Lucene search
K
PatchstackRecent

46702 matches found

Patchstack
Patchstack
•added 2026/03/05 11:42 a.m.•5 views

WordPress Morning Records theme <= 1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Morning Records versions = 1.2...

5.8AI score0.00395EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:41 a.m.•9 views

WordPress m2 | Construction and Tools Store theme <= 1.1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme m2 | Construction and Tools Store versions = 1.1.2...

5.8AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:18 a.m.•7 views

WordPress Tripgo theme < 1.5.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Tripgo versions 1.5.6...

8.1CVSS5.8AI score0.00344EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:18 a.m.•7 views

WordPress Triompher theme <= 1.1.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Triompher versions = 1.1.0...

5.8AI score0.00519EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:17 a.m.•5 views

WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gioia versions = 1.4...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:17 a.m.•6 views

WordPress Dentalux theme <= 3.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dentalux versions = 3.3...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:16 a.m.•5 views

WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme ProLingua versions = 1.1.12...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:16 a.m.•5 views

WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nelson versions = 1.2.0...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:16 a.m.•6 views

WordPress Mr. Cobbler theme <= 1.1.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Mr. Cobbler versions = 1.1.9...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:16 a.m.•4 views

WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Lella versions = 1.2...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:15 a.m.•5 views

WordPress Laurent theme <= 3.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Laurent versions = 3.1...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:15 a.m.•6 views

WordPress Hypnotherapy theme <= 1.2.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Hypnotherapy versions = 1.2.10...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:15 a.m.•4 views

WordPress Greenville theme <= 1.3.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Greenville versions = 1.3.2...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:14 a.m.•6 views

WordPress Good Homes theme <= 1.3.13 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Good Homes versions = 1.3.13...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:14 a.m.•6 views

WordPress Gaspard theme <= 1.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gaspard versions = 1.3...

5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 11:3 a.m.•4 views

WordPress My auctions allegro plugin <= 3.6.35 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin My auctions allegro versions = 3.6.35...

5.8AI score0.00237EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 10:31 a.m.•5 views

WordPress My Album Gallery plugin <= 1.0.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Jitlada in WordPress Plugin My Album Gallery versions = 1.0.4...

5.8AI score0.00302EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 10:30 a.m.•7 views

WordPress Lisfinity Core plugin <= 1.5.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Lisfinity Core versions = 1.5.0...

5.8AI score0.00383EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 10:27 a.m.•8 views

WordPress WPSubscription plugin <= 1.8.10 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Jitlada in WordPress Plugin WPSubscription versions = 1.8.10...

5.8AI score0.00364EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 10:25 a.m.•5 views

WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mrreee in WordPress Plugin Product Feed for WooCommerce versions = 2.3.3...

5.8AI score0.00503EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 10:2 a.m.•6 views

WordPress Bus Ticket Booking with Seat Reservation plugin <= 5.6.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Bus Ticket Booking with Seat Reservation versions = 5.6.0...

5.8AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 9:57 a.m.•5 views

WordPress LatePoint plugin <= 5.2.7 - Authenticated (Agent+) Privilege Escalation vulnerability

Authenticated Agent+ Privilege Escalation vulnerability discovered by Nguyen Ba Hung bashu - KCSC in WordPress Plugin LatePoint versions = 5.2.7...

8.8CVSS5.9AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/05 9:6 a.m.•7 views

WordPress Fluent Forms Pro plugin <= 6.1.17 - Unauthenticated Stored Cross-Site Scripting via Draft Form Submission vulnerability

Unauthenticated Stored Cross-Site Scripting via Draft Form Submission vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...

7.2CVSS5.9AI score0.00263EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/05 8:36 a.m.•7 views

WordPress WPBookit plugin <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters vulnerability

Unauthenticated Stored Cross-Site Scripting via 'wpbusername' and 'wpbuseremail' Parameters vulnerability discovered by MD. TAREQ AHAMED JONY itztrq - Knight Squad in WordPress Plugin WPBookit versions = 1.0.8...

7.2CVSS5.9AI score0.00318EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/05 7:39 a.m.•7 views

WordPress Product Feed PRO for WooCommerce plugin <= 13.5.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Product Feed PRO for WooCommerce versions = 13.5.2...

6.5CVSS5.8AI score0.00112EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/05 7:30 a.m.•5 views

WordPress Fluent Forms Pro Add On Pack plugin <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...

6.5CVSS5.9AI score0.00223EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/05 7:8 a.m.•5 views

WordPress Mail Mint plugin < 1.19.5 - Unauthenticated Emails Disclosure vulnerability

Unauthenticated Emails Disclosure vulnerability discovered by yiÄŸit ibrahim saÄŸlam in WordPress Plugin Mail Mint versions 1.19.5...

7.5CVSS5.9AI score0.01379EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/05 7:6 a.m.•5 views

WordPress Membership plugin - Restrict Content plugin <= 3.2.20 - Unauthenticated Privilege Escalation via 'rcp_level' vulnerability

WordPress Membership plugin - Restrict Content plugin = 3.2.20 - Unauthenticated Privilege Escalation via 'rcplevel' vulnerability discovered by shark3y in WordPress Plugin Restrict Content versions = 3.2.20...

8.1CVSS5.9AI score0.0035EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:17 p.m.•7 views

WordPress Page and Post Clone plugin <= 6.3 - Authenticated (Contributor+) SQL Injection via 'meta_key' Parameter vulnerability

Authenticated Contributor+ SQL Injection via 'metakey' Parameter vulnerability discovered by Arthur GRIMAULT in WordPress Plugin Page and Post Clone versions = 6.3...

6.5CVSS6AI score0.00249EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:16 p.m.•4 views

WordPress Media Library Assistant plugin <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Attachment Taxonomy Modification vulnerability discovered by Muhammad Sharief in WordPress Plugin Media LIbrary Assistant versions = 3.33...

4.3CVSS5.9AI score0.00196EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:15 p.m.•8 views

WordPress Apocalypse Meow plugin <= 22.1.0 - Authenticated (Administrator+) SQL Injection via 'type' Parameter vulnerability

Authenticated Administrator+ SQL Injection via 'type' Parameter vulnerability discovered by Louis Deschanel - Patrowl in WordPress Plugin Apocalypse Meow versions = 22.1.0...

4.9CVSS6AI score0.00454EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 10:56 p.m.•4 views

WordPress OoohBoi Steroids for Elementor plugin <= 2.1.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple URL Controls vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple URL Controls vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin OoohBoi Steroids for Elementor versions = 2.1.24...

6.4CVSS5.9AI score0.00197EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 10:28 p.m.•5 views

WordPress My Calendar - Accessible Event Manager plugin <= 3.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

WordPress My Calendar - Accessible Event Manager plugin = 3.7.3 - Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin My Calendar versions = 3.7.3...

6.4CVSS5.9AI score0.00276EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 10:26 p.m.•7 views

WordPress Seraphinite Accelerator plugin <= 2.28.14 - Authenticated (Subscriber+) Exposure of Sensitive Information to an Unauthorized Actor vulnerability

Authenticated Subscriber+ Exposure of Sensitive Information to an Unauthorized Actor vulnerability discovered by lucsob in WordPress Plugin Seraphinite Accelerator versions = 2.28.14...

4.3CVSS5.9AI score0.00316EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 10:22 p.m.•6 views

WordPress Seraphinite Accelerator plugin <= 2.28.14 - Missing Authorization to Authenticated (Subscriber+) Log Clearing vulnerability

Missing Authorization to Authenticated Subscriber+ Log Clearing vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Seraphinite Accelerator versions = 2.28.14...

4.3CVSS5.9AI score0.0025EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 1:4 p.m.•8 views

WordPress ionCube tester plus plugin <= 1.3 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin ionCube tester plus versions = 1.3...

7.5CVSS5.8AI score0.01609EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 12:3 p.m.•4 views

WordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin Easy Post Submission versions = 2.4.0...

7.5CVSS5.8AI score0.00323EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:42 a.m.•4 views

WordPress Mounthood theme <= 1.3.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Mounthood versions = 1.3.2...

9.8CVSS5.8AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:42 a.m.•5 views

WordPress Jardi theme <= 1.7.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Jardi versions = 1.7.2...

9.8CVSS5.8AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:41 a.m.•7 views

WordPress Estate theme <= 1.3.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Estate versions = 1.3.4...

9.8CVSS5.8AI score0.00389EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:41 a.m.•3 views

WordPress Equestrian Centre theme <= 1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Equestrian Centre versions = 1.5...

9.8CVSS5.8AI score0.00389EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 11:41 a.m.•8 views

WordPress Dental Clinic theme <= 3.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dental Clinic versions = 3.7...

8.8CVSS5.8AI score0.00368EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 8:1 a.m.•7 views

WordPress ColorFolio - Freelance Designer WordPress Theme theme <= 1.3 - Deserialization of untrusted data vulnerability

WordPress ColorFolio - Freelance Designer WordPress Theme theme = 1.3 - Deserialization of untrusted data vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme ColorFolio - Freelance Designer WordPress Theme versions = 1.3...

8.1CVSS5.8AI score0.00324EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 7:49 a.m.•8 views

WordPress Etchy theme <= 1.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Etchy versions = 1.0...

8.1CVSS5.8AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 7:48 a.m.•7 views

WordPress FindAll theme <= 1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme FindAll versions = 1.4...

8.1CVSS5.8AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 7:47 a.m.•6 views

WordPress Felizia theme <= 1.3.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Felizia versions = 1.3.4...

8.1CVSS5.8AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 7:47 a.m.•6 views

WordPress CasaMia | Property Rental Real Estate WordPress Theme theme <= 1.1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme CasaMia | Property Rental Real Estate WordPress Theme versions = 1.1.2...

8.1CVSS5.8AI score0.00512EPSS
Exploits1Affected Software1
Patchstack
Patchstack
•added 2026/03/04 7:34 a.m.•5 views

WordPress Au Pair Agency - Babysitting & Nanny Theme theme <= 1.2.2 - Deserialization of untrusted data vulnerability

WordPress Au Pair Agency - Babysitting & Nanny Theme theme = 1.2.2 - Deserialization of untrusted data vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Au Pair Agency - Babysitting & Nanny Theme versions = 1.2.2...

8.1CVSS5.8AI score0.00308EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 7:34 a.m.•3 views

WordPress AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme theme <= 1.2.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme versions = 1.2.5...

8.1CVSS5.8AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
•added 2026/03/04 7:21 a.m.•6 views

WordPress Amelia plugin <= 1.2.38 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Amelia versions = 1.2.38...

7.2CVSS5.8AI score0.00307EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46702