Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
46,881
Mitigations
Mitigation rules
15,211
No official patch
13,394
In triage
1,547
Published soon
10
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to fix Insecure Content
<= 7.8.5.10
One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin <= 7.8.5.10 - One Click SSL & Force HTTPS <= 7.8.5.10 - Missing Authorization to Authenticated (Subscriber+) SSL Setup Tampering vulnerability
5.4
5 hours ago
LearnPress
<= 4.3.5
Authenticated (Subscriber+) Payment Bypass to Free Course Enrollment vulnerability
4.3
7 hours ago
Envira Photo Gallery
<= 1.12.4
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
8 hours ago
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.7
Authenticated (Contributor+) SQL Injection vulnerability
8.5
8 hours ago
ACF Extended
<= 0.9.2.3
Unauthenticated Arbitrary Shortcode Execution vulnerability
6.5
10 hours ago
Google Analytics by Monster Insights
<= 10.1.2
Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure And Plugin Integration Reset vulnerability
7.1
10 hours ago
Custom Twitter Feeds (Tweets Widget)
<= 2.5.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
12 hours ago
ProfileGrid
<= 5.9.8.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Group Joining vulnerability
7.1
12 hours ago
Fusion Builder
<= 3.15.1
Unauthenticated SQL Injection vulnerability
9.3
12 hours ago
Fusion Builder
<= 3.15.2
Authenticated (Subscriber+) Arbitrary File Read vulnerability
6.5
12 hours ago
Court Reservation
<= 1.10.11
Unauthenticated SQL Injection vulnerability
9.3
12 hours ago
coreActivity: Activity Logging plugin for WordPress
<= 3.0
Unauthenticated PHP Object Injection vulnerability
8.1
12 hours ago
ProfileGrid
<= 5.9.8.4
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
13 hours ago
My Calendar
<= 3.7.9
Authenticated (Custom+) Missing Authorization to Unauthorized Event Publication vulnerability
4.3
22 hours ago
The Plus Addons for Elementor Page Builder Lite
<= 6.4.11
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
22 hours ago
Tutor LMS
<= 3.9.9
Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Post Deletion vulnerability
5.3
1 day ago
Woocommerce Support System
<= 1.3.0
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
1 day ago
Hustle
<= 7.8.10.1
Broken Access Control vulnerability
5.3
1 day ago
Cost of Goods for WooCommerce
<= 4.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Charitable
<= 1.8.10.4
Authenticated (Custom+) SQL Injection vulnerability
6.5
1 day ago
Load more