Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
48,793
Mitigations
Mitigation rules
15,729
No official patch
13,011
In triage
1,348
Published soon
41
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Plugin for Google Analytics by IO technologies
<= 1.1
Cross-Site Request Forgery vulnerability
4.3
11 hours ago
Team Member
<= 8.7
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
12 hours ago
Werkstatt
<= 4.7.2
Cross Site Request Forgery (CSRF) vulnerability
4.3
14 hours ago
Werkstatt
<= 4.7.2
Broken Access Control vulnerability
4.3
14 hours ago
Martfury - WooCommerce Marketplace WordPress Theme
<= 3.2.8
WordPress Martfury - WooCommerce Marketplace WordPress theme theme <= 3.2.8 - Broken Access Control vulnerability
4.3
15 hours ago
TheFox
<= 3.9.70
Cross Site Scripting (XSS) vulnerability
6.5
15 hours ago
Custom Field Template
<= 2.7.8
SQL Injection vulnerability
8.5
15 hours ago
Woffice
<= 5.4.31
Broken Access Control vulnerability
5.3
17 hours ago
Simple User Avatar
<= 4.9
Insecure Direct Object References (IDOR) vulnerability
4.3
19 hours ago
Embed Privacy
<= 1.12.3
Arbitrary File Deletion vulnerability
7.1
19 hours ago
RegistrationMagic
<= 6.0.8.6
Authenticated (Subscriber+) Authentication Bypass vulnerability
5.3
3 days ago
WP Full Stripe Free
<= 8.4.3
Missing Authorization to Unauthenticated Payment Record Manipulation vulnerability
5.3
3 days ago
Quiz And Survey Master
<= 11.1.4
Missing Authorization to Authenticated (Contributor+) Arbitrary Modification vulnerability
4.3
3 days ago
Product Specifications for Woocommerce
<= 0.8.9
Missing Authorization to Authenticated (Subscriber+) Arbitrary Attribute/Group Creation, Modification, and Deletion vulnerability
4.3
3 days ago
Masteriyo - LMS
<= 2.2.1
Missing Authorization to Authenticated (Student+) Arbitrary Course Announcement Modification vulnerability
4.3
3 days ago
Dokan
<= 5.0.4
Authenticated (Subscriber+) Insecure Direct Object Reference to Information Disclosure vulnerability
4.3
3 days ago
Gutenverse
<= 3.8.0
Authenticated (Editor+) Stored Cross-Site Scripting vulnerability
5.9
3 days ago
Surbma | Infusionsoft Shortcode
<= 2.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
3 days ago
Spexo
<= 2.0.11
Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation vulnerability
4.3
3 days ago
Page Builder by SiteOrigin
<= 2.34.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
3 days ago
Load more