Lucene search
K
PatchstackRecent

46541 matches found

Patchstack
Patchstack
added 5 days ago4 views

WordPress Page Builder by SiteOrigin plugin <= 2.34.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by lhking in WordPress Plugin Page Builder by SiteOrigin versions = 2.34.3...

6.4CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress NEX-Forms – Ultimate Forms Plugin for WordPress plugin <= 9.2.2 - Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability

Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability discovered by valent1 in WordPress Plugin NEX-Forms versions = 9.2.2...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.11...

4.3CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Image Carousel plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Image Carousel versions = 1.0.0.41...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress BNE Testimonials plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin BNE Testimonials versions = 2.0.8...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Donation Thermometer versions = 2.2.7...

5.3CVSS5.8AI score0.00214EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Auros Core plugin <= 5.3.1 - Content Injection vulnerability

Content Injection vulnerability discovered by Bonds in WordPress Plugin Auros Core versions = 5.3.1...

5.3CVSS5.8AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Eagle Booking plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Bonds in WordPress Plugin Eagle Booking versions = 1.3.4.3...

8.8CVSS5.8AI score0.00143EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Forget About Shortcode Buttons plugin <= 2.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Forget About Shortcode Buttons versions = 2.1.3...

5.4CVSS5.8AI score0.00209EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by MD ISMAIL in WordPress Plugin Live Copy Paste for Elementor versions = 1.5.3...

4.3CVSS5.8AI score0.00197EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Goya Core plugin < 1.0.9.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Goya Core versions 1.0.9.4...

7.5CVSS5.8AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Splash - Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability

WordPress Splash - Sport Club WordPress theme for Basketball, Football, Hockey theme = 4.4.3 - Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Splash - Sport Club WordPress Theme for Basketball, Football, Hockey versions = 4.4.3...

7.5CVSS5.8AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Phat RiO in WordPress Plugin BookPro versions = 1.1.0...

5.3CVSS5.8AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Baikuya in WordPress Plugin Groundhogg versions = 4.5...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin GravityView versions = 3.0.0...

5.3CVSS5.8AI score0.00187EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago9 views

WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Contest Gallery versions = 30.0.0...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin Bopo – WooCommerce Product Bundle Builder versions = 1.1.6...

4.3CVSS5.8AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago218 views

WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by ParkHyunWoo in WordPress Plugin Recipe Maker For Your Food Blog from Zip Recipes versions = 8.2.7...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Md. Minaruzzaman Shovon in WordPress Plugin WPComplete versions = 2.9.5.5...

5.4CVSS5.8AI score0.00223EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Booking and Rental Manager plugin <= 2.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Averon Averenkov in WordPress Plugin Booking and Rental Manager versions = 2.7.1...

5.3CVSS5.8AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago8 views

WordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability

WordPress Paid Memberships Pro - Add Member From Admin plugin = 0.7.2 - Cross Site Request Forgery CSRF vulnerability discovered by Roll in WordPress Plugin Paid Memberships Pro - Add Member From Admin versions = 0.7.2...

8.8CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress TemplateSpare plugin <= 4.2.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin TemplateSpare versions = 4.2.0...

9.1CVSS5.8AI score0.00278EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Gmail SMTP plugin <= 1.2.3.19 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Gmail SMTP versions = 1.2.3.19...

4.3CVSS5.8AI score0.00098EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Child Theme Wizard versions = 1.4...

8.2CVSS5.8AI score0.00112EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Hester Core plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Hester Core versions = 1.1.8...

5.9CVSS5.8AI score0.0014EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Affiliates Manager plugin <= 2.9.49 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Affiliates Manager versions = 2.9.49...

6.5CVSS5.8AI score0.00174EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress JS Help Desk plugin <= 3.1.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by William Matos in WordPress Plugin JS Help Desk versions = 3.1.0...

5.3CVSS5.8AI score0.00187EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress WP Job Portal plugin <= 2.5.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin WP Job Portal versions = 2.5.2...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Magazine Blocks plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Magazine Blocks versions = 1.8.3...

6.5CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Ghost Kit plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Ghost Kit versions = 3.6.0...

6.5CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Shoppable Images Lite plugin <= 1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Shoppable Images Lite versions = 1.3...

4.3CVSS5.8AI score0.00213EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Nelio Content plugin <= 4.3.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Averon Averenkov in WordPress Plugin Nelio Content versions = 4.3.4...

4.3CVSS5.8AI score0.00152EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by endy in WordPress Plugin Panorama Viewer – 360 Degree Image + Video Viewer versions = 1.6.1...

7.5CVSS5.8AI score0.00259EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Restaurant Menu by MotoPress plugin <= 2.4.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Baikuya in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.10...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Prodigysec in WordPress Plugin Newsletters versions = 4.13...

8.1CVSS5.8AI score0.00189EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Majestic Support plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by William Matos in WordPress Plugin Majestic Support versions = 1.1.7...

5.4CVSS5.8AI score0.00181EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Groundhogg — CRM, Newsletters, and Marketing Automation plugin <= 4.5.5 - Authenticated (Sales Rep+) SQL Injection vulnerability

Authenticated Sales Rep+ SQL Injection vulnerability discovered by ? in WordPress Plugin Groundhogg versions = 4.5.5...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago3 views

WordPress CodePeople Post Map for Google Maps plugin <= 1.2.6 - Authenticated (Contributor +) Stored Cross-Site Scripting vulnerability

Authenticated Contributor + Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Google Maps CP versions = 1.2.6...

6.4CVSS5.8AI score0.0021EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Ivory Search – WordPress Search Plugin plugin <= 5.5.15 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Meher Sudhakar Abbireddi in WordPress Plugin Ivory Search versions = 5.5.15...

4.4CVSS5.8AI score0.00251EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress HD Quiz plugin 2.2.0-2.2.1 - 2.2.1 - Cross-Site Request Forgery vulnerability

WordPress HD Quiz plugin 2.2.0-2.2.1 - 2.2.1 - Cross-Site Request Forgery vulnerability discovered by PRISM in WordPress Plugin HD Quiz versions 2.2.0-2.2.1...

4.3CVSS5.8AI score0.00179EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress WCBoost &#8211; Products Compare plugin <= 1.1.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WCBoost Products Compare versions = 1.1.0...

5.3CVSS5.8AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago33 views

WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.19.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Vimalatithyan S. Technieum in WordPress Plugin Email Marketing for WooCommerce by Omnisend versions = 1.19.0...

5.4CVSS5.8AI score0.00275EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress PPWP plugin <= 1.9.19 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin PPWP versions = 1.9.19...

4.3CVSS5.8AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress FunnelKit Payment Gateway for Stripe WooCommerce plugin <= 1.14.0.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by ParkHyunWoo in WordPress Plugin FunnelKit Payment Gateway for Stripe WooCommerce versions = 1.14.0.3...

6.5CVSS5.8AI score0.00123EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress wpForo Forum plugin <= 3.0.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin wpForo Forum versions = 3.0.9...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Real Estate 7 versions = 3.5.9...

6.5CVSS5.8AI score0.00127EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Abandoned Cart Lite for WooCommerce versions = 6.8.0...

4.3CVSS5.8AI score0.00107EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Gallery plugin <= 4.7.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dodoh4t in WordPress Plugin Gallery versions = 4.7.8...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by lagi bljr in WordPress Plugin MasterStudy LMS versions = 3.7.30...

4.3CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Fluent Booking plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin Fluent Booking versions = 2.1.0...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46541