Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
40,071
Mitigations
Mitigation rules
14,927
No official patch
11,326
In triage
1,452
Published soon
11
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
MetForm Pro
<= 3.9.7
Unauthenticated Payment Amount Manipulation via 'mf-calculation' vulnerability
5.3
4 hours ago
Coachific Shortcode
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'userhash' Shortcode Attribute vulnerability
6.5
4 hours ago
WP Circliful
<= 1.2
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
4 hours ago
WM JqMath
<= 1.3
Authenticated (Contributor+) Stored Cross-Site Scripting via 'style' Shortcode Attribute vulnerability
6.5
4 hours ago
Katalogportal-pdf-sync Widget
<= 1.0.0
Missing Authorization to Authenticated (Subscriber+) Information Disclosure via 'katalogportal_shortcodePrinter' AJAX Action vulnerability
5.3
4 hours ago
OPEN-BRAIN
<= 0.5.0
Cross-Site Request Forgery vulnerability
4.3
4 hours ago
Petje.af
<= 2.1.8
Cross-Site Request Forgery to Account Deletion via 'petjeaf_disconnect' AJAX Action vulnerability
4.3
4 hours ago
e-shot
<= 1.0.2
Missing Authorization to Authenticated (Subscriber+) Form Settings Modification via AJAX vulnerability
5.3
4 hours ago
Power Charts
<= 0.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
4 hours ago
VI: Include Post By
<= 0.4.200706
Authenticated (Contributor+) Stored Cross-Site Scripting via 'class_container' Shortcode Attribute vulnerability
6.5
4 hours ago
Advanced Custom Fields
<= 6.7.0
Unauthenticated Missing Authorization to Arbitrary Post/Page Disclosure via AJAX Field Query Parameters vulnerability
5.3
4 hours ago
Fusion Builder
<= 3.15.1
Authenticated (Subscriber+) Sensitive Information Exposure via Insecure Direct Object Reference vulnerability
4.3
4 hours ago
Fusion Builder
<= 3.15.1
Authenticated (Subscriber+) Limited Arbitrary WordPress Action Execution vulnerability
5.4
4 hours ago
List View Google Calendar
<= 7.4.3
Authenticated (Administrator+) Stored Cross-Site Scripting via Event Description vulnerability
5.9
4 hours ago
3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery
<= 1.16.17
WordPress 3D FlipBook - PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin <= 1.16.17 - Missing Authorization to Unauthenticated Private/Draft Flipbook Data Exposure vulnerability
5.3
5 hours ago
Nexi XPay
<= 8.3.0
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
5 hours ago
WP Logo Showcase Responsive Slider and Carousel
<= 3.8.7
Backdoor vulnerability
10
20 hours ago
Popup Anything
<= 2.9.1
Backdoor vulnerability
10
20 hours ago
Countdown Timer Ultimate
<= 2.6.9
Backdoor vulnerability
10
20 hours ago
WP Responsive Recent Post Slider/Carousel
<= 3.7.1
Backdoor vulnerability
10
20 hours ago
Load more