Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,583
Mitigations
Mitigation rules
14,758
No official patch
11,290
In triage
1,364
Published soon
77
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure vulnerability
5.3
1 hour ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export vulnerability
5.3
1 hour ago
Yoast SEO
<= 27.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute vulnerability
6.5
2 hours ago
Filestack Official
<= 2.1.0
Reflected Cross-Site Scripting vulnerability
7.1
2 hours ago
Post Affiliate Pro
<= 1.28.0
Authenticated (Administrator+) Server-Side Request Forgery via 'Post Affiliate Pro URL' Field vulnerability
6.5
2 hours ago
Alfie
<= 1.2.1
WordPress Alfie - Feed Plugin plugin <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'naam' Parameter vulnerability
7.1
2 hours ago
WPFAQBlock
<= 1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute vulnerability
6.5
2 hours ago
Vagaro Booking Widget
<= 0.3
Unauthenticated Stored Cross-Site Scripting via 'vagaro_code' vulnerability
7.1
2 hours ago
WP Posts Re-order
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
2 hours ago
Invelity Product Feeds
<= 1.2.6
Cross-Site Request Forgery to Arbitrary File Deletion vulnerability
8.1
2 hours ago
itsukaita
<= 0.1.2
Reflected Cross-Site Scripting via 'day_from' Parameter vulnerability
7.1
2 hours ago
Content Syndication Toolkit
<= 1.3
Unauthenticated Server-Side Request Forgery via 'url' Parameter vulnerability
7.2
2 hours ago
Performance Monitor
<= 1.0.6
Unauthenticated Server-Side Request Forgery via 'url' Parameter vulnerability
7.2
2 hours ago
Mandatory Field
<= 1.6.8
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Fields vulnerability
5.9
2 hours ago
Multi Post Carousel by Category
<= 1.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute vulnerability
6.5
2 hours ago
Survey
<= 1.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability
5.9
2 hours ago
Add Google Social Profiles to Knowledge Graph Box
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
2 hours ago
PQ Addons – Creative Elementor Widgets
<= 1.0.0
WordPress PQ Addons - Creative Elementor Widgets plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Attributes vulnerability
6.5
2 hours ago
Redirect countdown
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
2 hours ago
SR WP Minify HTML
<= 2.1
Cross-Site Request Forgery to Settings Update vulnerability
4.3
2 hours ago
Load more