Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,705
Mitigations
Mitigation rules
14,826
No official patch
11,212
In triage
1,630
Published soon
11
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Download Monitor
<= 5.1.10
Cross-Site Request Forgery to Download Path Deletion and Disabling vulnerability
4.3
3 minutes ago
Hustle
<= 7.8.10.2
WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability
5.3
4 minutes ago
Smart Slider 3
<= 3.5.1.33
Missing Authorization to Authenticated (Contributor+) Slider Data Read and Image Record Manipulation vulnerability
5.4
7 minutes ago
Charitable
<= 1.8.9.7
Insufficient Verification of Data Authenticity to Unauthenticated Donation Status Forgery via Stripe Webhook vulnerability
5.3
9 minutes ago
Link Whisper Free
< 0.9.1
Unauthenticated Settings and User Meta Update vulnerability
5.3
12 minutes ago
ProfilePress
<= 4.16.11
WordPress Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content - ProfilePress plugin <= 4.16.11 - Unauthenticated Arbitrary Shortcode Execution via Checkout Billing Fields vulnerability
6.5
11 hours ago
Visitors Traffic Real Time Statistics
<= 8.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
11 hours ago
Listeo Core
<= 2.0.27
WordPress Listeo-Core - Directory Plugin by Purethemes plugin <= 2.0.27 - Unauthenticated Arbitrary Media Upload vulnerability
5.3
12 hours ago
Widgets for Social Photo Feed
<= 1.7.9
Unauthenticated Stored Cross-Site Scripting via feed_data vulnerability
7.1
12 hours ago
Ninja Forms File Uploads Extension
<= 3.3.26
WordPress Ninja Forms - File Upload plugin <= 3.3.26 - Unauthenticated Arbitrary File Upload vulnerability
10
12 hours ago
Ocean Extra
<= 2.5.3
Broken Access Control vulnerability
5.4
13 hours ago
LTL Freight Quotes – Worldwide Express Edition
<= 5.2.1
Broken Access Control vulnerability
5.3
14 hours ago
Simple Social Media Share Buttons
<= 6.2.0
Cross Site Request Forgery (CSRF) vulnerability
7.5
14 hours ago
Under Construction, Coming Soon & Maintenance Mode
<= 2.1.1
Cross Site Request Forgery (CSRF) vulnerability
7.5
14 hours ago
wpForo Forum
<= 2.4.16
Authenticated (Subscriber+) Arbitrary File Deletion via Post Body vulnerability
8.8
15 hours ago
Text to Speech – TTSWP
<= 1.9.8
Use of Hardcoded Password to Unauthenticated Remote Database Access vulnerability
7.5
16 hours ago
Amelia
<= 2.1.3
Insecure Direct Object Reference to Authenticated (Employee+) Privilege Escalation via 'externalId' Parameter vulnerability
8.8
19 hours ago
WPFunnels
<= 3.7.9
Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpf_optin_form' Shortcode vulnerability
6.5
19 hours ago
Gutenberg Blocks by Kadence Blocks
<= 3.6.3
WordPress Kadence Blocks - Page Builder Toolkit for Gutenberg Editor plugin <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media Upload vulnerability
7.1
1 day ago
Gutenberg Blocks by Kadence Blocks
<= 3.6.3
WordPress Kadence Blocks - Page Builder Toolkit for Gutenberg Editor plugin <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media Upload vulnerability
4.3
1 day ago
Load more