Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
49,343
Mitigations
Mitigation rules
15,939
No official patch
13,058
In triage
1,342
Published soon
0
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
n8n-mcp
<= 2.57.3
NPM: n8n-MCP: Incorrect authorization can expose default-scope workflow version backups in multi-tenant HTTP mode
4.2
2 hours ago
tidgi
<= 0.13.0
NPM: TidGi Desktop Remote Code Execution via Malicious TiddlyWiki Repository Import — Tiddler Startup Module Auto-Execution
9.6
3 hours ago
@feathersjs/commons
<= 5.0.44
NPM: Prototype pollution in @feathersjs/commons _.merge via JSON-parsed __proto__
3.7
3 hours ago
n8n-mcp
<= 2.56.0
NPM: n8n-MCP: Cross-tenant access to workflow version backups in multi-tenant HTTP deployments
9.9
3 hours ago
@fedify/fedify
>= 0.11.2, < 1.9.12
NPM: Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges
8.6
4 hours ago
@fedify/vocab-runtime
< 2.0.19
NPM: Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges
8.6
4 hours ago
Genolve
<= 5.0.5
Authenticated (Contributor+) Incorrect Authorization to Privilege Escalation vulnerability
8.8
15 hours ago
bbp style pack
<= 6.4.5
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
15 hours ago
CorvusPay WooCommerce Payment Gateway
<= 2.7.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
15 hours ago
W3 Total Cache
<= 2.9.4
Unauthenticated Arbitrary File Read vulnerability
7.5
15 hours ago
WordPress CTA
<= 2.2.2
Unauthenticated Time-Based Blind SQL Injection vulnerability
9.3
16 hours ago
Aimogen Pro
<= 2.8.4
WordPress Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin <= 2.8.4 - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit <= 2.8.4 - Unauthenticated Privilege Escalation vulnerability
9.8
16 hours ago
Ultimate Auction Pro
<= 2.4.5
Reflected XSS via uwa_manage_auctions vulnerability
7.1
1 day ago
Ultimate Auction Pro
<= 2.4.5
Reflected XSS via uwa_auctions_bids_list vulnerability
7.1
1 day ago
ICS Calendar
<= 12.0.9
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
Booking Package
<= 1.7.20
Unauthenticated SQL Injection vulnerability
9.3
1 day ago
WP Customer Area
<= 8.3.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
FoodBook Lite – Online Food Ordering System
<= 1.5.6
Missing Authorization to Unauthenticated User Registration vulnerability
5.3
1 day ago
News Kit Elementor Addons
<= 1.4.6
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Fusion Builder
<= 3.15.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Load more