Lucene search
K
PatchstackRecent

46684 matches found

Patchstack
Patchstack
added 2026/02/27 7:51 a.m.7 views

WordPress Ozisti theme <= 1.1.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Ozisti versions = 1.1.10...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:51 a.m.6 views

WordPress RexCoin theme <= 1.2.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme RexCoin versions = 1.2.6...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:50 a.m.5 views

WordPress Marcell theme <= 1.2.14 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Marcell versions = 1.2.14...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:50 a.m.5 views

WordPress WealthCo theme <= 2.18 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme WealthCo versions = 2.18...

8.1CVSS5.9AI score0.00415EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:50 a.m.6 views

WordPress Artrium theme <= 1.0.14 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Artrium versions = 1.0.14...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:50 a.m.7 views

WordPress Save Life theme <= 1.2.13 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Save Life versions = 1.2.13...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:18 a.m.7 views

WordPress UberSlider Ultra plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin UberSlider Ultra versions = 2.3...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:17 a.m.5 views

WordPress UberSlider PerpetuumMobile plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin UberSlider PerpetuumMobile versions = 2.3...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:16 a.m.8 views

WordPress UberSlider MouseInteraction plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin UberSlider MouseInteraction versions = 2.3...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:15 a.m.7 views

WordPress UberSlider Classic plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin UberSlider Classic versions = 2.5...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:11 a.m.4 views

WordPress WP EasyCart plugin <= 5.8.13 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WP EasyCart versions = 5.8.13...

8.5CVSS5.9AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:9 a.m.6 views

WordPress User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin <= 4.2.8 - Authenticated (Author+) Arbitrary File Upload vulnerability

Authenticated Author+ Arbitrary File Upload vulnerability discovered by Williwollo CybrX in WordPress Plugin WP User Frontend versions = 4.2.8...

8.8CVSS5.3AI score0.00545EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:6 a.m.7 views

WordPress Fluent Forms Pro Add On Pack plugin <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification vulnerability

Missing Authorization to Unauthenticated Payment Status modification vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...

7.5CVSS5.3AI score0.00139EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:6 a.m.7 views

WordPress Listee plugin <= 1.1.6 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by シルAsuna in WordPress Theme Listee versions = 1.1.6...

9.8CVSS5.3AI score0.00574EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/27 6:43 a.m.7 views

WordPress PKT1 Centro de envios plugin <= 1.2.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PKT1 Centro de envios versions = 1.2.1...

6.1CVSS8.6AI score0.00348EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/27 1:8 a.m.6 views

WordPress Analytics Cat plugin <= 1.1.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Analytics Cat versions = 1.1.2...

6.1CVSS8.6AI score0.00285EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:56 p.m.9 views

WordPress MailArchiver plugin <= 4.5.0 - Authenticated (Admininistrator+) SQL Injection via 'logid' Parameter vulnerability

Authenticated Admininistrator+ SQL Injection via 'logid' Parameter vulnerability discovered by Ronnachai Chaipha rxnr - Reconix Co., Ltd. in WordPress Plugin MailArchiver versions = 4.5.0...

4.9CVSS5.8AI score0.00258EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:55 p.m.5 views

WordPress Japanized for WooCommerce plugin <= 2.8.4 - Missing Authorization to Unauthenticated Paidy Order Manipulation vulnerability

Missing Authorization to Unauthenticated Paidy Order Manipulation vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin Japanized For WooCommerce versions = 2.8.4...

5.3CVSS5.4AI score0.00407EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:54 p.m.9 views

WordPress Electric Enquiries plugin <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'button' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'button' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Electric Enquiries versions = 1.1...

6.4CVSS5.3AI score0.0024EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:47 p.m.4 views

WordPress WP Accessibility plugin <= 2.3.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via 'alt' Attribute vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via 'alt' Attribute vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Plugin WP Accessibility versions = 2.3.1...

6.4CVSS5.3AI score0.00205EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:43 p.m.7 views

WordPress Simple Download Monitor plugin <= 4.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Field vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Simple Download Monitor versions = 4.0.5...

6.4CVSS5.3AI score0.00197EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:33 p.m.4 views

WordPress Xpro Addons - 140+ Widgets for Elementor plugin <= 1.4.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Scroller Widget box link vulnerability

WordPress Xpro Addons - 140+ Widgets for Elementor plugin = 1.4.24 - Authenticated Contributor+ Stored Cross-Site Scripting via Image Scroller Widget box link vulnerability discovered by zer0gh0st in WordPress Plugin Xpro Elementor Addons versions = 1.4.24...

6.4CVSS5.4AI score0.00215EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:28 p.m.6 views

WordPress Automotive Car Dealership Business WordPress Theme plugin <= 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Call to Action Fields vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4...

6.4CVSS5.4AI score0.00269EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:21 p.m.6 views

WordPress WP Recipe Maker plugin <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter vulnerability

Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Plugin WP Recipe Maker versions = 10.3.2...

5.3CVSS5.4AI score0.00253EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/26 9:28 p.m.6 views

WordPress Post Timeline plugin <= 2.4.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Alexis Lafontaine in WordPress Plugin Post Timeline versions = 2.4.1...

5.3CVSS5.8AI score0.00199EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 5:27 p.m.5 views

WordPress GamiPress plugin <= 7.6.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by letchupkt in WordPress Plugin GamiPress versions = 7.6.6...

5.4CVSS5.8AI score0.00104EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 4:44 p.m.5 views

WordPress List category posts plugin <= 0.93.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin List category posts versions = 0.93.1...

5.9CVSS5.8AI score0.00172EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 1:6 p.m.9 views

WordPress LBG Zoominoutslider plugin <= 5.4.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LBG Zoominoutslider versions = 5.4.5...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 1:6 p.m.6 views

WordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin uListing versions = 2.2.0...

4.9CVSS5.9AI score0.00352EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 12:57 p.m.6 views

WordPress Site Suggest plugin <= 1.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Site Suggest versions = 1.3.9...

6.5CVSS5.9AI score0.00242EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 12:10 p.m.6 views

WordPress Good Energy theme <= 1.7.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Good Energy versions = 1.7.7...

9.8CVSS6AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:51 a.m.8 views

WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LambertGroup - AllInOne - Banner with Thumbnails versions = 3.8...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:50 a.m.7 views

WordPress LambertGroup - AllInOne - Content Slider plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress LambertGroup - AllInOne - Content Slider plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LambertGroup - AllInOne - Content Slider versions = 3.8...

7.1CVSS5.9AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:50 a.m.5 views

WordPress LambertGroup - AllInOne - Banner with Playlist plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress LambertGroup - AllInOne - Banner with Playlist plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LambertGroup - AllInOne - Banner with Playlist versions = 3.8...

7.1CVSS5.9AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:48 a.m.8 views

WordPress AllInOne - Banner Rotator plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress AllInOne - Banner Rotator plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin AllInOne - Banner Rotator versions = 3.8...

7.1CVSS5.9AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 11:47 a.m.5 views

WordPress Ultimate Learning Pro plugin <= 3.9.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin Ultimate Learning Pro versions = 3.9.1...

7.1CVSS5.9AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:54 a.m.6 views

WordPress WooCommerce License Manager plugin <= 7.0.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Bonds in WordPress Plugin WooCommerce License Manager versions = 7.0.6...

9.1CVSS5.9AI score0.00278EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:52 a.m.9 views

WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - SQL Injection vulnerability

WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin = 1.25 - SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Attractive Donations System - Easy Stripe & Paypal donations versions = 1.25...

9.3CVSS6AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:40 a.m.6 views

WordPress ListingPro plugin <= 2.9.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin ListingPro versions = 2.9.8...

7.1CVSS5.9AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:39 a.m.7 views

WordPress RH Frontend Publishing Pro plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin RH Frontend Publishing Pro versions = 4.3.2...

7.1CVSS5.9AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:37 a.m.10 views

WordPress Lawyer Directory plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Lawyer Directory versions = 1.3.2...

7.1CVSS5.9AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:36 a.m.5 views

WordPress Muzicon theme <= 1.9.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Muzicon versions = 1.9.0...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:36 a.m.5 views

WordPress smart SEO theme <= 2.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme smart SEO versions = 2.9...

8.1CVSS5.9AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:36 a.m.5 views

WordPress Welldone theme <= 2.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Welldone versions = 2.4...

8.1CVSS5.9AI score0.00337EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:36 a.m.8 views

WordPress Nirvana theme <= 2.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nirvana versions = 2.6...

8.1CVSS5.8AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:36 a.m.7 views

WordPress Nirvana theme <= 2.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nirvana versions = 2.6...

8.1CVSS5.9AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:35 a.m.4 views

WordPress Dr.Patterson theme <= 1.3.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dr.Patterson versions = 1.3.2...

8.1CVSS5.9AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:34 a.m.5 views

WordPress Anderson theme <= 1.4.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Anderson versions = 1.4.2...

8.1CVSS5.9AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:34 a.m.5 views

WordPress Veil theme <= 1.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Veil versions = 1.9...

8.1CVSS5.9AI score0.00337EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/26 10:34 a.m.5 views

WordPress Notarius theme <= 1.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Notarius versions = 1.9...

8.1CVSS5.9AI score0.00327EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46684