The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total36,311

MitigationsMitigation rules13,355

No official fix10,336

In triage1,154

Published soon44

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
ShopBuilder – Elementor WooCommerce Builder Addons< 3.2.2 Reflected XSS vulnerability	7.1	54 minutes ago
Branda<= 3.4.24 WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability	9.8	1 hour ago
Logo Slider< 4.9.0 Contributor+ Stored XSS vulnerability	6.5	1 hour ago
WPBookit<= 1.0.7 Customer Deletion via CSRF vulnerability	5.4	1 hour ago
WP User Frontend<= 4.2.4 Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability	7.5	1 hour ago
wpDiscuz< 7.6.40 WordPress Comments - wpDiscuz plugin < 7.6.40 - Unauthenticated Account Takeover vulnerability	9.8	1 day ago
WP Ultimate CSV Importer<= 7.35 WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass vulnerability	6.4	1 day ago
Worker for Elementor<= 1.0.10 Broken Access Control vulnerability	5.4	1 day ago
Worker for WPBakery<= 1.1.1 Broken Access Control vulnerability	5.4	1 day ago
Logger for Elementor<= 1.0.9 Broken Access Control vulnerability	5.4	1 day ago
Conformer for Elementor<= 1.0.7 Broken Access Control vulnerability	5.4	1 day ago
UnGrabber<= 3.1.3 Broken Access Control vulnerability	5.4	1 day ago
Appender<= 1.1.1 Broken Access Control vulnerability	5.4	1 day ago
Countdowner for Elementor<= 1.0.4 Broken Access Control vulnerability	5.4	1 day ago
Criptopayer for Elementor<= 1.0.1 Broken Access Control vulnerability	5.4	1 day ago
Accessibility Press<= 1.0.2 Cross Site Scripting (XSS) vulnerability	5.9	1 day ago
Dashboard Beacon<= 1.2.0 Cross Site Scripting (XSS) vulnerability	5.9	1 day ago
Headinger for Elementor<= 1.1.4 Broken Access Control vulnerability	5.4	1 day ago
Behance Portfolio Manager<= 1.7.5 Cross Site Scripting (XSS) vulnerability	5.9	1 day ago
Cooked<= 1.11.2 Cross Site Scripting (XSS) vulnerability	5.9	1 day ago