Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,353
Mitigations
Mitigation rules
13,373
No official fix
10,333
In triage
1,164
Published soon
20
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Quiz And Survey Master
<= 10.3.1
Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion vulnerability
5.4
3 hours ago
LearnPress
<= 4.3.2
Missing Authentication to Unauthenticated Course Modification vulnerability
5.3
3 hours ago
MasterStudy LMS
<= 3.7.6
for Online Courses and Education plugin <= 3.7.6 Missing Authorization to Authenticated (Subscriber+) Posts and Media Creation, Modification and Deletion vulnerability
5.4
3 hours ago
TaxoPress
<= 3.41.0
Missing Authorization to Authenticated (Contributor+) Arbitrary Post Tag Modification vulnerability
4.3
3 hours ago
Table Field Add-on for ACF and SCF
<= 1.3.30
Authenticated (Contributor+) Stored Cross-Site Scripting via Table Cell Content vulnerability
5.9
3 hours ago
GamiPress
<= 7.6.1
Missing Authorization to Authenticated (Subscriber+) Information Exposure vulnerability
4.3
3 hours ago
Phlox
<= 2.17.7
Authenticated (Contributor+) Stored Cross-Site Scripting via `data-caption` HTML Attribute vulnerability
6.5
3 hours ago
PopupKit
<= 2.2.0
Missing Authorization to Authenticated (Subscriber+) Arbitrary Subscriber Data Deletion vulnerability
5.3
3 hours ago
URL Image Importer
<= 1.0.7
Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability
5.9
3 hours ago
Depicter Slider
<= 4.0.7
Missing Authorization to Unauthenticated Display Rule Updates vulnerability
5.3
3 hours ago
Woocommerce Support System
<= 1.2.6
Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Deletion vulnerability
5.4
3 hours ago
Page Expire Popup/Redirection for WordPress
<= 1.0
Authenticated (Author+) SQL Injection via 'id' Shortcode Attribute vulnerability
8.5
3 hours ago
Form Vibes – Database Manager for Forms
<= 1.4.13
Authenticated (Admin+) SQL Injection vulnerability
7.6
4 hours ago
Team
< 5.0.11
Unauthenticated SQLi vulnerability
9.3
18 hours ago
Sheets To WP Table Live Sync
< 3.19.2
Admin+ Stored XSS vulnerability
5.9
18 hours ago
VidMov
<= 2.3.8
Path Traversal vulnerability
7.7
3 days ago
Five Star Restaurant Reservations
<= 2.7.8
Insecure Direct Object References (IDOR) vulnerability
8.6
3 days ago
ShopBuilder – Elementor WooCommerce Builder Addons
< 3.2.2
Reflected XSS vulnerability
7.1
3 days ago
Branda
<= 3.4.24
WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability
9.8
3 days ago
Logo Slider
< 4.9.0
Contributor+ Stored XSS vulnerability
6.5
3 days ago
Load more