WordPress vulnerability database

API Monitor free
Report

State Of WordPress Security In 2021

Read the whitepaper

Vulnerability API

Integrate vulnerability alerts inside of your product with our detailed vulnerability API.

How we do it

We collect data across the web, commits, databases and manage a bounty platform for ethical hackers.

Why open-source

WordPress powers over 40% of all sites, including the White House, Mercedes-Benz… and BeyoncĂ©.

Monitor free
Report
Vulnerability API

Integrate vulnerability alerts inside of your product with our detailed vulnerability API.

How we do it

We collect data across the web, commits, databases and manage a bounty platform for ethical hackers.

Why open-source

WordPress powers over 40% of all sites, including the White House, Mercedes-Benz… and BeyoncĂ©.

All vulnerability types

0
10
All vulnerability types
SQL Injection
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)
Arbitrary Code Execution
Arbitrary Content Deletion
Arbitrary File Deletion
Arbitrary File Download
Arbitrary File Upload
Backdoor
Broken Authentication
Bypass Vulnerability
Clickjacking
Content Injection
Content Spoofing
CRLF Injection
Cross-Frame Scripting (XFS)
CSV Injection
Denial of Service Attack
Deserialization of untrusted data
Direct static code injection
Directory Traversal
Enumeration
Full Path Disclosure (FPD)
Insecure Direct Object References (IDOR)
Local File Inclusion
Multiple Vulnerabilities
Open Redirection
Other Vulnerability Type
PHP Object Injection
Privilege Escalation
Remote Code Execution (RCE)
Remote File Inclusion
Sensitive Data Exposure
Server Side Request Forgery (SSRF)
Session Hijacking
Settings Change
Unknown
Unvalidated Redirects and Forwards
XML External Entity (XXE)
Collapse

Plugin

Post Slider

<= 1.6.7

Broken Access Control vulnerability

5.4

1 day ago

Plugin

Customizer Export/Import

<= 0.9.4

Authenticated PHP Objection Injection vulnerability

6.6

1 day ago

Plugin

WP Word Count

<= 3.2.3

Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

1 day ago

Plugin

LearnPress

<= 4.1.7.1

Unauthenticated PHP Object Injection vulnerability

8.1

2 days ago

Plugin

Sabai Discuss

<= 1.4.13

Reflected CrossSite Scripting (XSS) vulnerability

6.1

2 days ago

Plugin

Create Block Theme

<= 1.2.1

Unauthenticated Arbitrary File Upload vulnerability

9.8

2 days ago

Plugin

WP-Polls

<= 2.76.0

Polls plugin <= 2.76.0 Race Condition vulnerability

4.3

2 days ago

Plugin

WP Humans.txt

<= 1.0.6

Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

2 days ago

Plugin

Retain Live Chat

<= 0.1

Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

2 days ago

Plugin

Post to CSV by BestWebSoft

<= 1.3.9

Authenticated CSV Injection vulnerability

4.1

3 days ago

Plugin

WP ALL Export Pro

<= 1.7.8

Authenticated SQL Injection (SQLi) vulnerability

8.5

4 days ago

Plugin

WP ALL Export Pro

<= 1.7.8

Authenticated Code Injection vulnerability

8.5

4 days ago

Plugin

Kadence WooCommerce Email Designer

<= 1.5.6

Authenticated PHP Objection Injection vulnerability

6.6

4 days ago

Plugin

Form Maker by 10Web

<= 1.15.5

Authenticated SQL Injection (SQLi) vulnerability

8.2

4 days ago

Plugin

Spam protection, AntiSpam, FireWall by CleanTalk

<= 5.185

Authenticated SQL Injection (SQLi) vulnerability

8.2

4 days ago

Plugin

WP Super Cache

<= 1.8

Cache Poisoning vulnerability

6.5

4 days ago

Plugin

Blog2Social

<= 6.9.9

Authenticated ServerSide Request Forgery (SSRF) vulnerability

7.4

4 days ago

Plugin

Blog2Social

<= 6.9.9

Authenticated SQL Injection (SQLi) vulnerability

9.1

4 days ago

Plugin

Shortcodes Ultimate

<= 5.12.0

CrossSite Request Forgery (CSRF) vulnerability

5.4

5 days ago

Plugin

CRM Perks Forms

<= 1.1.0

Reflected CrossSite Scripting (XSS) vulnerability

6.1

7 days ago
1 2 ... Older

All solutions

WordPress security Plugin auditing Vulnerability database Vulnerability API Bug bounty program BETA

WordPress security

Patchstack for WordPress For agencies NEW Pricing & features Documentation Changelog

Patchstack

About us Careers Media kit Insights & articles

Social

WordPress security Plugin auditing Vulnerability database Vulnerability API Bug bounty program BETA
Patchstack for WordPress For agencies NEW Pricing & features Documentation Changelog
About us Careers Media kit Insights & articles
DPA Privacy Policy Terms & Conditions

All solutions

WordPress security Plugin auditing Vulnerability database Vulnerability API Bug bounty program BETA

WordPress Security

Patchstack for WordPress For agencies NEW Pricing & features Documentation Changelog

Patchstack

About us Careers Media kit Insights & articles

Social

© 2022 Patchstack

DPA Privacy Policy T&C

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close