Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/01/29 2:30 p.m.4 views

WordPress The Grid plugin < 2.8.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin The Grid versions 2.8.0...

8.8CVSS5.9AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 1:2 p.m.5 views

WordPress KindlyCare theme <= 1.6.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme KindlyCare versions = 1.6.1...

9.8CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 10:22 a.m.6 views

WordPress WP Job Manager plugin <= 2.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tristan Jay Neale in WordPress Plugin WP Job Manager versions = 2.4.0...

5.3CVSS5.6AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 8:8 a.m.7 views

WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Booked versions = 3.0.0...

5.4CVSS5.9AI score0.00354EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 8:6 a.m.5 views

WordPress Capella theme <= 2.5.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Capella versions = 2.5.5...

9.8CVSS5.9AI score0.00375EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 7:19 a.m.4 views

WordPress Easy Hotel Booking plugin <= 1.8.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Easy Hotel Booking versions = 1.8.8...

6.5CVSS5.2AI score0.00315EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 7:16 a.m.9 views

WordPress Travelpayouts plugin <= 1.2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Travelpayouts versions = 1.2.1...

5.9AI score0.00204EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 7:15 a.m.5 views

WordPress Konte theme <= 2.4.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Theme Konte versions = 2.4.6...

5.9AI score0.00309EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 6:59 a.m.6 views

WordPress ID Arrays plugin <= 2.1.2 - POST-Based Reflected Cross Site Scripting (XSS) vulnerability

POST-Based Reflected Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin ID Arrays versions = 2.1.2...

7.1CVSS5.9AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 6:44 a.m.6 views

WordPress Shiprocket plugin <= 2.0.8 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by NumeX in WordPress Plugin Shiprocket versions = 2.0.8...

5.9AI score0.00304EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 6:44 a.m.7 views

WordPress SOHO - Photography WordPress Theme theme <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

WordPress SOHO - Photography WordPress Theme theme = 3.0.3 - Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme SOHO - Photography WordPress Theme versions = 3.0.3...

7.1CVSS5.9AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 6:23 a.m.5 views

WordPress Cookiebot plugin <= 4.6.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Cookiebot versions = 4.6.4...

4.3CVSS5.4AI score0.00197EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 5:33 a.m.4 views

WordPress Broken Link Notifier plugin <= 1.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Broken Link Notifier versions = 1.3.5...

5.3CVSS5.4AI score0.00208EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 5:20 a.m.5 views

WordPress SupportCandy plugin <= 3.4.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin SupportCandy versions = 3.4.4...

5.3CVSS5.4AI score0.00214EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 4:36 a.m.7 views

WordPress B Slider plugin <= 2.0.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin B Slider versions = 2.0.6...

6.5CVSS5.9AI score0.00129EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/29 2:49 a.m.7 views

WordPress Nelio Popups plugin <= 1.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Nelio Popups versions = 1.3.5...

4.3CVSS5.3AI score0.00152EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:37 p.m.9 views

WordPress WP Adminify plugin <= 4.0.7.7 - Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST API vulnerability

Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST API vulnerability discovered by ibrahimsql in WordPress Plugin WP Adminify versions = 4.0.7.7...

5.3CVSS5.9AI score0.00247EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/28 5:38 p.m.3 views

WordPress UsersWP plugin <= 1.2.53 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Tristan Jay Neale in WordPress Plugin UsersWP versions = 1.2.53...

4.3CVSS5.3AI score0.00124EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 2:57 p.m.5 views

WordPress Elementor Contact Form DB plugin <= 2.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by You Ludwig in WordPress Plugin Elementor Contact Form DB versions = 2.1.3...

5.3CVSS5.4AI score0.00272EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 1:56 p.m.7 views

WordPress JAMstack Deployments plugin <= 1.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin JAMstack Deployments versions = 1.1.1...

4.3CVSS5.4AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 1:47 p.m.7 views

WordPress WP-CORS plugin <= 0.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WP-CORS versions = 0.2.2...

4.3CVSS5.4AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 1:45 p.m.5 views

WordPress EventPrime plugin <= 4.2.8.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin EventPrime versions = 4.2.8.0...

8.8CVSS5.9AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 1:38 p.m.5 views

WordPress Zita Elementor Site Library plugin <= 1.6.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Zita Elementor Site Library versions = 1.6.6...

4.3CVSS5.5AI score0.00107EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 1:32 p.m.6 views

WordPress Revision Manager TMC plugin <= 2.8.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Revision Manager TMC versions = 2.8.22...

4.3CVSS5.5AI score0.00107EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 1:20 p.m.6 views

WordPress Enter Addons plugin <= 2.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Enter Addons versions = 2.3.2...

4.3CVSS5.3AI score0.00098EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 12:43 p.m.7 views

WordPress Quiz And Survey Master plugin <= 10.3.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Doan Dinh Van in WordPress Plugin Quiz And Survey Master versions = 10.3.1...

8.5CVSS5.9AI score0.00264EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 12:41 p.m.4 views

WordPress Advanced iFrame plugin <= 2025.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Advanced iFrame versions = 2025.10...

5.3CVSS5.4AI score0.00028EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 11:54 a.m.8 views

WordPress Oyster - Photography WordPress Theme theme <= 4.4.3 - Cross Site Scripting (XSS) vulnerability

WordPress Oyster - Photography WordPress Theme theme = 4.4.3 - Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Oyster - Photography WordPress Theme versions = 4.4.3...

7.1CVSS5.9AI score0.00256EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 11:51 a.m.6 views

WordPress WPBookit Pro plugin <= 1.6.18 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin WPBookit Pro versions = 1.6.18...

5.3CVSS5.4AI score0.00214EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 11:26 a.m.6 views

WordPress News Kit Elementor Addons plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin News Kit Elementor Addons versions = 1.4.2...

4.3CVSS5.4AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:50 a.m.6 views

WordPress Emerce Core plugin <= 1.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Emerce Core versions = 1.8...

9.3CVSS5.9AI score0.00372EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:50 a.m.6 views

WordPress Uroan Core plugin <= 1.4.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Uroan Core versions = 1.4.4...

9.3CVSS5.9AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:49 a.m.4 views

WordPress Woodly Core plugin <= 1.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Woodly Core versions = 1.4...

9.3CVSS5.9AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:48 a.m.7 views

WordPress Saasplate Core plugin <= 1.2.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Saasplate Core versions = 1.2.8...

9.3CVSS5.9AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:48 a.m.5 views

WordPress Nestbyte Core plugin <= 1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Nestbyte Core versions = 1.2...

9.3CVSS5.9AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:16 a.m.6 views

WordPress Bit Form plugin <= 2.21.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Bit Form versions = 2.21.10...

7.6CVSS5.9AI score0.00276EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 9:8 a.m.6 views

WordPress UpsellWP plugin <= 2.2.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rapid0nion in WordPress Plugin UpsellWP versions = 2.2.3...

4.3CVSS5.4AI score0.00197EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 8:48 a.m.5 views

WordPress MailerLite plugin <= 1.7.18 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin MailerLite versions = 1.7.18...

4.3CVSS5.4AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 8:46 a.m.4 views

WordPress Educare plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin Educare versions = 1.6.1...

7.1CVSS5.9AI score0.00186EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 7:53 a.m.5 views

WordPress WP Recipe Maker plugin <= 10.2.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin WP Recipe Maker versions = 10.2.4...

8.1CVSS5.9AI score0.00162EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 7:24 a.m.5 views

WordPress ModelTheme Framework plugin <= 1.9.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ModelTheme Framework versions = 1.9.2...

5.9AI score0.00278EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 7:24 a.m.4 views

WordPress Medinik Core plugin <= 1.3.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Medinik Core versions = 1.3.6...

9.3CVSS5.9AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 7:23 a.m.4 views

WordPress Electio Core plugin <= 1.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Electio Core versions = 1.4...

9.3CVSS5.9AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 7:17 a.m.4 views

WordPress Sendy plugin <= 3.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Sendy versions = 3.4.2...

5.4AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 7:14 a.m.5 views

WordPress EmailKit plugin <= 1.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin EmailKit versions = 1.6.2...

5.4AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/28 6:52 a.m.8 views

WordPress Vzaar Media Management plugin <= 1.2 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Vzaar Media Management versions = 1.2...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/28 6:49 a.m.7 views

WordPress TelSender plugin <= 1.14.14 - Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability

Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability discovered by Kai Aizen in WordPress Plugin TelSender versions = 1.14.14...

5.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/28 6:47 a.m.8 views

WordPress SEO Links Interlinking plugin <= 1.7.5 - Reflected Cross-Site Scripting via 'google_error' Parameter vulnerability

Reflected Cross-Site Scripting via 'googleerror' Parameter vulnerability discovered by johska in WordPress Plugin SEO Links Interlinking versions = 1.7.5...

6.1CVSS5.9AI score0.00215EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/28 6:44 a.m.12 views

WordPress AI Engine plugin <= 3.3.2 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability

Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by type5afe in WordPress Plugin AI Engine versions = 3.3.2...

6.4CVSS5.9AI score0.00181EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/28 6:39 a.m.7 views

WordPress VidShop plugin <= 1.1.4 - Unauthenticated Time-Based SQL Injection via 'fields' vulnerability

Unauthenticated Time-Based SQL Injection via 'fields' vulnerability discovered by WordFence in WordPress Plugin VidShop versions = 1.1.4...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46606