Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/01/13 10:28 p.m.5 views

WordPress Makesweat plugin <= 0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'makesweat_clubid' Setting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'makesweatclubid' Setting vulnerability discovered by ChamlaVic in WordPress Plugin Makesweat versions = 0.1...

4.4CVSS5.8AI score0.00211EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 10:23 p.m.8 views

WordPress PDF Resume Parser plugin <= 1.0 - Unauthenticated Sensitive Information Disclosure in SMTP Credentials vulnerability

Unauthenticated Sensitive Information Disclosure in SMTP Credentials vulnerability discovered by Ivan Cese in WordPress Plugin PDF Resume Parser versions = 1.0...

5.3CVSS6.6AI score0.00323EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 10:21 p.m.9 views

WordPress Testimonials Creator plugin 1.6 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Jochem Boender in WordPress Plugin Testimonials Creator versions 1.6...

4.4CVSS5.7AI score0.00208EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 10:17 p.m.6 views

WordPress Responsive Accordion Slider plugin <= 1.2.2 - Missing Authorization to Authenticated (Contributor+) Slider Update via 'resp_accordion_silder_save_images' vulnerability

Missing Authorization to Authenticated Contributor+ Slider Update via 'respaccordionsildersaveimages' vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Responsive Accordion Slider versions = 1.2.2...

4.3CVSS7AI score0.00233EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:36 p.m.5 views

WordPress SearchWiz plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Title vulnerability discovered by WordFence in WordPress Plugin SearchWiz versions = 1.0.0...

6.4CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:34 p.m.6 views

WordPress Kunze Law plugin <= 2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by ZAST.AI - ZAST.AI in WordPress Plugin Kunze Law versions = 2.1...

4.4CVSS5.8AI score0.00237EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:22 p.m.11 views

WordPress CP Image Store with Slideshow plugin <= 1.1.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Product Import vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Product Import vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin CP Image Store with Slideshow versions = 1.1.9...

4.3CVSS7AI score0.00261EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:13 p.m.4 views

WordPress WP Duplicate Page plugin <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Post Duplication vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin WP Duplicate Page versions = 1.8...

5.4CVSS6.8AI score0.00227EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:49 p.m.3 views

WordPress Bayarcash WooCommerce plugin <= 4.3.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan in WordPress Plugin Bayarcash WooCommerce versions = 4.3.13...

5.3CVSS5.4AI score0.00295EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 1:56 p.m.7 views

WordPress Travel Monster theme <= 1.3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Travel Monster versions = 1.3.3...

5.3CVSS5.3AI score0.00352EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 1:35 p.m.6 views

WordPress Tutor LMS Pro plugin <= 3.8.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Tutor LMS Pro versions = 3.8.3...

8.1AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 1:32 p.m.6 views

WordPress Hide My WP plugin <= 6.2.12 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Hide My WP versions = 6.2.12...

6.1CVSS6.1AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 1:32 p.m.6 views

WordPress WPLMS plugin <= 1.9.9.5.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WPLMS versions = 1.9.9.5.4...

8.1CVSS7AI score0.00479EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 1:0 p.m.6 views

WordPress Breeze plugin <= 2.2.21 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Breeze versions = 2.2.21...

5.3CVSS7AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 12:9 p.m.7 views

WordPress Seriously Simple Podcasting plugin <= 3.14.1 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by daroo in WordPress Plugin Seriously Simple Podcasting versions = 3.14.1...

4.6CVSS5.4AI score0.00132EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 12:5 p.m.5 views

WordPress Reservation Plugin plugin <= 1.7 - Settings Change vulnerability

Settings Change vulnerability discovered by Bonds in WordPress Plugin Reservation Plugin versions = 1.7...

6.5CVSS7AI score0.00242EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 12:3 p.m.3 views

WordPress Laurent Core plugin <= 2.4.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Laurent Core versions = 2.4.1...

7.5CVSS5.4AI score0.00399EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 12:0 p.m.4 views

WordPress Skillate theme <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Skillate versions = 1.2.10...

6.1AI score0.00186EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 11:58 a.m.6 views

WordPress KenthaRadio theme <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme KenthaRadio versions = 2.2.0...

7.1CVSS6.1AI score0.00186EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 11:57 a.m.4 views

WordPress Auto Repair theme <= 22.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Auto Repair versions = 22.6...

6.1AI score0.00244EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 11:57 a.m.5 views

WordPress Laurent theme <= 3.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Laurent versions = 3.1...

7.5CVSS5.4AI score0.00306EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:39 a.m.7 views

WordPress OneLife theme <= 3.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme OneLife versions = 3.9...

8.8CVSS7.3AI score0.00344EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:39 a.m.6 views

WordPress Miion theme <= 1.2.7 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Miion versions = 1.2.7...

9.9CVSS7.1AI score0.00434EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:31 a.m.6 views

WordPress Bajaar - Highly Customizable WooCommerce WordPress Theme theme <= 2.1.0 - Local File Inclusion vulnerability

WordPress Bajaar - Highly Customizable WooCommerce WordPress Theme theme = 2.1.0 - Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Bajaar - Highly Customizable WooCommerce WordPress Theme versions = 2.1.0...

8.1CVSS7.1AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 9:0 a.m.3 views

WordPress Miion theme <= 1.2.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Miion versions = 1.2.7...

7.5CVSS7.1AI score0.00463EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:58 a.m.5 views

WordPress HDForms plugin <= 1.6.1 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by theviper17 in WordPress Plugin HDForms versions = 1.6.1...

8.6CVSS7AI score0.00518EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:51 a.m.5 views

WordPress Solace theme <= 2.1.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Theme Solace versions = 2.1.16...

6.5CVSS7AI score0.00311EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:37 a.m.6 views

WordPress RealPress plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by hhhai in WordPress Plugin RealPress versions = 1.1.0...

5.4CVSS5.5AI score0.00095EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:21 a.m.6 views

WordPress Blogzee theme <= 1.0.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Blogzee versions = 1.0.5...

9.9CVSS7AI score0.00465EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:21 a.m.6 views

WordPress Blogistic theme <= 1.0.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Blogistic versions = 1.0.5...

9.9CVSS7AI score0.00465EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:16 a.m.4 views

WordPress Hostme v2 theme <= 7.0 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Hostme v2 versions = 7.0...

7.5CVSS7.1AI score0.00371EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:4 a.m.3 views

WordPress Restaurt theme <= 1.0.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Restaurt versions = 1.0.4...

7.1AI score0.00465EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 8:3 a.m.6 views

WordPress JNews - Video plugin <= 11.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress JNews - Video plugin = 11.0.2 - Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin JNews - Video versions = 11.0.2...

7.1CVSS6.1AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:56 a.m.6 views

WordPress JNews - Pay Writer plugin <= 11.0.0 - Local File Inclusion vulnerability

WordPress JNews - Pay Writer plugin = 11.0.0 - Local File Inclusion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin JNews - Pay Writer versions = 11.0.0...

7.5CVSS7AI score0.00397EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:45 a.m.5 views

WordPress Anona theme <= 8.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Anona versions = 8.0...

8.8CVSS7.3AI score0.0037EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:42 a.m.7 views

WordPress Anona theme <= 8.0 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Anona versions = 8.0...

7.3CVSS7.1AI score0.00447EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:41 a.m.5 views

WordPress Anona theme <= 8.0 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Anona versions = 8.0...

8.6CVSS7.1AI score0.00458EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:33 a.m.4 views

WordPress Anon theme <= 2.2.10 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Anon versions = 2.2.10...

7.1CVSS6.1AI score0.00244EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:32 a.m.9 views

WordPress Vivagh theme <= 2.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Vivagh versions = 2.4...

8.8CVSS7.3AI score0.0037EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:32 a.m.8 views

WordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kids Heaven versions = 3.2...

8.8CVSS7.3AI score0.00503EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:32 a.m.22 views

WordPress Brookside theme <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Brookside versions = 1.4...

6.1AI score0.002EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/13 7:1 a.m.6 views

WordPress FluentForm plugin <= 6.1.11 - Arbitrary Shortcode Execution vulnerability

Arbitrary Shortcode Execution vulnerability discovered by Kishan Vyas in WordPress Plugin FluentForm versions = 6.1.11...

5.3CVSS5.5AI score0.00233EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 9:41 p.m.18 views

WordPress Quiz Maker plugin < 6.7.0.89 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bakir Tuči in WordPress Plugin Quiz Maker versions 6.7.0.89...

4.8CVSS6.1AI score0.00185EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/12 3:14 p.m.5 views

WordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin MetForm Pro versions = 3.9.1...

5.4AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:12 p.m.6 views

WordPress Consult Aid theme <= 1.4.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Consult Aid versions = 1.4.3...

9.8CVSS7.3AI score0.00547EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:8 p.m.6 views

WordPress Responsive Addons for Elementor plugin <= 2.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin Responsive Addons for Elementor versions = 2.0.8...

6.5CVSS7AI score0.00205EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:7 p.m.4 views

WordPress AutoParts theme <= 1.5.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme AutoParts versions = 1.5.8...

7.1AI score0.00363EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:7 p.m.8 views

WordPress Search & Go theme <= 2.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Search & Go versions = 2.8...

8.1CVSS7.1AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:7 p.m.5 views

WordPress Right Way theme <= 4.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Right Way versions = 4.0...

7.1AI score0.00363EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:6 p.m.6 views

WordPress Barberry theme <= 2.9.9.87 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Barberry versions = 2.9.9.87...

8.1CVSS7.1AI score0.00433EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46606