Lucene search
K
PatchstackRecent

46571 matches found

Patchstack
Patchstack
added 2026/06/17 1:59 p.m.6 views

WordPress SupportCandy plugin <= 3.4.6 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by HieuPenguinnn in WordPress Plugin SupportCandy versions = 3.4.6...

7.6CVSS5.8AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 1:55 p.m.6 views

NPM: n8n: Wrong OAuth Scope on Evaluation Test Runs Endpoints

NPM: n8n: Wrong OAuth Scope on Evaluation Test Runs Endpoints vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

5.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/17 1:55 p.m.5 views

WordPress Real Estate 7 theme <= 3.5.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Real Estate 7 versions = 3.5.9...

9.3CVSS6AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 1:30 p.m.6 views

WordPress wpDataTables plugin <= 7.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Expatch in WordPress Plugin wpDataTables versions = 7.4...

9.3CVSS6AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 1:22 p.m.6 views

WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by HaiND in WordPress Plugin Ads by WPQuads versions = 3.0.3...

7.5CVSS5.8AI score0.00294EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 1:12 p.m.5 views

WordPress Widget Options plugin <= 4.2.3 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by daroo in WordPress Plugin Widget Options versions = 4.2.3...

9.9CVSS5.9AI score0.00426EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 1:7 p.m.9 views

WordPress SALESmanago & Leadoo plugin <= 3.11.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by endy in WordPress Plugin SALESmanago & Leadoo versions = 3.11.2...

8.5CVSS6AI score0.0027EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 12:58 p.m.6 views

WordPress Visual Link Preview plugin <= 2.3.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by she11f in WordPress Plugin Visual Link Preview versions = 2.3.1...

7.4CVSS5.8AI score0.00264EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 12:55 p.m.6 views

WordPress JetBooking plugin <= 4.0.4.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin JetBooking versions = 4.0.4.1...

9.3CVSS6AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 9:37 a.m.5 views

WordPress Listdom plugin <= 5.4.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Evan NR in WordPress Plugin Listdom versions = 5.4.0...

9.3CVSS6AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 9:22 a.m.8 views

WordPress Slimstat Analytics plugin <= 5.4.11 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin Slimstat Analytics versions = 5.4.11...

8.5CVSS6AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 9:13 a.m.6 views

WordPress MStore API plugin <= 4.18.4 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Jakub Herman in WordPress Plugin MStore API versions = 4.18.4...

6.5CVSS5.8AI score0.00261EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 9:7 a.m.5 views

WordPress Advanced Ads plugin <= 2.0.21 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Advanced Ads versions = 2.0.21...

7.5CVSS5.9AI score0.00292EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 8:56 a.m.6 views

WordPress SureDash plugin <= 1.8.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dodoh4t in WordPress Plugin SureDash versions = 1.8.0...

8.5CVSS6AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 8:43 a.m.6 views

WordPress Cargo Shipping Location for WooCommerce plugin <= 5.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Benedictus Jovan aillesim/eneri in WordPress Plugin Cargo Shipping Location for WooCommerce versions = 5.6...

9.3CVSS6AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 8:38 a.m.6 views

WordPress Motors plugin <= 1.4.109 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by endy in WordPress Plugin Motors versions = 1.4.109...

8.1CVSS5.8AI score0.00337EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 8:31 a.m.7 views

WordPress Motors plugin <= 1.4.109 - SQL Injection vulnerability

SQL Injection vulnerability discovered by endy in WordPress Plugin Motors versions = 1.4.109...

9.3CVSS6AI score0.00291EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 8:28 a.m.4 views

WordPress WP Travel Gutenberg Blocks plugin <= 3.9.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin WP Travel Gutenberg Blocks versions = 3.9.4...

9.3CVSS6AI score0.00317EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 8:25 a.m.5 views

WordPress GIFT4U plugin <= 1.0.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Ali Osman ERBAS 0110m4n in WordPress Plugin GIFT4U versions = 1.0.10...

9.3CVSS6AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 8:15 a.m.4 views

WordPress Nexi XPay plugin <= 8.3.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by hivesec in WordPress Plugin Nexi XPay versions = 8.3.1...

7.5CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 12:0 a.m.6 views

WordPress FireBox Popups – Increase Sales and Grow Your Email List plugin <= 3.1.7 - Unauthenticated Sensitive Information Exposure in 'form_id' Parameter vulnerability

Unauthenticated Sensitive Information Exposure in 'formid' Parameter vulnerability discovered by Duc Manh in WordPress Plugin FireBox versions = 3.1.7...

5.3CVSS5.3AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/17 12:0 a.m.7 views

WordPress Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin <= 4.2.6 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Alexandru Bucur in WordPress Plugin Optimole versions = 4.2.6...

4.3CVSS5.3AI score0.00157EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/06/16 11:38 p.m.6 views

NPM: Cross-site scripting via <NoScript> slot content in Nuxt's head components

NPM: Cross-site scripting via slot content in Nuxt's head components vulnerability discovered by ? in WordPress Npm nuxt versions 3.21.7...

5.8AI score
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2026/06/16 11:34 p.m.5 views

NPM: n8n: SecurityScorecard Node Leaks API Token to User-Controlled Host

NPM: n8n: SecurityScorecard Node Leaks API Token to User-Controlled Host vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

7.7CVSS5.8AI score0.00353EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 11:32 p.m.4 views

NPM: n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

NPM: n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

10CVSS5.8AI score0.00403EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 11:32 p.m.4 views

NPM: n8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE Endpoints

NPM: n8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE Endpoints vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

9.9CVSS5.8AI score0.00343EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 11:2 p.m.5 views

NPM: n8n: Credential Exfiltration via Permission Bypass

NPM: n8n: Credential Exfiltration via Permission Bypass vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

9.6CVSS5.8AI score0.00315EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 11:1 p.m.4 views

NPM: n8n: Denial of Service via ZIP decompression in webhook workflow

NPM: n8n: Denial of Service via ZIP decompression in webhook workflow vulnerability discovered by ? in WordPress Npm n8n versions 2.24.0...

7.5CVSS5.8AI score0.00375EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 10:40 p.m.6 views

NPM: n8n: Public API Execution Retry Authorization Bypass

NPM: n8n: Public API Execution Retry Authorization Bypass vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

5.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 10:39 p.m.8 views

NPM: n8n: Python Code Node AST Validator Bypass

NPM: n8n: Python Code Node AST Validator Bypass vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

5.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 10:39 p.m.3 views

NPM: n8n: Stored XSS in Chat Trigger Node

NPM: n8n: Stored XSS in Chat Trigger Node vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

7CVSS5.8AI score0.0021EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 10:39 p.m.4 views

NPM: n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints

NPM: n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints vulnerability discovered by ? in WordPress Npm n8n versions 2.24.0...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 10:38 p.m.3 views

NPM: n8n: Microsoft SQL Node Prototype Pollution

NPM: n8n: Microsoft SQL Node Prototype Pollution vulnerability discovered by ? in WordPress Npm n8n versions 2.24.0...

8.5CVSS5.9AI score0.00294EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 7:1 p.m.3 views

NPM: n8n: Merge Node SQL Mode Prototype Pollution

NPM: n8n: Merge Node SQL Mode Prototype Pollution vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

7.7CVSS5.9AI score0.00316EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 7:0 p.m.3 views

NPM: n8n: Prototype Pollution enables confused-deputy execution via public webhooks

NPM: n8n: Prototype Pollution enables confused-deputy execution via public webhooks vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

6.4CVSS6AI score0.00259EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 7:0 p.m.4 views

NPM: n8n: Same-Origin XSS in Respond to Webhook Node

NPM: n8n: Same-Origin XSS in Respond to Webhook Node vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

7CVSS5.8AI score0.00216EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 7:0 p.m.4 views

NPM: n8n: Missing Token Validation on Microsoft Agent 365 Trigger and Stripe Nodes

NPM: n8n: Missing Token Validation on Microsoft Agent 365 Trigger and Stripe Nodes vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

7.2CVSS5.8AI score0.00276EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 6:59 p.m.45 views

NPM: n8n: Wrong OAuth Scope On Evaluations Test Run Creation Endpoint

NPM: n8n: Wrong OAuth Scope On Evaluations Test Run Creation Endpoint vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

5.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 6:59 p.m.4 views

NPM: n8n: NoSQL Injection in MongoDB Node Find And Replace Operation

NPM: n8n: NoSQL Injection in MongoDB Node Find And Replace Operation vulnerability discovered by ? in WordPress Npm n8n versions 2.24.0...

7.7CVSS5.9AI score0.0026EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 5:51 p.m.6 views

NPM: n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes

NPM: n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

9.9CVSS6AI score0.00394EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 5:41 p.m.6 views

WordPress Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Romain Deperne ang3L in WordPress Plugin myCred versions = 3.1...

6.4CVSS5.2AI score0.00269EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/16 5:40 p.m.5 views

WordPress Permalink Manager Lite plugin <= 2.5.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ahmad Marzouk in WordPress Plugin Permalink Manager Lite versions = 2.5.3.3...

6.4CVSS5.2AI score0.00193EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/16 5:37 p.m.4 views

NPM: n8n: Git Node Clone and Push Operations Bypass File Sandbox

NPM: n8n: Git Node Clone and Push Operations Bypass File Sandbox vulnerability discovered by ? in WordPress Npm n8n versions 1.123.48...

7.7CVSS5.8AI score0.00495EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 5:37 p.m.4 views

NPM: n8n: Python sandbox escape

NPM: n8n: Python sandbox escape vulnerability discovered by ? in WordPress Npm n8n versions 1.123.48...

8.5CVSS5.8AI score0.00356EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 2:57 p.m.4 views

NPM: Astro: XSS via Unescaped Attribute Names in Spread Props

NPM: Astro: XSS via Unescaped Attribute Names in Spread Props vulnerability discovered by ? in WordPress Npm astro versions 6.4.6...

6.1CVSS5.8AI score0.0016EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 2:39 p.m.5 views

WordPress WP eMember plugin < v10.9.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin WP eMember versions v10.9.4...

9.3CVSS5.8AI score0.00291EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/16 2:38 p.m.5 views

NPM: Astro: Host header SSRF in prerendered error page fetch

NPM: Astro: Host header SSRF in prerendered error page fetch vulnerability discovered by ? in WordPress Npm astro versions 6.4.6...

7.5CVSS5.8AI score0.00196EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 2:35 p.m.6 views

WordPress Registration Form for WooCommerce plugin <= 1.0.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by ParkHyunWoo in WordPress Plugin Registration Form for WooCommerce versions = 1.0.9...

9.8CVSS5.2AI score0.0045EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2026/06/16 2:32 p.m.4 views

NPM: hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`

NPM: hono: Body Limit Middleware can be bypassed on AWS Lambda by understating Content-Length vulnerability discovered by ? in WordPress Npm hono versions 4.12.25...

6.5CVSS5.8AI score0.00103EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/16 2:32 p.m.4 views

NPM: hono: Lambda@Edge adapter keeps only the last value of a repeated request header, dropping the rest

NPM: hono: Lambda@Edge adapter keeps only the last value of a repeated request header, dropping the rest vulnerability discovered by ? in WordPress Npm hono versions 4.12.25...

4.8CVSS5.8AI score0.00114EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities46571