Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/01/22 5:23 a.m.4 views

WordPress ABG Rich Pins plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by johska in WordPress Plugin ABG Rich Pins versions = 1.1...

5.4CVSS5.3AI score0.00198EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 5:3 a.m.7 views

WordPress Integration for Contact Form 7 HubSpot plugin <= 1.4.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Integration for Contact Form 7 HubSpot versions = 1.4.3...

5.4CVSS5.4AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 4:45 a.m.5 views

WordPress Autoshare for Twitter plugin <= 2.3.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Autoshare for Twitter versions = 2.3.1...

5.4CVSS5.5AI score0.00209EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 4:11 a.m.7 views

WordPress Cloudinary plugin <= 3.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Cloudinary versions = 3.3.2...

5.4CVSS5.2AI score0.00265EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 3:59 a.m.5 views

WordPress FluentBoards plugin <= 1.91.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin FluentBoards versions = 1.91.1...

5.4CVSS5.4AI score0.00265EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 3:48 a.m.8 views

WordPress Ryviu – Product Reviews for WooCommerce plugin <= 3.1.26 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Ryviu Product Reviews for WooCommerce versions = 3.1.26...

5.3CVSS5.3AI score0.00272EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/22 2:26 a.m.6 views

WordPress LifePress plugin <= 2.2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin LifePress versions = 2.2.1...

4.3CVSS5.9AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 8:29 p.m.8 views

WordPress Textmetrics plugin <= 3.6.4 - Content Injection vulnerability

Content Injection vulnerability discovered by theviper17 in WordPress Plugin Textmetrics versions = 3.6.4...

4.3CVSS5.3AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 6:56 p.m.16 views

WordPress LA-Studio Element Kit for Elementor plugin <= 1.5.6.3 - Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter vulnerability

Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakitbkrole parameter vulnerability discovered by WordFence in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.5.6.3...

9.8CVSS5.5AI score0.01078EPSS
Exploits5References1Affected Software1
Patchstack
Patchstack
added 2026/01/21 6:39 p.m.5 views

WordPress WP Docs plugin <= 2.2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by hhhai in WordPress Plugin WP Docs versions = 2.2.8...

5.4CVSS5.3AI score0.0017EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 6:33 p.m.6 views

WordPress B Accordion plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by theviper17 in WordPress Plugin B Accordion versions = 2.0.1...

6.5CVSS5.3AI score0.00276EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 5:55 p.m.7 views

WordPress iNET Webkit plugin <= 1.2.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin iNET Webkit versions = 1.2.4...

6.5CVSS5.4AI score0.00342EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 2:22 p.m.4 views

WordPress Anything Order by Terms plugin <= 1.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Anything Order by Terms versions = 1.4.0...

4.3CVSS5.4AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 2:2 p.m.4 views

WordPress WP Travel plugin <= 11.1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WP Travel versions = 11.1.0...

5.3CVSS5.9AI score0.00214EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 1:35 p.m.5 views

WordPress Real Homes CRM plugin <= 1.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by wackydawg in WordPress Plugin Real Homes CRM versions = 1.0.0...

9.9CVSS5.4AI score0.00525EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 1:17 p.m.5 views

WordPress Lawyer Directory plugin <= 1.3.3 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Lawyer Directory versions = 1.3.3...

8.8CVSS5.4AI score0.0042EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 1:15 p.m.4 views

WordPress Beaver Builder plugin <= 2.9.4.1 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by mcdruid in WordPress Plugin Beaver Builder versions = 2.9.4.1...

7.5CVSS5.5AI score0.00273EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 1:2 p.m.5 views

WordPress Media Library File Size plugin <= 1.6.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Media Library File Size versions = 1.6.7...

4.3CVSS5.4AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 12:54 p.m.4 views

WordPress Edwiser Bridge plugin <= 4.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Edwiser Bridge versions = 4.3.2...

5.4CVSS5.4AI score0.00209EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 12:27 p.m.5 views

WordPress BOX NOW Delivery plugin <= 3.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin BOX NOW Delivery versions = 3.0.2...

4.3CVSS5.4AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 12:11 p.m.7 views

WordPress Photo Gallery by 10Web plugin <= 1.8.36 - Missing Authorization to Unauthenticated Arbitrary Comment Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Comment Deletion vulnerability discovered by Moose Love - Nagasaki Prefectural University in WordPress Plugin Photo Gallery by 10Web versions = 1.8.36...

5.3CVSS5.5AI score0.00219EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/21 11:56 a.m.7 views

WordPress JobWP plugin <= 2.4.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin JobWP versions = 2.4.5...

7.1CVSS5.3AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 11:28 a.m.6 views

WordPress Ultra Portfolio plugin <= 6.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Ultra Portfolio versions = 6.7...

8.8CVSS5.8AI score0.00258EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 11:19 a.m.6 views

WordPress Movie Booking plugin <= 1.1.5 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Movie Booking versions = 1.1.5...

8.6CVSS5.4AI score0.00552EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 11:16 a.m.6 views

WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WPO365 versions = 40.0...

6.4CVSS5.4AI score0.00238EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 10:57 a.m.3 views

WordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP BackItUp versions = 2.1.0...

6.5CVSS5.9AI score0.00318EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 10:52 a.m.6 views

WordPress WorkScout-Core plugin <= 1.7.06 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WorkScout-Core versions = 1.7.06...

7.1CVSS5.3AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 10:51 a.m.6 views

WordPress WorkScout theme <= 4.1.07 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme WorkScout versions = 4.1.07...

7.1CVSS5.3AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 10:51 a.m.7 views

WordPress TaxCloud for WooCommerce plugin <= 8.3.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin TaxCloud for WooCommerce versions = 8.3.8...

6.5CVSS5.4AI score0.00255EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 10:49 a.m.6 views

WordPress User Registration plugin <= 4.4.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mdr in WordPress Plugin User Registration versions = 4.4.6...

8.2CVSS5.4AI score0.00309EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 10:47 a.m.7 views

WordPress Tabby Checkout plugin <= 5.8.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by benzdeus in WordPress Plugin Tabby Checkout versions = 5.8.4...

7.5CVSS5.4AI score0.00303EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 10:26 a.m.11 views

WordPress Hydra Booking plugin <= 1.1.32 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Hydra Booking versions = 1.1.32...

7.3CVSS5.4AI score0.0028EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 9:5 a.m.6 views

WordPress Extend Link plugin <= 2.0.0 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by theviper17 in WordPress Plugin Extend Link versions = 2.0.0...

4.9CVSS5.5AI score0.00184EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 9:5 a.m.4 views

WordPress EcoBlue theme <= 1.15 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme EcoBlue versions = 1.15...

5.4AI score0.00338EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 9:4 a.m.5 views

WordPress Listivo Core plugin <= 2.3.77 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Listivo Core versions = 2.3.77...

8.1CVSS5.4AI score0.00504EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 9:4 a.m.5 views

WordPress MyHome Core plugin <= 4.1.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin MyHome Core versions = 4.1.0...

7.5CVSS5.4AI score0.00463EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 8:52 a.m.4 views

WordPress Salon booking system plugin <= 10.30.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Salon booking system versions = 10.30.3...

6.5CVSS5.4AI score0.00355EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 8:49 a.m.4 views

WordPress Paid Downloads plugin <= 3.15 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0xVenus in WordPress Plugin Paid Downloads versions = 3.15...

9.3CVSS5.8AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 8:19 a.m.4 views

WordPress Nelio Content plugin <= 4.2.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Doan Dinh Van in WordPress Plugin Nelio Content versions = 4.2.0...

8.8CVSS5.9AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 7:33 a.m.4 views

WordPress Dinatur plugin <= 1.18 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Dinatur versions = 1.18...

7.1CVSS5.3AI score0.00222EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/21 7:31 a.m.5 views

WordPress NotificationX plugin <= 3.2.0 - Unauthenticated DOM-Based Cross-Site Scripting via 'nx-preview' vulnerability

Unauthenticated DOM-Based Cross-Site Scripting via 'nx-preview' vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin NotificationX versions = 3.2.0...

7.2CVSS5.4AI score0.00242EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/21 7:13 a.m.7 views

WordPress Nexter Extension - Site Enhancements Toolkit plugin <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace' vulnerability

WordPress Nexter Extension - Site Enhancements Toolkit plugin = 4.4.6 - Unauthenticated PHP Object Injection via 'nxtunserializereplace' vulnerability discovered by Webbernaut in WordPress Plugin Nexter Extension versions = 4.4.6...

8.1CVSS5.5AI score0.00479EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/21 6:49 a.m.9 views

WordPress Academy LMS plugin <= 3.5.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by vgo0 in WordPress Plugin Academy LMS versions = 3.5.0...

9.8CVSS5.4AI score0.00354EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/20 11:41 p.m.6 views

WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WishList Member X versions = 3.29.0...

5.4AI score0.00259EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/20 11:5 p.m.11 views

WordPress Bookingor plugin <= 1.0.12 - Subscriber+ Category Deletion vulnerability

Subscriber+ Category Deletion vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Bookingor versions = 1.0.12...

6.5CVSS5.4AI score0.00174EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/20 10:59 p.m.9 views

WordPress FlatPM - Ad Manager, AdSense and Custom Code plugin <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Post Meta vulnerability

WordPress FlatPM - Ad Manager, AdSense and Custom Code plugin = 3.2.2 - Authenticated Contributor+ Stored Cross-Site Scripting via Custom Post Meta vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin FlatPM versions = 3.2.2...

6.4CVSS5.5AI score0.00203EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/20 10:58 p.m.8 views

WordPress Head Meta Data plugin <= 20251118 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Meta vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Head Meta Data versions = 20251118...

6.4CVSS5.4AI score0.00203EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/20 10:53 p.m.10 views

WordPress NotificationX plugin <= 3.1.11 - Missing Authorization to Authenticated (Contributor+) Analytics Reset vulnerability

Missing Authorization to Authenticated Contributor+ Analytics Reset vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin NotificationX versions = 3.1.11...

4.3CVSS5.5AI score0.00264EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/20 10:52 p.m.12 views

WordPress Creator LMS - The LMS for Creators, Coaches, and Trainers plugin <= 1.1.12 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options Update vulnerability

WordPress Creator LMS - The LMS for Creators, Coaches, and Trainers plugin = 1.1.12 - Missing Authorization to Authenticated Contributor+ Arbitrary Options Update vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Creator LMS versions = 1.1.12...

8.8CVSS5.5AI score0.00271EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/20 10:50 p.m.11 views

WordPress The Events Calendar plugin <= 6.15.13 - Missing Authorization to Authenticated (Subscriber+) Data Migration Control vulnerability

Missing Authorization to Authenticated Subscriber+ Data Migration Control vulnerability discovered by type5afe in WordPress Plugin The Events Calendar versions = 6.15.13...

5.4CVSS5.5AI score0.00188EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities46606