WordPress Vulnerability Database - Patchstack

Vulnerability Database

WordPress Vulnerability Database

Hand curated, verified and enriched WordPress vulnerability information

This month's Patchstack Red Team findings:

27

Last month's Patchstack Red Team findings:

52

Software

Vulnerability

Type

Version

Published

Medium Severity

5.5

WordPress Leaky Paywall plugin <= 4.16.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 4.16.6

2021-10-18

Medium Severity

5.5

WordPress LearnPress plugin <= 4.1.3.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 4.1.3.1

2021-10-18

Content Staging

Medium Severity

5.5

WordPress Content Staging <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 2.0.1

2021-10-18

JobBoardWP – Job Board Listings and Submissions

Medium Severity

5.5

WordPress JobBoardWP – Job Board Listings and Submissions plugin <= 1.0.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 1.0.7

2021-10-15

MPL-Publisher – Self-publish your book & ebook

Medium Severity

5.5

WordPress MPL-Publisher – Self-publish your book & ebook plugin <= 1.30.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 1.30.2

2021-10-15

Indeed Job Importer

Medium Severity

5.5

WordPress Indeed Job Importer plugin <= 1.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 1.0.5

2021-10-15

Medium Severity

5.5

WordPress Job Manager plugin <= 0.7.25 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 0.7.25

2021-10-14

WP Fastest Cache

High Severity

7.7

WordPress WP Fastest Cache plugin <= 0.9.4 - Authenticated SQL Injection (SQLi) vulnerability

High Severity

7.7

Plugin

<= 0.9.4

2021-10-14

WP Fastest Cache

Critical Severity

9.6

WordPress WP Fastest Cache plugin <= 0.9.4 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Critical Severity

9.6

Plugin

<= 0.9.4

2021-10-14

Medium Severity

5.5

WordPress Author Bio Box plugin <= 3.4.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 3.4.0

2021-10-14

Medium Severity

5.5

WordPress HAL plugin <= 2.1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 2.1.1

2021-10-14

KJM Admin Notices

Medium Severity

5.5

WordPress KJM Admin Notices plugin <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 2.0.1

2021-10-14

Medium Severity

5.5

WordPress job-portal plugin <= 0.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 0.0.1

2021-10-14

WpGenius Job Listing

Medium Severity

5.5

WordPress WpGenius Job Listing plugin <= 1.0.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 1.0.2

2021-10-14

Job Board Vanila

Medium Severity

5.5

WordPress Job Board Vanila plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 1.0

2021-10-14

Business Manager

Medium Severity

5.5

WordPress Business Manager plugin <= 1.4.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 1.4.5

2021-10-14

MyBB Cross-Poster

Medium Severity

5.5

WordPress MyBB Cross-Poster plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 1.0

2021-10-14

Formidable Form Builder

Medium Severity

5.5

WordPress Formidable Forms plugin <= 5.0.06 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

5.5

Plugin

<= 5.0.06

2021-10-13

Brizy – Page Builder

High Severity

7.1

WordPress Brizy – Page Builder plugin <= 2.3.11 - Incorrect authorization checks allowing Post modification vulnerability

High Severity

7.1

Plugin

<= 2.3.11

2021-10-13

Brizy – Page Builder

Medium Severity

6.4

WordPress Brizy – Page Builder plugin <= 2.3.11 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium Severity

6.4

Plugin

<= 2.3.11

2021-10-13

Newer entries Older entries

Found a vulnerability that puts your sites at risk?

Found a vulnerability? Help us secure the web and join our community of ethical hackers.

Are you the developer of this software? Hire our researchers for a thorough security audit.