Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/06/02 1:49 p.m.6 views

WordPress Visual Link Preview plugin <= 2.4.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Aliefis in WordPress Plugin Visual Link Preview versions = 2.4.1...

6.5CVSS5.8AI score0.00345EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/02 1:43 p.m.6 views

WordPress King Addons for Elementor plugin <= 51.1.62 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by thevietronin in WordPress Plugin King Addons for Elementor versions = 51.1.62...

6.5CVSS5.8AI score0.00205EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/02 1:33 p.m.21 views

WordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Niv Kochan in WordPress Plugin Montonio for WooCommerce versions = 10.1.2...

7.5CVSS5.8AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/02 1:29 p.m.7 views

WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by kai63001 in WordPress Plugin GamiPress versions = 7.8.7...

8.5CVSS5.9AI score0.00332EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/02 1:24 p.m.6 views

WordPress JetSmartFilters plugin <= 3.8.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Austin Ginder in WordPress Plugin JetSmartFilters versions = 3.8.1...

9.3CVSS5.9AI score0.00372EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/02 11:0 a.m.13 views

WordPress EmergencyWP – Dead Man's switch & legacy deliverance plugin <= 1.4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by swat in WordPress Plugin EmergencyWP – Dead Man's switch & legacy deliverance versions = 1.4.2...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 10:57 a.m.9 views

WordPress Passeum Ticketing plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by KEVIN LEE crattack - OPCIA in WordPress Plugin Passeum Ticketing versions = 1.0...

4.4CVSS5.8AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:37 a.m.13 views

WordPress FPW Category Thumbnails plugin <= 1.9.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin FPW Category Thumbnails versions = 1.9.5...

6.4CVSS5.8AI score0.00192EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:35 a.m.10 views

WordPress hiWeb Migration Simple plugin <= 2.0.0.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin hiWeb Migration Simple versions = 2.0.0.1...

6.1CVSS5.8AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:33 a.m.13 views

WordPress rognone plugin <= 0.6.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin rognone versions = 0.6.2...

6.1CVSS5.8AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:31 a.m.11 views

WordPress rognone plugin <= 0.6.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin rognone versions = 0.6.2...

6.1CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:27 a.m.14 views

WordPress Simple Custom Login Page plugin <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Nguyen Duong in WordPress Plugin Simple Custom Login Page versions = 1.0.3...

4.4CVSS5.8AI score0.00183EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:26 a.m.18 views

WordPress Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin <= 2.19.25 - Authenticated (Contributor+) Remote Code Execution vulnerability

Authenticated Contributor+ Remote Code Execution vulnerability discovered by kai63001 in WordPress Plugin Spectra versions = 2.19.25...

8.8CVSS5.8AI score0.01174EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:12 a.m.13 views

WordPress GEO my WP plugin <= 4.5.5 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin GEO my WordPress versions = 4.5.5...

7.5CVSS5.9AI score0.00344EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:7 a.m.11 views

WordPress Simple History – Track, Log, and Audit WordPress Changes plugin <= 5.26.0 - Authenticated (Subscriber+) Account Takeover vulnerability

Authenticated Subscriber+ Account Takeover vulnerability discovered by lhking in WordPress Plugin Simple History versions = 5.26.0...

7.5CVSS5.8AI score0.00593EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/06/02 5:56 a.m.26 views

WordPress SePay Gateway plugin <= 1.1.20 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by ParkHyunWoo in WordPress Plugin SePay Gateway versions = 1.1.20...

6.5CVSS5.8AI score0.00264EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:48 p.m.11 views

WordPress Tiled Gallery Carousel Without JetPack plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Tiled Gallery Carousel Without JetPack versions = 3.1...

5.4CVSS5.8AI score0.00134EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:45 p.m.13 views

WordPress Easy Cart plugin <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Easy Cart versions = 1.8...

6.4CVSS5.8AI score0.00243EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:45 p.m.12 views

WordPress ZeM STL plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin ZeM STL versions = 1.0...

6.4CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:45 p.m.9 views

WordPress BirdSeed plugin <= 2.2.0 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin BirdSeed versions = 2.2.0...

4.3CVSS5.8AI score0.00131EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:45 p.m.13 views

WordPress Word Replacer plugin <= 0.4 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin Word Replacer versions = 0.4...

4.4CVSS5.8AI score0.00246EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:44 p.m.13 views

WordPress WP Nano AD plugin <= 1.31 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by siyuan shao in WordPress Plugin WP Nano AD versions = 1.31...

5.5CVSS5.8AI score0.00201EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:44 p.m.13 views

WordPress DeMomentSomTres Shortcodes plugin <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin DeMomentSomTres Shortcodes versions = 1.1.1...

6.4CVSS5.8AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:44 p.m.9 views

WordPress Remove NoFollow Commenter URL plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by swat in WordPress Plugin Remove NoFollow Commenter URL versions = 1.0...

4.3CVSS5.8AI score0.00131EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:43 p.m.11 views

WordPress Google Plus One Bottom plugin <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by swat in WordPress Plugin Google Plus One Bottom versions = 0.0.2...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:43 p.m.7 views

WordPress Laiser Tag plugin <= 1.2.5 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by swat in WordPress Plugin Laiser Tag versions = 1.2.5...

4.3CVSS5.8AI score0.00131EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:43 p.m.11 views

WordPress JTL-Connector for WooCommerce plugin <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Settings Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Modification vulnerability discovered by Muhan Luo - Security Innovation in WordPress Plugin JTL-Connector for WooCommerce versions = 2.4.1...

4.3CVSS5.8AI score0.00198EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:43 p.m.11 views

WordPress Tectite Forms plugin <= 1.3 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Tectite Forms versions = 1.3...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 7:43 p.m.10 views

WordPress Remove meta boxes per user role plugin <= 1.01 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin Remove meta boxes per user role versions = 1.01...

4.3CVSS5.8AI score0.00132EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 5:17 p.m.14 views

WordPress Kirki plugin 6.0.0-6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password' vulnerability

Unauthenticated Privilege Escalation via 'handleforgotpassword' vulnerability discovered by CHOIGYEONGMIN in WordPress Plugin Kirki – Freeform Page Builder, Website Builder & Customizer versions 6.0.0-6.0.6...

9.8CVSS5.8AI score0.0126EPSS
Exploits4References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 2:56 p.m.8 views

WordPress WPC Product Bundles for WooCommerce plugin <= 8.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin WPC Product Bundles for WooCommerce versions = 8.5.3...

7.5CVSS5.8AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 2:54 p.m.7 views

WordPress Stop Spammers plugin <= 2026.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peleg Nagli ultrared.ai in WordPress Plugin Stop Spammers versions = 2026.3...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 2:47 p.m.8 views

WordPress EmbedPress plugin <= 4.5.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Mukhlis Amien in WordPress Plugin EmbedPress versions = 4.5.2...

7.5CVSS5.8AI score0.00278EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 2:41 p.m.7 views

WordPress MW WP Form plugin <= 5.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by VanTastic in WordPress Plugin MW WP Form versions = 5.1.3...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 2:35 p.m.11 views

WordPress Enfold theme <= 7.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Enfold versions = 7.1.4...

7.1CVSS5.8AI score0.00186EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 1:48 p.m.6 views

WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by anhcd05 in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.8.9...

7.1CVSS5.8AI score0.00142EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 1:42 p.m.13 views

WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin Gravity Forms versions = 2.10.0.1...

9.6CVSS5.8AI score0.005EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2026/06/01 1:38 p.m.8 views

WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin Support Board versions 3.8.9...

9.8CVSS5.8AI score0.00345EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 1:37 p.m.12 views

WordPress LearnPress plugin <= 4.3.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by VanTastic in WordPress Plugin LearnPress versions = 4.3.6...

7.1CVSS5.8AI score0.00198EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 1:35 p.m.9 views

WordPress Product Filter Widget for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Evan NR in WordPress Plugin Product Filter Widget for Elementor versions = 1.0.6...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 1:32 p.m.10 views

WordPress Easy Invoice plugin <= 2.1.19 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by HaiND in WordPress Plugin Easy Invoice versions = 2.1.19...

10CVSS5.8AI score0.00572EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 1:21 p.m.23 views

WordPress WP Google Review Slider plugin <= 18.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin WP Google Review Slider versions = 18.0...

6.3CVSS5.5AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 12:44 p.m.10 views

WordPress Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) plugin <= 4.9 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by kai63001 in WordPress Plugin Auto Image Attributes From Filename With Bulk Updater Add Alt Text, Image Title For Image SEO versions = 4.9...

6.4CVSS5.8AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 10:46 a.m.11 views

WordPress Slider Revolution plugin 6.0.0-6.7.55, 7.0.0-7.0.14 - Missing Authorization to Authenticated (Contributor+) Arbitrary plugin Deactivation vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary plugin Deactivation vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Slider Revolution versions 6.0.0-6.7.55...

4.3CVSS5.8AI score0.00153EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 10:41 a.m.9 views

WordPress Slider Revolution plugin 7.0.0-7.0.14 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Incorrect Authorization to Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by Prickly Cactus in WordPress Plugin Slider Revolution versions 7.0.0-7.0.14...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 10:36 a.m.7 views

WordPress Active Products Tables for WooCommerce plugin <= 1.0.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin Active Products Tables for WooCommerce versions = 1.0.9...

9.3CVSS5.9AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 9:48 a.m.9 views

WordPress AIWU plugin <= 1.4.17 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin AIWU versions = 1.4.17...

9.8CVSS5.8AI score0.00328EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 9:43 a.m.9 views

WordPress WP Statistics plugin <= 14.16.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin WP Statistics versions = 14.16.6...

7.1CVSS5.8AI score0.00212EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 9:38 a.m.8 views

WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Booknetic versions = 4.8.5...

8.1CVSS5.8AI score0.00322EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 9:35 a.m.8 views

WordPress WP Full Stripe Free plugin <= 8.4.1 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by hhhai in WordPress Plugin WP Full Stripe Free versions = 8.4.1...

6.5CVSS5.8AI score0.0039EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46606