The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total39,656

MitigationsMitigation rules14,809

No official patch11,253

In triage1,571

Published soon1

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Oxygen<= 6.0.8 Unauthenticated Server-Side Request Forgery via route_path vulnerability	7.2	2 days ago
Car Dealer<= 1.6.7 Reflected Cross Site Scripting (XSS) vulnerability	7.1	23/03/2026
Golo< 1.7.5 Reflected Cross Site Scripting (XSS) vulnerability	7.1	23/03/2026
Ona< 1.24 Arbitrary File Upload vulnerability	9.9	23/03/2026
Apicona<= 24.1.0 PHP Object Injection vulnerability	8.8	23/03/2026
Sanzo< 2.4.3 Cross Site Scripting (XSS) vulnerability	6.5	23/03/2026
Vayvo< 6.8 WordPress Vayvo - Media Streaming & Membership WordPress Theme theme < 6.8 - Reflected Cross Site Scripting (XSS) vulnerability	7.1	23/03/2026
Meloo< 2.8.2 PHP Object Injection vulnerability	8.8	23/03/2026
Jobmonster< 4.8.4 SQL Injection vulnerability	9.3	23/03/2026
Boutique< 2.4.6 Reflected Cross Site Scripting (XSS) vulnerability	7.1	23/03/2026
Gaea< 3.8 Reflected Cross Site Scripting (XSS) vulnerability	7.1	23/03/2026
Borgholm< 1.6 PHP Object Injection vulnerability	9.8	23/03/2026
Halstein< 1.8 Arbitrary Object Instantiation vulnerability	5.4	23/03/2026
Leroux< 1.4 Arbitrary Object Instantiation vulnerability	5.4	23/03/2026
Archicon< 1.7 Arbitrary Object Instantiation vulnerability	5.4	23/03/2026
Stål< 1.7 Arbitrary Object Instantiation vulnerability	5.4	23/03/2026
Kamperen< 1.3 Arbitrary Object Instantiation vulnerability	5.4	23/03/2026
Gracey< 1.4 Arbitrary Object Instantiation vulnerability	5.4	23/03/2026
KIDZ<= 5.24 PHP Object Injection vulnerability	9.8	23/03/2026
Ricky< 2.31 PHP Object Injection vulnerability	9.8	23/03/2026