Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
49,265
Mitigations
Mitigation rules
15,918
No official patch
13,073
In triage
1,338
Published soon
67
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Hide My WP Lite
<= 1.3
Unauthenticated Path Traversal to Arbitrary File Read vulnerability
7.5
6 minutes ago
UsersWP
<= 1.2.65
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
8.8
22 minutes ago
Super Forms
<= 6.3.313
Unauthenticated Arbitrary File Upload vulnerability
10
40 minutes ago
LoginPress Pro
<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
48 minutes ago
LoginPress Pro
<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
52 minutes ago
LoginPress Pro
<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
55 minutes ago
BetterDocs
<= 4.6.0
Authenticated (Custom+) SQL Injection vulnerability
8.5
11 hours ago
Salon booking system
<= 10.30.32
Cross-Site Request Forgery to Remote Code Execution vulnerability
8.8
15 hours ago
Post Export Import with Media
<= 1.13.1
Authenticated (Administrator+) Arbitrary File Upload vulnerability
7.2
15 hours ago
WPCafe
<= 3.0.14
Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification vulnerability
5.4
15 hours ago
FluentForm
<= 6.2.1
Incorrect Authorization to Authenticated (Subscriber+) Arbitrary Subscription Cancellation vulnerability
5.4
16 hours ago
@jsonbored/gittensory-mcp
<= 0.1.0
NPM: Gittensory: Missing contributor-scoped access control on profile endpoint and MCP tool leaks miner financial data
6.5
16 hours ago
Eventer
<= 4.4.2
Unauthenticated SQL Injection vulnerability
9.3
21 hours ago
Eventer
<= 4.4.2
Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation vulnerability
9.3
21 hours ago
Simple Coherent Form
<= 2.4.13
Unauthenticated Arbitrary File Deletion vulnerability
9.1
21 hours ago
Jssor Slider by jssor.com
<= 3.1.24
Unauthenticated Arbitrary File Read vulnerability
7.5
21 hours ago
Backstage
<= 1.4.2
Unauthenticated Privilege Escalation vulnerability
7.5
21 hours ago
多说社会化评论框
<= 1.2
Unauthenticated Privilege Escalation vulnerability
8.8
21 hours ago
Widget Logic Visual
<= 1.52
Authenticated (Subscriber+) Remote Code Execution vulnerability
8.8
21 hours ago
waku
<= 1.0.0-beta.0
NPM: Waku has an Open Redirect via `unstable_redirect` Helper
3.1
1 day ago
Load more