The leading open source vulnerability database

Patchstack finds & mitigates vulnerabilities in websites. Connect your sites for FREE to see if they are exposed to any vulnerabilities.

See pricing

Rated 4.6

Total35,055

Mitigation rules13,049

No official fix9,810

In triage1,347

Published soon5

WordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Magical Products Display<= 1.1.29 Authenticated (Contributor+) Stored Cross-Site Scripting via MPD Pricing Table Widget vulnerability	6.5	2 hours ago
Tainacan<= 1.0.0 Unauthenticated Information Exposure vulnerability	5.3	2 hours ago
WP Delete Post Copies<= 6.0.2 Authenticated (Admin+) Stored Cross-Site Scripting vulnerability	5.9	2 hours ago
Groundhogg<= 4.2.6.1 Authenticated (Admin+) SQL Injection vulnerability	7.6	3 hours ago
HT Mega<= 3.0.0 Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection vulnerability	6.5	3 hours ago
Post Expirator<= 4.9.1 Authenticated (Author+) Missing Authorization to Post/Page Status Modification vulnerability	3.8	3 hours ago
Shortcode for Google Street View<= 0.5.7 Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability	6.5	3 hours ago
WP Company Info<= 1.9.0 Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability	6.5	3 hours ago
Keydatas<= 2.6.3 Authenticated (Admin+) Arbitrary File Read vulnerability	4.9	3 hours ago
WPSite Shortcode<= 1.2 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	3 hours ago
Display Pages Shortcode<= 1.1 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	3 hours ago
HotelRunner Booking Widget<= 5.2.4 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	3 hours ago
Custom Post Type<= 1.0 Cross-Site Request Forgery to Custom Post Type Deletion vulnerability	4.3	4 hours ago
BrightTALK WordPress Shortcode<= 2.4.0 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	4 hours ago
Surbma \| MiniCRM Shortcode<= 2.0 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	4 hours ago
Bulma Shortcodes<= 1.0 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	4 hours ago
Shortcodes Bootstrap<= 1.1 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	4 hours ago
Pollcaster Shortcode Plugin<= 1.0 Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability	6.5	4 hours ago
AuthorSure<= 2.3 Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability	7.1	4 hours ago
Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO<= 2.4.6 Missing Authorization to Authenticated (Subscriber+) Contract Address Update vulnerability	5.4	4 hours ago