Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
40,222
Mitigations
Mitigation rules
15,018
No official patch
11,308
In triage
1,420
Published soon
37
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Responsive Blocks
2.0.9-2.2.1
Missing Authorization to Authenticated (Contributor+) Arbitrary Modification vulnerability
4.3
18 minutes ago
CMS für Motorrad Werkstätten
<= 1.0.0
Authenticated (Subscriber+) SQL Injection vulnerability
6.5
30 minutes ago
Email Encoder Bundle
< 2.3.4
Admin+ Stored XSS vulnerability
5.9
7 hours ago
Responsive Blocks
<= 2.2.0
Unauthenticated Open Email Relay via REST API 'email_to' Parameter vulnerability
5.3
7 hours ago
Website LLMs.txt
<= 8.2.6
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
4.4
15 hours ago
Hostel
<= 1.1.6
Reflected Cross-Site Scripting via 'shortcode_id' Parameter vulnerability
7.1
1 day ago
Youzify
<= 1.3.6
Authenticated (Subscriber+) Stored Cross-Site Scripting via 'checkin_place_id' Parameter vulnerability
6.5
1 day ago
Easy Appointments
<= 3.12.21
Unauthenticated Sensitive Information Exposure via REST API vulnerability
7.5
1 day ago
wpDataTables
<= 6.5.0.4
Unauthenticated Stored Cross-Site Scripting vulnerability
4.7
1 day ago
Drag and Drop Multiple File Upload – Contact Form 7
<= 1.3.9.6
Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass vulnerability
8.1
1 day ago
Drag and Drop Multiple File Upload – Contact Form 7
<= 1.3.9.6
Unauthenticated Limited Arbitrary File Read via mfile Field vulnerability
7.5
1 day ago
WP Customer Area
<= 8.3.4
Authenticated (Subscriber+) Arbitrary File Read/Deletion via ajax_attach_file vulnerability
8.8
1 day ago
Image Source Control
<= 3.9.1
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
6.4
1 day ago
Everest Forms
<= 3.4.4
Unauthenticated Arbitrary File Read and Deletion vulnerability
8.1
1 day ago
wpForo Forum
<= 3.0.5
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
8.1
1 day ago
Website LLMs.txt
<= 8.2.6
Reflected Cross-Site Scripting vulnerability
6.1
1 day ago
CMP – Coming Soon & Maintenance
<= 4.1.16
WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin <= 4.1.16 - Missing Authorization to Authenticated (Administrator+) Arbitrary File Upload and Remote Code Execution vulnerability
7.2
1 day ago
Ultimate Flipbox Addon for Elementor
<= 2.0.8
Authenticated (Author+) Stored Cross-Site Scripting via Custom Attributes vulnerability
5.9
1 day ago
Pz-LinkCard
<= 2.5.8.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
1 day ago
Embed Calendly
<= 4.4
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.4
2 days ago
Load more