Lucene search
K
PatchstackRecent

46684 matches found

Patchstack
Patchstack
added 2026/04/21 7:7 p.m.7 views

WordPress TextP2P Texting Widget plugin <= 1.7 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin TextP2P Texting Widget versions = 1.7...

4.3CVSS5.8AI score0.00156EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:7 p.m.6 views

WordPress Kcaptcha plugin <= 1.0.1 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Kcaptcha versions = 1.0.1...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:7 p.m.8 views

WordPress Call To Action plugin plugin <= 3.1.3 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Call To Action Plugin versions = 3.1.3...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:6 p.m.6 views

WordPress mCatFilter plugin <= 0.5.2 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin mCatFilter versions = 0.5.2...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:5 p.m.6 views

WordPress DX Unanswered Comments plugin <= 1.7 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin DX Unanswered Comments versions = 1.7...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:5 p.m.7 views

WordPress Sentence To SEO (keywords, description and tags) plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Sentence To SEO keywords, description and tags versions = 1.0...

4.4CVSS5.8AI score0.00326EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:5 p.m.8 views

WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Ni WooCommerce Order Export versions = 3.1.6...

4.3CVSS5.8AI score0.00156EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:3 p.m.7 views

WordPress Zypento Blocks plugin <= 1.06 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Zypento Blocks versions = 1.06...

6.4CVSS5.8AI score0.00227EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:3 p.m.6 views

WordPress Buzz Comments plugin <= 0.9.4 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Buzz Comments versions = 0.9.4...

4.4CVSS5.8AI score0.0025EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:3 p.m.6 views

WordPress Fast & Fancy Filter – 3F plugin <= 1.2.2 - Cross-Site Request Forgery to Settings Modification vulnerability

Cross-Site Request Forgery to Settings Modification vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Fast & Fancy Filter – 3F versions = 1.2.2...

4.3CVSS5.8AI score0.0018EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:2 p.m.5 views

WordPress Google PageRank Display plugin <= 1.4 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Google PageRank Display versions = 1.4...

4.3CVSS5.8AI score0.002EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 3:41 p.m.7 views

WordPress GiveWP plugin <= 4.14.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by HuajiHD in WordPress Plugin GiveWP versions = 4.14.2...

5.8AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 3:23 p.m.21 views

WordPress Royal MCP plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Alexis Lafontaine in WordPress Plugin Royal MCP versions = 1.4.2...

5.8AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 3:22 p.m.7 views

WordPress Booking Package plugin <= 1.7.06 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Skoobi in WordPress Plugin Booking Package versions = 1.7.06...

5.8AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 3:21 p.m.13 views

WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress versions = 4.7.9...

5.8AI score0.00279EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 3:18 p.m.7 views

WordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin GeekyBot versions = 1.2.2...

5.8AI score0.00347EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 3:16 p.m.9 views

WordPress FunnelFormsPro plugin <= 3.8.1 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by 3ele / Sebastian Weiss in WordPress Plugin FunnelFormsPro versions = 3.8.1...

9.9CVSS5.8AI score0.00364EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2026/04/21 3:10 p.m.20 views

WordPress Contest Gallery plugin <= 28.1.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Contest Gallery versions = 28.1.6...

5.8AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 2:25 p.m.4 views

WordPress ListingPro plugin <= 2.9.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO in WordPress Plugin ListingPro versions = 2.9.10...

5.8AI score0.00372EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 10:51 a.m.9 views

WordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by hivesec in WordPress Plugin Min Max Step Quantity Limits Manager for WooCommerce versions = 5.2.2...

5.8AI score0.00142EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 10:9 a.m.7 views

WordPress Coupon Affiliates plugin <= 7.5.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Coupon Affiliates versions = 7.5.3...

5.8AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 10:5 a.m.7 views

WordPress Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin <= 1.0.6 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by babyhack@OPCIA in WordPress Plugin Contact Form Extender for Divi Save Entries, File Upload & Country Code Field versions = 1.0.6...

5.8AI score0.00442EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:57 a.m.9 views

WordPress Salon booking system plugin <= 10.30.24 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Lubin Regnault in WordPress Plugin Salon booking system versions = 10.30.24...

5.8AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:53 a.m.8 views

WordPress Motors plugin < 1.4.107 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Motors versions 1.4.107...

5.8AI score0.00352EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:51 a.m.8 views

WordPress wpForo Forum plugin < 3.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dahmani Toumi pegaSUS in WordPress Plugin wpForo Forum versions 3.0.2...

5.8AI score0.00287EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:43 a.m.7 views

WordPress MasterStudy LMS plugin <= 3.7.25 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jakub Herman in WordPress Plugin MasterStudy LMS versions = 3.7.25...

5.8AI score0.00332EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:34 a.m.9 views

WordPress collectchat plugin <= 2.4.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ritsuy in WordPress Plugin collectchat versions = 2.4.9...

5.8AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:32 a.m.9 views

WordPress WPGraphQL plugin < 2.11.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin WPGraphQL versions 2.11.1...

5.8AI score0.00251EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:21 a.m.5 views

WordPress Responsive Blocks – Page Builder for Blocks & Patterns plugin 2.0.9-2.2.1 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Modification vulnerability discovered by Even S in WordPress Plugin Responsive Blocks versions 2.0.9-2.2.1...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 9:9 a.m.9 views

WordPress plugin: CMS für Motorrad Werkstätten plugin <= 1.0.0 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Régis SENET - ORHUS in WordPress Plugin CMS für Motorrad Werkstätten versions = 1.0.0...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 2:20 a.m.4 views

WordPress Email Encoder plugin < 2.3.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Email Encoder Bundle versions 2.3.4...

3.5CVSS5.8AI score0.00213EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 1:58 a.m.5 views

WordPress Responsive Blocks plugin <= 2.2.0 - Unauthenticated Open Email Relay via REST API 'email_to' Parameter vulnerability

Unauthenticated Open Email Relay via REST API 'emailto' Parameter vulnerability discovered by Even S in WordPress Plugin Responsive Blocks versions = 2.2.0...

5.3CVSS5.8AI score0.00325EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/20 6:26 p.m.6 views

WordPress Website LLMs.txt plugin <= 8.2.6 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Website LLMs.txt versions = 8.2.6...

4.4CVSS5.8AI score0.00157EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/20 3:49 p.m.9 views

WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Advanced Product Fields Product Addons for WooCommerce versions = 1.6.19...

5.8AI score0.00446EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 3:40 p.m.8 views

WordPress YayMail plugin <= 4.3.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin YayMail versions = 4.3.3...

5.8AI score0.00359EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 3:15 p.m.4 views

WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Responsive Slider by MetaSlider versions = 3.106.0...

7.2CVSS5.8AI score0.00425EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 3:4 p.m.6 views

WordPress WooCommerce PDF Invoices & Packing Slips plugin < 5.9.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions 5.9.0...

5.8AI score0.00446EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 3:1 p.m.6 views

WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.3...

5.8AI score0.00446EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 2:55 p.m.12 views

WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Anti-Malware Security and Brute-Force Firewall versions = 4.23.87...

5.8AI score0.00428EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 2:44 p.m.5 views

WordPress Modula Image Gallery plugin <= 2.14.18 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Modula Image Gallery versions = 2.14.18...

5.8AI score0.00446EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 2:40 p.m.6 views

WordPress Paid Member Subscriptions plugin <= 2.17.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by loris4py in WordPress Plugin Paid Member Subscriptions versions = 2.17.3...

5.8AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:12 a.m.5 views

WordPress Valeska theme <= 1.2.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Valeska versions = 1.2.2...

5.8AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:11 a.m.11 views

WordPress Behold theme <= 1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Behold versions = 1.5...

5.8AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:11 a.m.5 views

WordPress Esmée theme <= 1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Esmée versions = 1.4...

5.8AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:11 a.m.6 views

WordPress Léonie theme <= 1.2.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Léonie versions = 1.2.1...

5.8AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:10 a.m.5 views

WordPress Château theme <= 1.2.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Château versions = 1.2.1...

5.8AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:10 a.m.8 views

WordPress TechLink theme <= 1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme TechLink versions = 1.3...

5.8AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:10 a.m.4 views

WordPress Zoya theme <= 1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Zoya versions = 1.4...

5.8AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:9 a.m.7 views

WordPress Roisin theme <= 1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Roisin versions = 1.4...

5.8AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/20 11:9 a.m.6 views

WordPress EasyMeals theme <= 1.5.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme EasyMeals versions = 1.5.1...

5.8AI score0.00308EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46684