Lucene search
K
PatchstackRecent

46571 matches found

Patchstack
Patchstack
added 2 days ago5 views

WordPress Custom Field Template plugin <= 2.7.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Custom Field Template versions = 2.7.8...

5.8AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Japanized For WooCommerce plugin <= 2.9.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by HaiND in WordPress Plugin Japanized For WooCommerce versions = 2.9.12...

6.5CVSS5.8AI score0.00196EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago8 views

WordPress Woffice theme < 5.4.33 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Woffice versions 5.4.33...

5.3CVSS5.8AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin <= 2.9.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by HieuPenguinnn in WordPress Plugin Colissimo Officiel : Méthodes de livraison pour WooCommerce versions = 2.9.0...

6.5CVSS5.8AI score0.00258EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Business Directory plugin <= 6.4.23 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John Umoru in WordPress Plugin Business Directory versions = 6.4.23...

6.5CVSS5.8AI score0.00196EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress ARForms plugin <= 7.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by dutafi in WordPress Plugin ARForms versions = 7.1.2...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Ads by WPQuads plugin <= 3.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Ads by WPQuads versions = 3.0.3...

6.5CVSS5.8AI score0.00229EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Jobify theme <= 4.3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Jobify versions = 4.3.2...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Landing Page Builder plugin <= 1.5.3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by HaiND in WordPress Plugin Landing Page Builder versions = 1.5.3.5...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress WP User Frontend plugin <= 4.3.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tiago Ventura @perses in WordPress Plugin WP User Frontend versions = 4.3.7...

6.5CVSS5.8AI score0.00196EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Link Whisper Free plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Link Whisper Free versions = 0.9.4...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago4 views

WordPress BEAR plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin BEAR versions = 1.1.8...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Wallet System for WooCommerce plugin <= 2.7.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Evan NR in WordPress Plugin Wallet System for WooCommerce versions = 2.7.6...

7.1CVSS5.8AI score0.00256EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago2 views

WordPress Paid Videochat Turnkey Site plugin <= 7.4.8 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by endy in WordPress Plugin Paid Videochat Turnkey Site versions = 7.4.8...

9.9CVSS5.8AI score0.00344EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress MasterStudy LMS plugin <= 3.7.27 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by endy in WordPress Plugin MasterStudy LMS versions = 3.7.27...

6.5CVSS5.8AI score0.00171EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress WooCommerce Designer Pro plugin <= 1.9.34 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WooCommerce Designer Pro versions = 1.9.34...

6.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by she11f in WordPress Plugin Business Directory versions = 6.4.22...

6.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago2 views

WordPress MainWP plugin <= 6.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by sleeper in WordPress Plugin MainWP versions = 6.1.1...

6.3CVSS5.8AI score0.00249EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago3 views

WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xManticore in WordPress Plugin Business Directory versions = 6.4.22...

6.1CVSS5.8AI score0.00181EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago6 views

WordPress Simple User Avatar plugin <= 4.9 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Simple User Avatar versions = 4.9...

4.3CVSS5.8AI score0.00183EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2 days ago5 views

WordPress Embed Privacy plugin <= 1.12.3 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin Embed Privacy versions = 1.12.3...

7.1CVSS5.8AI score0.00265EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin <= 6.0.8.6 - Authenticated (Subscriber+) Authentication Bypass vulnerability

Authenticated Subscriber+ Authentication Bypass vulnerability discovered by Rafael Gunawan kokon in WordPress Plugin RegistrationMagic versions = 6.0.8.6...

5.3CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions plugin <= 8.4.3 - Missing Authorization to Unauthenticated Payment Record Manipulation vulnerability

Missing Authorization to Unauthenticated Payment Record Manipulation vulnerability discovered by Netwurm - VTDR e.V.i.G. in WordPress Plugin WP Full Stripe Free versions = 8.4.3...

5.3CVSS5.8AI score0.00323EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Modification vulnerability discovered by Weerawat Pawanawiwat ErbaZZ - Reconix Co., Ltd. in WordPress Plugin Quiz And Survey Master versions = 11.1.4...

4.3CVSS5.8AI score0.00272EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Product Specifications for Woocommerce plugin <= 0.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attribute/Group Creation, Modification, and Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Attribute/Group Creation, Modification, and Deletion vulnerability discovered by dyingman in WordPress Plugin Product Specifications for Woocommerce versions = 0.8.9...

4.3CVSS5.8AI score0.00213EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin <= 2.2.1 - Missing Authorization to Authenticated (Student+) Arbitrary Course Announcement Modification vulnerability

Missing Authorization to Authenticated Student+ Arbitrary Course Announcement Modification vulnerability discovered by ilinor in WordPress Plugin Masteriyo - LMS versions = 2.2.1...

4.3CVSS5.8AI score0.0015EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin <= 5.0.4 - Authenticated (Subscriber+) Insecure Direct Object Reference to Information Disclosure vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Information Disclosure vulnerability discovered by 0xHerc - IntegSec in WordPress Plugin Dokan versions = 5.0.4...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin <= 3.8.0 - Authenticated (Editor+) Stored Cross-Site Scripting vulnerability

Authenticated Editor+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Gutenverse versions = 3.8.0...

4.4CVSS5.8AI score0.00246EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Surbma | Infusionsoft Shortcode plugin <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Surbma | Infusionsoft Shortcode versions = 2.0.1...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Spexo theme <= 2.0.11 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Plugin Activation vulnerability discovered by adhikara13 in WordPress Theme Spexo versions = 2.0.11...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Page Builder by SiteOrigin plugin <= 2.34.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by lhking in WordPress Plugin Page Builder by SiteOrigin versions = 2.34.3...

6.4CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress NEX-Forms – Ultimate Forms Plugin for WordPress plugin <= 9.2.2 - Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability

Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability discovered by valent1 in WordPress Plugin NEX-Forms versions = 9.2.2...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.11...

4.3CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress BNE Testimonials plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin BNE Testimonials versions = 2.0.8...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Image Carousel plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Image Carousel versions = 1.0.0.41...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Donation Thermometer versions = 2.2.7...

5.3CVSS5.8AI score0.00214EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Auros Core plugin <= 5.3.1 - Content Injection vulnerability

Content Injection vulnerability discovered by Bonds in WordPress Plugin Auros Core versions = 5.3.1...

5.3CVSS5.8AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Eagle Booking plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Bonds in WordPress Plugin Eagle Booking versions = 1.3.4.3...

8.8CVSS5.8AI score0.00143EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Forget About Shortcode Buttons plugin <= 2.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Forget About Shortcode Buttons versions = 2.1.3...

5.4CVSS5.8AI score0.00209EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by MD ISMAIL in WordPress Plugin Live Copy Paste for Elementor versions = 1.5.3...

4.3CVSS5.8AI score0.00197EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Goya Core plugin < 1.0.9.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Goya Core versions 1.0.9.4...

7.5CVSS5.8AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Splash - Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability

WordPress Splash - Sport Club WordPress theme for Basketball, Football, Hockey theme = 4.4.3 - Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Splash - Sport Club WordPress Theme for Basketball, Football, Hockey versions = 4.4.3...

7.5CVSS5.8AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Phat RiO in WordPress Plugin BookPro versions = 1.1.0...

5.3CVSS5.8AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Baikuya in WordPress Plugin Groundhogg versions = 4.5...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin GravityView versions = 3.0.0...

5.3CVSS5.8AI score0.00187EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago9 views

WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Contest Gallery versions = 30.0.0...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin Bopo – WooCommerce Product Bundle Builder versions = 1.1.6...

4.3CVSS5.8AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago227 views

WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by ParkHyunWoo in WordPress Plugin Recipe Maker For Your Food Blog from Zip Recipes versions = 8.2.7...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Md. Minaruzzaman Shovon in WordPress Plugin WPComplete versions = 2.9.5.5...

5.4CVSS5.8AI score0.00223EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago8 views

WordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability

WordPress Paid Memberships Pro - Add Member From Admin plugin = 0.7.2 - Cross Site Request Forgery CSRF vulnerability discovered by Roll in WordPress Plugin Paid Memberships Pro - Add Member From Admin versions = 0.7.2...

8.8CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46571