Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,575
Mitigations
Mitigation rules
14,757
No official patch
11,290
In triage
1,364
Published soon
76
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Yoast SEO
<= 27.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute vulnerability
6.5
6 minutes ago
Filestack Official
<= 2.1.0
Reflected Cross-Site Scripting vulnerability
7.1
11 minutes ago
Post Affiliate Pro
<= 1.28.0
Authenticated (Administrator+) Server-Side Request Forgery via 'Post Affiliate Pro URL' Field vulnerability
6.5
19 minutes ago
Alfie
<= 1.2.1
WordPress Alfie - Feed Plugin plugin <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'naam' Parameter vulnerability
7.1
23 minutes ago
WPFAQBlock
<= 1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute vulnerability
6.5
23 minutes ago
Vagaro Booking Widget
<= 0.3
Unauthenticated Stored Cross-Site Scripting via 'vagaro_code' vulnerability
7.1
24 minutes ago
WP Posts Re-order
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
25 minutes ago
Invelity Product Feeds
<= 1.2.6
Cross-Site Request Forgery to Arbitrary File Deletion vulnerability
8.1
26 minutes ago
itsukaita
<= 0.1.2
Reflected Cross-Site Scripting via 'day_from' Parameter vulnerability
7.1
34 minutes ago
Content Syndication Toolkit
<= 1.3
Unauthenticated Server-Side Request Forgery via 'url' Parameter vulnerability
7.2
37 minutes ago
Performance Monitor
<= 1.0.6
Unauthenticated Server-Side Request Forgery via 'url' Parameter vulnerability
7.2
38 minutes ago
Mandatory Field
<= 1.6.8
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Fields vulnerability
5.9
42 minutes ago
Multi Post Carousel by Category
<= 1.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute vulnerability
6.5
45 minutes ago
Survey
<= 1.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability
5.9
47 minutes ago
Add Google Social Profiles to Knowledge Graph Box
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
48 minutes ago
PQ Addons – Creative Elementor Widgets
<= 1.0.0
WordPress PQ Addons - Creative Elementor Widgets plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Attributes vulnerability
6.5
49 minutes ago
Redirect countdown
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
50 minutes ago
SR WP Minify HTML
<= 2.1
Cross-Site Request Forgery to Settings Update vulnerability
4.3
51 minutes ago
Schema Shortcode
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
53 minutes ago
iVysilani Shortcode
<= 3.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'width' Shortcode Attribute vulnerability
6.5
57 minutes ago
Load more