Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/01/23 9:31 a.m.5 views

WordPress Blockons plugin <= 1.2.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin Blockons versions = 1.2.15...

5.4CVSS5.3AI score0.00156EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 9:15 a.m.7 views

WordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Monetag Official Plugin versions = 1.1.3...

5.4CVSS5.3AI score0.00209EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 9:10 a.m.8 views

WordPress Coven Core plugin <= 1.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Coven Core versions = 1.3...

9.3CVSS5.8AI score0.0041EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2026/01/23 9:3 a.m.8 views

WordPress PeakShops theme <= 1.5.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PeakShops versions = 1.5.9...

8.8CVSS5.5AI score0.00468EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 9:2 a.m.6 views

WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Advanced WooCommerce Product Sales Reporting versions = 4.1.2...

5.3CVSS5.3AI score0.00197EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 8:57 a.m.11 views

WordPress Melapress Role Editor plugin <= 1.1.1 - Improper Authorization to Authenticated (Subscriber+) Privilege Escalation via Secondary Role Assignment vulnerability

Improper Authorization to Authenticated Subscriber+ Privilege Escalation via Secondary Role Assignment vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Melapress Role Editor versions = 1.1.1...

8.8CVSS5.5AI score0.00365EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 8:39 a.m.6 views

WordPress Extensions For CF7 plugin <= 3.4.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Nabil Irawan in WordPress Plugin Extensions For CF7 versions = 3.4.0...

5.3CVSS5.3AI score0.00203EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 8:38 a.m.8 views

WordPress BuddyPress plugin <= 14.3.3 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin BuddyPress versions = 14.3.3...

7.3CVSS5.5AI score0.00444EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 8:31 a.m.9 views

WordPress All-in-One Video Gallery plugin <= 4.6.4 - Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion vulnerability

Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion vulnerability discovered by andrea bocchetti in WordPress Plugin All-in-One Video Gallery versions = 4.6.4...

6.5CVSS5.5AI score0.00369EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 7:57 a.m.8 views

WordPress weDocs plugin <= 2.1.16 - Missing Authorization to Authenticated (Subscriber+) Documentation Post Update vulnerability

Missing Authorization to Authenticated Subscriber+ Documentation Post Update vulnerability discovered by blue0x1 in WordPress Plugin weDocs versions = 2.1.16...

4.3CVSS5.5AI score0.00265EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 7:57 a.m.7 views

WordPress WP DSGVO Tools (GDPR) plugin <= 3.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'lw_content_block' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'lwcontentblock' Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP DSGVO Tools GDPR versions = 3.1.36...

6.4CVSS5.4AI score0.0025EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 7:44 a.m.7 views

WordPress Schema & Structured Data for WP & AMP plugin <= 1.54 - Authenticated (Contributor+) Stored Cross-Site Scripting via User Custom Schema vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via User Custom Schema vulnerability discovered by type5afe in WordPress Plugin Schema & Structured Data for WP & AMP versions = 1.54...

6.4CVSS5.4AI score0.0024EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 7:43 a.m.8 views

WordPress KiviCare - Clinic & Patient Management System (EHR) plugin <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload vulnerability

WordPress KiviCare - Clinic & Patient Management System EHR plugin = 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin KiviCare versions = 3.6.15...

5.3CVSS5.5AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 7:39 a.m.7 views

WordPress RSS Aggregator plugin <= 5.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via wp-rss-aggregator Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wp-rss-aggregator Shortcode vulnerability discovered by zaim in WordPress Plugin WP RSS Aggregator versions = 5.0.10...

6.4CVSS5.4AI score0.00232EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 7:38 a.m.7 views

WordPress Uncanny Automator plugin <= 6.10.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by zaim in WordPress Plugin Uncanny Automator versions = 6.10.0.2...

6.4CVSS5.4AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/23 6:50 a.m.6 views

WordPress amr cron manager plugin <= 2.3 - Reflecte dCross Site Scripting (XSS) vulnerability

Reflecte dCross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin amr cron manager versions = 2.3...

7.1CVSS5.3AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 6:49 a.m.6 views

WordPress PeakShops theme < 1.5.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PeakShops versions 1.5.9...

8.1CVSS5.4AI score0.00512EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 6:48 a.m.5 views

WordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NumeX in WordPress Plugin UPI QR Code Payment Gateway for WooCommerce versions = 1.5.1...

5.4AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/23 2:0 a.m.8 views

WordPress LeadConnector plugin <= 3.0.21 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by YOUSEF MISHAAL ALI in WordPress Plugin LeadConnector versions = 3.0.21...

5.3CVSS5.4AI score0.00282EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 11:15 p.m.7 views

WordPress Fraud Prevention For Woocommerce plugin <= 2.3.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Fraud Prevention For Woocommerce versions = 2.3.2...

4.3CVSS5.9AI score0.00215EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 8:35 p.m.7 views

WordPress Traveler theme < 3.2.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Traveler versions 3.2.8...

8.8CVSS5.8AI score0.00209EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 11:24 a.m.7 views

WordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by w41bu1 in WordPress Plugin Eventin versions = 4.1.3...

8.8CVSS5.5AI score0.00468EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 11:17 a.m.7 views

WordPress Final User plugin <= 1.2.5 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Final User versions = 1.2.5...

8.8CVSS5.4AI score0.00278EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 11:16 a.m.5 views

WordPress WP Membership plugin <= 1.6.4 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WP Membership versions = 1.6.4...

8.8CVSS5.4AI score0.00278EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 11:7 a.m.6 views

WordPress Grand Spa theme <= 3.5.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Grand Spa versions = 3.5.5...

7.1CVSS5.3AI score0.00222EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 11:4 a.m.6 views

WordPress Grand Magazine theme <= 3.5.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Grand Magazine versions = 3.5.7...

7.1CVSS5.3AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 11:3 a.m.6 views

WordPress WP Membership plugin <= 1.6.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WP Membership versions = 1.6.4...

7.3CVSS5.3AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 10:33 a.m.6 views

WordPress AppExperts plugin <= 1.4.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin AppExperts versions = 1.4.5...

8.5CVSS5.8AI score0.00253EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 9:54 a.m.6 views

WordPress Real Estate Pro plugin <= 2.1.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Real Estate Pro versions = 2.1.5...

7.3CVSS5.3AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 9:54 a.m.6 views

WordPress ListingHub plugin <= 1.2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ListingHub versions = 1.2.7...

7.3CVSS5.3AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 9:54 a.m.5 views

WordPress Listihub theme <= 1.0.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Listihub versions = 1.0.6...

7.3CVSS5.3AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 9:53 a.m.4 views

WordPress JobBank plugin <= 1.2.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin JobBank versions = 1.2.3...

5.4AI score0.00178EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 8:40 a.m.4 views

WordPress ArtPlacer Widget plugin <= 2.23.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin ArtPlacer Widget versions = 2.23.1...

6.1CVSS5.3AI score0.00156EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 8:28 a.m.5 views

WordPress Easy Property Listings plugin <= 3.5.19 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Easy Property Listings versions = 3.5.19...

6.5CVSS5.4AI score0.00284EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 7:26 a.m.5 views

WordPress fitness-trainer plugin <= 1.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin fitness-trainer versions = 1.7.1...

7.3CVSS5.4AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 7:26 a.m.7 views

WordPress Final User plugin <= 1.2.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Final User versions = 1.2.5...

7.3CVSS5.4AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 7:25 a.m.5 views

WordPress Hospital Doctor Directory plugin <= 1.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Hospital Doctor Directory versions = 1.3.9...

7.6CVSS5.4AI score0.00325EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 7:24 a.m.5 views

WordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Institutions Directory versions = 1.3..4...

7.6CVSS5.4AI score0.00282EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 7:15 a.m.2 views

WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Hotel Listing versions = 1.4.2...

7.6CVSS5.4AI score0.00325EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 6:59 a.m.4 views

WordPress Hospital Doctor Directory plugin <= 1.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Hospital Doctor Directory versions = 1.3.9...

7.3CVSS5.4AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 6:59 a.m.3 views

WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Hotel Listing versions = 1.4.2...

7.3CVSS5.4AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 6:55 a.m.4 views

WordPress Institutions Directory plugin <= 1.3.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Institutions Directory versions = 1.3.4...

7.3CVSS5.4AI score0.00219EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 6:53 a.m.3 views

WordPress Hospital Doctor Directory plugin <= 1.3.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Hospital Doctor Directory versions = 1.3.9...

8.8CVSS5.4AI score0.00378EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 6:51 a.m.5 views

WordPress Institutions Directory plugin <= 1.3.4 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Institutions Directory versions = 1.3.4...

8.8CVSS5.4AI score0.00378EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 6:19 a.m.4 views

WordPress ElementCamp plugin <= 2.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin ElementCamp versions = 2.3.2...

5.3CVSS5.4AI score0.00214EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 6:4 a.m.3 views

WordPress LazyTasks plugin <= 1.4.10 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by 0xd4rk5id3 in WordPress Plugin LazyTasks versions = 1.4.10...

9.8CVSS5.3AI score0.00423EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 5:58 a.m.6 views

WordPress Contact Form 7 GetResponse Extension plugin <= 1.0.8 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Contact Form 7 GetResponse Extension versions = 1.0.8...

5.3CVSS5.4AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 5:57 a.m.6 views

WordPress Lawyer Directory plugin <= 1.3.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Lawyer Directory versions = 1.3.4...

7.3CVSS5.4AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 5:54 a.m.5 views

WordPress Lawyer Directory plugin <= 1.3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Lawyer Directory versions = 1.3.3...

7.6CVSS5.4AI score0.00325EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 5:53 a.m.6 views

WordPress Homey Core plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Homey Core versions = 2.4.3...

7.1CVSS5.3AI score0.00256EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46606