Filters
Software
automattic jetpack
8
automattic wp super cache
6
automattic woopayments
5
automattic activitypub
4
automattic sensei lms
4
automattic crowdsignal dashboard
3
automattic woocommerce
3
automattic camptix event ticketing
2
automattic vaultpress
2
automattic woocommerce blocks
2
automattic woocommerce bookings
2
automattic akismet
1
automattic canada post shipping method
1
automattic canvas
1
automattic genericons
1
automattic ghacitivity wordpress
1
automattic ghactivity wordpress
1
automattic jetpack crm
1
automattic newspack
1
automattic newspack ads wordpress
1
automattic w3 super cache
1
automattic woocommerce gocardless
1
automattic woocommerce payments
1
automattic woocommerce square
1
automattic woocommerce stripe
1
automattic woocommerce subscriptions
1
automattic wordpress.com editing toolkit
1
Automattic Sensei LmsSensei LMS < 4.24.2 - Unauthenticated Email Template Leak
7.5
EPSS
0.22%
First published (updated )
Automattic Ghacitivity WordpressWordPress GHActivity plugin <= 2.0.0-alpha - Cross Site Scripting (XSS) vulnerability
6.5
First published (updated )
Automattic Newspack Ads WordpressWordPress Newspack Ads plugin <= 1.47.1 - Cross Site Scripting (XSS) vulnerability
6.5
First published (updated )
Automattic NewspackWordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability
6.5
First published (updated )
Automattic Sensei LmsWordPress Sensei LMS Plugin <= 4.17.0 is vulnerable to Cross Site Scripting (XSS)
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic Crowdsignal DashboardWordPress Crowdsignal Dashboard – Polls, Surveys & more Plugin <= 3.0.11 is vulnerable to Cross Site Scripting (XSS)
7.1
First published (updated )
Automattic Woocommerce StripeWordPress WooCommerce Stripe Payment Gateway Plugin <= 7.6.1 is vulnerable to Insecure Direct Object References (IDOR)
9.8
First published (updated )
Automattic WoopaymentsWordPress WooCommerce Payments Plugin <= 6.6.2 is vulnerable to Insecure Direct Object References (IDOR)
7.5
First published (updated )
CVE-2023-50879WordPress WordPress.com Editing Toolkit Plugin <= 3.78784 is vulnerable to Cross Site Scripting (XSS)
6.5
First published (updated )
Automattic Woocommerce BookingsWordPress WooCommerce Bookings Plugin <= 1.15.78 is vulnerable to Insecure Direct Object References (IDOR)
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic Woocommerce SubscriptionsWordPress WooCommerce Subscriptions Plugin <= 5.1.2 is vulnerable to Insecure Direct Object References (IDOR)
7.5
First published (updated )
Automattic WoopaymentsWordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to SQL Injection
9.8
First published (updated )
Automattic WoopaymentsWordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to Insecure Direct Object References (IDOR)
7.5
First published (updated )
Automattic Woocommerce SquareWordPress WooCommerce Square Plugin <= 3.8.1 is vulnerable to Insecure Direct Object References (IDOR)
8.1
First published (updated )
Automattic Woocommerce GocardlessWordPress WooCommerce GoCardless Gateway Plugin <= 2.5.6 is vulnerable to Insecure Direct Object References (IDOR)
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic Canada Post Shipping MethodWordPress WooCommerce Canada Post Shipping Plugin <= 2.8.3 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Automattic Woocommerce BookingsWordPress WooCommerce Bookings Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Automattic WoopaymentsWordPress WooCommerce Payments Plugin <= 6.4.2 is vulnerable to Cross Site Scripting (XSS)
6.5
First published (updated )
Automattic JetpackWordPress Jetpack Plugin <= 12.8-a.1 is vulnerable to Cross Site Scripting (XSS)
6.5
First published (updated )
Automattic WoocommerceWordPress WooCommerce and WooCommerce Blocks plugins - Auth. Cross-Site Scripting (XSS) vulnerability
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic Jetpack CrmThe Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf’ p…
8.8
First published (updated )
Automattic ActivitypubActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Title Disclosure
4.3
First published (updated )
Automattic ActivitypubActivityPub for WordPress < 1.0.1 - Contributor+ Stored XSS
5.4
First published (updated )
Automattic ActivitypubActivityPub for WordPress < 1.0.0 - Contributor+ Stored XSS
5.4
First published (updated )
Automattic ActivitypubActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Content Disclosure
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic JetpackJetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API
8.8
First published (updated )
CVE-2023-27429WordPress Jetpack CRM Plugin <= 5.4.4 is vulnerable to Cross Site Scripting (XSS)
5.9
First published (updated )
Automattic VaultpressVaultPress Plugin MailPoet Plugin class.vaultpress-hotfixes.php protect_aioseo_ajax unrestricted upload
9.8
First published (updated )
Automattic Woocommerce PaymentsAn issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthent…
9.8
First published (updated )
CVE-2022-4497Jetpack CRM < 5.5 - Contributor+ Stored XSS
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-3919Jetpack CRM < 5.4.3 - Admin+ Cross-Site Scripting
4.8
First published (updated )
Automattic Crowdsignal DashboardWordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability
8.8
First published (updated )
Automattic Sensei LmsSensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR
4.3
First published (updated )
Automattic Sensei LmsSensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API
5.3
First published (updated )
Automattic Crowdsignal DashboardCrowdsignal Polls & Ratings < 3.0.8 - Reflected Cross-Site Scripting
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic VaultpressVaultPress Plugin code injection
7.5
First published (updated )
Automattic Woocommerce BlocksArbitrary SQL (SQL injection) possible via the Store API component.
7.5
First published (updated )
Automattic JetpackJetpack < 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak
5.3
First published (updated )
Automattic Wp Super CacheWP Super Cache < 1.7.3 - Authenticated Stored Cross-Site Scripting (XSS)
5.4
First published (updated )
Automattic Wp Super CacheWP Super Cache < 1.7.3 - Authenticated Remote Code Execution
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic Wp Super CacheCVE-2021-24209
First published (updated )
Automattic Wp Super CacheWordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
9.8
First published (updated )
Automattic Wp Super CacheWordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Automattic W3 Super CacheWordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.