WordPress Vulnerability Database

Clear

All vulnerability types

SQL Injection

Cross Site Scripting (XSS)

Cross Site Request Forgery (CSRF)

Arbitrary Code Execution

Arbitrary Content Deletion

Arbitrary File Deletion

Arbitrary File Download

Arbitrary File Upload

Backdoor

Broken Access Control

Broken Authentication

Bypass Vulnerability

Clickjacking

Content Injection

Content Spoofing

CRLF Injection

Cross-Frame Scripting (XFS)

CSV Injection

Denial of Service Attack

Deserialization of untrusted data

Direct static code injection

Directory Traversal

Enumeration

Full Path Disclosure (FPD)

Insecure Direct Object References (IDOR)

Local File Inclusion

Multiple Vulnerabilities

Open Redirection

Other Vulnerability Type

Path Traversal

PHP Object Injection

Privilege Escalation

Remote Code Execution (RCE)

Remote File Inclusion

Sensitive Data Exposure

Server Side Request Forgery (SSRF)

Session Hijacking

Settings Change

Unknown

Unvalidated Redirects and Forwards

XML External Entity (XXE)

Found in

Severity

Patchstack users have received early alerts and protection from 14 currently unlisted vulnerabilities.

Get early protection

Get latest WordPress security insight from our Patchstack Weekly series

No known vulnerabilities found.
Let us know if we missed something.

Vulnerability API

How we do it

Why open-source

Solutions

WordPress security

Patchstack

Social

Solutions

WordPress security

Patchstack

Social

No known vulnerabilities found.Let us know if we missed something.

Vulnerability API

How we do it

Why open-source

Solutions

WordPress security

Patchstack

Social

Solutions

WordPress security

Patchstack

Social

Let us know if we have missed a vulnerability reported elsewhere

Thank you for contributing!

No known vulnerabilities found.
Let us know if we missed something.