Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
•added 2026/01/07 6:55 a.m.•6 views

WordPress Latest Registered Users plugin <= 1.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data Export vulnerability

Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data Export vulnerability discovered by Legion Hunter in WordPress Plugin Latest Registered Users versions = 1.4...

7.5CVSS6.7AI score0.00283EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/07 6:51 a.m.•9 views

WordPress Image Slider Slideshow plugin <= 1.8 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Nabil Irawan in WordPress Plugin Image Slider Slideshow versions = 1.8...

4.3CVSS7AI score0.0017EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/01/07 6:50 a.m.•5 views

WordPress Money Space plugin <= 2.13.9 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Kannika Khongpan in WordPress Plugin Money Space versions = 2.13.9...

8.6CVSS6.7AI score0.00372EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/07 6:40 a.m.•5 views

WordPress Dashboard Welcome for Beaver Builder plugin <= 1.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Dashboard Welcome for Beaver Builder versions = 1.0.8...

5.3CVSS7AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/01/07 6:33 a.m.•6 views

WordPress iPaymu Payment Gateway for WooCommerce plugin <= 2.0.2 - Missing Authentication to Unauthenticated Payment Bypass and Order Information Disclosure vulnerability

Missing Authentication to Unauthenticated Payment Bypass and Order Information Disclosure vulnerability discovered by Teerachai Somprasong in WordPress Plugin iPaymu Payment Gateway for WooCommerce versions = 2.0.2...

8.2CVSS6.4AI score0.00306EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/07 6:30 a.m.•8 views

WordPress Speed Kit plugin <= 2.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Speed Kit versions = 2.0.2...

4.3CVSS7AI score0.00155EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/01/07 6:21 a.m.•6 views

WordPress Yoco Payments plugin <= 3.8.8 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by NumeX in WordPress Plugin Yoco Payments versions = 3.8.8...

7.5CVSS6.8AI score0.01709EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/07 6:15 a.m.•5 views

WordPress Drag and Drop Multiple File Upload - Contact Form 7 plugin <= 1.3.9.2 - Unauthenticated Limited Arbitrary File Upload vulnerability

WordPress Drag and Drop Multiple File Upload - Contact Form 7 plugin = 1.3.9.2 - Unauthenticated Limited Arbitrary File Upload vulnerability discovered by andrea bocchetti in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.9.2...

6.1CVSS6.9AI score0.00303EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/07 5:59 a.m.•7 views

WordPress Optional Email plugin <= 1.3.11 - Unauthenticated Privilege Escalation to Account Takeover vulnerability

Unauthenticated Privilege Escalation to Account Takeover vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Optional Email versions = 1.3.11...

9.8CVSS6.8AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/07 4:49 a.m.•6 views

WordPress Re Gallery plugin <= 1.18.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Re Gallery versions = 1.18.2...

5.3CVSS5.2AI score0.00269EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:29 p.m.•5 views

WordPress Travel Bucket List plugin <= 0.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by ChamlaVic in WordPress Plugin Wish To Go versions = 0.5.2...

6.4CVSS5.7AI score0.00234EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:28 p.m.•7 views

WordPress AH Shortcodes plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin AH Shortcodes versions = 1.0.2...

6.4CVSS5.5AI score0.00279EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:28 p.m.•7 views

WordPress Simcast plugin <= 1.0.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Simcast versions = 1.0.0...

4.3CVSS6.8AI score0.0014EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:27 p.m.•7 views

WordPress Fluent Forms plugin <= 6.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI Builder vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Form Creation via AI Builder vulnerability discovered by Marcin Dudek dudekmar - CERT.PL in WordPress Plugin FluentForm versions = 6.1.7...

5.3CVSS6.8AI score0.00183EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:25 p.m.•5 views

WordPress Snillrik Restaurant plugin <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'menu_style' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'menustyle' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Snillrik Restaurant versions = 2.2.1...

6.4CVSS5.5AI score0.00297EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:24 p.m.•4 views

WordPress Cool YT Player plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin Cool YT Player versions = 1.0...

6.4CVSS5.6AI score0.00228EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:24 p.m.•9 views

WordPress Email Customizer for WooCommerce | Drag and Drop Email Templates Builder plugin <= 2.6.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via Email Template Content vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Email Template Content vulnerability discovered by fallenofalbaz in WordPress Plugin Email Customizer for WooCommerce versions = 2.6.7...

4.4CVSS5.5AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:23 p.m.•4 views

WordPress My Album Gallery plugin <= 1.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Image Title vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin My Album Gallery versions = 1.0.4...

6.4CVSS5.5AI score0.00234EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:22 p.m.•5 views

WordPress AD Sliding FAQ plugin <= 2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin AD Sliding FAQ versions = 2.4...

6.4CVSS5.6AI score0.00279EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:22 p.m.•5 views

WordPress My Album Gallery plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'style_css' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'stylecss' Shortcode Attribute vulnerability discovered by WordFence in WordPress Plugin My Album Gallery versions = 1.0.4...

6.4CVSS5.5AI score0.00187EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:20 p.m.•8 views

WordPress Responsive Pricing Table plugin <= 5.1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'table_currency' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'tablecurrency' vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Responsive Pricing Table versions = 5.1.12...

6.4CVSS5.6AI score0.00234EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:19 p.m.•7 views

WordPress Responsive Pricing Table plugin <= 5.1.12 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Responsive Pricing Table versions = 5.1.12...

6.4CVSS5.5AI score0.00598EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:19 p.m.•7 views

WordPress Niche Hero | Beautifully-designed blocks in seconds plugin <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'spacing' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'spacing' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Niche Hero versions = 1.0.5...

6.4CVSS5.5AI score0.00235EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:18 p.m.•6 views

WordPress QR Code for WooCommerce order emails, PDF invoices, packing slips plugin <= 1.9.42 - Authenticated (Contributor+) Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Cross-Site Scripting via Shortcode Attributes vulnerability discovered by WordFence in WordPress Plugin QR Code Tag for WC versions = 1.9.42...

6.4CVSS6.3AI score0.00234EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:17 p.m.•10 views

WordPress Viitor Button Shortcodes plugin <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'link' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'link' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Viitor Button Shortcodes versions = 3.0.0...

6.4CVSS5.5AI score0.00187EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:16 p.m.•5 views

WordPress Multi-column Tag Map plugin <= 17.0.39 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'mctm_css_conditional' Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'mctmcssconditional' Parameter vulnerability discovered by Bhayanak Atma in WordPress Plugin Multi-column Tag Map versions = 17.0.39...

4.4CVSS5.5AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:14 p.m.•4 views

WordPress Easy GitHub Gist Shortcodes plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Easy GitHub Gist Shortcodes versions = 1.0...

6.4CVSS5.6AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:14 p.m.•5 views

WordPress STM Gallery 1.9 plugin <= 0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin STM Gallery 1.9 versions = 0.9...

6.4CVSS5.6AI score0.00287EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:10 p.m.•5 views

WordPress Reviewify plugin <= 1.0.6 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary WooCommerce Coupon Creation vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Reviewify versions = 1.0.6...

7.5CVSS6.8AI score0.0039EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:9 p.m.•6 views

WordPress EDD Download Info plugin <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin EDD Download Info versions = 1.1...

6.4CVSS5.6AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:8 p.m.•7 views

WordPress Sticky Action Buttons plugin <= 1.1 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Sticky Action Buttons versions = 1.1...

4.3CVSS7AI score0.00112EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:1 p.m.•4 views

WordPress AI BotKit plugin <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by theviper17y in WordPress Plugin AI BotKit versions = 1.1.7...

6.4CVSS5.8AI score0.00188EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 11:0 p.m.•5 views

WordPress Smart App Banners plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'size' and 'verticalalign' Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'size' and 'verticalalign' Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin Smart App Banners versions = 1.2...

6.4CVSS5.8AI score0.00235EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:58 p.m.•4 views

WordPress Contact Us Simple Form plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Plugin Settings vulnerability discovered by Bhumividh Treloges in WordPress Plugin Contact Us Simple Form versions = 1.0...

4.4CVSS5.8AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:58 p.m.•4 views

WordPress Mamurjor Employee Info plugin <= 1.0.0 - Cross-Site Request Forgery to Arbitrary Employee and Related Data Manipulation vulnerability

Cross-Site Request Forgery to Arbitrary Employee and Related Data Manipulation vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Mamurjor Employee Info versions = 1.0.0...

4.3CVSS7AI score0.00149EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:55 p.m.•6 views

WordPress Mstoic Shortcodes plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'start' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'start' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Mstoic Shortcodes versions = 2.0...

6.4CVSS5.8AI score0.00228EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:54 p.m.•7 views

WordPress 1180px Shortcodes plugin <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'class' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin 1180px Shortcodes versions = 1.1.1...

6.4CVSS5.8AI score0.00227EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:53 p.m.•5 views

WordPress WP Js List Pages Shortcodes plugin <= 1.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'class' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin WP Js List Pages Shortcodes versions = 1.21...

6.4CVSS5.8AI score0.00242EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:51 p.m.•4 views

WordPress WP Recipe Manager plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Skill Level' Input Field vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'Skill Level' Input Field vulnerability discovered by ChamlaVic in WordPress Plugin WP Recipe Manager versions = 1.0.0...

6.4CVSS5.7AI score0.00234EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:49 p.m.•5 views

WordPress PhotoFade plugin <= 0.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin PhotoFade versions = 0.2.1...

6.4CVSS5.8AI score0.00287EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:49 p.m.•12 views

WordPress Guest posting / Frontend Posting / Front Editor - WP Front User Submit plugin <= 5.0.0 - Missing Authorization to Unauthenticated Media Deletion vulnerability

WordPress Guest posting / Frontend Posting / Front Editor - WP Front User Submit plugin = 5.0.0 - Missing Authorization to Unauthenticated Media Deletion vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin WP Front User Submit / Front Editor versio...

5.3CVSS7AI score0.0023EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:47 p.m.•7 views

WordPress Latest Tabs plugin <= 1.5 - Cross-Site Request Forgery to Plugin's Settings Update vulnerability

Cross-Site Request Forgery to Plugin's Settings Update vulnerability discovered by omer yeshayahu in WordPress Plugin Latest Tabs versions = 1.5...

4.3CVSS7AI score0.00102EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:46 p.m.•10 views

WordPress ACF to REST API plugin <= 3.3.4 - Insecure Direct Object Reference to Authenticated (Contributor+) ACF Field/Option Modification vulnerability

Insecure Direct Object Reference to Authenticated Contributor+ ACF Field/Option Modification vulnerability discovered by Kai Aizen in WordPress Plugin ACF to REST API versions = 3.3.4...

4.3CVSS7AI score0.00289EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:45 p.m.•6 views

WordPress ShareThis Dashboard for Google Analytics plugin <= 3.2.4 - Unauthenticated Google Analytics Data Exposure vulnerability

Unauthenticated Google Analytics Data Exposure vulnerability discovered by ifoundbug in WordPress Plugin ShareThis Dashboard for Google Analytics versions = 3.2.4...

4.7CVSS7AI score0.00231EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:44 p.m.•4 views

WordPress Page Keys plugin <= 1.3.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'page_key' Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'pagekey' Parameter vulnerability discovered by Bhumividh Treloges in WordPress Plugin Page Keys versions = 1.3.3...

4.4CVSS5.5AI score0.00189EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:36 p.m.•6 views

WordPress WP Status Notifier plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin WP Status Notifier versions = 1.0...

4.3CVSS7AI score0.00124EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:33 p.m.•5 views

WordPress Recras WordPress plugin plugin <= 6.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'recrasname' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'recrasname' Shortcode Attribute vulnerability discovered by Sopon Tangpathum SoNaJaa - freelance in WordPress Plugin Recras versions = 6.4.1...

6.4CVSS5.6AI score0.00243EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:32 p.m.•4 views

WordPress xShare plugin <= 1.0.1 - Cross-Site Request Forgery to 'rs_plugin_reset' Parameter vulnerability

Cross-Site Request Forgery to 'rspluginreset' Parameter vulnerability discovered by dayea song - Ahnlab in WordPress Plugin xShare versions = 1.0.1...

4.3CVSS6.8AI score0.0014EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:31 p.m.•7 views

WordPress Moosend Landing Pages plugin <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Option Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Option Deletion vulnerability discovered by Legion Hunter in WordPress Plugin Moosend Landing Pages versions = 1.1.6...

5.3CVSS6.8AI score0.00277EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/01/06 10:28 p.m.•6 views

WordPress MTCaptcha WordPress Plugin plugin <= 2.7.2 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin MTCaptcha versions = 2.7.2...

4.3CVSS6.8AI score0.0014EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46606