Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/01/30 6:57 a.m.7 views

WordPress Buttons Shortcode and Widget plugin <= 1.16 - Stored XSS via shortcode vulnerability

Stored XSS via shortcode vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Buttons Shortcode and Widget versions = 1.16...

6.1CVSS5.9AI score0.00413EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:51 a.m.8 views

WordPress coreActivity plugin < 2.1 - Unauthenticated IP Spoofing vulnerability

Unauthenticated IP Spoofing vulnerability discovered by Erwan LR WPScan in WordPress Plugin coreActivity: Activity Logging plugin for WordPress versions 2.1...

5.3CVSS5.9AI score0.00482EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:45 a.m.6 views

WordPress ProfilePress plugin < 4.15.15 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin ProfilePress versions 4.15.15...

4.8CVSS5.9AI score0.00334EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:24 a.m.7 views

WordPress CAS <= 1.0.0 - Unauthenticated Arbitrary File Access vulnerability

Unauthenticated Arbitrary File Access vulnerability discovered by Aly Khaled Aly Abd Al-aal in WordPress Theme Cas versions = 1.0.0...

7.5CVSS5.9AI score0.00719EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:24 a.m.6 views

WordPress Photo Gallery by 10Web plugin < 1.8.31 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Photo Gallery by 10Web versions 1.8.31...

4.8CVSS5.9AI score0.00369EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:22 a.m.6 views

WordPress profile-builder plugin < 3.11.9 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by John Castro in WordPress Plugin Profile Builder versions 3.11.9...

9.8CVSS5.9AI score0.00796EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:22 a.m.4 views

WordPress WP Booking Calendar plugin < 10.6.5 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Booking Calendar versions 10.6.5...

4.8CVSS5.9AI score0.00303EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:21 a.m.8 views

WordPress Favicon Generator plugin < 2.1 - Arbitrary File Deletion via CSRF vulnerability

Arbitrary File Deletion via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Favicon Generator versions 2.1...

6.5CVSS5.9AI score0.00245EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 6:16 a.m.7 views

WordPress Element Pack Elementor Addons plugin < 5.10.3 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Element Pack Elementor Addons versions 5.10.3...

5.4CVSS5.9AI score0.00349EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 5:52 a.m.8 views

WordPress CubeWP plugin <= 1.1.27 - Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php vulnerability

Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php vulnerability discovered by stealthcopter in WordPress Plugin CubeWP versions = 1.1.27...

4.3CVSS5.9AI score0.00196EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 5:32 a.m.4 views

WordPress Kadence Blocks plugin <= 3.2.53 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.2.53...

4.8CVSS5.9AI score0.00455EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 5:6 a.m.7 views

WordPress Paid Memberships Pro plugin < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure vulnerability

Contributor+ Arbitrary User Custom Field Disclosure vulnerability discovered by Scott Kingsley Clark in WordPress Plugin Paid Memberships Pro versions 2.12.9...

4.3CVSS5.9AI score0.00548EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 4:17 a.m.8 views

WordPress CubeWP plugin <= 1.1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via cubewp_shortcode_taxonomy Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via cubewpshortcodetaxonomy Shortcode vulnerability discovered by zaim in WordPress Plugin CubeWP versions = 1.1.26...

6.4CVSS5.9AI score0.00185EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:52 a.m.5 views

WordPress Serious Slider plugin <= 1.2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Serious Slider versions = 1.2.7...

4.3CVSS5.4AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:42 a.m.5 views

WordPress HL Twitter plugin <= 2014.1.18 - Unlink Twitter Account via CSRF vulnerability

Unlink Twitter Account via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin HL Twitter versions = 2014.1.18...

4.3CVSS5.9AI score0.00211EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:40 a.m.6 views

WordPress Newsletter Popup plugin <= 1.2 - List Deletion via CSRF vulnerability

List Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Newsletter Popup versions = 1.2...

8.8CVSS5.9AI score0.0035EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:40 a.m.7 views

WordPress Newsletter Popup plugin <= 1.2 - Subscriber Deletion via CSRF vulnerability

Subscriber Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Newsletter Popup versions = 1.2...

6.9CVSS5.9AI score0.00254EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:37 a.m.7 views

WordPress SendPress Newsletters plugin <= 1.23.11.6 - Admin+ Stored XSS via Settings vulnerability

Admin+ Stored XSS via Settings vulnerability discovered by Manab Jyoti Dowarah in WordPress Plugin SendPress Newsletters versions = 1.23.11.6...

6.8CVSS5.9AI score0.0071EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:35 a.m.9 views

WordPress SendPress Newsletters plugin <= 1.23.11.6 - Admin+ Stored XSS via Form Settings vulnerability

Admin+ Stored XSS via Form Settings vulnerability discovered by Manab Jyoti Dowarah in WordPress Plugin SendPress Newsletters versions = 1.23.11.6...

6.1CVSS5.9AI score0.00405EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:10 a.m.7 views

WordPress Pet Manager plugin <= 1.4 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Pet Manager versions = 1.4...

4.8CVSS5.9AI score0.00351EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:8 a.m.6 views

WordPress WooCommerce Customers Manager plugin < 30.1 - Bulk Action via CSRF vulnerability

Bulk Action via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin WooCommerce Customers Manager versions 30.1...

8.1CVSS5.9AI score0.00294EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 2:27 a.m.7 views

WordPress WP Logs Book plugin <= 1.0.1 - Log Clearing via CSRF vulnerability

Log Clearing via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin WP Logs Book versions = 1.0.1...

4.3CVSS5.9AI score0.00183EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 2:26 a.m.5 views

WordPress Business Card plugin <= 1.0.0 - Card Edit via CSRF vulnerability

Card Edit via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Business Card versions = 1.0.0...

7.1CVSS5.9AI score0.0025EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 2:26 a.m.5 views

WordPress Business Card plugin <= 1.0.0 - Card Edit via CSRF vulnerability

Card Edit via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Business Card versions = 1.0.0...

7.1CVSS5.9AI score0.0025EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 2:25 a.m.5 views

WordPress Business Card plugin <= 1.0.0 - Arbitrary Card Deletion via CSRF vulnerability

Arbitrary Card Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Business Card versions = 1.0.0...

6.4CVSS5.9AI score0.00276EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 1:43 a.m.9 views

WordPress BuddyBoss Platform plugin < 2.6.0 - Subscriber+ Comment on Private Post via IDOR vulnerability

Subscriber+ Comment on Private Post via IDOR vulnerability discovered by Faris Krivic in WordPress Plugin Buddyboss Platform versions 2.6.0...

4.3CVSS5.9AI score0.00375EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 1:5 a.m.6 views

WordPress Frontend Checklist plugin <= 2.3.2 - Admin+ Stored XSS via Items vulnerability

Admin+ Stored XSS via Items vulnerability discovered by Bob Matyas in WordPress Plugin Frontend Checklist versions = 2.3.2...

4.8CVSS5.9AI score0.0033EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:31 p.m.8 views

WordPress PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode plugin <= 1.7 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode versions = 1.7...

5.4CVSS5.9AI score0.00319EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:27 p.m.7 views

WordPress Quiz And Survey Master plugin < 9.0.2 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Project Black in WordPress Plugin Quiz And Survey Master versions 9.0.2...

8.8CVSS5.9AI score0.00591EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:14 p.m.8 views

WordPress Ultimate Blocks plugin < 3.2.0 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Ultimate Blocks versions 3.2.0...

4.6CVSS5.9AI score0.00302EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:14 p.m.12 views

WordPress Master Slider plugin < 3.10.0 - CSRF to slider deletion vulnerability

CSRF to slider deletion vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Master Slider versions 3.10.0...

6.5CVSS5.9AI score0.00215EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:13 p.m.5 views

WordPress Light Poll plugin <= 1.0.0 - Polls Deletion via CSRF vulnerability

Polls Deletion via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin Light Poll versions = 1.0.0...

6.5CVSS5.9AI score0.00255EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:8 p.m.8 views

WordPress NinjaTeam Header Footer Custom Code plugin <= 1.2 - Admin+ Stored XSS via CSS Styles vulnerability

Admin+ Stored XSS via CSS Styles vulnerability discovered by Bob Matyas in WordPress Plugin NinjaTeam Header Footer Custom Code versions = 1.2...

4.8CVSS5.9AI score0.00347EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:6 p.m.8 views

WordPress Ditty plugin 3.1.39-3.1.45 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Erwan LR WPScan in WordPress Plugin Ditty versions 3.1.39-3.1.45...

6.1CVSS5.9AI score0.00327EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:3 p.m.2 views

WordPress SmartSearchWP plugin <= 2.4.4 - Unauthenticated Log Purge vulnerability

Unauthenticated Log Purge vulnerability discovered by Bob Matyas in WordPress Plugin SmartSearch WP versions = 2.4.4...

5.3CVSS5.9AI score0.01263EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:45 p.m.6 views

WordPress WP MultiTasking plugin <= 0.1.12 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Norbert Hofmann in WordPress Plugin WP MultiTasking versions = 0.1.12...

6.5CVSS5.9AI score0.00201EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:45 p.m.9 views

WordPress WP MultiTasking plugin <= 0.1.12 - Welcome Popup Update via CSRF vulnerability

Welcome Popup Update via CSRF vulnerability discovered by Norbert Hofmann in WordPress Plugin WP MultiTasking versions = 0.1.12...

6.5CVSS5.9AI score0.00216EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:44 p.m.8 views

WordPress WP MultiTasking plugin <= 0.1.12 - Exit Popup Update via CSRF vulnerability

Exit Popup Update via CSRF vulnerability discovered by Norbert Hofmann in WordPress Plugin WP MultiTasking versions = 0.1.12...

6.5CVSS5.9AI score0.00201EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:41 p.m.6 views

WordPress Secure Copy Content Protection and Content Locking plugin < 4.1.7 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.1.7...

4.8CVSS5.9AI score0.00353EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:33 p.m.6 views

WordPress TS Poll - Survey, Versus Poll, Image Poll, Video Poll plugin < 2.4.0 - Admin+ SQL Injection vulnerability

WordPress TS Poll - Survey, Versus Poll, Image Poll, Video Poll plugin 2.4.0 - Admin+ SQL Injection vulnerability discovered by Chu Quoc Khanh in WordPress Plugin TS Poll versions 2.4.0...

7.2CVSS5.9AI score0.02277EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:21 p.m.8 views

WordPress MaxButtons plugin < 9.8.1 - Admin+ Stored XSS via Text Color vulnerability

Admin+ Stored XSS via Text Color vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin MaxButtons versions 9.8.1...

4.7CVSS5.9AI score0.00409EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:15 p.m.5 views

WordPress RSS Feed Widget plugin < 3.0.0 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin RSS Feed Widget versions 3.0.0...

5.9CVSS5.9AI score0.00298EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 9:14 p.m.6 views

WordPress LearnPress plugin < 4.2.7.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin LearnPress versions 4.2.7.2...

4.8CVSS5.9AI score0.00363EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 8:47 p.m.6 views

WordPress Relevanssi Premium plugin < 2.29.0 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Relevanssi Premium versions 2.29.0...

4.9CVSS5.9AI score0.00224EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 6:16 p.m.5 views

WordPress OSM plugin <= 6.1.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin OSM versions = 6.1.12...

5.4AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 5:35 p.m.7 views

WordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Knowledge Base for Documentation, FAQs with AI Assistance versions = 16.011.0...

4.3CVSS5.4AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 5:18 p.m.4 views

WordPress PublishPress Revisions plugin <= 3.7.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by lilmingwa13 in WordPress Plugin PublishPress Revisions versions = 3.7.22...

5.4CVSS5.5AI score0.00104EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 5:1 p.m.7 views

WordPress YITH WooCommerce Ajax Search plugin < 2.7.1 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by John Castro in WordPress Plugin YITH WooCommerce Ajax Search versions 2.7.1...

5.4CVSS5.9AI score0.00313EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 4:51 p.m.6 views

WordPress Relevanssi plugin < 4.26.0 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Relevanssi versions 4.26.0...

4.9CVSS5.9AI score0.00224EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 4:45 p.m.7 views

WordPress Frontend File Manager plugin < 23.5 - Subscriber+ Arbitrary File Deletion vulnerability

Subscriber+ Arbitrary File Deletion vulnerability discovered by Gregory Allegoet & Bakir Tuči in WordPress Plugin Frontend File Manager versions 23.5...

7.7CVSS5.9AI score0.00194EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46606