The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total47,423

MitigationsMitigation rules15,249

No official patch12,918

In triage1,589

Published soon4

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Zoho ZeptoMail<= 3.2.9 Broken Access Control vulnerability	4.3	33 minutes ago
CF7 WOW Styler<= 1.7.6 Broken Access Control vulnerability	5.3	35 minutes ago
Mail Mint<= 1.19.5 Sensitive Data Exposure vulnerability	4.3	38 minutes ago
Piotnet Addons For Elementor Pro<= 7.1.70 Unauthenticated Arbitrary File Upload vulnerability	10	1 hour ago
Piotnet Forms<= 2.1.40 Unauthenticated Arbitrary File Upload vulnerability	10	1 hour ago
Account Switcher<= 1.0.2 Authenticated (Subscriber+) Authentication Bypass to Privilege Escalation vulnerability	8.8	1 hour ago
ProSolution WP Client<= 2.0.0 Unauthenticated Arbitrary File Upload vulnerability	10	1 hour ago
Easy Elements for Elementor – Addons & Website Templates<= 1.4.4 Unauthenticated Privilege Escalation vulnerability	9.8	1 hour ago
Advanced Database Cleaner – Premium<= 4.1.0 Authenticated (Subscriber+) Local File Inclusion vulnerability	8.8	1 hour ago
Gift Cards For WooCommerce Pro<= 4.2.6 Arbitrary File Upload vulnerability	10	15 hours ago
WPB Floating Menu or Categories – Sticky Floating Side Menu & Categories with Icons<= 1.0.8 Authenticated (Editor+) Stored Cross-Site Scripting vulnerability	5.9	18 hours ago
Broadstreet Ads<= 1.52.2 Authenticated (Subscriber+) Private Post Meta Disclosure vulnerability	4.3	19 hours ago
YITH WooCommerce Product Add-Ons<= 4.29.0 SQL Injection vulnerability	7.6	20 hours ago
Visualizer< 4.0.0 Cross Site Scripting (XSS) vulnerability	6.5	20 hours ago
WpBookingly<= 1.2.9 Broken Access Control vulnerability	6.5	20 hours ago
Image Photo Gallery Final Tiles Grid<= 3.6.11 Broken Access Control vulnerability	4.3	20 hours ago
PDF for Elementor Forms + Drag And Drop Template Builder<= 5.5.1 Broken Access Control vulnerability	5	20 hours ago
Slider Revolution<= 7.0.9 Unauthenticated Sensitive Information Exposure vulnerability	5.3	1 day ago
@angular/platform-server<= 18.2.14 NPM: @angular/platform-server: SSRF via Hostname Hijacking	8.8	1 day ago
@beproduct/nestjs-auth>= 0.1.2, <= 0.1.19 NPM: Malicious code in @beproduct/nestjs-auth (0.1.2 through 0.1.19) — Mini Shai-Hulud worm	10	1 day ago