Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
48,801
Mitigations
Mitigation rules
15,738
No official patch
13,011
In triage
1,355
Published soon
41
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Ajax Load More - Filters
<= 3.4.1
WordPress Ajax Load More - Filters plugin <= 3.4.1 - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
29 minutes ago
Dokan
<= 5.0.4
Authenticated (Custom+) Stored Cross-Site Scripting vulnerability
7.1
41 minutes ago
Frisbii Pay
<= 1.8.9
Missing Authorization to Authenticated (Subscriber+) Payment Token Modification vulnerability
6.5
56 minutes ago
MaxButtons
<= 9.8.5
Reflected Cross-Site Scripting vulnerability
7.1
1 hour ago
EventON
<= 5.0.11
WordPress EventON (Pro) - WordPress Virtual Event Calendar Plugin plugin <= 5.0.11 - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection vulnerability
9.3
1 hour ago
Export User Data
<= 2.2.6
Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion vulnerability
8
1 hour ago
ProfileGrid
<= 5.9.9.5
User Profiles, Groups and Communities plugin <= 5.9.9.5 - User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation vulnerability
9.8
1 hour ago
Frontend File Manager
<= 23.6
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
7.7
1 hour ago
Editorial Rating – Product Review & Rating System
<= 4.0.5
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
18 hours ago
Premium Addons for KingComposer
<= 1.1.1
Missing Authorization to Unauthenticated Arbitrary Custom Sidebar Creation and Deletion vulnerability
5.3
18 hours ago
PixMagix – WordPress Image Editor
<= 1.7.2
Authenticated (Author+) Path Traversal in 'layers[].id' Parameter vulnerability
4.9
18 hours ago
Plugin for Google Analytics by IO technologies
<= 1.1
Cross-Site Request Forgery vulnerability
4.3
18 hours ago
Team Member
<= 8.7
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
19 hours ago
Werkstatt
<= 4.7.2
Cross Site Request Forgery (CSRF) vulnerability
4.3
21 hours ago
Werkstatt
<= 4.7.2
Broken Access Control vulnerability
4.3
22 hours ago
Martfury - WooCommerce Marketplace WordPress Theme
<= 3.2.8
WordPress Martfury - WooCommerce Marketplace WordPress theme theme <= 3.2.8 - Broken Access Control vulnerability
4.3
22 hours ago
TheFox
<= 3.9.70
Cross Site Scripting (XSS) vulnerability
6.5
22 hours ago
Custom Field Template
<= 2.7.8
SQL Injection vulnerability
8.5
22 hours ago
Woffice
<= 5.4.31
Broken Access Control vulnerability
5.3
1 day ago
Simple User Avatar
<= 4.9
Insecure Direct Object References (IDOR) vulnerability
4.3
1 day ago
Load more