Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
•added 2026/06/09 9:4 a.m.•13 views

WordPress Events Calendar for GeoDirectory plugin <= 2.3.28 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Mitchell in WordPress Plugin Events Calendar for GeoDirectory versions = 2.3.28...

8.8CVSS5.4AI score0.00275EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/09 9:0 a.m.•12 views

WordPress Recover Exit For WooCommerce plugin <= 1.0.3 - Unauthenticated Local File Inclusion vulnerability

Unauthenticated Local File Inclusion vulnerability discovered by hacnho - VCCorp in WordPress Plugin Recover Exit For WooCommerce versions = 1.0.3...

8.1CVSS5.4AI score0.00551EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/09 12:0 a.m.•10 views

WordPress Animation Addons for Elementor plugin <= 2.6.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zer0gh0st in WordPress Plugin Animation Addons for Elementor versions = 2.6.8...

6.4CVSS5.1AI score0.00155EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 8:48 p.m.•10 views

WordPress User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin <= 4.3.2 - Missing Authorization to Authenticated (Subscriber+) Subscription Pack Cancellation vulnerability

Missing Authorization to Authenticated Subscriber+ Subscription Pack Cancellation vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin WP User Frontend versions = 4.3.2...

4.3CVSS5.5AI score0.00153EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 8:11 p.m.•8 views

WordPress Blocksy theme <= 2.1.41 - Authenticated (Contributor+) PHP Object Injection vulnerability

Authenticated Contributor+ PHP Object Injection vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Theme Blocksy versions = 2.1.41...

8.8CVSS5.5AI score0.00849EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 7:49 p.m.•9 views

WordPress Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Romain Deperne ang3L in WordPress Plugin Unlimited Elementor Inner Sections By BoomDevs versions = 1.3.3...

6.4CVSS5.4AI score0.00243EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 7:47 p.m.•8 views

WordPress MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin <= 2.0.4 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Faizan Shaik in WordPress Plugin MailerPress versions = 2.0.4...

6.4CVSS5.4AI score0.00234EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:7 p.m.•7 views

WordPress kk blog card plugin <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin kk blog card versions = 1.3...

6.4CVSS5.4AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:7 p.m.•11 views

WordPress jQuery Hover Footnotes plugin <= 1.4 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by nishida azuka in WordPress Plugin jQuery Hover Footnotes versions = 1.4...

4.3CVSS5.5AI score0.00145EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:7 p.m.•12 views

WordPress jQuery Hover Footnotes plugin <= 1.4 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by nishida azuka in WordPress Plugin jQuery Hover Footnotes versions = 1.4...

6.4CVSS5.4AI score0.00253EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:7 p.m.•8 views

WordPress TinyMCE shortcode Addon plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin TinyMCE shortcode Addon versions = 1.0.0...

6.4CVSS5.4AI score0.00228EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:7 p.m.•11 views

WordPress Global Body Mass Index Calculator plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Global Body Mass Index Calculator versions = 1.2...

6.4CVSS5.4AI score0.00188EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:6 p.m.•7 views

WordPress WP ApplicantStack Jobs Display plugin <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin WP ApplicantStack Jobs Display versions = 1.1.1...

6.4CVSS5.4AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:6 p.m.•10 views

WordPress RomanCart Ecommerce plugin <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin RomanCart Ecommerce versions = 2.0.8...

6.4CVSS5.4AI score0.00192EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:6 p.m.•9 views

WordPress WP Meta Sort Posts plugin <= 0.9 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin WP Meta Sort Posts versions = 0.9...

4.3CVSS5.5AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:6 p.m.•7 views

WordPress WP Emoticon Rating plugin <= 1.0.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin WP Emoticon Rating versions = 1.0.1...

6.1CVSS5.5AI score0.0012EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:5 p.m.•8 views

WordPress WpMobi plugin <= 0.0.3 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin WpMobi versions = 0.0.3...

4.3CVSS5.5AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:5 p.m.•11 views

WordPress WP-Ultimate-Map plugin <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin WP-Ultimate-Map versions = 1.1...

6.1CVSS5.5AI score0.00119EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:5 p.m.•9 views

WordPress FastPicker, an order picker and order management system (oms) for WooCommerce on steroids plugin <= 1.0.2 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin FastPicker, an order picker and order management system oms for WooCommerce on steroids versions = 1.0.2...

4.3CVSS5.5AI score0.00124EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:5 p.m.•9 views

WordPress AJAX Report Comments plugin <= 2.0.4 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin AJAX Report Comments versions = 2.0.4...

4.3CVSS5.5AI score0.00124EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:5 p.m.•9 views

WordPress Extra Settings for RocketChat plugin <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by MAJidox in WordPress Plugin Extra Settings for RocketChat versions = 0.1...

6.4CVSS5.4AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:4 p.m.•9 views

WordPress Helpfulcrowd Product Reviews plugin <= 1.2.9 - Inccorect Authorization vulnerability

Inccorect Authorization vulnerability discovered by Legion Hunter in WordPress Plugin Helpfulcrowd Product Reviews versions = 1.2.9...

5.3CVSS5.4AI score0.00273EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 3:4 p.m.•9 views

WordPress Plugin Name: ePaperFlip Publisher plugin <= 1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Plugin Name: ePaperFlip Publisher versions = 1...

6.4CVSS5.4AI score0.00192EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 2:13 p.m.•9 views

WordPress Enable Media Replace plugin <= 4.1.8 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by tjoffe in WordPress Plugin Enable Media Replace versions = 4.1.8...

6.4CVSS5.4AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 2:11 p.m.•9 views

WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dutafi in WordPress Plugin Directorist Booking versions = 3.0.3...

8.5CVSS5.7AI score0.00205EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 2:1 p.m.•8 views

WordPress Affiliates Manager plugin <= 2.9.50 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by dodoh4t in WordPress Plugin Affiliates Manager versions = 2.9.50...

7.5CVSS5.5AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 2:0 p.m.•6 views

WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by dodoh4t in WordPress Plugin Conekta Payment Gateway versions = 6.0.0...

7.5CVSS5.5AI score0.00294EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:48 p.m.•7 views

WordPress Advanced 301 and 302 Redirect plugin <= 1.6.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dodoh4t in WordPress Plugin Advanced 301 and 302 Redirect versions = 1.6.9...

9.3CVSS5.8AI score0.00289EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:46 p.m.•10 views

WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin GetPaid versions = 2.8.49...

7.5CVSS5.5AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:43 p.m.•7 views

WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by manop55555 in WordPress Plugin Hippoo Mobile App for WooCommerce versions = 1.9.5...

8.2CVSS5.4AI score0.00237EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:37 p.m.•7 views

WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by dodoh4t in WordPress Plugin Listdom versions = 5.5.0...

7.3CVSS5.5AI score0.00213EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:27 p.m.•8 views

WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by ParkHyunWoo in WordPress Plugin Faust.js versions = 1.8.7...

8.8CVSS5.5AI score0.0029EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:11 p.m.•9 views

WordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Mitchell in WordPress Plugin WPC Product Options for WooCommerce versions = 3.2.1...

7.5CVSS5.4AI score0.00362EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:1 p.m.•7 views

WordPress LoginPress Pro plugin <= 6.2.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by wackydawg in WordPress Plugin LoginPress Pro versions = 6.2.2...

9.8CVSS5.5AI score0.00321EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 1:0 p.m.•9 views

WordPress Accordions plugin <= 2.3.23 - Authenticated (Custom+) Stored Cross-Site Scripting vulnerability

Authenticated Custom+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Accordion versions = 2.3.23...

6.4CVSS5.4AI score0.00155EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 12:53 p.m.•9 views

WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by ParkHyunWoo in WordPress Plugin Hippoo Mobile App for WooCommerce versions = 1.9.4...

9.8CVSS5.5AI score0.00514EPSS
Exploits1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 12:36 p.m.•8 views

WordPress WooCommerce Anti-Fraud plugin <= 7.2.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Austin Ginder in WordPress Plugin WooCommerce Anti-Fraud versions = 7.2.6...

6.5CVSS5.4AI score0.00309EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 12:35 p.m.•7 views

WordPress WooCommerce Dropshipping plugin <= 5.2.4 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WooCommerce Dropshipping versions = 5.2.4...

6.5CVSS5.5AI score0.00305EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 12:29 p.m.•6 views

WordPress Knit Pay plugin <= 9.4.0.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Averon Averenkov in WordPress Plugin Knit Pay versions = 9.4.0.0...

7.5CVSS5.4AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 12:29 p.m.•8 views

WordPress WPZOOM Portfolio plugin <= 1.4.21 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Kent Apostol in WordPress Plugin WPZOOM Portfolio versions = 1.4.21...

7.1CVSS5.5AI score0.00142EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 12:26 p.m.•12 views

WordPress Email Encoder Premium plugin < 0.3.12 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Matthew Rollings in WordPress Plugin Email Encoder Premium versions 0.3.12...

5.4AI score0.00301EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 12:26 p.m.•10 views

WordPress Email Address Encoder plugin < 1.0.25 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Matthew Rollings in WordPress Plugin Email Address Encoder versions 1.0.25...

5.4AI score0.00301EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 11:59 a.m.•9 views

WordPress JetEngine plugin <= 3.8.9.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin JetEngine versions = 3.8.9.1...

7.1CVSS5.5AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 11:47 a.m.•9 views

WordPress JetEngine plugin <= 3.8.9.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin JetEngine versions = 3.8.9.1...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 9:42 a.m.•7 views

WordPress JetEngine plugin <= 3.8.9.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin JetEngine versions = 3.8.9.1...

9.3CVSS5.7AI score0.00372EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 9:32 a.m.•9 views

WordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by vtim in WordPress Plugin The Events Calendar versions 6.15.12-6.16.2...

9.3CVSS5.8AI score0.00229EPSS
Exploits1Affected Software1
Patchstack
Patchstack
•added 2026/06/08 9:28 a.m.•8 views

WordPress wpDataTables plugin <= 7.3.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds in WordPress Plugin wpDataTables versions = 7.3.6...

9.3CVSS5.7AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 9:8 a.m.•8 views

WordPress Masteriyo - LMS plugin <= 2.2.0 - Privilege Escalation vulnerability

WordPress Masteriyo - LMS plugin = 2.2.0 - Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Masteriyo - LMS versions = 2.2.0...

8.8CVSS5.5AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/08 8:54 a.m.•10 views

WordPress JetEngine plugin < 3.8.9.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds in WordPress Plugin JetEngine versions 3.8.9.1...

9.3CVSS5.7AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/06/07 12:0 a.m.•10 views

WordPress Recipe Card Blocks Lite plugin <= 3.4.13 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor versions = 3.4.13...

6.4CVSS5.4AI score0.00206EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46606