Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,472
Mitigations
Mitigation rules
15,257
No official patch
12,884
In triage
1,599
Published soon
3
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Ditty
<= 3.1.65
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
1 day ago
AudioIgniter Music Player
<= 2.0.2
Unauthenticated Insecure Direct Object Reference to 'audioigniter_playlist_id' Parameter vulnerability
7.5
1 day ago
WP ERP Pro
<= 1.5.1
Unauthenticated SQL Injection vulnerability
8.5
1 day ago
BookingPress Appointment Booking Pro
<= 5.6
Unauthenticated Arbitrary File Upload vulnerability
10
1 day ago
Easy Elements for Elementor – Addons & Website Templates
<= 1.4.5
Unauthenticated Privilege Escalation vulnerability
9.8
1 day ago
network-ai
<= 5.4.4
NPM: Network-AI: Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret
7.6
2 days ago
@boxlite-ai/boxlite
< 0.9.0
NPM: Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host
9.6
2 days ago
@boxlite-ai/boxlite
< 0.9.0
NPM: BoxLite: Permission Bypass Allows Modification of Read-Only Files
10
2 days ago
@nevware21/ts-utils
<= 0.13.0
NPM: @nevware21/ts-utils: Prototype Pollution in objDeepCopy/objCopyProps via for...in without hasOwnProperty
7.2
2 days ago
@libp2p/gossipsub
<= 15.0.22
NPM: js-libp2p: Memory DoS via subscription flood of unique topics
7.5
2 days ago
js-cookie
<= 3.0.5
NPM: JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection
7.5
2 days ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: Stack-wide evidence bypassed Cloudflare and deployment-governance guardrails
8.7
2 days ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: GitHub OIDC trust policy bypass via AWS set-qualified condition operators
9.3
2 days ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: CIS 1.16 admin policy bypass for inline and attached IAM policies
8.7
2 days ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: HULUMI-H1 SecureBucket parent spoof bypass
8.7
2 days ago
@hulumi/drift
< 1.3.2
NPM: @hulumi/drift: Orphan reconciler accepted externally supplied execute plans
8.7
2 days ago
@hulumi/baseline
< 1.3.2
NPM: @hulumi/baseline: CloudTrail selector tampering events were not fully detected
6.9
2 days ago
nocodb
<= 0.301.3
NPM: NocoDB: Stale Auth Cache After API Token Deletion
2.3
2 days ago
nocodb
<= 0.301.3
NPM: NocoDB: Attachment Size Limit Bypass via Upload-by-URL
2.1
2 days ago
nocodb
<= 0.301.3
NPM: NocoDB: Shared-base link access can invite arbitrary users as persistent base members
5.8
2 days ago
Load more