The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total36,013

MitigationsMitigation rules13,271

No official fix10,105

In triage1,393

Published soon28

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Frontend Post Submission Manager Lite<= 1.2.6 Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability	5.3	1 day ago
Gravity Forms < 2.9.23.1 Unauthenticated Arbitrary File Upload vulnerability	10	1 day ago
Docket Cache<= 24.07.03 Local File Inclusion vulnerability	8.1	2 days ago
MapSVG<= 8.7.3 Arbitrary File Upload vulnerability	9.9	2 days ago
Membership For WooCommerce<= 3.0.3 Insecure Direct Object References (IDOR) vulnerability	7.5	2 days ago
Subscribe to Unlock Lite<= 1.3.0 Local File Inclusion vulnerability	7.5	2 days ago
URL Shortify<= 1.11.3 Reflected Cross-Site Scripting vulnerability	7.1	2 days ago
URL Shortify<= 1.11.2 Reflected Cross-Site Scripting vulnerability	7.1	2 days ago
Overstock Affiliate Links<= 1.1 Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability	7.1	2 days ago
Gift Hunt<= 2.0.2 Cross Site Scripting (XSS) vulnerability	5.9	2 days ago
Link Library<= 7.8.5 Server Side Request Forgery (SSRF) vulnerability	4.9	2 days ago
BBP Core<= 1.4.1 Broken Access Control vulnerability	5.3	2 days ago
Print Invoice & Delivery Notes for WooCommerce<= 5.8.0 Unauthenticated Remote Code Execution vulnerability	10	2 days ago
PhastPress<= 3.7 Unauthenticated Arbitrary File Read via Null Byte Injection vulnerability	7.5	2 days ago
SALESmanago<= 3.9.0 Broken Access Control vulnerability	5.3	2 days ago
Ocean Modal Window< 2.3.3 Editor+ Remote Code Execution vulnerability	9.1	2 days ago
WP Hallo Welt<= 1.4. Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability	7.1	2 days ago
Attachments Handler<= 1.1.7 Reflected Cross-Site Scripting vulnerability	7.1	2 days ago
Flex Store Users<= 1.1.0 Unauthenticated Privilege Escalation vulnerability	9.8	2 days ago
File Uploader for WooCommerce<= 1.0.3 Unauthenticated Arbitrary File Upload via add-image-data vulnerability	10	2 days ago