Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,967
Mitigations
Mitigation rules
13,661
No official fix
10,589
In triage
1,213
Published soon
32
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Melapress Role Editor
<= 1.1.1
Improper Authorization to Authenticated (Subscriber+) Privilege Escalation via Secondary Role Assignment vulnerability
8.8
5 hours ago
BuddyPress
<= 14.3.3
Unauthenticated Arbitrary Shortcode Execution vulnerability
7.3
5 hours ago
All-in-One Video Gallery
<= 4.6.4
Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion vulnerability
6.5
5 hours ago
WP DSGVO Tools (GDPR)
<= 3.1.36
Authenticated (Contributor+) Stored Cross-Site Scripting via 'lw_content_block' Shortcode vulnerability
6.5
6 hours ago
weDocs
<= 2.1.16
Missing Authorization to Authenticated (Subscriber+) Documentation Post Update vulnerability
4.3
6 hours ago
Schema & Structured Data for WP & AMP
<= 1.54
Authenticated (Contributor+) Stored Cross-Site Scripting via User Custom Schema vulnerability
6.5
6 hours ago
KiviCare
<= 3.6.15
WordPress KiviCare - Clinic & Patient Management System (EHR) plugin <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload vulnerability
5.3
6 hours ago
WP RSS Aggregator
<= 5.0.10
Authenticated (Contributor+) Stored Cross-Site Scripting via wp-rss-aggregator Shortcode vulnerability
6.5
6 hours ago
Uncanny Automator
<= 6.10.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
6 hours ago
LA-Studio Element Kit for Elementor
<= 1.5.6.3
Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter vulnerability
9.8
1 day ago
WP Travel
<= 11.0.0
Broken Access Control vulnerability
5.3
2 days ago
Real Homes CRM
<= 1.0.0
Arbitrary File Upload vulnerability
9.9
2 days ago
Lawyer Directory
<= 1.3.3
Privilege Escalation vulnerability
8.8
2 days ago
Beaver Builder
<= 2.9.4.1
Arbitrary Code Execution vulnerability
7.5
2 days ago
Media Library File Size
<= 1.6.7
Broken Access Control vulnerability
4.3
2 days ago
Edwiser Bridge
<= 4.3.2
Broken Access Control vulnerability
5.4
2 days ago
BOX NOW Delivery
<= 3.0.2
Broken Access Control vulnerability
4.3
2 days ago
Photo Gallery by 10Web
<= 1.8.36
Missing Authorization to Unauthenticated Arbitrary Comment Deletion vulnerability
5.3
2 days ago
JobWP
<= 2.4.5
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Ultra Portfolio
<= 6.7
SQL Injection vulnerability
8.5
2 days ago
Load more