Lucene search
K
PatchstackRecent

46547 matches found

Patchstack
Patchstack
added 5 days ago6 views

WordPress wpForo Forum plugin <= 3.0.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin wpForo Forum versions = 3.0.9...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Gallery plugin <= 4.7.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dodoh4t in WordPress Plugin Gallery versions = 4.7.8...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago6 views

WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Abandoned Cart Lite for WooCommerce versions = 6.8.0...

4.3CVSS5.8AI score0.00107EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by lagi bljr in WordPress Plugin MasterStudy LMS versions = 3.7.30...

4.3CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Real Estate 7 versions = 3.5.9...

6.5CVSS5.8AI score0.00127EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress WP Post Author plugin <= 3.9.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin WP Post Author versions = 3.9.1...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Fluent Booking plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin Fluent Booking versions = 2.1.0...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Blocksy Companion Pro plugin <= 2.1.46 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin Blocksy Companion Pro versions = 2.1.46...

5.3CVSS5.8AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Popup box plugin <= 6.0.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Doan Dinh Van in WordPress Plugin Popup box versions = 6.0.1...

7.6CVSS5.8AI score0.00279EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress StatCounter plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by timomangcut in WordPress Plugin StatCounter versions = 2.1.1...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Kirki plugin <= 6.0.11 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Kirki versions = 6.0.11...

4.9CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress WP All Import plugin <= 4.0.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WP All Import versions = 4.0.1...

7.6CVSS5.8AI score0.00279EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress Exclusive Addons Elementor plugin <= 2.7.9.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Exclusive Addons Elementor versions = 2.7.9.8...

6.5CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago3 views

WordPress NanoMag theme <= 1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme NanoMag versions = 1.8...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress GIFT4U plugin <= 1.0.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ali Osman ERBAS 0110m4n in WordPress Plugin GIFT4U versions = 1.0.10...

6.5CVSS5.8AI score0.00242EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Flash & HTML5 Video plugin <= 2.11.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Flash & HTML5 Video versions = 2.11.0...

5.8CVSS5.8AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress weMail plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin weMail versions = 2.1.2...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress MapSVG plugin <= 8.6.4 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin MapSVG versions = 8.6.4...

6.5CVSS5.8AI score0.00328EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress H5P plugin <= 1.17.7 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin H5P versions = 1.17.7...

7.1CVSS5.8AI score0.00294EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago3 views

WordPress Site Reviews plugin <= 8.0.11 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Site Reviews versions = 8.0.11...

6.5CVSS5.8AI score0.00355EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Simply Schedule Appointments plugin <= 1.6.12.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by vnth4nhnt in WordPress Plugin Simply Schedule Appointments versions = 1.6.12.2...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago3 views

WordPress GetGenie plugin <= 4.4.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Fraudless in WordPress Plugin GetGenie versions = 4.4.2...

6.5CVSS5.8AI score0.00355EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress SureCart plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin SureCart versions = 4.3.2...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Blocksy Companion Pro plugin <= 2.1.45 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by daroo in WordPress Plugin Blocksy Companion Pro versions = 2.1.45...

8.5CVSS5.9AI score0.00351EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago7 views

WordPress User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin <= 5.2.0 - Missing Authorization to Unauthenticated Payment Bypass vulnerability

Missing Authorization to Unauthenticated Payment Bypass vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin User Registration versions = 5.2.0...

6.5CVSS5.8AI score0.0018EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago3 views

WordPress Groundhogg — CRM, Newsletters, and Marketing Automation plugin <= 4.5.5 - Authenticated (Marketer+) SQL Injection vulnerability

Authenticated Marketer+ SQL Injection vulnerability discovered by ? in WordPress Plugin Groundhogg versions = 4.5.5...

6.5CVSS5.8AI score0.0028EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 6 days ago7 views

NPM: neotoma has tenant isolation gap in relationship query endpoints

NPM: neotoma has tenant isolation gap in relationship query endpoints vulnerability discovered by ? in WordPress Npm neotoma versions = 0.13.0, 0.14.0...

5.8AI score
Exploits0References5Affected Software1
Patchstack
Patchstack
added 6 days ago5 views

NPM: i18next-fs-backend vulnerable to prototype pollution via crafted missing-key string

NPM: i18next-fs-backend vulnerable to prototype pollution via crafted missing-key string vulnerability discovered by ? in WordPress Npm i18next-fs-backend versions 2.6.6...

9.1CVSS5.8AI score0.00419EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

NPM: i18next-http-middleware: MissingKeyHandler does not reject keys whose segments contain prototype-polluting names

NPM: i18next-http-middleware: MissingKeyHandler does not reject keys whose segments contain prototype-polluting names vulnerability discovered by ? in WordPress Npm i18next-http-middleware versions 3.9.7...

9.1CVSS5.8AI score0.00419EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 6 days ago5 views

WordPress OMGF Pro plugin <= 5.2.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by NETZLICHT in WordPress Plugin OMGF Pro versions = 5.2.6...

10CVSS5.8AI score0.00373EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress FOX plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin FOX versions = 1.4.8...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago3 views

WordPress Everest Forms plugin <= 3.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by bekitousei in WordPress Plugin Everest Forms versions = 3.4.8...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress SureCart plugin <= 4.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Psalms Christopher Matovu ByteOverride in WordPress Plugin SureCart versions = 4.2.2...

6.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress WoodMart theme <= 8.5.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Theme WoodMart versions = 8.5.3...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Advance Product Search plugin <= 1.4.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Mokksh Parekh in WordPress Plugin Advance Product Search versions = 1.4.4...

9.3CVSS5.8AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Toolset Forms plugin <= 2.6.24 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by VanTastic in WordPress Plugin Toolset Forms versions = 2.6.24...

7.5CVSS5.8AI score0.003EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago5 views

WordPress JetEngine plugin <= 3.8.10.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Rafie Muhammad in WordPress Plugin JetEngine versions = 3.8.10.2...

9.3CVSS5.8AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress JetSmartFilters plugin <= 3.8.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin JetSmartFilters versions = 3.8.3...

9.3CVSS5.8AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago6 views

WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin ShortPixel Adaptive Images versions = 3.11.4...

5.8CVSS5.8AI score0.00346EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Tourfic plugin <= 2.22.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by anhcd05 in WordPress Plugin Tourfic versions = 2.22.5...

8.5CVSS5.8AI score0.00278EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago3 views

WordPress MailChimp Block plugin <= 1.1.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Roll in WordPress Plugin MailChimp Block versions = 1.1.15...

8.3CVSS5.8AI score0.00178EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Quotes llama plugin <= 3.1.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by ParkHyunWoo in WordPress Plugin Quotes llama versions = 3.1.5...

9.3CVSS5.8AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Subscriptions for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Subscriptions for WooCommerce versions = 1.9.5...

7.5CVSS5.8AI score0.00246EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Groundhogg — CRM, Newsletters, and Marketing Automation plugin <= 4.5.4 - Authenticated (Custom+) SQL Injection vulnerability

Authenticated Custom+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin Groundhogg versions = 4.5.4...

6.5CVSS6AI score0.00281EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin Print Invoice & Delivery Notes for WooCommerce versions = 7.1.1...

7.5CVSS5.8AI score0.00303EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago5 views

WordPress Travel Booking theme <= 2.2.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Jamaal ahmed in WordPress Theme Travel Booking versions = 2.2.5...

9.9CVSS5.8AI score0.00362EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago3 views

WordPress Quform plugin <= 2.23.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by daroo in WordPress Plugin Quform versions = 2.23.0...

9.9CVSS5.8AI score0.00362EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago5 views

WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by VanTastic in WordPress Plugin Uncanny Automator Pro versions = 7.3.0.6...

9.8CVSS5.8AI score0.00426EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago5 views

WordPress RealHomes theme <= 4.5.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Theme RealHomes versions = 4.5.3...

8.8CVSS5.8AI score0.00391EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress JS Help Desk plugin <= 3.1.1 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin JS Help Desk versions = 3.1.1...

7.7CVSS5.8AI score0.0045EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46547