Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,162
Mitigations
Mitigation rules
13,719
No official fix
10,710
In triage
1,231
Published soon
52
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Vzaar Media Management
<= 1.2
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
5 hours ago
TelSender
<= 1.14.14
Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability
7.1
5 hours ago
SEO Links Interlinking
<= 1.7.5
Reflected Cross-Site Scripting via 'google_error' Parameter vulnerability
7.1
5 hours ago
AI Engine
<= 3.3.2
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
6.4
5 hours ago
VidShop
<= 1.1.4
Unauthenticated Time-Based SQL Injection via 'fields' vulnerability
9.3
5 hours ago
Snow Monkey Forms
<= 12.0.3
Unauthenticated Arbitrary File Deletion via Path Traversal vulnerability
8.6
5 hours ago
New User Approve
<= 3.2.2
Missing Authorization to Unauthenticated Arbitrary User Approval, Denial, and Information Disclosure vulnerability
7.3
5 hours ago
Search Atlas SEO
2.4.4-2.5.12
WordPress Search Atlas SEO plugin 2.4.4 - 2.5.12 - Missing Authorization to Authenticated (Subscriber+) Authentication Bypass via Account Takeover vulnerability
8.8
6 hours ago
Stop Spammers
<= 2026.1
Cross-Site Request Forgery via Email Allowlist vulnerability
4.3
10 hours ago
Passster
<= 4.2.24
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
10 hours ago
Frontend File Manager
<= 23.5
Missing Authorization to Unauthenticated Arbitrary File Sharing via 'file_id' Parameter vulnerability
5.3
10 hours ago
Bitcoin Donate Button
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
10 hours ago
Recooty
1.0.1-1.0.6
Cross-Site Request Forgery to Settings Update vulnerability
4.3
10 hours ago
Change WP URL
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
10 hours ago
imwptip
<= 1.1
Cross-Site Request Forgery to Settings Update vulnerability
4.3
10 hours ago
WP Google Ad Manager
<= 1.1.0
Authenticated (Administrator+) Stored Cross-Site Scripting via Admin Settings vulnerability
5.9
10 hours ago
Rupantorpay
<= 2.0.0
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
10 hours ago
BlockArt Blocks
<= 2.2.14
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
10 hours ago
Ivory Search
<= 5.5.13
Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters vulnerability
5.9
10 hours ago
Order Minimum/Maximum Amount Limits for WooCommerce
<= 4.6.8
Authenticated (Shop Manager+) Stored Cross-Site Scripting via Hide Add to Cart Content Fields vulnerability
5.9
10 hours ago
Load more