Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,932
Mitigations
Mitigation rules
13,240
No official fix
10,063
In triage
1,527
Published soon
4
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Beaver Builder
<= 2.9.4.1
Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update vulnerability
8.1
2 hours ago
WooMulti
<= 1.7
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
7.7
2 hours ago
Happy Addons for Elementor
<= 3.20.3
Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS vulnerability
6.5
2 hours ago
Restrict Content
<= 3.2.15
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes vulnerability
6.5
2 hours ago
Calendar
<= 1.3.16
Authenticated (Contributor+) Stored Cross-Site Scripting via 'event_desc' vulnerability
6.5
2 hours ago
Premium Addons for Elementor
<= 4.11.53
Cross-Site Request Forgery via 'insert_inner_template' vulnerability
4.3
2 hours ago
WooCommerce
<= 10.4.2
Sensitive Data Exposure vulnerability
6.5
7 hours ago
Gutenverse Form
<= 2.3.1
Broken Access Control vulnerability
6.5
2 days ago
Royal Elementor Addons
<= 1.7.1036
Missing Authorization to Unauthenticated Media File Upload vulnerability
5.3
3 days ago
Ultimate Member
<= 2.11.0
Unauthenticated Sensitive Information Exposure vulnerability
5.3
3 days ago
FiboSearch – Ajax Search for WooCommerce
<= 1.32.0
Authenticated (Contributor+) Stored Cross-Site Scripting via thegem_te_search Shortcode vulnerability
6.5
3 days ago
Pretty Google Calendar
<= 2.0.0
Missing Authorization to Unauthenticated Google API Key Exposure vulnerability
5.3
3 days ago
Quran Gateway
<= 1.5
Cross-Site Request Forgery to Settings Update vulnerability
4.3
3 days ago
RESPONSIVE AND SWIPE SLIDER!
<= 1.0.2
Authenticated (Editor+) Stored Cross-Site Scripting via Shortcode vulnerability
5.9
3 days ago
WP DB Booster
<= 1.0.1
Cross-Site Request Forgery to Database Cleanup vulnerability
4.3
3 days ago
Amazon affiliate lite
<= 1.0.0
Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
3 days ago
Amazon affiliate lite
<= 1.0.0
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
3 days ago
F70 Lead Document Download
<= 1.4.4
Missing Authorization to Unauthenticated Arbitrary Media File Download vulnerability
5.3
3 days ago
Slimstat Analytics
<= 5.3.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
3 days ago
Html5 Audio Player
2.4.0-2.5.1
Unauthenticated Server-Side Request Forgery vulnerability
7.2
3 days ago
Load more