The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total48,713

MitigationsMitigation rules15,693

No official patch12,994

In triage1,384

Published soon47

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Forget About Shortcode Buttons<= 2.1.3 Broken Access Control vulnerability	5.4	31 minutes ago
Live Copy Paste for Elementor<= 1.5.3 Broken Access Control vulnerability	4.3	32 minutes ago
Goya Core< 1.0.9.4 Local File Inclusion vulnerability	7.5	33 minutes ago
Splash - Sport Club WordPress Theme for Basketball, Football, Hockey<= 4.4.3 WordPress Splash - Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability	7.5	36 minutes ago
BookPro<= 1.1.0 Insecure Direct Object References (IDOR) vulnerability	5.3	38 minutes ago
Groundhogg<= 4.5 SQL Injection vulnerability	8.5	54 minutes ago
GravityView<= 3.0.0 Insecure Direct Object References (IDOR) vulnerability	5.3	56 minutes ago
Contest Gallery<= 30.0.0 SQL Injection vulnerability	8.5	57 minutes ago
Recipe Maker For Your Food Blog from Zip Recipes<= 8.2.7 SQL Injection vulnerability	8.5	57 minutes ago
Bopo – WooCommerce Product Bundle Builder<= 1.1.6 Sensitive Data Exposure vulnerability	4.3	57 minutes ago
WPComplete<= 2.9.5.5 Broken Access Control vulnerability	5.4	58 minutes ago
Booking and Rental Manager<= 2.7.1 Broken Access Control vulnerability	5.3	59 minutes ago
Paid Memberships Pro - Add Member From Admin<= 0.7.2 WordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability	8.8	59 minutes ago
TemplateSpare<= 4.2.0 Arbitrary File Upload vulnerability	9.1	1 hour ago
Gmail SMTP<= 1.2.3.19 Cross Site Request Forgery (CSRF) vulnerability	4.3	1 hour ago
Affiliates Manager<= 2.9.49 Broken Access Control vulnerability	6.5	1 hour ago
Hester Core<= 1.1.8 Cross Site Scripting (XSS) vulnerability	5.9	1 hour ago
Child Theme Wizard<= 1.4 Cross Site Request Forgery (CSRF) vulnerability	8.2	1 hour ago
WP Job Portal<= 2.5.2 SQL Injection vulnerability	8.5	1 hour ago
JS Help Desk<= 3.1.0 Insecure Direct Object References (IDOR) vulnerability	5.3	1 hour ago