Lucene search
K
PatchstackRecent

46684 matches found

Patchstack
Patchstack
added 2026/02/17 8:12 a.m.5 views

WordPress Netmix theme <= 1.0.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Netmix versions = 1.0.10...

8.1CVSS5.5AI score0.0045EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:12 a.m.4 views

WordPress Blabber theme <= 1.7.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Blabber versions = 1.7.0...

8.1CVSS5.5AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:12 a.m.5 views

WordPress Saveo theme <= 1.1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Saveo versions = 1.1.2...

8.1CVSS5.5AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:11 a.m.4 views

WordPress Parkivia theme <= 1.1.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Parkivia versions = 1.1.9...

8.1CVSS5.5AI score0.00417EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:11 a.m.4 views

WordPress Impacto Patronus theme <= 1.2.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Impacto Patronus versions = 1.2.3...

8.1CVSS5.5AI score0.00466EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:11 a.m.5 views

WordPress Zio Alberto theme <= 1.2.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Zio Alberto versions = 1.2.2...

8.1CVSS5.5AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:11 a.m.3 views

WordPress Fooddy theme <= 1.3.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Fooddy versions = 1.3.10...

8.1CVSS5.5AI score0.00426EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:10 a.m.5 views

WordPress Isida theme <= 1.4.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Isida versions = 1.4.2...

8.1CVSS5.5AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:10 a.m.7 views

WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gustavo versions = 1.2.2...

8.1CVSS5.5AI score0.00426EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:10 a.m.4 views

WordPress Marveland theme <= 1.3.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Marveland versions = 1.3.0...

8.1CVSS5.5AI score0.00412EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:10 a.m.8 views

WordPress Ironfit theme <= 1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Ironfit versions = 1.5...

8.1CVSS5.5AI score0.00512EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:9 a.m.8 views

WordPress Redy theme <= 1.0.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Redy versions = 1.0.2...

8.1CVSS5.5AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:9 a.m.7 views

WordPress Coworking theme <= 1.6.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Coworking versions = 1.6.1...

8.1CVSS5.5AI score0.00561EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:9 a.m.5 views

WordPress Jude theme <= 1.3.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Jude versions = 1.3.0...

8.1CVSS5.5AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:9 a.m.5 views

WordPress Soleng theme <= 1.0.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Soleng versions = 1.0.5...

9.8CVSS5.5AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:8 a.m.4 views

WordPress SevenTrees theme <=1.0.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme SevenTrees versions =1.0.2...

8.1CVSS5.5AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:8 a.m.7 views

WordPress Rhodos theme <= 1.3.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Rhodos versions = 1.3.3...

8.1CVSS5.5AI score0.00512EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:8 a.m.6 views

WordPress Photolia theme <= 1.0.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Photolia versions = 1.0.3...

8.1CVSS5.5AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:4 a.m.6 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'create_mollie_account' vulnerability

Missing Authorization in 'createmollieaccount' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

8.1CVSS5.4AI score0.00354EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 8:3 a.m.7 views

WordPress MP-Ukagaka plugin <= 1.5.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin MP-Ukagaka versions = 1.5.2...

6.1CVSS5.4AI score0.00264EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:56 a.m.7 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'create_mollie_profile' vulnerability

Missing Authorization in 'createmollieprofile' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

7.1CVSS5.4AI score0.00327EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:55 a.m.6 views

WordPress Super Page Cache plugin <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability

Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability discovered by shark3y in WordPress Plugin Super Page Cache for Cloudflare versions = 5.2.2...

7.2CVSS5.4AI score0.0019EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:40 a.m.5 views

WordPress Geo Widet plugin <= 1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Geo Widget versions = 1.0...

6.1CVSS5.4AI score0.00221EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:36 a.m.7 views

WordPress Address Bar Ads plugin <= 1.0.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Address Bar Ads versions = 1.0.0...

6.1CVSS5.4AI score0.00266EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:35 a.m.7 views

WordPress StyleBidet plugin <= 1.0.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin StyleBidet versions = 1.0.0...

6.1CVSS5.4AI score0.00221EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:31 a.m.6 views

WordPress WP Maps plugin <= 4.8.6 - Authenticated (Subscriber+) Limited Local File Inclusion vulnerability

Authenticated Subscriber+ Limited Local File Inclusion vulnerability discovered by mikemyers in WordPress Plugin WP Maps versions = 4.8.6...

8.8CVSS5.4AI score0.00723EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:30 a.m.5 views

WordPress Super Simple Contact Form plugin <= 1.6.2 - Reflected Cross-Site Scripting via 'sscf_name' Parameter vulnerability

Reflected Cross-Site Scripting via 'sscfname' Parameter vulnerability discovered by 0x34rth in WordPress Plugin Super Simple Contact Form versions = 1.6.2...

7.2CVSS5.4AI score0.00339EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:19 a.m.6 views

WordPress Zarinpal Gateway for WooCommerce plugin <= 5.0.16 - Improper Access Control to Payment Status Update vulnerability

Improper Access Control to Payment Status Update vulnerability discovered by shark3y in WordPress Plugin Zarinpal Gateway versions = 5.0.16...

7.7CVSS5.5AI score0.00296EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 7:16 a.m.7 views

WordPress WowRevenue plugin <= 2.1.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin WowRevenue versions = 2.1.3...

8.8CVSS5.5AI score0.00377EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 6:37 a.m.10 views

WordPress Build App Online plugin <= 1.0.22 - Account Takeover via Weak Password Reset Mechanism vulnerability

Account Takeover via Weak Password Reset Mechanism vulnerability discovered by Ram - Wordfence in WordPress Plugin Build App Online versions = 1.0.22...

9.8CVSS5.5AI score0.00621EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/17 6:34 a.m.7 views

WordPress A-Mart theme <= 1.0.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme A-Mart versions = 1.0.2...

8.1CVSS5.5AI score0.00512EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/17 6:5 a.m.5 views

WordPress WP Compress plugin <= 6.60.28 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WP Compress versions = 6.60.28...

5.3CVSS5.4AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/16 10:54 p.m.7 views

WordPress EventPrime plugin <= 4.2.8.4 - Missing Authorization to Unauthenticated Image Upload via 'ep_upload_file_media' AJAX Endpoint vulnerability

Missing Authorization to Unauthenticated Image Upload via 'epuploadfilemedia' AJAX Endpoint vulnerability discovered by Tharadol Suksamran d3kc4rt1 in WordPress Plugin EventPrime versions = 4.2.8.4...

5.3CVSS5.5AI score0.00379EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 10:34 p.m.9 views

WordPress Forminator Forms - Contact Form, Payment Form & Custom Form Builder plugin <= 1.50.2 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

WordPress Forminator Forms - Contact Form, Payment Form & Custom Form Builder plugin = 1.50.2 - Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Tiến Dũng Nguyễn in WordPress Plugin Forminator versions = 1.50.2...

4.4CVSS5.5AI score0.00154EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 10:16 p.m.7 views

WordPress RegistrationMagic plugin < 6.0.7.2 - Subscriber+ Form Creation vulnerability

Subscriber+ Form Creation vulnerability discovered by bRpsd in WordPress Plugin RegistrationMagic versions 6.0.7.2...

4.3CVSS5.5AI score0.00209EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 10:8 p.m.7 views

WordPress WP-Members Membership Plugin plugin <= 3.4.8 - Missing Authorization to Sensitive Information Exposure vulnerability

Missing Authorization to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin WP-Members versions = 3.4.8...

6.5CVSS5.5AI score0.0044EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 7:2 p.m.8 views

WordPress Easy Social Feed plugin <= 6.5.2 - Missing Authorization to Settings Modification vulnerability

Missing Authorization to Settings Modification vulnerability discovered by Lucio Sá in WordPress Plugin Easy Social Feed versions = 6.5.2...

4.3CVSS5.5AI score0.00323EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 7:0 p.m.6 views

WordPress Backup Migration plugin <= 1.3.9 - Authenticated (Admin+) OS Command Injection via url vulnerability

Authenticated Admin+ OS Command Injection via url vulnerability discovered by Françoa Taffarel in WordPress Plugin Backup Migration versions = 1.3.9...

7.2CVSS5.5AI score0.45898EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 6:58 p.m.5 views

WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery vulnerability

Authenticated Author+ Server-Side Request Forgery vulnerability discovered by Nex Team in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.1.7...

6.4CVSS5.5AI score0.0026EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 6:43 p.m.9 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'pt_cancel_subscription' vulnerability

Missing Authorization in 'ptcancelsubscription' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

5.4CVSS5.5AI score0.00304EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 6:42 p.m.8 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'update_profile_preference' vulnerability

Missing Authorization in 'updateprofilepreference' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

5.4CVSS5.5AI score0.00272EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 6:41 p.m.6 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'paytium_sw_save_api_keys' vulnerability

Missing Authorization in 'paytiumswsaveapikeys' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

5.4CVSS5.5AI score0.00275EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 6:40 p.m.8 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'check_for_verified_profiles' vulnerability

Missing Authorization in 'checkforverifiedprofiles' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

4.3CVSS5.5AI score0.00242EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 6:39 p.m.6 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'paytium_notice_dismiss' vulnerability

Missing Authorization in 'paytiumnoticedismiss' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

4.3CVSS5.5AI score0.00272EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 6:38 p.m.5 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'check_mollie_account_details' vulnerability

Missing Authorization in 'checkmollieaccountdetails' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

4.3CVSS5.5AI score0.00242EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/16 3:46 p.m.7 views

WordPress Calculated Fields Form plugin <= 5.4.4.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by w41bu1 in WordPress Plugin Calculated Fields Form versions = 5.4.4.1...

6.5CVSS5.4AI score0.00248EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/16 1:48 p.m.8 views

WordPress CitiLights theme < 3.7.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme CitiLights versions 3.7.2...

5.3CVSS5.4AI score0.00272EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/16 12:38 p.m.7 views

WordPress Ippsum theme <= 1.2.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds in WordPress Theme Ippsum versions = 1.2.0...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/16 11:57 a.m.6 views

WordPress Link Whisper Free plugin <= 0.9.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin Link Whisper Free versions = 0.9.1...

7.1CVSS5.2AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/16 11:54 a.m.10 views

WordPress personal-authors-category plugin <= 0.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin personal-authors-category versions = 0.3...

6.1CVSS5.5AI score0.00204EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46684