Lucene search
K
PatchstackRecent

46629 matches found

Patchstack
Patchstack
added 2026/02/03 10:9 a.m.6 views

WordPress Reflector plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Reflector versions = 1.2.2...

7.1CVSS5.3AI score0.00151EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/03 10:8 a.m.5 views

WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.8.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Print Invoice & Delivery Notes for WooCommerce versions = 5.8.0...

5.3AI score0.00199EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/03 10:1 a.m.6 views

WordPress Subscribe2 plugin <= 10.44 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by chokri hammedi in WordPress Plugin Subscribe2 versions = 10.44...

6.5CVSS5.3AI score0.0017EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:57 a.m.6 views

WordPress Grand Conference theme <= 5.3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Grand Conference versions = 5.3.4...

7.1CVSS5.3AI score0.00151EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:55 a.m.6 views

WordPress WP Job Portal plugin <= 2.4.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin WP Job Portal versions = 2.4.4...

7.5CVSS5.3AI score0.00248EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:50 a.m.8 views

WordPress WP Job Portal plugin <= 2.2.1 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.1...

7.5CVSS5.7AI score0.005EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:40 a.m.10 views

WordPress Frontend Admin by DynamiApps plugin <= 3.24.5 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Max Boll b0lli - Max Boll - IT Security in WordPress Plugin Frontend Admin by DynamiApps versions = 3.24.5...

8.1CVSS5.3AI score0.00529EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:27 a.m.7 views

WordPress Kudos Donations plugin <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg' vulnerability

Reflected Cross-Site Scripting via 'addqueryarg' vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Kudos Donations versions = 3.2.9...

6.1CVSS5.3AI score0.0034EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:25 a.m.5 views

WordPress Frontend Admin by DynamiApps plugin <= 3.24.5 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Max Boll b0lli - Max Boll - IT Security in WordPress Plugin Frontend Admin by DynamiApps versions = 3.24.5...

7.2CVSS5.3AI score0.00345EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:21 a.m.7 views

WordPress Contact Form by BestWebSoft plugin <= 4.2.8 - Reflected Cross-Site Scripting via cntctfrm_contact_subject vulnerability

Reflected Cross-Site Scripting via cntctfrmcontactsubject vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Contact Form by BestWebSoft versions = 4.2.8...

6.1CVSS5.3AI score0.00495EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:21 a.m.7 views

WordPress Brizy plugin <= 2.4.43 - Authenticated(Contributor+) Stored Cross-Site Scripting via Form Functionality vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Form Functionality vulnerability discovered by RandomRoot in WordPress Plugin Brizy versions = 2.4.43...

6.4CVSS5.3AI score0.00254EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:20 a.m.8 views

WordPress WP Job Portal plugin <= 2.2.2 - Authenticated (Admin+) SQL Injection vulnerability

Authenticated Admin+ SQL Injection vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.2...

4.9CVSS5.7AI score0.00451EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:19 a.m.6 views

WordPress WP Job Portal plugin <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume Download vulnerability

Missing Authorization to Unauthenticated Arbitrary Resume Download vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.2...

5.3CVSS5.4AI score0.0045EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:19 a.m.9 views

WordPress WP Job Portal plugin <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate() vulnerability

Authenticated Admin+ SQL Injection via wpjobportaldeactivate vulnerability discovered by WordFence in WordPress Plugin WP Job Portal versions = 2.2.2...

4.9CVSS5.7AI score0.00451EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:18 a.m.7 views

WordPress WP Job Portal plugin <= 2.2.2 - Authenticated (Admin+) SQL Injection via getFieldsForVisibleCombobox() vulnerability

Authenticated Admin+ SQL Injection via getFieldsForVisibleCombobox vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.2...

4.9CVSS5.7AI score0.00451EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:18 a.m.6 views

WordPress WP Job Portal plugin <= 2.2.2 - Missing Authorization to Limited Privilege Escalation vulnerability

Missing Authorization to Limited Privilege Escalation vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.2...

9.8CVSS5.4AI score0.0045EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:16 a.m.5 views

WordPress All-in-One Video Gallery plugin <= 4.5.7 - Authenticated (Author+) Arbitrary File Upload via VTT Upload Bypass vulnerability

Authenticated Author+ Arbitrary File Upload via VTT Upload Bypass vulnerability discovered by mikemyers in WordPress Plugin All-in-One Video Gallery versions = 4.5.7...

8.8CVSS5.3AI score0.00598EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:15 a.m.4 views

WordPress Eveeno plugin <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Eveeno versions = 1.7...

6.4CVSS5.3AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:15 a.m.4 views

WordPress ONLYOFFICE DocSpace plugin <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin ONLYOFFICE DocSpace versions = 2.1.1...

6.4CVSS5.3AI score0.00299EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:15 a.m.5 views

WordPress IMS Countdown plugin <= 1.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin IMS Countdown versions = 1.3.5...

6.4CVSS5.3AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:14 a.m.4 views

WordPress Bukza plugin <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Bukza versions = 2.0.0...

6.4CVSS5.3AI score0.0027EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:14 a.m.5 views

WordPress WP GeoNames plugin <= 1.9.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin WP GeoNames versions = 1.9.0.1...

6.4CVSS5.3AI score0.00282EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:12 a.m.4 views

WordPress Plezi plugin <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Plezi versions = 1.0.6...

6.4CVSS5.3AI score0.0036EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:11 a.m.8 views

WordPress GS Filterable Portfolio plugin <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Filterable Portfolio versions = 1.6.3...

6.4CVSS5.3AI score0.00345EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:11 a.m.7 views

WordPress GS Books Showcase plugin <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Books Showcase versions = 1.3.1...

6.4CVSS5.3AI score0.00345EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:10 a.m.4 views

WordPress Smart Agenda plugin <= 4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Smart Agenda versions = 4.6...

6.4CVSS5.3AI score0.00282EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:10 a.m.8 views

WordPress WP Mailster plugin <= 1.8.17.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Mailster versions = 1.8.17.0...

6.4CVSS5.3AI score0.00288EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:10 a.m.9 views

WordPress Integrate Firebase plugin <= 0.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by theviper17y in WordPress Plugin Integrate Firebase versions = 0.9.3...

6.4CVSS5.3AI score0.00282EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:1 a.m.6 views

WordPress WPB Show Core plugin < 2.7 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin WPB Show Core versions 2.7...

4.8CVSS5.3AI score0.00458EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 8:14 a.m.7 views

WordPress Salon booking system plugin < 9.6.3 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by cyc707 in WordPress Plugin Salon booking system versions 9.6.3...

4.7CVSS5.3AI score0.00464EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 8:4 a.m.8 views

WordPress Arena.IM - Live Blogging for real-time events plugin <= 0.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Arena.IM - Live Blogging for real-time events plugin = 0.3.0 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Arena.IM – Live Blogging for real-time events versions = 0.3.0...

6.4CVSS5.3AI score0.00245EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 8:0 a.m.6 views

WordPress Password for WP plugin <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Password for WP versions = 1.5...

6.1CVSS5.4AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:59 a.m.8 views

WordPress Catch Popup plugin <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Catch Popup versions = 1.4.4...

6.4CVSS5.3AI score0.00431EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:55 a.m.8 views

WordPress WordPress Pinterest Plugin - Make a Popup, User Profile, Masonry and Gallery Layout plugin <= 1.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress WordPress Pinterest Plugin - Make a Popup, User Profile, Masonry and Gallery Layout plugin = 1.8.8 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Pins for Pinterest versions = 1.8.8...

6.4CVSS5.3AI score0.00283EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:46 a.m.5 views

WordPress Brizy - Page Builder plugin <= 2.4.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes vulnerability

WordPress Brizy - Page Builder plugin = 2.4.43 - Authenticated Contributor+ Stored Cross-Site Scripting via Custom Attributes vulnerability discovered by wesley wcraft in WordPress Plugin Brizy versions = 2.4.43...

6.4CVSS5.3AI score0.00254EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:42 a.m.5 views

WordPress Contact Form 7 Connector plugin < 1.2.3 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Contact Form 7 Connector versions 1.2.3...

6.1CVSS5.3AI score0.00458EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:28 a.m.6 views

WordPress WP Courses LMS plugin <= 3.2.21 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary User Meta Update vulnerability discovered by Thanh Nam Tran in WordPress Plugin WP Courses LMS versions = 3.2.21...

7.5CVSS5.4AI score0.00732EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:26 a.m.5 views

WordPress IdeaPush plugin <= 8.71 - Missing Authorization to Board Term Deletion vulnerability

Missing Authorization to Board Term Deletion vulnerability discovered by Lucio Sá in WordPress Plugin IdeaPush versions = 8.71...

4.3CVSS5.4AI score0.00334EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:25 a.m.6 views

WordPress Store Locator plugin <= 3.98.9 - Unauthenticated Local File Inclusion vulnerability

Unauthenticated Local File Inclusion vulnerability discovered by Jay Nguyen in WordPress Plugin Store Locator versions 3.98.9...

9.8CVSS5.3AI score0.00901EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:25 a.m.4 views

WordPress Koalendar plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via height Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via height Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Koalendar versions = 1.0.2...

6.4CVSS5.3AI score0.00359EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:24 a.m.5 views

WordPress Tabs Maker plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Pham Van Tam - The Vietnamese Security Network - VSEC in WordPress Plugin Tabs Maker versions = 1.0...

6.4CVSS5.3AI score0.00281EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:24 a.m.5 views

WordPress Social Media Shortcodes plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Social Media Shortcodes versions = 1.3.0...

6.4CVSS5.3AI score0.00345EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 7:24 a.m.7 views

WordPress Add infos to the events calendar plugin <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Add infos to the events calendar versions = 1.4.1...

6.4CVSS5.4AI score0.00345EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 6:54 a.m.5 views

WordPress Integrate Google Drive plugin <= 1.3.8 - Missing Authorization to Unauthenticated Settings Modification and Export vulnerability

Missing Authorization to Unauthenticated Settings Modification and Export vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Integrate Google Drive versions = 1.3.8...

10CVSS5.4AI score0.0074EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 6:52 a.m.3 views

WordPress My IDX Home Search plugin <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin My IDX Home Search versions = 2.1.1...

6.4CVSS5.3AI score0.00338EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 6:52 a.m.6 views

WordPress FAQ And Answers - Create Frequently Asked Questions Area on WP Sites plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress FAQ And Answers - Create Frequently Asked Questions Area on WP Sites plugin = 1.1.0 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin FAQ And Answers – Create Frequently Asked Questions Area on WP Sites versions = 1....

6.4CVSS5.3AI score0.00282EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 6:50 a.m.5 views

WordPress PowerBI Embed Reports plugin <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin PowerBI Embed Reports versions = 1.1.7...

6.4CVSS5.3AI score0.00467EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 6:48 a.m.7 views

WordPress Classic Addons - WPBakery Page Builder plugin <= 3.0 - Authenticated (Contributor+) Limited Local PHP File Inclusion vulnerability

WordPress Classic Addons - WPBakery Page Builder plugin = 3.0 - Authenticated Contributor+ Limited Local PHP File Inclusion vulnerability discovered by Nishiv - Developer in WordPress Plugin Classic Addons – WPBakery Page Builder versions = 3.0...

7.5CVSS5.4AI score0.00873EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 6:45 a.m.6 views

WordPress Message Filter for Contact Form 7 plugin <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) New Filter Creation vulnerability

Missing Authorization to Authenticated Subscriber+ New Filter Creation vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Message Filter for Contact Form 7 versions = 1.6.3...

4.3CVSS5.4AI score0.00327EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 6:45 a.m.5 views

WordPress Snippet Shortcodes plugin <= 4.1.6 - Authenticated (Subscriber+) Shortcode Deletion vulnerability

Authenticated Subscriber+ Shortcode Deletion vulnerability discovered by theviper17y in WordPress Plugin Snippet Shortcodes versions = 4.1.6...

4.3CVSS5.3AI score0.00367EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46629