Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,468
Mitigations
Mitigation rules
13,403
No official fix
10,390
In triage
1,167
Published soon
33
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Premmerce WooCommerce Customers Manager
<= 1.1.14
Reflected Cross-Site Scripting vulnerability
7.1
3 minutes ago
WP Photo Album Plus
<= 9.1.05.008
Reflected Cross-Site Scripting vulnerability
7.1
9 minutes ago
HBLPAY Payment Gateway for WooCommerce
<= 5.0.0
Reflected Cross-Site Scripting via 'cusdata' Parameter vulnerability
7.1
11 minutes ago
Bit Form – Contact Form Plugin
<= 2.21.6
WordPress Bit Form - Contact Form Plugin plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay vulnerability
6.5
18 minutes ago
Flashcard
<= 0.9
Authenticated (Contributor+) Arbitrary File Read via Path Traversal vulnerability
6.5
23 minutes ago
Pure WC Variation Swatches
<= 1.1.7
Unauthenticated Settings Update vulnerability
6.5
32 minutes ago
Customer Reviews for WooCommerce
<= 5.93.1
Authenticated (Subscriber+) Stored Cross-Site Scripting via displayName Parameter vulnerability
6.5
34 minutes ago
EmailKit
<= 1.6.1
Authenticated (Author+) Arbitrary File Read via Path Traversal vulnerability
6.5
39 minutes ago
User Activity Log
<= 2.2
Unauthenticated Limited Options Update via Failed Login vulnerability
7.5
45 minutes ago
Latest Registered Users
<= 1.4
Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data Export vulnerability
7.5
1 hour ago
Money Space
<= 2.13.9
Unauthenticated Sensitive Information Exposure vulnerability
8.6
1 hour ago
iPaymu Payment Gateway for WooCommerce
<= 2.0.2
Missing Authentication to Unauthenticated Payment Bypass and Order Information Disclosure vulnerability
8.2
1 hour ago
Yoco Payments
<= 3.8.8
Unauthenticated Arbitrary File Read vulnerability
7.5
1 hour ago
Drag and Drop Multiple File Upload – Contact Form 7
<= 1.3.9.2
WordPress Drag and Drop Multiple File Upload - Contact Form 7 plugin <= 1.3.9.2 - Unauthenticated Limited Arbitrary File Upload vulnerability
10
1 hour ago
Optional Email
<= 1.3.11
Unauthenticated Privilege Escalation to Account Takeover vulnerability
9.8
1 hour ago
Wish To Go
<= 0.5.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
8 hours ago
Simcast
<= 1.0.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
8 hours ago
AH Shortcodes
<= 1.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability
6.5
8 hours ago
FluentForm
<= 6.1.7
Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI Builder vulnerability
5.4
8 hours ago
Snillrik Restaurant
<= 2.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'menu_style' Shortcode Attribute vulnerability
6.5
8 hours ago
Load more