Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,100
Mitigations
Mitigation rules
14,545
No official patch
11,209
In triage
1,531
Published soon
12
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Simply Schedule Appointments
<= 1.6.9.29
Missing Authorization to Unauthenticated Sensitive Information Exposure via Settings REST API Endpoint vulnerability
7.5
25 minutes ago
Pix for WooCommerce
<= 1.5.0
Unauthenticated Arbitrary File Upload vulnerability
10
38 minutes ago
Calculated Fields Form
<= 5.4.5.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Form Settings vulnerability
6.5
3 hours ago
Social Icons Widget & Block by WPZOOM
<= 4.5.8
Missing Authorization to Authenticated (Subscriber+) Sharing Configuration Creation vulnerability
4.3
3 hours ago
GetGenie
<= 4.3.2
Insecure Direct Object Reference to Authenticated (Author+) Stored Cross-Site Scripting via REST API vulnerability
5.9
3 hours ago
GetGenie
<= 4.3.2
Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Post Overwrite/Deletion vulnerability
5.4
3 hours ago
Simply Schedule Appointments
<= 1.6.9.29
Insecure Direct Object Reference to Authenticated (Staff+) Sensitive Information Exposure vulnerability
4.3
4 hours ago
Reading progressbar
< 1.3.1
Admin+ Stored XSS vulnerability
5.9
8 hours ago
Timetics
< 1.0.52
Unauthenticated Payment/Booking Status Update vulnerability
4.3
8 hours ago
Simple Ajax Chat
<= 20260217
Unauthenticated Stored Cross-Site Scripting via 'c' vulnerability
7.1
22 hours ago
PixelYourSite PRO
<= 12.4.0.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
23 hours ago
PixelYourSite – Your smart PIXEL (TAG) Manager
<= 11.2.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
23 hours ago
DukaPress
<= 3.2.4
Reflected XSS vulnerability
7.1
23 hours ago
WP Front User Submit / Front Editor
< 5.0.6
Unauthenticated Sensitive Information Exposure vulnerability
5.9
23 hours ago
ExactMetrics
7.1.0-9.0.2
Authenticated (Custom) Improper Privilege Management to Role Privilege Escalation via Settings Update vulnerability
9.8
23 hours ago
Name Directory
<= 1.32.1
Unauthenticated Stored Cross-Site Scripting via 'name_directory_name' vulnerability
7.1
23 hours ago
Checkout Field Editor (Checkout Manager) for WooCommerce
<= 2.1.7
Unauthenticated Stored Cross-Site Scripting via Block Checkout Custom Radio Field vulnerability
7.1
23 hours ago
Contact Form & Lead Form Elementor Builder
<= 2.0.1
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
1 day ago
Gravity Forms
<= 2.9.28
Authenticated (Subscriber+) Stored Cross-Site Scripting via Form Title vulnerability
6.5
1 day ago
My Sticky Bar
<= 2.8.6
Unauthenticated SQL Injection via 'stickymenu_contact_lead_form' Action vulnerability
9.3
1 day ago
Load more