The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total46,423

MitigationsMitigation rules15,047

No official patch13,386

In triage1,428

Published soon26

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Breaking News WP<= 1.3 Missing Authorization to Authenticated (Subscriber+) Local File Inclusion/Read vulnerability	7.5	3 hours ago
Simple Random Posts Shortcode<= 0.3 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	3 hours ago
Emailchef<= 3.5.1 Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Settings Deletion vulnerability	5.4	5 hours ago
WP Responsive Popup + Optin<= 1.4 Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability	7.1	5 hours ago
Create DB Tables<= 1.2.1 Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Table Creation/Deletion vulnerability	9.1	5 hours ago
Sendmachine for WordPress<= 1.0.20 Unauthenticated SMTP Hijack to Privilege Escalation vulnerability	9.8	6 hours ago
Short Comment Filter<= 2.2 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	19 hours ago
Private WP suite<= 0.4.1 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	19 hours ago
Real Estate Pro<= 1.0.9 Authenticated (Admin+) Stored Cross-Site Scripting vulnerability	5.9	19 hours ago
HTTP Headers<= 1.19.2 Authenticated (Administrator+) CRLF Injection vulnerability	5.5	20 hours ago
HTTP Headers<= 1.19.2 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	20 hours ago
TextP2P Texting Widget<= 1.7 Cross-Site Request Forgery to Settings Update vulnerability	4.3	20 hours ago
Kcaptcha<= 1.0.1 Cross-Site Request Forgery to Settings Update vulnerability	4.3	20 hours ago
Call To Action Plugin<= 3.1.3 Cross-Site Request Forgery vulnerability	4.3	20 hours ago
mCatFilter<= 0.5.2 Cross-Site Request Forgery vulnerability	4.3	20 hours ago
DX Unanswered Comments<= 1.7 Cross-Site Request Forgery vulnerability	4.3	20 hours ago
Sentence To SEO (keywords, description and tags)<= 1.0 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	20 hours ago
Ni WooCommerce Order Export<= 3.1.6 Cross-Site Request Forgery to Settings Update vulnerability	4.3	20 hours ago
Zypento Blocks<= 1.06 Authenticated (Author+) Stored Cross-Site Scripting vulnerability	5.9	20 hours ago
Buzz Comments<= 0.9.4 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	20 hours ago