Lucene search
K
PatchstackRecent

46624 matches found

Patchstack
Patchstack
added 2026/02/02 7:55 p.m.6 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Messenger Chat Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Messenger Chat Widget vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS7.1AI score0.00413EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:55 p.m.10 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multi Scroll Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multi Scroll Widget vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS7.1AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:53 p.m.7 views

WordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ThirstyAffiliates versions = 3.11.9...

5.4CVSS5.3AI score0.00095EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:47 p.m.5 views

WordPress FooGallery plugin <= 2.4.14 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Robert Kruczek ProXy - Safety-Online.pl in WordPress Plugin FooGallery versions = 2.4.14...

6.4CVSS8.3AI score0.00607EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:47 p.m.6 views

WordPress HT Mega - Absolute Addons For Elementor plugin <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lightbox Widget vulnerability

WordPress HT Mega - Absolute Addons For Elementor plugin = 2.4.6 - Authenticated Contributor+ Stored Cross-Site Scripting via Lightbox Widget vulnerability discovered by wesley wcraft in WordPress Plugin HT Mega versions = 2.4.6...

6.4CVSS5.2AI score0.0032EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:42 p.m.5 views

WordPress Elementor Addon Elements plugin <= 1.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.13.2...

5.4CVSS8.3AI score0.00516EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:41 p.m.7 views

WordPress Elementor Addon Elements plugin <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Twitter Widget vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.13.3...

5.4CVSS5.2AI score0.00322EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:40 p.m.6 views

WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin WPBITS Addons For Elementor Page Builder versions = 1.4...

6.4CVSS8.3AI score0.00452EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:39 p.m.5 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Icons Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Advanced Icons Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00343EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:39 p.m.7 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Info Table Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Info Table Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00433EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:38 p.m.7 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Heading Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00343EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:37 p.m.6 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Image Separator Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00433EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:30 p.m.7 views

WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Button Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Beaver Builder Addons by WPZOOM versions = 1.3.4...

6.4CVSS8.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:28 p.m.8 views

WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Box Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Beaver Builder Addons by WPZOOM versions = 1.3.4...

6.4CVSS8.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:24 p.m.7 views

WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Testimonials Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Beaver Builder Addons by WPZOOM versions = 1.3.4...

6.4CVSS8.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:24 p.m.7 views

WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Team Members Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Beaver Builder Addons by WPZOOM versions = 1.3.4...

6.4CVSS8.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 7:22 p.m.7 views

WordPress The Plus Addons for Elementor plugin <= 5.4.1 - Authenticated (Contributor+) Local File Inclusion via Team Member Listing vulnerability

Authenticated Contributor+ Local File Inclusion via Team Member Listing vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.4.1...

6.4CVSS8.3AI score0.00483EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 5:50 p.m.9 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Global Badge Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Global Badge Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS7.1AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 4:42 p.m.5 views

WordPress Run Contests, Raffles, and Giveaways with ContestsWP plugin <= 2.0.7 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin Run Contests, Raffles, and Giveaways with ContestsWP versions = 2.0.7...

5.3CVSS5.3AI score0.00192EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/02 4:25 p.m.5 views

WordPress CMSMasters Content Composer plugin <= 1.4.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin CMSMasters Content Composer versions = 1.4.5...

7.5CVSS5.5AI score0.0037EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:53 p.m.9 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Mouse Cursor Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Mouse Cursor Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS5.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:52 p.m.5 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Premium Magic Scroll Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Premium Magic Scroll Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS5.4AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:51 p.m.6 views

WordPress Essential Blocks plugin <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Essential Blocks for Gutenberg versions = 4.5.3...

6.4CVSS5.3AI score0.00559EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:37 p.m.4 views

WordPress Squelch Tabs and Accordions Shortcodes plugin <= 0.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via accordions Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via accordions Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Squelch Tabs and Accordions Shortcodes versions = 0.4.3...

6.4CVSS5.3AI score0.00327EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:36 p.m.7 views

WordPress Exclusive Addons for Elementor plugin <= 2.6.9.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Post Grid vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Post Grid vulnerability discovered by wesley wcraft in WordPress Plugin Exclusive Addons Elementor versions = 2.6.9.2...

6.4CVSS5.3AI score0.00434EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:33 p.m.4 views

WordPress Essential Addons for Elementor plugin <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by WordFence in WordPress Plugin Essential Addons for Elementor versions = 5.9.11...

6.4CVSS5.3AI score0.00356EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:31 p.m.6 views

WordPress Font Farsi plugin <= 1.6.6 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by emad in WordPress Plugin Font Farsi versions = 1.6.6...

4.4CVSS5.3AI score0.00255EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:29 p.m.8 views

WordPress EmbedPress plugin <= 3.9.12 - Authenticated (Contributor+) Stored Cross-site Scripting via 'embedpress_doc_custom_color' vulnerability

Authenticated Contributor+ Stored Cross-site Scripting via 'embedpressdoccustomcolor' vulnerability discovered by WordFence in WordPress Plugin EmbedPress versions = 3.9.12...

5.4CVSS5.3AI score0.00343EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:25 p.m.4 views

WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Authenticated (Contibutor+) Stored Cross-Site Scripting via Hover Card vulnerability

Authenticated Contibutor+ Stored Cross-Site Scripting via Hover Card vulnerability discovered by Colin Xu in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.5.4...

6.4CVSS5.3AI score0.00265EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:24 p.m.6 views

WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Age Gate vulnerability discovered by Phuoc Pham p3tl0v3r - VNPT Cyber Immunity in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.4.2...

6.4CVSS5.3AI score0.00333EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:23 p.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via title_tag vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via titletag vulnerability discovered by wesley wcraft in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

5.4CVSS5.3AI score0.00466EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:22 p.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title HTML Tag vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Page Title HTML Tag vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:22 p.m.6 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML Tag vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Title HTML Tag vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00361EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:21 p.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendy vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Calendy vulnerability discovered by ST in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00343EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:18 p.m.11 views

WordPress Royal Elementor Addons and Templates plugin <= 1.3.971 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Royal Elementor Addons versions = 1.3.971...

6.5CVSS5.3AI score0.00336EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:17 p.m.8 views

WordPress Royal Elementor Addons and Templates plugin <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via HTML Tags vulnerability discovered by WordFence in WordPress Plugin Royal Elementor Addons versions = 1.3.971...

6.4CVSS5.3AI score0.00434EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:11 p.m.7 views

WordPress Themesflat Addons For Elementor plugin <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Tags vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Widget Tags vulnerability discovered by João G. Barbosa 4rCanJ0x! in WordPress Plugin themesflat-addons-for-elementor versions = 2.1.2...

6.4CVSS5.3AI score0.00333EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:9 p.m.10 views

WordPress SVS Pricing Tables plugin <= 1.0.4 - Cross-Site Request Forgery to Pricing Table Deletion vulnerability

Cross-Site Request Forgery to Pricing Table Deletion vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin SVS Pricing Tables versions = 1.0.4...

4.3CVSS5.4AI score0.00211EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:9 p.m.7 views

WordPress Elementor Addons by Livemesh plugin <= 8.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Various Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Various Widgets vulnerability discovered by wesley wcraft in WordPress Plugin Livemesh Addons for Elementor versions = 8.3.7...

6.4CVSS5.3AI score0.00429EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:8 p.m.8 views

WordPress WPB Elementor Addons plugin <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by WordFence in WordPress Plugin WPB Elementor Addons versions = 1.0.9...

6.4CVSS5.3AI score0.00229EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 1:11 p.m.9 views

WordPress Easy WP SMTP by SendLayer plugin <= 2.3.0 - Exposure of Sensitive Information via the UI vulnerability

Exposure of Sensitive Information via the UI vulnerability discovered by Finsand in WordPress Plugin Easy WP SMTP versions = 2.3.0...

2.7CVSS5.3AI score0.00336EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 1:10 p.m.5 views

WordPress Jeg Elementor Kit plugin <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by Webbernaut in WordPress Plugin Jeg Elementor Kit versions = 2.6.4...

6.4CVSS5.3AI score0.00433EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 1:9 p.m.7 views

WordPress Jeg Elementor Kit plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Testimonial vulnerability discovered by wesley wcraft in WordPress Plugin Jeg Elementor Kit versions = 2.6.3...

6.4CVSS5.3AI score0.00323EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 1:6 p.m.7 views

WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Attributes vulnerability discovered by Tim Coen in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.4.2...

6.4CVSS5.3AI score0.00449EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 1:5 p.m.6 views

WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by Webbernaut in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.4.2...

6.4CVSS5.3AI score0.00531EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 12:54 p.m.6 views

WordPress EmbedPress plugin <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Block vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Youtube Block vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin EmbedPress versions = 3.9.14...

6.4CVSS5.3AI score0.00323EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 12:52 p.m.7 views

WordPress Bold Page Builder plugin <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget URL Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Widget URL Attribute vulnerability discovered by wesley wcraft in WordPress Plugin Bold Page Builder versions = 4.8.8...

6.4CVSS5.3AI score0.00426EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 12:49 p.m.4 views

WordPress HT Mega - Absolute Addons For Elementor plugin <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Grid Widget vulnerability

WordPress HT Mega - Absolute Addons For Elementor plugin = 2.4.9 - Authenticated Contributor+ Stored Cross-Site Scripting via Image Grid Widget vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin HT Mega versions = 2.4.9...

6.4CVSS5.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 12:47 p.m.7 views

WordPress Shortcodes and extra features for Phlox theme plugin <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'auxgmaps' Shortcode vulnerability discovered by stealthcopter in WordPress Plugin Shortcodes and extra features for Phlox theme versions = 2.15.7...

6.4CVSS5.3AI score0.00543EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 12:47 p.m.5 views

WordPress Colibri Page Builder plugin <= 1.0.272 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'colibri_breadcrumb_element' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'colibribreadcrumbelement' Shortcode vulnerability discovered by stealthcopter in WordPress Plugin Colibri Page Builder versions = 1.0.272...

6.4CVSS5.3AI score0.00423EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46624