The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total48,145

MitigationsMitigation rules15,608

No official patch12,947

In triage1,535

Published soon0

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Vitepos< 3.4.2 Outlet Manager+ Privilege Escalation vulnerability	7.2	57 minutes ago
Simple File List<= 6.3.7 Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action vulnerability	7.5	1 hour ago
Simple File List<= 6.3.7 Unauthenticated Arbitrary File Deletion via Path Traversal in 'eeSubFolder' Parameter vulnerability	7.5	1 hour ago
Contact Form Entries<= 1.5.1 Unauthenticated Arbitrary File Deletion via CF7 File Field POST Value vulnerability	8.6	1 hour ago
Branda<= 3.4.29 WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover vulnerability	9.8	1 hour ago
Motors< 1.4.110 Unauthenticated Post-Meta Write via stm_ajax_add_a_car_media vulnerability	5.4	2 hours ago
Pie Register< 3.8.4.10 Unauthenticated Email Verification Bypass via Predictable Token vulnerability	5.3	2 hours ago
Simple File List<= 6.3.7 Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute vulnerability	6.5	2 hours ago
WP Hotel Booking< 2.3.1 Subscriber+ Missing Authorization in Multiple AJAX Handlers vulnerability	5.3	3 days ago
WP Go Maps<= 10.1.01 Unauthenticated Arbitrary Record Creation vulnerability	5.3	3 days ago
UPI QR Code Payment Gateway for WooCommerce<= 1.6.2 Broken Access Control vulnerability	5.4	3 days ago
Paymob for WooCommerce<= 4.1.2 Broken Access Control vulnerability	7.5	3 days ago
Master Slider<= 3.11.2 Cross Site Scripting (XSS) vulnerability	7.1	3 days ago
License Manager for WooCommerce<= 3.0.15 Insecure Direct Object References (IDOR) vulnerability	6.5	3 days ago
WP Activity Log<= 5.6.3.1 Cross Site Scripting (XSS) vulnerability	7.1	3 days ago
CheckView Automated Testing<= 2.1.0 Broken Access Control vulnerability	7.5	3 days ago
MapPress Maps for WordPress<= 2.97.3 Cross Site Scripting (XSS) vulnerability	7.1	3 days ago
Abandoned Cart Pro for WooCommerce<= 10.4.0 Privilege Escalation vulnerability	8.8	3 days ago
Bit Integrations<= 2.8.7 Unauthenticated Server-Side Request Forgery vulnerability	7.2	3 days ago
BetterDocs Pro<= 3.8.0 Unauthenticated Local File Inclusion vulnerability	10	3 days ago