12:0 a.m.17 views

WordPress Meet My Team plugin <= 2.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability was discovered by Ngo Van Thien Patchstack Alliance in the WordPress Meet My Team plugin versions = 2.0.5. Solution Deactivate and delete. No reply from the vendor...

5.4CVSS3AI score0.00414EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/31 12:0 a.m.17 views

WordPress add2fav plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress add2fav plugin versions = 1.0. Solution No patched version available...

4.8CVSS3.1AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/29 12:0 a.m.17 views

WordPress Zephyr Project Manager plugin <= 3.2.42 - Unauthorized REST Calls to Stored Cross-Site Scripting (XSS) vulnerability

Unauthorized REST Calls to Stored Cross-Site Scripting XSS vulnerability discovered by WPScan in WordPress Zephyr Project Manager plugin versions = 3.2.42. Solution Update the WordPress Zephyr Project Manager plugin to the latest available version at least 3.2.5...

2.1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/08/25 12:0 a.m.17 views

WordPress Event Calendar – Calendar plugin <= 1.4.6 - Unauthenticated Event Deletion vulnerability

Unauthenticated Event Deletion vulnerability discovered by Nguy Minh Tuan Patchstack Alliance in WordPress Event Calendar – Calendar plugin versions = 1.4.6. Solution Update the WordPress Event Calendar – Calendar plugin to the latest available version at least 1.4.7...

6.5CVSS3.8AI score0.00534EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/15 12:0 a.m.17 views

WordPress Fast Flow Plugin <= 1.2.11 - Reflected Stored Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by p7e4 in Fast Flow plugin versions = 1.2.11 Solution Update the WordPress Fast Flow plugin to the latest available version at least 1.2.12...

6.1CVSS3.2AI score0.00876EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/08/08 12:0 a.m.17 views

WordPress Leaflet Maps Marker plugin <= 3.12.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Ihor Bliumental in WordPress Leaflet Maps Marker plugin versions = 3.12.4. Solution Update the WordPress Leaflet Maps Marker plugin to the latest available version at least 3.12.5...

7.2CVSS3.1AI score0.01062EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/08/02 12:0 a.m.17 views

WordPress Link Optimizer Lite plugin <= 1.4.5 - Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS discovered by Hayato Takizawa in WordPress Link Optimizer Lite plugin versions = 1.4.5. Solution Deactivate and delete. This plugin has been closed as of July 26, 2022 and is not available for download. This closure...

8.8CVSS0.7AI score0.00499EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/07/26 12:0 a.m.17 views

WordPress Rezgo Online Booking <= 4.1.7 - Reflected Cross-Site-Scripting (XSS) vulnerability

Reflected Cross-Site-Scripting XSS vulnerability discovered by cydave in WordPress Rezgo Online Booking versions = 4.1.7. Solution Update the WordPress Rezgo plugin to the latest available version at least 4.1.8...

6.1CVSS2.6AI score0.00531EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/07/25 12:0 a.m.17 views

WordPress WP-DBManager plugin <= 2.80.7 - Authenticated Remote Command Execution vulnerability

Authenticated Remote Command Execution vulnerability discovered by Raad Haddad in WordPress WP-DBManager plugin versions = 2.80.7. Solution Update the WordPress WP-DBManager plugin to the latest available version at least 2.80.8...

7.2CVSS4.4AI score0.01012EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/07/11 12:0 a.m.17 views

WordPress Featured Image from URL plugin <= 3.9.9 - Arbitrary Settings Update to Stored XSS via CSRF vulnerability

Arbitrary Settings Update to Stored XSS via CSRF vulnerability discovered by Raad Haddad in WordPress Featured Image from URL plugin versions = 3.9.9. Solution Update the WordPress Featured Image from URL plugin to the latest available version at least 4.0.0...

6.1CVSS3AI score0.0051EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/22 12:0 a.m.17 views

WordPress 404s plugin <= 3.4.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Vivek Kumar Jaiswal in WordPress 404s plugin versions = 3.4.9. Solution Update the WordPress 404s plugin to the latest available version at least 3.5.1...

4.8CVSS2.1AI score0.00493EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/20 12:0 a.m.17 views

WordPress WP Opt-in plugin <= 1.4.1 - Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Settings Update via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress WP Opt-in plugin versions = 1.4.1. Solution Deactivate and delete. This plugin has been closed as of June 15, 2022 and is not available for download. This closure is temporary, pendin...

4.3CVSS4AI score0.00368EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/16 12:0 a.m.17 views

WordPress WP Paginate plugin <= 2.1.8 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by iohex in WordPress WP Paginate plugin versions = 2.1.8. Solution Update the WordPress WP Paginate plugin to the latest available version at least 2.1.9...

4.8CVSS2AI score0.00493EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/06/07 12:0 a.m.17 views

WordPress SAML Single Sign On – SAML SSO Login plugin <= 4.9.20 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered in WordPress SAML Single Sign On – SAML SSO Login plugin versions = 4.9.20. Solution Update the WordPress SAML Single Sign On – SAML SSO Login plugin to the latest available version at least 4.9.21...

2.1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/05/31 12:0 a.m.17 views

WordPress Germanized for WooCommerce plugin <= 3.9.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Germanized for WooCommerce plugin versions = 3.9.4. Solution Update the WordPress Germanized for WooCommerce plugin to the latest available version at least 3.9.5...

2.1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/05/26 12:0 a.m.17 views

WordPress Private Messages For WordPress plugin <= 2.1.10 - Sending Messages via Cross-Site Request Forgery (CSRF) vulnerability

Sending Messages via Cross-Site Request Forgery CSRF vulnerability discovered by BEE-K Patchstack in WordPress Private Messages For WordPress plugin versions = 2.1.10. Solution Deactivate and delete. This plugin has been closed as of May 20, 2022 and is not available for download. This closure is...

4.3CVSS3.1AI score0.00389EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/05/18 12:0 a.m.17 views

WordPress WP-CRM plugin <= 1.2.1 - CSV Injection vulnerability

CSV Injection vulnerability discovered by Ankur Bakre in WordPress WP-CRM plugin versions = 1.2.1. Solution Deactivate and delete. This plugin has been closed as of April 20, 2022 and is not available for download. This closure is temporary, pending a full review...

7.8CVSS3.6AI score0.00988EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/17 12:0 a.m.17 views

WordPress Useful Banner Manager plugin <= 1.6.1 - Modify banners via Cross-Site Request Forgery (CSRF) vulnerability

Modify banners via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress Useful Banner Manager plugin versions = 1.6.1. Solution Deactivate and delete. This plugin has been closed as of May 12, 2022 and is not available for download. This closure is temporary, pendin...

6.5CVSS4.2AI score0.00513EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/16 12:0 a.m.17 views

WordPress Video Slider – Slider Carousel plugin <= 1.4.6 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Fayçal CHENA in WordPress Video Slider – Slider Carousel plugin versions = 1.4.6. Solution Update the WordPress Video Slider – Slider Carousel plugin to the latest available version at least 1.4.8...

4.8CVSS1.9AI score0.00565EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/05/09 12:0 a.m.17 views

WordPress Logo Slider plugin <= 1.4.8 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Daniel Krohmer and Shi Chen in WordPress Logo Slider plugin versions = 1.4.8. Solution Deactivate and delete. This plugin has been closed as of May 12, 2022 and is not available for download. This closure is temporary, pending a full...

4CVSS2.5AI score0.00764EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/15 12:0 a.m.17 views

WordPress WP Maintenance plugin <= 6.0.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress WP Maintenance plugin versions = 6.0.7. Solution Update the WordPress WP Maintenance plugin to the latest available version at least 6.0.8...

4.8CVSS3AI score0.00505EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/04/12 12:0 a.m.17 views

WordPress Cryptocurrency Widgets For Elementor plugin <=1.2.1 - Arbitrary Plugin Installation vulnerability

Arbitrary Plugin Installation vulnerability discovered by Jerome Bruandet NinTechNet in WordPress Cryptocurrency Widgets For Elementor plugin versions =1.2.1. Solution Update the WordPress Cryptocurrency Widgets For Elementor plugin to the latest available version at least 1.3.1...

3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/03/02 12:0 a.m.17 views

WordPress Limit Login Attempts (Spam Protection) plugin <= 4.9.1 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Limit Login Attempts Spam Protection plugin versions = 4.9.1. Solution Update the WordPress Limit Login Attempts Spam Protection plugin to the latest available version at least 5.1...

9.8CVSS3.7AI score0.08852EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/03/01 12:0 a.m.17 views

WordPress Bulk Creator plugin <= 1.0.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Ran Crane in WordPress Bulk Creator plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of February 16, 2022 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS3.1AI score0.00788EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Cryptocurrency Product for WooCommerce plugin <= 3.14.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Cryptocurrency Product for WooCommerce plugin versions = 3.14.0. Solution Update the WordPress Cryptocurrency Product for WooCommerce plugin to the latest available version at least 3.14.6...

2.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress SLP – Extenders plugin < 5.9.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress SLP – Extenders plugin versions 5.9.1. Solution Update the WordPress SLP – Extenders plugin to the latest available version at least 5.9.1...

2.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress WooCommerce Role Based Pricing by Meow Crew plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Role Based Pricing by Meow Crew plugin versions = 1.0.1. Solution Update the WordPress WooCommerce Role Based Pricing by Meow Crew plugin to the latest available version at least 1.0.2...

2.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Smart Variations Images & Swatches for WooCommerce plugin < 5.1.10 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Smart Variations Images & Swatches for WooCommerce plugin versions 5.1.10. Solution Update the WordPress Smart Variations Images & Swatches for WooCommerce plugin to the latest available version at least 5.1.10...

3.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Product Customer List for WooCommerce plugin < 3.0.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Product Customer List for WooCommerce plugin versions 3.0.0. Solution Update the WordPress Product Customer List for WooCommerce plugin to the latest available version at least 3.0.0...

4.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Ultimate Carousel For Divi plugin <= 4.3.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Ultimate Carousel For Divi plugin versions = 4.3.0. Solution Update the WordPress Ultimate Carousel For Divi plugin to the latest available version at least 4.3.1...

3.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Better Sharing plugin <= 1.7.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Better Sharing plugin versions = 1.7.1. Solution Update the WordPress Better Sharing plugin to the latest available version at least 1.7.2...

1.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress WPHobby Demo Import plugin <= 1.1.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WPHobby Demo Import plugin versions = 1.1.2. Solution No patched version available...

4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress SQL Reporting Services – SSRS Plugin for WordPress plugin <= 1.0.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress SQL Reporting Services – SSRS Plugin for WordPress plugin versions = 1.0.3. Solution No patched version available...

2.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Interactive Geo Maps plugin <= 1.5.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Interactive Geo Maps plugin versions = 1.5.3. Solution Update the Interactive Geo Maps plugin to the latest available version at least 1.5.4...

2.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress My Chatbot plugin <= 1.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress My Chatbot plugin versions = 1.1. Solution No patched version available...

4.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress annasta Woocommerce Product Filters plugin < 1.5.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress annasta Woocommerce Product Filters plugin versions 1.5.0. Solution Update the WordPress annasta Woocommerce Product Filters plugin to the latest available version at least 1.5.0...

4.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Ajax Live Search Plugin For WordPress plugin <= 2.3.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Ajax Live Search Plugin For WordPress plugin versions = 2.3.7. Solution No patched version available...

4.1AI score
Exploits0References2Affected Software1
Total number of security vulnerabilities5000