Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,405
Mitigations
Mitigation rules
13,756
No official fix
10,756
In triage
1,259
Published soon
19
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
GoZen Forms
<= 1.1.5
Unauthenticated SQL Injection via emdedSc() vulnerability
9.3
5 minutes ago
VikBooking Hotel Booking Engine & PMS
< 1.6.8
Broken Access Control vulnerability
5.4
14 minutes ago
Genesis Blocks
< 3.1.3
Contributor+ Stored XSS vulnerability
6.5
16 minutes ago
Feedback Modal for Website
<= 1.0.1
Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter vulnerability
5.3
26 minutes ago
Image Photo Gallery Final Tiles Grid
<= 3.6.8
Authenticated (Author+) Stored Cross-Site Scripting via 'Custom Scripts' Setting vulnerability
5.9
27 minutes ago
WishSuite
<= 1.5.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'button_text' Shortcode Attribute vulnerability
6.5
28 minutes ago
Easy Jump Links Menus
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
28 minutes ago
Modula Image Gallery
<= 2.13.3
Missing Authorization to Arbitrary Directory Listing vulnerability
6.5
29 minutes ago
TaxoPress
<= 3.40.1
Authenticated (Contributor+) SQL Injection via ORDER BY Clause vulnerability
8.5
30 minutes ago
Tutor LMS
<= 3.9.2
Missing Authorization to Authenticated (Subscriber+) Arbitrary Course Completion vulnerability
4.3
31 minutes ago
Bold Timeline Lite
<= 1.2.7
Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode vulnerability
6.5
31 minutes ago
PostX
< 4.0.2
Contributor+ Stored XSS vulnerability
6.5
32 minutes ago
Tainacan
<= 1.0.1
Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation vulnerability
5.3
32 minutes ago
All In One SEO Pack
< 4.6.1.1
Contributor+ Stored XSS vulnerability
6.5
33 minutes ago
WP Prayer
<= 2.0.9
Email Settings Update via CSRF vulnerability
4.3
33 minutes ago
WC Builder
<= 1.2.0
Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'heading_color' Shortcode Attribute vulnerability
5.9
33 minutes ago
ProfileGrid
<= 5.9.4.4
Missing Authorinzation to Authenticated (Subscriber+) Join Group Requests Management vulnerability
4.3
34 minutes ago
WP Prayer
<= 2.0.9
Arbitrary Prayer Deletion via CSRF vulnerability
4.3
34 minutes ago
Frontend Post Submission Manager Lite
<= 1.2.5
Missing Authorization to Unauthenticated Arbitrary Post Modification vulnerability
5.3
35 minutes ago
Advanced iFrame
<= 2024.5
Authenticated (Contributor+) Stored Cross-Site Scripting via Host Header vulnerability
6.5
37 minutes ago
Load more