Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,781
Mitigations
Mitigation rules
13,803
No official fix
10,781
In triage
1,168
Published soon
4
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Kona Gallery Block
<= 1.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
19 minutes ago
Post Grid, Slider & Carousel Ultimate
<= 1.6.10
Authenticated (Contributor+) Local File Inclusion vulnerability
7.5
20 minutes ago
WP Job Portal
<= 2.2.6
Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion vulnerability
6.4
26 minutes ago
Autoship Cloud for WooCommerce Subscription Products
<= 2.8.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
26 minutes ago
Shortcodes and extra features for Phlox theme
<= 2.15.7
Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS vulnerability
6.5
28 minutes ago
GamiPress
<= 7.2.1
Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() Function vulnerability
5.3
29 minutes ago
ABC Notation
<= 6.1.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
30 minutes ago
Shortcodes and extra features for Phlox theme
<= 2.15.7
Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode vulnerability
6.5
37 minutes ago
Zigaform
<= 7.4.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
38 minutes ago
Simplebooklet PDF Viewer and Embedder
<= 1.1.2
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
40 minutes ago
Zigaform – Price Calculator & Cost Estimation Form Builder Lite
<= 7.4.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
40 minutes ago
Piotnet Addons For Elementor
<= 2.4.36
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
46 minutes ago
RapidLoad
<= 2.4.4
Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset vulnerability
4.3
47 minutes ago
SlingBlocks
<= 1.5.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
50 minutes ago
Jobify
<= 4.2.7
Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation vulnerability
5.4
56 minutes ago
Tutor LMS
<= 3.9.5
Authenticated (Subscriber+) Information Disclosure in Coupon Details via 'tutor_coupon_details' AJAX Action vulnerability
5.3
3 hours ago
Happy Addons for Elementor
<= 3.20.7
Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field vulnerability
6.5
3 hours ago
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget vulnerability
6.5
3 hours ago
Spectra
<= 2.19.17
Unauthenticated Information Disclosure in Sensitive Data vulnerability
5.3
3 hours ago
WP ULike
<= 4.8.3.1
Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' Parameter vulnerability
5.3
3 hours ago
Load more