The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing
Rated 4.9
Total36,013
Mitigations13,271
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
Betheme<= 28.1.6
Authenticated (Contributor+) Stored Cross-Site Scripting via 'page_title' vulnerability
6.5
Oct 8, 2025
Betheme<= 28.1.7
Cross Site Scripting (XSS) vulnerability
6.5
Oct 6, 2025
Betheme<= 28.1.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
Aug 5, 2025
Betheme<= 28.0.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
Apr 15, 2025
Betheme<= 27.6.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS vulnerability
6.5
Jan 21, 2025
Betheme<= 27.5.5
Authenticated (Author+) Stored Cross-Site Scripting via SVG File vulnerability
6.5
Sep 13, 2024
Betheme<= 27.5.6
Authenticated (Contributor+) PHP Object Injection vulnerability
8.5
Aug 30, 2024
Betheme<= 27.5.6
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
Aug 30, 2024
Betheme<= 27.1.1
Contributor+ Broken Access Control vulnerability
7.6
Nov 14, 2023
Betheme<= 27.1.1
Author+ Broken Access Control vulnerability
8.2
Aug 10, 2023
Betheme<= 26.7.5
Reflected Cross Site Scripting (XSS) vulnerability
7.1
Apr 13, 2023
Betheme<= 26.6.1
Broken Access Control vulnerability
6.3
Nov 21, 2022
Betheme<= 26.6.1
Broken Access Control vulnerability
4.3
Nov 21, 2022
Betheme<= 26.6.1
Broken Access Control vulnerability
5.4
Nov 21, 2022
Betheme<= 26.6.1
Broken Access Control vulnerability
5.4
Nov 21, 2022
Betheme<= 26.6.1
Broken Access Control vulnerability
4.3
Nov 21, 2022
Betheme<= 26.6.1
Auth. Stored Cross-Site Scripting (XSS) vulnerability
5.4
Nov 21, 2022
Betheme<= 26.5.1.4
Auth. PHP Object Injection vulnerability
6.3
Nov 17, 2022