Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/06/01 9:20 a.m.8 views

WordPress CformsII plugin <= 15.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ilay Striechman in WordPress Plugin CformsII versions = 15.1.3...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 8:52 a.m.7 views

WordPress WpTravelly plugin <= 2.1.7 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by benzdeus in WordPress Plugin WpTravelly versions = 2.1.7...

7.5CVSS5.8AI score0.00267EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 8:45 a.m.9 views

WordPress Slimstat Analytics plugin < 5.4.0 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by mcdruid in WordPress Plugin Slimstat Analytics versions 5.4.0...

6.5CVSS5.8AI score0.00252EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 8:31 a.m.13 views

WordPress HT Contact Form plugin <= 2.8.2 - Unauthenticated Stored Cross-Site Scripting via File Upload Field vulnerability

Unauthenticated Stored Cross-Site Scripting via File Upload Field vulnerability discovered by Azril Fathoni kiseki - Heroes Cyber Security in WordPress Plugin HT Contact Form 7 versions = 2.8.2...

7.2CVSS5.8AI score0.00292EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 8:25 a.m.10 views

WordPress GutenBee – Gutenberg Blocks plugin <= 2.20.1 - Authenticated (Author+) Arbitrary File Upload vulnerability

Authenticated Author+ Arbitrary File Upload vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin GutenBee versions = 2.20.1...

8.8CVSS5.8AI score0.00659EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 8:20 a.m.12 views

WordPress Crawlomatic Multipage Scraper Post Generator plugin <= 2.7.2 - Authenticated (Author+) Remote Code Execution vulnerability

Authenticated Author+ Remote Code Execution vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Crawlomatic Multisite Scraper Post Generator versions = 2.7.2...

8.8CVSS5.8AI score0.00446EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/01 8:7 a.m.14 views

WordPress Advanced Custom Fields: Extended plugin <= 0.9.2.5 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by daroo in WordPress Plugin ACF Extended versions = 0.9.2.5...

9.8CVSS5.8AI score0.008EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/05/30 8:40 p.m.12 views

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.25 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by dodoh4t in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.25...

7.5CVSS5.8AI score0.00291EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/30 2:23 p.m.10 views

WordPress Advanced Custom Fields (ACF®) plugin <= 6.8.1 - Unauthenticated Arbitrary Post Modification vulnerability

Unauthenticated Arbitrary Post Modification vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Advanced Custom Fields versions = 6.8.1...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/30 9:23 a.m.13 views

WordPress Affiliate Super Assistent plugin <= 1.10.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Affiliate Super Assistent versions = 1.10.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/30 7:40 a.m.13 views

WordPress WebinarIgnition plugin < 4.08.253 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by hhhai in WordPress Plugin WebinarIgnition versions 4.08.253...

9.8CVSS5.8AI score0.00308EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2026/05/30 6:40 a.m.11 views

WordPress WebinarIgnition plugin < 4.08.253 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by hhhai in WordPress Plugin WebinarIgnition versions 4.08.253...

9.9CVSS5.8AI score0.00346EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/30 6:22 a.m.13 views

WordPress QuickWebP – Compress / Optimize Images & Convert WebP | SEO Friendly plugin <= 3.2.7 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by dodoh4t in WordPress Plugin QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly versions = 3.2.7...

9.9CVSS5.8AI score0.00336EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/30 5:45 a.m.12 views

WordPress TableOn plugin <= 1.0.5.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin TableOn versions = 1.0.5.1...

9.3CVSS5.9AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/30 5:40 a.m.12 views

WordPress Favicon plugin <= 1.3.46 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by dodoh4t in WordPress Plugin Favicon versions = 1.3.46...

7.1CVSS5.8AI score0.00203EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/29 6:39 p.m.11 views

WordPress WCFM Membership plugin <= 2.11.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bima Ikhsan in WordPress Plugin WCFM Membership versions = 2.11.10...

7.3CVSS5.8AI score0.00178EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/29 4:49 p.m.13 views

WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by dodoh4t in WordPress Plugin Stripe Payments versions = 2.0.98...

6.5CVSS5.8AI score0.00222EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/29 3:17 p.m.10 views

WordPress Booking Manager plugin <= 2.1.18 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by dodoh4t in WordPress Plugin Booking Manager versions = 2.1.18...

6.5CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/29 3:17 p.m.13 views

WordPress WPComplete plugin <= 2.9.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin WPComplete versions = 2.9.5.4...

6.5CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/29 1:33 p.m.18 views

WordPress LiteSpeed Cache plugin <= 7.7 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin LiteSpeed Cache versions = 7.7...

7.2CVSS5.8AI score0.00359EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/29 1:31 p.m.12 views

WordPress WP Travel Pro plugin <= 10.6.0 - Missing Authorization to Unauthenticated Arbitrary User Deletion Including Administrators vulnerability

Missing Authorization to Unauthenticated Arbitrary User Deletion Including Administrators vulnerability discovered by Ren Voza in WordPress Plugin WP Travel Pro versions = 10.6.0...

9.1CVSS5.8AI score0.00258EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/29 1:23 p.m.13 views

WordPress WooCommerce Infinite Scroll and Ajax Pagination plugin <= 1.8 - Authenticated (Subscriber+) PHP Object Injection vulnerability

Authenticated Subscriber+ PHP Object Injection vulnerability discovered by cuokon in WordPress Plugin WooCommerce Infinite Scroll versions = 1.8...

8.8CVSS5.8AI score0.00378EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/29 1:16 p.m.16 views

WordPress Link Whisper Free plugin <= 0.9.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by mikemyers in WordPress Plugin Link Whisper Free versions = 0.9.0...

7.2CVSS5.8AI score0.00233EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/05/29 1:16 p.m.14 views

WordPress StatCounter – Free Real Time Visitor Stats plugin <= 2.1.1 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by ZAST.AI - ZAST.AI in WordPress Plugin StatCounter versions = 2.1.1...

6.4CVSS5.8AI score0.00305EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/29 9:24 a.m.15 views

WordPress OTP Login With Phone Number, OTP Verification plugin 1.8.50-1.8.60 - Unauthenticated Authentication Bypass vulnerability

Unauthenticated Authentication Bypass vulnerability discovered by luckybuddy in WordPress Plugin Login with phone number versions 1.8.50-1.8.60...

9.8CVSS5.8AI score0.00492EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/29 9:24 a.m.15 views

WordPress WP Maps Pro plugin <= 6.0.4 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by David Brown in WordPress Plugin Advanced Google Maps versions = 6.0.4...

9.8CVSS5.8AI score0.09461EPSS
Exploits7References1Affected Software1
Patchstack
Patchstack
added 2026/05/29 8:17 a.m.8 views

WordPress Disable Comments for Any Post Types (Remove comments) plugin <= 1.3.0 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by dodoh4t in WordPress Plugin Disable Comments for Any Post Types Remove comments versions = 1.3.0...

7.1CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/29 6:37 a.m.10 views

WordPress WPify Woo Czech plugin <= 5.4.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by kai63001 in WordPress Plugin WPify Woo Czech versions = 5.4.1...

9.9CVSS5.8AI score0.00266EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 9:9 p.m.17 views

WordPress Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin <= 1.0.271 - Missing Authorization to Unauthenticated Homepage Settings Modification vulnerability

Missing Authorization to Unauthenticated Homepage Settings Modification vulnerability discovered by ? in WordPress Plugin Rank Math SEO versions = 1.0.271...

5.3CVSS5.8AI score0.00356EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 7:54 p.m.19 views

WordPress Contact Form 7 – PayPal & Stripe Add-on plugin <= 2.4.9 - Unauthenticated Payment Bypass vulnerability

Unauthenticated Payment Bypass vulnerability discovered by Stranger825 in WordPress Plugin Contact Form 7 – PayPal & Stripe Add-on versions = 2.4.9...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 7:36 p.m.10 views

WordPress Frontend Admin by DynamiApps plugin <= 3.28.8 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by ? in WordPress Plugin Frontend Admin by DynamiApps versions = 3.28.8...

4.9CVSS5.9AI score0.00288EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 6:57 p.m.8 views

WordPress Media Library Assistant plugin <= 3.35 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Media LIbrary Assistant versions = 3.35...

8.1CVSS5.8AI score0.00203EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 6:38 p.m.11 views

WordPress The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin <= 6.4.15 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 6.4.15...

6.4CVSS5.8AI score0.00273EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 5:26 p.m.10 views

WordPress Automotive Car Dealership Business WordPress Theme theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4.1...

6.4CVSS5.8AI score0.00159EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 4:58 p.m.12 views

WordPress Simple Divi Shortcode plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Simple Divi Shortcode versions = 1.2...

6.4CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 4:44 p.m.8 views

WordPress Easy Form Builder plugin <= 4.0.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by kai63001 in WordPress Plugin Easy Form Builder versions = 4.0.6...

9.3CVSS5.9AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 3:41 p.m.11 views

WordPress Smart Online Order for Clover plugin <= 1.6.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by she11f in WordPress Plugin Smart Online Order for Clover versions = 1.6.0...

7.3CVSS5.8AI score0.00188EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 2:55 p.m.12 views

WordPress Breeze Cache plugin <= 2.5.2 - Unauthenticated Exposure of Sensitive Information to an Unauthorized Actor vulnerability

Unauthenticated Exposure of Sensitive Information to an Unauthorized Actor vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Breeze versions = 2.5.2...

5.3CVSS5.8AI score0.00273EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 2:2 p.m.9 views

WordPress Smart Online Order for Clover plugin <= 1.6.0 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by she11f in WordPress Plugin Smart Online Order for Clover versions = 1.6.0...

7.3CVSS5.8AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 1:41 p.m.8 views

WordPress Post Snippets – Custom WordPress Code Snippets Customizer plugin <= 4.0.19 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by a1batr0ss in WordPress Plugin Post Snippets versions = 4.0.19...

4.4CVSS5.8AI score0.00244EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 1:39 p.m.11 views

WordPress Poll Maker by AYS – Versus Polls, Anonymous Polls, Image Polls plugin <= 6.3.7 - Authenticated (Subscriber+) Sensitive Information Exposure in 'ays_poll_get_user_information' AJAX Action vulnerability

Authenticated Subscriber+ Sensitive Information Exposure in 'ayspollgetuserinformation' AJAX Action vulnerability discovered by Satoo Nakano in WordPress Plugin Poll Maker versions = 6.3.7...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 1:10 p.m.12 views

WordPress Ads by WPQuads plugin <= 3.0.2 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by Bas Albers in WordPress Plugin Ads by WPQuads versions = 3.0.2...

6.5CVSS5.8AI score0.00207EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 9:32 a.m.13 views

WordPress SlimStat Analytics plugin <= 5.4.11 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin Slimstat Analytics versions = 5.4.11...

7.2CVSS5.8AI score0.00436EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 9:25 a.m.10 views

WordPress Easy Updates Manager plugin <= 9.0.20 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Easy Updates Manager versions = 9.0.20...

6.1CVSS5.8AI score0.00205EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 9:23 a.m.9 views

WordPress Login No Captcha reCAPTCHA plugin <= 1.8.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by ISMAILSHADOW in WordPress Plugin Login No Captcha reCAPTCHA versions = 1.8.0...

7.2CVSS5.8AI score0.00346EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 9:21 a.m.10 views

WordPress Independent Analytics – WordPress Analytics Plugin plugin <= 2.14.9 - Unauthenticated Server-Side Request Forgery vulnerability

Unauthenticated Server-Side Request Forgery vulnerability discovered by Kirasec in WordPress Plugin Independent Analytics - Google Analytics Alternative for WordPress versions = 2.14.9...

6.5CVSS5.8AI score0.00366EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 9:18 a.m.11 views

WordPress MinhNhut Link Gateway plugin <= 3.6.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin MinhNhut Link Gateway versions = 3.6.1...

6.1CVSS5.8AI score0.00256EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 9:18 a.m.11 views

WordPress Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin <= 3.4.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Gutenverse versions = 3.4.6...

6.1CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/28 8:58 a.m.10 views

WordPress User Registration plugin <= 5.1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin User Registration versions = 5.1.2...

7.5CVSS5.8AI score0.00372EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 8:57 a.m.10 views

WordPress Broadcast Live Video plugin < 7.1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin Broadcast Live Video versions 7.1.3...

9.8CVSS5.8AI score0.00386EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46606