The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total334
Mitigations91
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
hikashop< 5.1.1
Authenticated Cross Site Scripting (XSS) vulnerability
5.4
21/10/2024
Joomla3.0.0-3.10.16-elts,4.0.0-4.4.6,5.0.0-5.1.2
Unauthenticated XSS vectors in Outputfilter::strip* methods vulnerability
6.1
22/07/2024
Joomla4.0.0-4.4.6,5.0.0-5.1.2
Unauthenticated Improper ACL for backend profile view vulnerability
7.5
22/07/2024
dj-helpfularticles1.0.0-1.1.0
Unauthenticated Cross Site Scripting (XSS) vulnerability
6.1
09/07/2024
Joomla3.7.0-3.10.15-elts,4.0.0-4.4.5,5.0.0-5.1.1
Unauthenticated XSS in com_fields default field value vulnerability
6.1
09/06/2024
Joomla3.0.0-3.10.15-elts,4.0.0-4.4.5,5.0.0-5.1.1
Unauthenticated XSS in Wrapper extensions vulnerability
6.1
08/06/2024
Joomla3.0.0-3.10.15-elts,4.0.0-4.4.5,5.0.0-5.1.1
Unauthenticated XSS in StringHelper::truncate method vulnerability
6.1
08/06/2024
Joomla4.0.0-4.4.5,5.0.0-5.1.1
Authenticated Self-XSS in fancyselect list field layout vulnerability
5.4
03/06/2024
Joomla3.0.0-3.10.16-elts,4.0.0-4.4.6,5.0.0-5.1.2
Unauthenticated Cache Poisoning in Pagination vulnerability
9.1
23/05/2024
Joomla3.4.6-3.10.16-elts,4.0.0-4.4.6,5.0.0-5.1.2
Unauthenticated Inadequate validation of internal URLs vulnerability
6.1
20/03/2024
Joomla4.0.0-4.4.5,5.0.0-5.1.1
Unauthenticated XSS in accessible media selection field vulnerability
6.1
20/02/2024
Joomla4.0.0-4.4.2,5.0.0-5.0.2
Unauthenticated XSS in mail address outputs vulnerability
6.1
30/01/2024
joomdoc1.0.0-4.0.5
Unauthenticated Cross Site Scripting (XSS) vulnerability
6.1
14/12/2023
extplorer1.0.0-2.1.5
Unauthenticated Cross Site Scripting (XSS) vulnerability
6.1
14/12/2023
quickform1.0.0-3.3.0
Unauthenticated Cross Site Scripting (XSS) vulnerability
6.1
14/12/2023
proforms-basic1.0.0-1.6.0
Unauthenticated Cross Site Scripting (XSS) vulnerability
6.1
14/12/2023
jcdashboards1.0.0-1.1.30
Unauthenticated Local File Inclusion vulnerability
9.8
14/12/2023
starshop1.0.0-1.0.9
Unauthenticated SQL Injection vulnerability
9.8
14/12/2023
lms-lite1.0.0-3.3.0
Unauthenticated SQL Injection vulnerability
9.8
14/12/2023
livingword1.0.0-3.0.0
Unauthenticated Cross Site Scripting (XSS) vulnerability
6.1
14/12/2023