Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,784
Mitigations
Mitigation rules
13,562
No official fix
10,537
In triage
1,129
Published soon
0
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Thim Blocks
<= 1.0.1
Authenticated (Contributor+) Arbitrary File Read via 'iconSVG' Parameter vulnerability
6.5
1 hour ago
Wallet System for WooCommerce
<= 2.7.2
Missing Authorization to Authenticated (Subscriber+) Arbitrary Wallet Balance Manipulation vulnerability
6.5
1 hour ago
Quick Contact Form
<= 8.2.6
Unauthenticated Open Mail Relay vulnerability
5.8
1 hour ago
YouTube Feed Pro
<= 2.6.0
Unauthenticated Arbitrary File Read via Path Traversal vulnerability
7.5
2 hours ago
RegistrationMagic
<= 6.0.7.1
Privilege Escalation via admin_order vulnerability
9.8
3 hours ago
PAYGENT for WooCommerce
<= 2.4.6
Missing Authorization to Unauthenticated Payment Callback Manipulation vulnerability
5.3
2 days ago
Integrate Dynamics 365 CRM
<= 1.1.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration vulnerability
5.9
2 days ago
Advanced Ads
<= 2.0.15
WordPress Advanced Ads - Ad Manager & AdSense plugin <= 2.0.15 - Authenticated (Admin+) SQL Injection vulnerability
7.6
2 days ago
Spin Wheel
<= 2.1.0
Unauthenticated Client-Side Prize Manipulation via 'prize_index' Parameter vulnerability
5.3
2 days ago
CM Email Registration Blacklist and Whitelist
<= 1.6.2
Authenticated (Administrator+) Stored Cross-Site Scripting via 'black_email' Parameter vulnerability
5.9
2 days ago
Team Section Block
<= 2.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Social Network Link vulnerability
6.5
2 days ago
Community Events
<= 1.5.6
Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter vulnerability
5.3
2 days ago
Phrase TMS Integration for WordPress
<= 4.7.5
Missing Authorization to Authenticated (Subscriber+) Log Deletion vulnerability
5.4
2 days ago
User Registration Using Contact Form 7
<= 2.5
Authenticated (Subscriber+) Information Exposure vulnerability
5.3
2 days ago
Church Admin
<= 5.0.28
Authenticated (Administrator+) Blind Server-Side Request Forgery via 'audio_url' Parameter vulnerability
4.4
2 days ago
RepairBuddy
<= 4.1116
Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Signature Upload to Orders vulnerability
5.3
2 days ago
Filr
<= 1.2.11
WordPress Filr - Secure document library plugin <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML Upload vulnerability
5.9
2 days ago
Modular DS
2.5.2
Privilege Escalation vulnerability
10
2 days ago
Peach Payments Gateway
<= 3.3.6
Broken Access Control vulnerability
6.5
2 days ago
The Aisle
< 2.9.1
Local File Inclusion vulnerability
8.1
3 days ago
Load more