Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,570
Mitigations
Mitigation rules
14,113
No official patch
10,979
In triage
1,296
Published soon
14
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Orderable
<= 1.20.0
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation vulnerability
8.8
6 minutes ago
Two Factor (2FA) Authentication via Email
<= 1.9.8
Two-Factor Authentication Bypass via token vulnerability
6.5
10 minutes ago
Library Management System
<= 3.2.1
Unauthenticated SQL Injection vulnerability
9.3
17 minutes ago
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent
<= 4.1.2
Missing Authorization to Sensitive Information Exposure vulnerability
7.5
19 minutes ago
Video Conferencing with Zoom
< 4.6.6
Unauthenticated SDK Signature Generation vulnerability
7.5
19 minutes ago
WP Ultimate CSV Importer
<= 7.37
WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin <= 7.37 - Authenticated (Subscriber+) SQL Injection via File Name vulnerability
8.5
20 minutes ago
s2Member
<= 260127
Unauthenticated Privilege Escalation via Account Takeover vulnerability
9.8
39 minutes ago
IDonate
2.1.5-2.1.9
WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function vulnerability
8.8
59 minutes ago
Slider Future
<= 1.0.5
Unauthenticated Arbitrary File Upload vulnerability
10
1 hour ago
Lizza LMS Pro
<= 1.0.3
Unauthenticated Privilege Escalation vulnerability
9.8
1 hour ago
Buyent
<= 1.0.7
Unauthenticated Privilege Escalation via User Registration vulnerability
9.8
1 hour ago
WP AUDIO GALLERY
<= 2.0
Authenticated (Subscriber+) Arbitrary File Read via .htaccess Manipulation vulnerability
8.8
1 hour ago
Tablesome
0.5.4-1.2.1
Missing Authorization to Authenticated (Subscriber+) Information Exposure and Privilege Escalation vulnerability
8.8
1 hour ago
Clasifico Listing
<= 2.0
Unauthenticated Privilege Escalation vulnerability
9.8
1 hour ago
Dealia
<= 1.0.6
Authenticated (Contributor+) Stored Cross-Site Scripting via Gutenberg Block Attributes vulnerability
6.5
8 hours ago
Client Testimonial Slider
<= 2.0
Authenticated (Administrator+) Stored Cross-Site Scripting via 'Testimonial Heading' Setting vulnerability
5.9
8 hours ago
MP3 Audio Player for Music, Radio & Podcast by Sonaar
4.0-5.10
Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability
5.3
8 hours ago
XO Event Calendar
<= 3.2.10
Authenticated (Contributor+) Stored Cross-Site Scripting via 'xo_event_field' shortcode vulnerability
6.5
8 hours ago
Groups
<= 3.10.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'groups_group_info' Shortcode vulnerability
6.5
8 hours ago
YaMaps for WordPress
<= 0.6.40
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Parameters vulnerability
6.5
8 hours ago
Load more