Lucene search
K
PatchstackRecent

46618 matches found

Patchstack
Patchstack
•added 2026/02/02 12:21 p.m.•9 views

WordPress Slider Revolution plugin <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Add Layer class, id, and title Attributes vulnerability discovered by wesley wcraft in WordPress Plugin Slider Revolution versions = 6.7.10...

6.4CVSS5.3AI score0.00279EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 12:19 p.m.•11 views

WordPress Slider Revolution plugin <= 6.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Elementor wrapperid and zindex vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Elementor wrapperid and zindex vulnerability discovered by stealthcopter in WordPress Plugin Slider Revolution versions = 6.7.10...

6.4CVSS5.3AI score0.00263EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 10:30 a.m.•8 views

WordPress WooCommerce - PDF Vouchers plugin <= 4.9.3 - Authentication Bypass to Voucher Vendor vulnerability

WordPress WooCommerce - PDF Vouchers plugin = 4.9.3 - Authentication Bypass to Voucher Vendor vulnerability discovered by István Márton - Wordfence in WordPress Plugin WooCommerce PDF Vouchers versions = 4.9.3...

7.3CVSS5.4AI score0.00406EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 10:23 a.m.•9 views

WordPress Zephyr Project Manager plugin <= 3.3.101 - Authenticated (Subscriber+) Limited Privilege Escalation vulnerability

Authenticated Subscriber+ Limited Privilege Escalation vulnerability discovered by wesley wcraft in WordPress Plugin Zephyr Project Manager versions = 3.3.101...

8.1CVSS5.3AI score0.00402EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 10:13 a.m.•7 views

WordPress WooCommerce Social Login plugin <= 2.7.3 - Unauthenticated Authentication Bypass vulnerability

Unauthenticated Authentication Bypass vulnerability discovered by Vu Nguyen maxntv in WordPress Plugin WooCommerce Social Login versions = 2.7.3...

7.3CVSS5.3AI score0.00403EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 10:12 a.m.•5 views

WordPress WooCommerce Social Login plugin <= 2.7.3 - Missing Authorization to Unauthenticated Privilege Escalation vulnerability

Missing Authorization to Unauthenticated Privilege Escalation vulnerability discovered by Vu Nguyen maxntv in WordPress Plugin WooCommerce Social Login versions = 2.7.3...

9.8CVSS5.3AI score0.00518EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 10:9 a.m.•5 views

WordPress WooCommerce Social Login plugin <= 2.7.3 - Unauthenticated Privilege Escalation via One-Time Password vulnerability

Unauthenticated Privilege Escalation via One-Time Password vulnerability discovered by Vu Nguyen maxntv in WordPress Plugin WooCommerce Social Login versions = 2.7.3...

7.3CVSS5.3AI score0.00362EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:35 a.m.•7 views

WordPress OSM plugin <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof ZajÄ…c - CERT PL in WordPress Plugin OSM versions = 6.0.3...

6.4CVSS5.3AI score0.00344EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:35 a.m.•6 views

WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via content_block Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via contentblock Shortcode vulnerability discovered by Alex Thomas - Wordfence in WordPress Plugin Content Blocks Custom Post Widget versions = 3.3.0...

6.4CVSS5.3AI score0.00314EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:34 a.m.•7 views

WordPress Elementor Addons by Livemesh plugin <= 8.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Grid vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Posts Grid vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Livemesh Addons for Elementor versions = 8.3.7...

6.4CVSS5.3AI score0.00345EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:34 a.m.•10 views

WordPress Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin <= 5.7.17 - Missing Authorization vulnerability

WordPress Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin = 5.7.17 - Missing Authorization vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Email Subscribers & Newsletters versions = 5.7.17...

4.3CVSS5.3AI score0.00369EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:33 a.m.•6 views

WordPress Premium Addons for Elementor plugin <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'arrowstyle' vulnerability discovered by stealthcopter in WordPress Plugin Premium Addons for Elementor versions = 4.10.28...

6.4CVSS5.3AI score0.00444EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:27 a.m.•7 views

WordPress Enter Addons plugin <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animation Title widget img tag vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Animation Title widget img tag vulnerability discovered by Sebastião Gavião Sebastgav - Gavsec in WordPress Plugin Enter Addons versions = 2.1.5...

6.4CVSS5.3AI score0.00429EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:27 a.m.•7 views

WordPress Advanced Contact form 7 DB plugin <= 2.0.2 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by Tim Coen in WordPress Plugin Advanced Contact form 7 DB versions = 2.0.2...

5.3CVSS5.3AI score0.00439EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:26 a.m.•7 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline vulnerability discovered by stealthcopter in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00548EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:22 a.m.•7 views

WordPress Testimonial Carousel For Elementor plugin <= 10.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Testimonial Carousel For Elementor versions = 10.1.1...

6.4CVSS5.2AI score0.00413EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:22 a.m.•8 views

WordPress Login Logout Register Menu plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'llrmloginlogout' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'llrmloginlogout' Shortcode vulnerability discovered by Krzysztof ZajÄ…c - CERT PL in WordPress Plugin Login Logout Register Menu versions = 2.0...

6.4CVSS5.3AI score0.00267EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:21 a.m.•7 views

WordPress Essential Addons for Elementor plugin <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle vulnerability discovered by stealthcopter in WordPress Plugin Essential Addons for Elementor versions = 5.9.15...

6.4CVSS5.2AI score0.00557EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:20 a.m.•6 views

WordPress Salient Shortcodes plugin <= 1.5.3 - Authenticated (Contributor+) Local File Inclusion via Shortcode vulnerability

Authenticated Contributor+ Local File Inclusion via Shortcode vulnerability discovered by István Márton - Wordfence in WordPress Plugin Salient Shortcodes versions = 1.5.3...

8.8CVSS5.3AI score0.00619EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:20 a.m.•13 views

WordPress Porto Theme - Functionality plugin <= 3.0.9 - Authenticated (Contributor+) Local File Inclusion via Post Meta vulnerability

WordPress Porto Theme - Functionality plugin = 3.0.9 - Authenticated Contributor+ Local File Inclusion via Post Meta vulnerability discovered by István Márton - Wordfence in WordPress Plugin Porto Theme - Functionality versions = 3.0.9...

8.8CVSS5.2AI score0.01002EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:19 a.m.•5 views

WordPress Royal Elementor Addons and Templates plugin <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Accordion Title Tags vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Advanced Accordion Title Tags vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Royal Elementor Addons versions = 1.3.971...

6.4CVSS5.3AI score0.00336EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:19 a.m.•10 views

WordPress Salient Core plugin <= 2.0.7 - Authenticated (Contributor+) Local File Inclusion via Shortcode vulnerability

Authenticated Contributor+ Local File Inclusion via Shortcode vulnerability discovered by István Márton - Wordfence in WordPress Plugin Salient Core versions = 2.0.7...

7.5CVSS5.3AI score0.00632EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:19 a.m.•8 views

WordPress Salient Shortcodes plugin <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton - Wordfence in WordPress Plugin Salient Shortcodes versions = 1.5.3...

6.4CVSS5.3AI score0.00267EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:17 a.m.•5 views

WordPress WP To Do plugin <= 1.3.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Task Comments vulnerability

Authenticated Admin+ Stored Cross-Site Scripting via Task Comments vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin WP To Do versions = 1.3.0...

4.8CVSS5.3AI score0.00318EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:17 a.m.•9 views

WordPress WP To Do plugin <= 1.3.0 - Cross-Site Request Forgery via wptodo_manage() vulnerability

Cross-Site Request Forgery via wptodomanage vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin WP To Do versions = 1.3.0...

4.3CVSS5.3AI score0.00222EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:16 a.m.•6 views

WordPress Testimonials Widget plugin <= 4.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via testimonials Shortcode vulnerability

Authenticated Author+ Stored Cross-Site Scripting via testimonials Shortcode vulnerability discovered by stealthcopter in WordPress Plugin Testimonials Widget versions = 4.0.4...

6.4CVSS5.3AI score0.00279EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:16 a.m.•6 views

WordPress WP To Do plugin <= 1.3.0 - Cross-Site Request Forgery via wptodo_settings vulnerability

Cross-Site Request Forgery via wptodosettings vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin WP To Do versions = 1.3.0...

4.3CVSS5.3AI score0.00224EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:16 a.m.•6 views

WordPress HT Mega plugin <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Justify vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Gallery Justify vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin HT Mega versions = 2.5.0...

6.4CVSS5.3AI score0.0034EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:16 a.m.•4 views

WordPress Exclusive Addons for Elementor plugin <= 2.6.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Call to Action vulnerability discovered by stealthcopter in WordPress Plugin Exclusive Addons Elementor versions = 2.6.9.4...

6.4CVSS5.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:15 a.m.•10 views

WordPress Prime Slider - Addons For Elementor plugin <= 3.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pagepiling Widget vulnerability

WordPress Prime Slider - Addons For Elementor plugin = 3.14.1 - Authenticated Contributor+ Stored Cross-Site Scripting via Pagepiling Widget vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.14.1...

6.4CVSS5.3AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:14 a.m.•6 views

WordPress Import and export users and customers plugin <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by quanhx in WordPress Plugin Import and export users and customers versions = 1.26.6.1...

4.4CVSS5.3AI score0.00286EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:11 a.m.•8 views

WordPress Combo Blocks plugin <= 2.2.80 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Block Attribute vulnerability discovered by stealthcopter in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.2.80...

6.4CVSS5.2AI score0.00263EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:10 a.m.•7 views

WordPress Gutenberg Blocks by Kadence Blocks plugin <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typer Effect vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Typer Effect vulnerability discovered by Webbernaut in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.2.37...

6.4CVSS5.2AI score0.00265EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:10 a.m.•7 views

WordPress Royal Elementor Addons and Templates plugin <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting via Back to Top Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Back to Top Widget vulnerability discovered by wesley wcraft in WordPress Plugin Royal Elementor Addons versions = 1.3.975...

6.4CVSS5.4AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:9 a.m.•8 views

WordPress Gutenberg Blocks by Kadence Blocks plugin <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Timer vulnerability discovered by Webbernaut in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.2.36...

6.4CVSS5.3AI score0.00433EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:8 a.m.•7 views

WordPress Themesflat Addons For Elementor plugin <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting in Multiple Widgets vulnerability discovered by stealthcopter in WordPress Plugin themesflat-addons-for-elementor versions = 2.1.2...

6.4CVSS5.2AI score0.00425EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:8 a.m.•9 views

WordPress Piotnet Addons For Elementor plugin <= 2.4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widget Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widget Attributes vulnerability discovered by stealthcopter in WordPress Plugin Piotnet Addons For Elementor versions = 2.4.28...

7.2CVSS5.2AI score0.0031EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:7 a.m.•4 views

WordPress Ultimate Blocks plugin <= 3.1.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Multiple Blocks vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Multiple Blocks vulnerability discovered by Webbernaut in WordPress Plugin Ultimate Blocks versions = 3.1.9...

6.4CVSS5.3AI score0.00493EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:5 a.m.•8 views

WordPress Sina Extension for Elementor plugin <= 3.5.3 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Sina Extension for Elementor versions = 3.5.3...

6.4CVSS5.3AI score0.00391EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:3 a.m.•7 views

WordPress Premium Addons for Elementor plugin <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Fancy Text Widget vulnerability discovered by Webbernaut in WordPress Plugin Premium Addons for Elementor versions = 4.10.31...

6.4CVSS5.3AI score0.00332EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:3 a.m.•6 views

WordPress Premium Addons for Elementor plugin <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Global Tooltip vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons for Elementor versions = 4.10.31...

5.4CVSS5.3AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:2 a.m.•5 views

WordPress Happy Addons for Elementor plugin <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Event Calendar Widget vulnerability discovered by stealthcopter in WordPress Plugin Happy Addons for Elementor versions = 3.10.7...

6.4CVSS5.3AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 9:1 a.m.•6 views

WordPress Elementor Addon Elements plugin <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id and eaeslideranimation Parameters vulnerability discovered by stealthcopter in WordPress Plugin Elementor Addon Elements versions = 1.13.5...

6.4CVSS5.3AI score0.0031EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 8:59 a.m.•6 views

WordPress Essential Addons for Elementor plugin <= 5.9.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Several Widgets vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Several Widgets vulnerability discovered by Webbernaut in WordPress Plugin Essential Addons for Elementor versions = 5.9.19...

6.4CVSS5.2AI score0.00343EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 8:59 a.m.•4 views

WordPress Essential Addons for Elementor plugin <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' vulnerability discovered by stealthcopter in WordPress Plugin Essential Addons for Elementor versions = 5.9.19...

6.5CVSS5.2AI score0.00508EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 8:58 a.m.•6 views

WordPress FileOrganizer plugin <= 1.0.7 - Sensitive Information Exposure via Directory Listing vulnerability

Sensitive Information Exposure via Directory Listing vulnerability discovered by emad in WordPress Plugin FileOrganizer versions = 1.0.7...

7.5CVSS5.3AI score0.00522EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 8:57 a.m.•5 views

WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin <= 1.6.4 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin Ultimate Store Kit Elementor Addons versions = 1.6.4...

9.8CVSS5.4AI score0.00852EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 8:52 a.m.•5 views

WordPress Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id, oxi_addons_f_title_tag, and content_description_tag Parameters vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id, oxiaddonsftitletag, and contentdescriptiontag Parameters vulnerability discovered by stealthcopter in WordPress Plugin Image Hover Effects - Caption Hover with Carousel versions = 3.0.2...

6.4CVSS5.3AI score0.00321EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 8:51 a.m.•4 views

WordPress Happy Addons for Elementor plugin <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Accordion vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.9...

6.4CVSS5.2AI score0.00325EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
•added 2026/02/02 8:50 a.m.•8 views

WordPress Happy Addons for Elementor plugin <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.8...

6.4CVSS5.2AI score0.00364EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46618