The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total48,577

MitigationsMitigation rules15,625

No official patch12,999

In triage1,545

Published soon19

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Funnel Builder by FunnelKit<= 3.15.0.5 SQL Injection vulnerability	7.6	8 minutes ago
WP Meta SEO<= 4.5.18 Authenticated (Contributor+) Server-Side Request Forgery vulnerability	6.4	14 hours ago
WP Latest Posts<= 5.0.11 Authenticated (Author+) Stored Cross-Site Scripting vulnerability	5.9	14 hours ago
MIR blocks and shortcodes<= 1.0.0 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	14 hours ago
Advanced Contact Form 7 – Compact DB<= 1.0.0 Missing Authorization to Unauthenticated Arbitrary Contact Form Submission Deletion vulnerability	5.3	14 hours ago
Bulk SEO Image<= 1.1 Cross-Site Request Forgery to Settings Update vulnerability	4.3	14 hours ago
Blue Captcha<= 2.0.1 Cross-Site Request Forgery vulnerability	4.3	14 hours ago
MotorDesk<= 1.1.2 Cross-Site Request Forgery to Settings Update vulnerability	4.3	14 hours ago
Book a Room Event Calendar<= 1.9 Cross-Site Request Forgery to Settings Update vulnerability	4.3	14 hours ago
Avalon23 Products Filter for WooCommerce<= 1.1.6 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	14 hours ago
Generate Security.txt<= 1.0.12 Missing Authorization to Authenticated (Subscriber+) Security.txt Deletion vulnerability	4.3	14 hours ago
Reviews and Rating – Docplanner<= 1.1.4 Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification vulnerability	4.3	14 hours ago
WhatsOrder – Instant Checkout for WooCommerce<= 1.0.1 Unauthenticated Sensitive Information Exposure vulnerability	5.3	14 hours ago
Devs Accounting – Simple Accounting and Invoicing Solution<= 1.2.0 Missing Authorization to Unauthenticated Account Deletion vulnerability	5.3	14 hours ago
Devs Accounting – Simple Accounting and Invoicing Solution<= 1.2.0 Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability	5.3	14 hours ago
24liveblog – live blog tool<= 2.2 Missing Authorization to Authenticated (Author+) Settings Modification vulnerability	4.3	14 hours ago
24liveblog – live blog tool<= 2.2 Authenticated (Contributor+) Exposure of Sensitive Information vulnerability	4.3	14 hours ago
Osiris Signature Banner<= 0.5 Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability	4.3	14 hours ago
RentMy Real-Time Rental Management Plugin<= 4.0.4.1 Missing Authorization to Unauthenticated Settings Update vulnerability	5.3	14 hours ago
Advance Nav Menu Manager<= 1.3 Missing Authorization to Authenticated (Subscriber+) Nav Menu Item Modification vulnerability	4.3	14 hours ago