Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,583
Mitigations
Mitigation rules
14,767
No official patch
11,290
In triage
1,364
Published soon
77
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
ReviewX
<= 2.2.10
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.10 - Incorrect Authorization to Unauthenticated Information Exposure and Data Manipulation vulnerability
6.5
5 minutes ago
Task Manager
<= 3.0.2
Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'task_id' Parameter vulnerability
6.5
17 minutes ago
WP-WebAuthn
<= 1.3.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
20 minutes ago
Comment Genius
<= 1.2.5
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
23 minutes ago
rexCrawler
<= 1.0.15
Reflected Cross-Site Scripting via 'url' and 'regex' Parameters vulnerability
7.1
25 minutes ago
SurveyJS
<= 2.5.3
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
27 minutes ago
ARForms Form Builder
<= 1.7.2
Unauthenticated Blind Arbitrary Shortcode Execution vulnerability
5.6
36 minutes ago
WP Maps
<= 4.9.1
WordPress WP Maps - Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin <= 4.9.1 - Unauthenticated SQL Injection via 'orderby' Parameter vulnerability
9.3
38 minutes ago
Import and export users and customers
<= 1.29.7
Privilege Escalation to Administrator via save_extra_user_profile_fields vulnerability
8.1
43 minutes ago
The Ultimate WordPress Toolkit – WP Extended
<= 3.2.4
WordPress The Ultimate WordPress Toolkit - WP Extended plugin <= 3.2.4 - Authenticated (Subscriber+) Privilege Escalation via Menu Editor Module vulnerability
8.8
54 minutes ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Limited Remote Code Execution vulnerability
7.3
1 hour ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure vulnerability
5.3
12 hours ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export vulnerability
5.3
12 hours ago
Yoast SEO
<= 27.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute vulnerability
6.5
12 hours ago
Filestack Official
<= 2.1.0
Reflected Cross-Site Scripting vulnerability
7.1
13 hours ago
Post Affiliate Pro
<= 1.28.0
Authenticated (Administrator+) Server-Side Request Forgery via 'Post Affiliate Pro URL' Field vulnerability
6.5
13 hours ago
Alfie
<= 1.2.1
WordPress Alfie - Feed Plugin plugin <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'naam' Parameter vulnerability
7.1
13 hours ago
WPFAQBlock
<= 1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute vulnerability
6.5
13 hours ago
Vagaro Booking Widget
<= 0.3
Unauthenticated Stored Cross-Site Scripting via 'vagaro_code' vulnerability
7.1
13 hours ago
WP Posts Re-order
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
13 hours ago
Load more