Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,583
Mitigations
Mitigation rules
14,775
No official patch
11,289
In triage
1,386
Published soon
77
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
JetFormBuilder
<= 3.5.6.2
Unauthenticated Arbitrary File Read via Media Field vulnerability
7.5
1 hour ago
Shortcodes Blocks Creator Ultimate
<= 2.2.0
Reflected Cross-Site Scripting via 'page' vulnerability
7.1
2 hours ago
Shortcodes Blocks Creator Ultimate
<= 2.2.0
Reflected Cross-Site Scripting via _wpnonce vulnerability
7.1
2 hours ago
SEO Help
<= 6.1.3
Reflected Cross-Site Scripting vulnerability
7.1
2 hours ago
Video & Photo Gallery for Ultimate Member
<= 1.1.1
Reflected Cross-Site Scripting vulnerability
7.1
2 hours ago
ReviewX
<= 2.2.10
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.10 - Incorrect Authorization to Unauthenticated Information Exposure and Data Manipulation vulnerability
6.5
2 hours ago
Task Manager
<= 3.0.2
Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'task_id' Parameter vulnerability
6.5
2 hours ago
WP-WebAuthn
<= 1.3.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
3 hours ago
Comment Genius
<= 1.2.5
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
3 hours ago
rexCrawler
<= 1.0.15
Reflected Cross-Site Scripting via 'url' and 'regex' Parameters vulnerability
7.1
3 hours ago
SurveyJS
<= 2.5.3
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
3 hours ago
ARForms Form Builder
<= 1.7.2
Unauthenticated Blind Arbitrary Shortcode Execution vulnerability
5.6
3 hours ago
WP Maps
<= 4.9.1
WordPress WP Maps - Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin <= 4.9.1 - Unauthenticated SQL Injection via 'orderby' Parameter vulnerability
9.3
3 hours ago
Import and export users and customers
<= 1.29.7
Privilege Escalation to Administrator via save_extra_user_profile_fields vulnerability
8.1
3 hours ago
The Ultimate WordPress Toolkit – WP Extended
<= 3.2.4
WordPress The Ultimate WordPress Toolkit - WP Extended plugin <= 3.2.4 - Authenticated (Subscriber+) Privilege Escalation via Menu Editor Module vulnerability
8.8
3 hours ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Limited Remote Code Execution vulnerability
7.3
3 hours ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure vulnerability
5.3
15 hours ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export vulnerability
5.3
15 hours ago
Yoast SEO
<= 27.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute vulnerability
6.5
15 hours ago
Filestack Official
<= 2.1.0
Reflected Cross-Site Scripting vulnerability
7.1
15 hours ago
Load more