Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,759
Mitigations
Mitigation rules
13,803
No official fix
10,777
In triage
1,168
Published soon
4
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Happy Addons for Elementor
<= 3.20.7
Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field vulnerability
6.5
21 minutes ago
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget vulnerability
6.5
25 minutes ago
Spectra
<= 2.19.17
Unauthenticated Information Disclosure in Sensitive Data vulnerability
5.3
27 minutes ago
WP ULike
<= 4.8.3.1
Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' Parameter vulnerability
5.3
29 minutes ago
Popup box
<= 6.1.1
Cross-Site Request Forgery to Popup Status Change vulnerability
4.3
44 minutes ago
Motors
<= 1.4.57
WordPress Motors - Car Dealer, Classifieds & Listing plugin <= 1.4.57 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Listing Template Creation vulnerability
4.3
1 hour ago
Master Slider
<= 3.10.6
WordPress Master Slider - Responsive Touch Slider plugin <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode vulnerability
6.5
1 hour ago
Relevanssi Premium
<= 2.25.0
Missing Authorization to Unauthenticated Query Log Export vulnerability
5.3
1 hour ago
Relevanssi
<= 4.22.0
Missing Authorization to Unauthenticated Query Log Export vulnerability
5.3
1 hour ago
Paid Member Subscriptions
<= 2.11.1
WordPress Paid Membership Subscriptions - Effortless Memberships, Recurring Payments & Content Restriction plugin <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return vulnerability
5.3
1 hour ago
Elementor Addon Elements
<= 1.12.12
Authenticated (Contributor+) Stored Cross-Site Scripting via Thumbnail Slider Widget vulnerability
6.5
1 hour ago
Elementor Addon Elements
<= 1.12.12
Authenticated (Contributor+) Stored Cross-Site Scripting via Dual Button Widget vulnerability
6.5
1 hour ago
Shortcodes and extra features for Phlox theme
<= 2.15.7
Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' vulnerability
6.5
1 hour ago
Element Pack Elementor Addons
<= 5.6.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Panel Slider Widget vulnerability
6.5
2 hours ago
Element Pack Elementor Addons
<= 5.6.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget vulnerability
6.5
2 hours ago
Livemesh Addons for Elementor
<= 8.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text Widget vulnerability
6.5
2 hours ago
Livemesh Addons for Elementor
<= 8.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Slider Widget vulnerability
6.5
2 hours ago
Livemesh Addons for Elementor
<= 8.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget vulnerability
6.5
2 hours ago
Livemesh Addons for Elementor
<= 8.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Multislider Widget vulnerability
6.5
2 hours ago
Livemesh Addons for Elementor
<= 8.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Carousel Widget vulnerability
6.5
2 hours ago
Load more