Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/01/02 2:12 p.m.6 views

WordPress Grand Blog theme < 3.1.5 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Grand Blog versions 3.1.5...

5.4CVSS5.3AI score0.00168EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 1:27 p.m.6 views

WordPress Dolcino theme <= 1.6 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dolcino versions = 1.6...

5.4CVSS7AI score0.00201EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 1:23 p.m.9 views

WordPress Justicia theme <= 1.2 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Justicia versions = 1.2...

5.4CVSS7AI score0.00201EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 1:15 p.m.8 views

WordPress Roam theme <= 2.1.1 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Roam versions = 2.1.1...

5.4CVSS7AI score0.00201EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 1:11 p.m.6 views

WordPress Overton theme <= 1.3 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Overton versions = 1.3...

5.4CVSS7AI score0.00201EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 1:6 p.m.6 views

WordPress Innovio theme <= 1.7 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Innovio versions = 1.7...

5.4CVSS7AI score0.00201EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 10:16 a.m.6 views

WordPress Tutor LMS plugin <= 3.9.4 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Supakiad S. m3ez in WordPress Plugin Tutor LMS versions = 3.9.4...

8.1CVSS5.4AI score0.00295EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 8:15 a.m.9 views

WordPress VidMov theme <= 2.3.8 - Path Traversal vulnerability

Software : VidMov Type : Theme Vulnerable versions : = 2.3.8 Fixed in : 2.3.9 OWASP Top 10 : A1: Broken Access Control Classification : Path Traversal CVE ID : CVE-2025-67914 Patchstack priority : High CVSS severity : 7.7 Required privilege : Subscriber Developer : Claim ownership PSID :...

7.2AI score0.00289EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 8:15 a.m.6 views

WordPress VidMov theme <= 2.3.8 - Path Traversal vulnerability

Path Traversal vulnerability discovered by Denver Jackson in WordPress Theme VidMov versions = 2.3.8...

7.5CVSS7AI score0.00289EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 8:13 a.m.10 views

WordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by daroo in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.4...

8.6CVSS5.4AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/02 8:6 a.m.6 views

WordPress Shopbuilder plugin < 3.2.2 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Gregory Allegoet in WordPress Plugin ShopBuilder – Elementor WooCommerce Builder Addons versions 3.2.2...

6.1CVSS6.2AI score0.00198EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/02 7:34 a.m.15 views

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin = 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Branda versions = 3.4.24...

9.8CVSS6.5AI score0.00541EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/02 7:25 a.m.8 views

WordPress Logo Slider plugin < 4.9.0 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin Logo Slider versions 4.9.0...

6.1CVSS5.9AI score0.00192EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/02 7:22 a.m.4 views

WordPress WPBookit plugin <= 1.0.7 - Customer Deletion via CSRF vulnerability

Customer Deletion via CSRF vulnerability discovered by Drtime in WordPress Plugin WPBookit versions = 1.0.7...

6.5CVSS6.8AI score0.00136EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/02 7:13 a.m.5 views

WordPress WP User Frontend plugin <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by shark3y in WordPress Plugin WP User Frontend versions = 4.2.4...

5.3CVSS6.7AI score0.00245EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/01 9:8 p.m.6 views

WordPress Bookory theme <= 2.2.7 - Local File Inclusion vulnerability

Software : Bookory Type : Theme Vulnerable versions : = 2.2.7 Fixed in : 2.2.8 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-68530 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 314b30db47fa...

9.8CVSS6.3AI score0.00306EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 9:8 p.m.5 views

WordPress Bookory theme <= 2.2.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Bookory versions = 2.2.7...

9.8CVSS7AI score0.00306EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 7:22 p.m.6 views

WordPress Triply theme <= 2.4.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Triply versions = 2.4.7...

7.5CVSS7AI score0.0037EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 6:49 p.m.6 views

WordPress Freshio theme <= 2.4.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Freshio versions = 2.4.2...

7.5CVSS7AI score0.0037EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 5:21 p.m.7 views

WordPress Airtifact theme <= 1.2.91 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Airtifact versions = 1.2.91...

7.5CVSS5.5AI score0.00423EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 4:51 p.m.6 views

WordPress Calafate theme <= 1.7.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Calafate versions = 1.7.7...

7.5CVSS7AI score0.00325EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 2:50 p.m.7 views

WordPress Holmes theme <= 1.7 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Holmes versions = 1.7...

5.4CVSS7AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 2:45 p.m.8 views

WordPress Fleur theme <= 2.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Fleur versions = 2.0...

5.4CVSS7AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 2:40 p.m.10 views

WordPress Fiorello theme <= 1.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Fiorello versions = 1.0...

5.4CVSS7AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 2:25 p.m.5 views

WordPress Curly theme <= 3.3 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Curly versions = 3.3...

5.4CVSS7AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 2:18 p.m.10 views

WordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cocco versions = 1.5.1...

5.4CVSS7AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 2:5 p.m.13 views

WordPress Owl Carousel WP plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NumeX in WordPress Plugin Owl Carousel WP versions = 2.2.2...

5.9CVSS6.1AI score0.00218EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:34 a.m.5 views

WordPress Aruba HiSpeed Cache plugin < 3.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Aruba HiSpeed Cache versions 3.0.3...

9.8CVSS7AI score0.00242EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:7 a.m.4 views

WordPress FreeAgent theme <= 2.1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme FreeAgent versions = 2.1.2...

8.1CVSS7.1AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:7 a.m.4 views

WordPress FreeAgent theme <= 2.1.2 - Local File Inclusion vulnerability

Software : FreeAgent Type : Theme Vulnerable versions : = 2.1.2 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-69087 Patchstack priority : High CVSS severity : 8.1 Required privilege : Unauthenticated Developer : Claim ownership PSID : 3c336586e5ba Credits :...

8.1CVSS7.2AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:7 a.m.6 views

WordPress Issabella theme <= 1.1.2 - Local File Inclusion vulnerability

Software : Issabella Type : Theme Vulnerable versions : = 1.1.2 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-69086 Patchstack priority : High CVSS severity : 8.1 Required privilege : Unauthenticated Developer : Claim ownership PSID : 1e3ff6a668aa Credits :...

7.2AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:7 a.m.5 views

WordPress Issabella theme <= 1.1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Issabella versions = 1.1.2...

8.1CVSS7.1AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:6 a.m.8 views

WordPress Frappé theme <= 1.8 - Local File Inclusion vulnerability

Software : Frappé Type : Theme Vulnerable versions : = 1.8 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-69083 Patchstack priority : High CVSS severity : 8.1 Required privilege : Unauthenticated Developer : Claim ownership PSID : 5c47b6166cd2 Credits : Tran...

7.2AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:6 a.m.7 views

WordPress Frappé theme <= 1.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Frappé versions = 1.8...

8.1CVSS7.1AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:6 a.m.5 views

WordPress Hope theme <= 3.0.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Hope versions = 3.0.0...

8.1CVSS7.1AI score0.00412EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:6 a.m.5 views

WordPress Hope theme <= 3.0.0 - Local File Inclusion vulnerability

Software : Hope Type : Theme Vulnerable versions : = 3.0.0 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-69081 Patchstack priority : High CVSS severity : 8.1 Required privilege : Unauthenticated Developer : ThemeREX Group PSID : eff7033e0272 Credits : Tran...

7.2AI score0.00412EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:5 a.m.5 views

WordPress Gecko theme <= 1.9.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gecko versions = 1.9.8...

8.1CVSS7.1AI score0.00412EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:5 a.m.3 views

WordPress Gecko theme <= 1.9.8 - Local File Inclusion vulnerability

Software : Gecko Type : Theme Vulnerable versions : = 1.9.8 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-69080 Patchstack priority : High CVSS severity : 8.1 Required privilege : Unauthenticated Developer : Claim ownership PSID : 0d458b5a65e6 Credits : Tran...

7.2AI score0.00412EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 7:55 a.m.4 views

WordPress Comments - wpDiscuz plugin < 7.6.40 - Unauthenticated Account Takeover vulnerability

WordPress Comments - wpDiscuz plugin 7.6.40 - Unauthenticated Account Takeover vulnerability discovered by wcraft in WordPress Plugin wpDiscuz versions 7.6.40...

5.3CVSS6.8AI score0.00226EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/01 7:31 a.m.6 views

WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass vulnerability

WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin = 7.35 - Authenticated Contributor+ Server-Side Request Forgery via Bitly Shortlink Bypass vulnerability discovered by WordFence in WordPress Plugin WP Ultimate CSV Importer versions = 7.35...

6.4CVSS6.8AI score0.00237EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/01 5:20 a.m.5 views

WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WeDesignTech Ultimate Booking Addon versions = 1.0.3...

5.4CVSS7AI score0.0017EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/01 3:20 a.m.6 views

WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability

Open Redirection vulnerability discovered by benzdeus in WordPress Plugin User Submitted Posts versions = 20251121...

6.1CVSS6.7AI score0.00475EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:18 p.m.10 views

WordPress Worker for Elementor plugin <= 1.0.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Worker for Elementor versions = 1.0.10...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:17 p.m.9 views

WordPress Logger for Elementor plugin <= 1.0.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Logger for Elementor versions = 1.0.9...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:17 p.m.12 views

WordPress Worker for WPBakery plugin <= 1.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Worker for WPBakery versions = 1.1.1...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:16 p.m.15 views

WordPress Conformer for Elementor plugin <= 1.0.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin Conformer for Elementor versions = 1.0.7...

5.4CVSS5.4AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:16 p.m.15 views

WordPress Appender plugin <= 1.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Appender versions = 1.1.1...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:16 p.m.11 views

WordPress UnGrabber plugin <= 3.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin UnGrabber versions = 3.1.3...

5.4CVSS6.8AI score0.0017EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:15 p.m.13 views

WordPress Countdowner for Elementor plugin <= 1.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Countdowner for Elementor versions = 1.0.4...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/31 5:15 p.m.9 views

WordPress Criptopayer for Elementor plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Criptopayer for Elementor versions = 1.0.1...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46606