Lucene search
K
PatchstackRecent

46684 matches found

Patchstack
Patchstack
added 2026/02/24 11:51 a.m.7 views

WordPress The Plus Addons for Elementor - Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin <= 6.4.7 - Unauthenticated Email Relay vulnerability

WordPress The Plus Addons for Elementor - Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin = 6.4.7 - Unauthenticated Email Relay vulnerability discovered by jtwings - Puramu in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 6.4.7...

5.3CVSS5.3AI score0.00148EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/24 11:49 a.m.7 views

WordPress Conditional CAPTCHA plugin <= 4.0.0 - Open Redirect vulnerability

Open Redirect vulnerability discovered by Bob Matyas in WordPress Plugin Conditional CAPTCHA versions = 4.0.0...

4.3CVSS5.3AI score0.00156EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/24 11:15 a.m.8 views

WordPress Musico theme <= 3.2.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Musico versions = 3.2.4...

7.1CVSS5.2AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 11:9 a.m.8 views

WordPress Celeste theme <= 1.3.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Celeste versions = 1.3.6...

8.1CVSS5.5AI score0.00308EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 11:7 a.m.7 views

WordPress Chaty plugin <= 3.5.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Chaty versions = 3.5.1...

7.5CVSS5.3AI score0.00303EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 11:7 a.m.8 views

WordPress Tablesome plugin <= 1.2.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Tablesome versions = 1.2.3...

8.5CVSS5.8AI score0.0026EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 11:1 a.m.7 views

WordPress WooCommerce Order Details plugin <= 3.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WooCommerce Order Details versions = 3.1...

7.5CVSS5.3AI score0.00287EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 10:34 a.m.8 views

WordPress Gecko theme <= 1.9.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Gecko versions = 1.9.8...

7.1CVSS5.2AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 10:30 a.m.8 views

WordPress Claue - Clean, Minimal Elementor WooCommerce Theme theme <= 2.2.7 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress Claue - Clean, Minimal Elementor WooCommerce Theme theme = 2.2.7 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Claue - Clean, Minimal Elementor WooCommerce Theme versions = 2.2.7...

7.1CVSS5.2AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 10:29 a.m.8 views

WordPress NextScripts plugin <= 4.4.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin NextScripts versions = 4.4.7...

8.8CVSS6AI score0.00355EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 7:19 a.m.9 views

WordPress Ebook Store plugin <= 5.8001 - Reflected Cross-Site Scripting via 'step' vulnerability

Reflected Cross-Site Scripting via 'step' vulnerability discovered by nvthien in WordPress Plugin Ebook Store versions = 5.8001...

6.1CVSS8.6AI score0.00431EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/24 6:33 a.m.8 views

WordPress WP Ad Guru plugin <= 2.5.4 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin WP Ad Guru versions = 2.5.4...

6.1CVSS8.6AI score0.00285EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/24 6:27 a.m.6 views

WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Aora versions = 1.3.15...

8.1CVSS5.3AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 6:25 a.m.7 views

WordPress Metro theme <= 2.13 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Metro versions = 2.13...

7.1CVSS5.2AI score0.00191EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 6:24 a.m.6 views

WordPress Metro theme <= 2.13 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Metro versions = 2.13...

8.1CVSS5.3AI score0.00512EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/24 6:24 a.m.11 views

WordPress W3 Total Cache plugin <= 2.9.1 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by CODE WHITE GmbH in WordPress Plugin W3 Total Cache versions = 2.9.1...

9CVSS5.5AI score0.00304EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2026/02/24 6:15 a.m.5 views

WordPress DesignThemes Portfolio plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin DesignThemes Portfolio versions = 1.3...

7.1CVSS5.3AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 12:54 p.m.7 views

WordPress DesignThemes Directory Addon plugin <= 1.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin DesignThemes Directory Addon versions = 1.8...

7.5CVSS5.3AI score0.00246EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 12:53 p.m.5 views

WordPress DesignThemes Booking Manager plugin <= 2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin DesignThemes Booking Manager versions = 2.0...

7.5CVSS5.3AI score0.0038EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 12:53 p.m.6 views

WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.1 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WeDesignTech Ultimate Booking Addon versions = 1.0.1...

9.8CVSS5.3AI score0.00416EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 12:52 p.m.5 views

WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.1 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WeDesignTech Ultimate Booking Addon versions = 1.0.1...

8.8CVSS5.3AI score0.00473EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 11:22 a.m.5 views

WordPress Classified Listing plugin <= 5.3.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Classified Listing versions = 5.3.4...

6.5CVSS5.3AI score0.00355EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:58 a.m.5 views

WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Directory Pro versions = 2.5.6...

7.3CVSS5.3AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:56 a.m.5 views

WordPress Really Simple Security Pro plugin <= 9.5.4.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by dcodx in WordPress Plugin Really Simple Security Pro versions = 9.5.4.0...

5.4AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:54 a.m.8 views

WordPress My Tickets plugin <= 2.1.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin My Tickets versions = 2.1.0...

7.5CVSS5.3AI score0.00384EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:52 a.m.7 views

WordPress Profile Builder Pro plugin <= 3.13.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Profile Builder Pro versions = 3.13.9...

5.8AI score0.00378EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:52 a.m.6 views

WordPress SiteGuard WP Plugin plugin <= 1.7.9 - Captcha Bypass vulnerability

Captcha Bypass vulnerability discovered by Ahmad in WordPress Plugin SiteGuard WP Plugin versions = 1.7.9...

5.3CVSS5.3AI score0.00187EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:51 a.m.6 views

WordPress Eagle Booking plugin <= 1.3.4.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds in WordPress Plugin Eagle Booking versions = 1.3.4.3...

8.5CVSS5.8AI score0.0026EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:22 a.m.11 views

WordPress Sweet Date theme < 4.0.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Sweet Date versions 4.0.1...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:20 a.m.7 views

WordPress Tennis Club theme <= 1.2.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Tennis Club versions = 1.2.3...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:20 a.m.8 views

WordPress Kingler theme <= 1.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kingler versions = 1.7...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:20 a.m.6 views

WordPress Dentario theme <= 1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dentario versions = 1.5...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:18 a.m.6 views

WordPress Simple Membership plugin <= 4.7.0 - Unauthenticated Improper Handling of Missing Values vulnerability

Unauthenticated Improper Handling of Missing Values vulnerability discovered by 0N0ise - cert.pl in WordPress Plugin Simple Membership versions = 4.7.0...

6.5CVSS5.4AI score0.00227EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/23 10:17 a.m.4 views

WordPress WP Customer Reviews plugin <= 3.7.5 - Reflected Cross-Site Scripting via 'wpcr3_fname' Parameter vulnerability

Reflected Cross-Site Scripting via 'wpcr3fname' Parameter vulnerability discovered by WordFence in WordPress Plugin WP Customer Reviews versions = 3.7.5...

7.2CVSS5.3AI score0.00255EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/23 8:10 a.m.10 views

WordPress Shield Security plugin <= 21.0.8 - Unauthenticated Reflected Cross-Site Scripting via 'message' Parameter vulnerability

Unauthenticated Reflected Cross-Site Scripting via 'message' Parameter vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Shield Security versions = 21.0.8...

6.1CVSS5.3AI score0.00266EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/23 7:43 a.m.9 views

WordPress xmlrpc attacks blocker plugin <= 1.0 - Unauthenticated Stored Cross-Site Scripting via 'X-Forwarded-For' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'X-Forwarded-For' vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin xmlrpc attacks blocker versions = 1.0...

6.1CVSS5.3AI score0.00265EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/23 6:54 a.m.7 views

WordPress iXML - Google XML sitemap generator plugin <= 0.6 - Reflected Cross-Site Scripting via 'iXML_email' Parameter vulnerability

WordPress iXML - Google XML sitemap generator plugin = 0.6 - Reflected Cross-Site Scripting via 'iXMLemail' Parameter vulnerability discovered by johska in WordPress Plugin iXML versions = 0.6...

6.1CVSS5.3AI score0.00255EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/23 6:48 a.m.7 views

WordPress Easy Author Image plugin <= 1.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Picture URL vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via Profile Picture URL vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Easy Author Image versions = 1.7...

6.4CVSS5.3AI score0.00152EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/20 4:44 p.m.5 views

WordPress Wholesale Suite plugin <= 2.2.6 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Teemu Saarentaus in WordPress Plugin Wholesale Suite versions = 2.2.6...

7.1CVSS5.3AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/20 4:44 p.m.6 views

WordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Teemu Saarentaus in WordPress Plugin Woocommerce Wholesale Lead Capture versions = 2.0.3.1...

5.3AI score0.0054EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2026/02/20 4:43 p.m.13 views

WordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Teemu Saarentaus in WordPress Plugin Woocommerce Wholesale Lead Capture versions = 2.0.3.1...

5.4AI score0.0047EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2026/02/20 2:36 p.m.6 views

WordPress EventPrime plugin <= 4.2.8.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin EventPrime versions = 4.2.8.3...

5.3CVSS5.4AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/20 10:15 a.m.10 views

WordPress Smartsupp - live chat, AI shopping assistant and chatbots plugin <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

WordPress Smartsupp - live chat, AI shopping assistant and chatbots plugin = 3.9.1 - Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Smartsupp – live chat, chatbots, AI and lead generation versions = 3.9.1...

6.4CVSS5.5AI score0.00266EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/20 10:11 a.m.6 views

WordPress Checkout Field Manager (Checkout Manager) for WooCommerce plugin <= 7.8.1 - Unauthenticated Limited File Upload vulnerability

Unauthenticated Limited File Upload vulnerability discovered by Jamiryoo in WordPress Plugin WooCommerce Checkout Manager versions = 7.8.1...

5.3CVSS5.5AI score0.00328EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/20 8:15 a.m.8 views

WordPress Aruba HiSpeed Cache plugin <= 3.0.2 - Missing Authorization to Unauthenticated Plugin's Settings Modification vulnerability

Missing Authorization to Unauthenticated Plugin's Settings Modification vulnerability discovered by mikemyers in WordPress Plugin Aruba HiSpeed Cache versions = 3.0.2...

6.5CVSS5.5AI score0.00277EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/20 8:12 a.m.7 views

WordPress Ads Pro plugin <= 5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Ads Pro versions = 5.0...

5.4CVSS5.4AI score0.00209EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/20 8:4 a.m.8 views

WordPress Aruba HiSpeed Cache plugin <= 3.0.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by mikemyers in WordPress Plugin Aruba HiSpeed Cache versions = 3.0.2...

6.1CVSS5.5AI score0.00283EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/20 8:3 a.m.11 views

WordPress Ultimate Member plugin <= 2.11.1 - Reflected Cross-Site Scripting via Filter Parameters vulnerability

Reflected Cross-Site Scripting via Filter Parameters vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Ultimate Member versions = 2.11.1...

6.1CVSS5.5AI score0.00211EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/02/20 7:51 a.m.4 views

WordPress Image Optimizer by Elementor plugin <= 1.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Image Optimizer by Elementor versions = 1.7.1...

4.3CVSS5.4AI score0.00315EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/20 7:32 a.m.13 views

WordPress wpForo Forum plugin <= 2.4.14 - Unauthenticated Time-Based SQL Injection vulnerability

Unauthenticated Time-Based SQL Injection vulnerability discovered by Youssef Elouaer in WordPress Plugin wpForo Forum versions = 2.4.14...

7.5CVSS5.9AI score0.01727EPSS
Exploits1References1Affected Software1
Total number of security vulnerabilities46684