Lucene search
K
PatchstackRecent

46606 matches found

Patchstack
Patchstack
added 2026/01/12 2:6 p.m.5 views

WordPress Reprizo theme <= 1.0.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Reprizo versions = 1.0.8...

7.1AI score0.00338EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:6 p.m.4 views

WordPress Promo theme <= 1.3.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Promo versions = 1.3.0...

7.1AI score0.00363EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:5 p.m.6 views

WordPress Melania theme <= 2.5.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Melania versions = 2.5.0...

7.1AI score0.00466EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:4 p.m.6 views

WordPress Mella theme <= 1.2.29 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Mella versions = 1.2.29...

8.1CVSS7.1AI score0.00541EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:4 p.m.7 views

WordPress Myour theme <= 1.5.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Myour versions = 1.5.1...

8.1CVSS7.1AI score0.00541EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 2:3 p.m.5 views

WordPress TheNa theme <= 1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme TheNa versions = 1.5.5...

7.1CVSS6.1AI score0.00244EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:27 p.m.7 views

WordPress Electron theme <= 1.8.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Electron versions = 1.8.2...

8.8CVSS7AI score0.00311EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:19 p.m.5 views

WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...

8.8CVSS7AI score0.00279EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:18 p.m.7 views

WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...

8.8CVSS7AI score0.00405EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:18 p.m.5 views

WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...

6.1CVSS6.1AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:15 p.m.5 views

WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress JNews - Frontend Submit plugin = 11.0.0 - Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin JNews - Frontend Submit versions = 11.0.0...

7.1CVSS6.1AI score0.00186EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:6 p.m.8 views

WordPress Sales Countdown Timer for WooCommerce and WordPress plugin <= 1.1.8.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Sales Countdown Timer for WooCommerce and WordPress versions = 1.1.8.1...

7.5CVSS5.5AI score0.00316EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:3 p.m.6 views

WordPress Orchid Store theme <= 1.5.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Orchid Store versions = 1.5.15...

5.3CVSS5.3AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 12:59 p.m.8 views

WordPress JupiterX Core plugin <= 4.10.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin JupiterX Core versions = 4.10.1...

8.5CVSS7.3AI score0.00559EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 12:51 p.m.7 views

WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Lead Capturing Pages versions = 2.5...

8.8CVSS8.1AI score0.0037EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 12:49 p.m.7 views

WordPress Drone theme <= 1.40 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Drone versions = 1.40...

6.1CVSS6.1AI score0.00244EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 12:48 p.m.5 views

WordPress Accordion Slider PRO plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Accordion Slider PRO versions = 1.2...

6.1CVSS6.1AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 12:44 p.m.6 views

WordPress xPromoter plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin xPromoter versions = 1.3.4...

6.1CVSS6.1AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 11:46 a.m.4 views

WordPress UiChemy plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin UiChemy versions = 4.4.2...

6.5CVSS6.1AI score0.00138EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 10:36 a.m.14 views

WordPress Nex-Forms Express WP Form Builder plugin < 9.1.8 - Authenticated Stored XSS vulnerability

Authenticated Stored XSS vulnerability discovered by Vuln Seeker Cyber Security Team in WordPress Plugin NEX-Forms versions 9.1.8...

6.8CVSS6.1AI score0.00235EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/12 10:35 a.m.15 views

WordPress Shabat Keeper plugin <= 0.4.4 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Shabat Keeper versions = 0.4.4...

6.1CVSS6.3AI score0.00255EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/12 10:11 a.m.11 views

WordPress WP Page Permalink Extension plugin <= 1.5.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Rewrite Rules Flush vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Rewrite Rules Flush vulnerability discovered by Legion Hunter in WordPress Plugin WP Page Permalink Extension versions = 1.5.4...

6.5CVSS6.8AI score0.00376EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/01/12 10:10 a.m.15 views

WordPress WooCommerce Square plugin <= 5.1.1 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability

Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability discovered by DityaRA in WordPress Plugin WooCommerce Square versions = 5.1.1...

7.5CVSS6.9AI score0.00256EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/12 8:39 a.m.7 views

WordPress Ecwid Shopping Cart plugin <= 7.0.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Ecwid Shopping Cart versions = 7.0.6...

5.3CVSS5.9AI score0.00225EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 5:41 a.m.10 views

WordPress Energia theme <= 1.1.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Energia versions = 1.1.2...

9.8CVSS7.1AI score0.00507EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 5:32 a.m.6 views

WordPress DZS Video Gallery plugin <= 12.39 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin DZS Video Gallery versions = 12.39...

8.8CVSS5.9AI score0.00386EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 4:11 a.m.9 views

WordPress Flex QR Code Generator plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin Flex QR Code Generator versions = 1.2.10...

5.9CVSS5.3AI score0.00136EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 10:25 p.m.4 views

WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Cream Magazine versions = 2.1.10...

5.3CVSS5.3AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 10:4 p.m.8 views

WordPress Penci AI SmartContent Creator plugin <= 2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci AI SmartContent Creator versions = 2.0...

4.3CVSS5.4AI score0.002EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 9:55 p.m.7 views

WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin iThemes Sync versions = 3.2.8...

4.3CVSS5.4AI score0.00152EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 8:52 p.m.5 views

WordPress WP Popups plugin <= 2.2.0.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin WP Popups versions = 2.2.0.5...

6.5CVSS5.4AI score0.00201EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 7:45 p.m.7 views

WordPress Penci Filter Everything plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Filter Everything versions = 1.7...

6.5CVSS5.4AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 6:35 p.m.7 views

WordPress Penci Podcast plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Podcast versions = 1.7...

6.5CVSS5.4AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 5:57 p.m.9 views

WordPress Penci Recipe plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Recipe versions = 4.1...

6.5CVSS5.4AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 1:44 p.m.6 views

WordPress Easy Modal plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Doan Dinh Van in WordPress Plugin Easy Modal versions = 2.1.0...

6.5CVSS5.3AI score0.00127EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 11:16 a.m.7 views

WordPress Live sales notification for WooCommerce plugin <= 2.3.46 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Live sales notification for WooCommerce versions = 2.3.46...

5.3CVSS5.4AI score0.00042EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 8:26 a.m.4 views

WordPress PopCash.Net Code Integration Tool plugin <= 1.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin PopCash.Net Code Integration Tool versions = 1.8...

5.3CVSS5.4AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 7:35 a.m.7 views

WordPress HurryTimer plugin <= 2.14.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by benzdeus in WordPress Plugin HurryTimer versions = 2.14.2...

5.9CVSS5.4AI score0.00172EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 6:26 a.m.6 views

WordPress Post Expirator plugin <= 4.9.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Post Expirator versions = 4.9.3...

4.3CVSS7AI score0.00165EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/11 3:36 a.m.5 views

WordPress Amelia plugin <= 1.2.38 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Amelia versions = 1.2.38...

5.3CVSS5.3AI score0.00228EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 11:40 p.m.9 views

WordPress Penci Shortcodes & Performance plugin <= 6.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Shortcodes & Performance versions = 6.1...

6.5CVSS5.3AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 10:47 p.m.7 views

WordPress Soledad theme <= 8.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Soledad versions = 8.7.2...

6.5CVSS5.3AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 10:25 p.m.6 views

WordPress RegistrationMagic plugin <= 6.0.6.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by 0xd4rk5id3 in WordPress Plugin RegistrationMagic versions = 6.0.6.9...

5.4CVSS5.4AI score0.00097EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 4:50 p.m.10 views

WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for WPBakery versions = 5.11.0...

6.5CVSS5.9AI score0.00133EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 3:52 p.m.5 views

WordPress Landing Page Builder plugin <= 1.5.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin Landing Page Builder versions = 1.5.3.4...

5.9CVSS5.9AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 3:16 p.m.12 views

WordPress Creator LMS plugin <= 1.1.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NumeX in WordPress Plugin Creator LMS versions = 1.1.12...

5.3CVSS6.9AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 2:56 p.m.6 views

WordPress Terms descriptions plugin <= 3.4.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mrreee in WordPress Plugin Terms descriptions versions = 3.4.9...

4.8CVSS5.3AI score0.0014EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 2:52 p.m.5 views

WordPress Suggestion Toolkit plugin <= 5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mrreee in WordPress Plugin Suggestion Toolkit versions = 5.0...

5.4CVSS5.4AI score0.0017EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 2:48 p.m.5 views

WordPress Neoforum plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mrreee in WordPress Plugin Neoforum versions = 1.0...

6.5CVSS5.3AI score0.00146EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 2:46 p.m.8 views

WordPress Neoforum plugin <= 1.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Mrreee in WordPress Plugin Neoforum versions = 1.0...

7.2CVSS5.8AI score0.00309EPSS
Exploits0Affected Software1
Total number of security vulnerabilities46606