The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total48,721

MitigationsMitigation rules15,693

No official patch13,001

In triage1,376

Published soon47

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
BNE Testimonials<= 2.0.8 Cross Site Scripting (XSS) vulnerability	6.5	17 minutes ago
Image Carousel<= 1.0.0.41 Cross Site Scripting (XSS) vulnerability	6.5	17 minutes ago
Donation Thermometer<= 2.2.7 Broken Access Control vulnerability	5.3	18 minutes ago
Auros Core<= 5.3.1 Content Injection vulnerability	5.3	19 minutes ago
Eagle Booking<= 1.3.4.3 Cross Site Request Forgery (CSRF) vulnerability	8.8	21 minutes ago
Forget About Shortcode Buttons<= 2.1.3 Broken Access Control vulnerability	5.4	22 minutes ago
Live Copy Paste for Elementor<= 1.5.3 Broken Access Control vulnerability	4.3	23 minutes ago
Goya Core< 1.0.9.4 Local File Inclusion vulnerability	7.5	24 minutes ago
Splash - Sport Club WordPress Theme for Basketball, Football, Hockey<= 4.4.3 WordPress Splash - Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability	7.5	27 minutes ago
BookPro<= 1.1.0 Insecure Direct Object References (IDOR) vulnerability	5.3	29 minutes ago
Groundhogg<= 4.5 SQL Injection vulnerability	8.5	45 minutes ago
GravityView<= 3.0.0 Insecure Direct Object References (IDOR) vulnerability	5.3	47 minutes ago
Contest Gallery<= 30.0.0 SQL Injection vulnerability	8.5	48 minutes ago
Recipe Maker For Your Food Blog from Zip Recipes<= 8.2.7 SQL Injection vulnerability	8.5	48 minutes ago
Bopo – WooCommerce Product Bundle Builder<= 1.1.6 Sensitive Data Exposure vulnerability	4.3	48 minutes ago
WPComplete<= 2.9.5.5 Broken Access Control vulnerability	5.4	49 minutes ago
Booking and Rental Manager<= 2.7.1 Broken Access Control vulnerability	5.3	50 minutes ago
Paid Memberships Pro - Add Member From Admin<= 0.7.2 WordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability	8.8	50 minutes ago
TemplateSpare<= 4.2.0 Arbitrary File Upload vulnerability	9.1	56 minutes ago
Gmail SMTP<= 1.2.3.19 Cross Site Request Forgery (CSRF) vulnerability	4.3	56 minutes ago