Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
48,826
Mitigations
Mitigation rules
15,763
No official patch
13,022
In triage
1,364
Published soon
67
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Ajax Load More - Filters
<= 3.4.1
WordPress Ajax Load More - Filters plugin <= 3.4.1 - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
12 hours ago
Dokan
<= 5.0.4
Authenticated (Custom+) Stored Cross-Site Scripting vulnerability
7.1
12 hours ago
Frisbii Pay
<= 1.8.9
Missing Authorization to Authenticated (Subscriber+) Payment Token Modification vulnerability
6.5
12 hours ago
MaxButtons
<= 9.8.5
Reflected Cross-Site Scripting vulnerability
7.1
12 hours ago
EventON
<= 5.0.11
WordPress EventON (Pro) - WordPress Virtual Event Calendar Plugin plugin <= 5.0.11 - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection vulnerability
9.3
12 hours ago
Export User Data
<= 2.2.6
Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion vulnerability
8
12 hours ago
ProfileGrid
<= 5.9.9.5
User Profiles, Groups and Communities plugin <= 5.9.9.5 - User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation vulnerability
9.8
13 hours ago
Frontend File Manager
<= 23.6
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
7.7
13 hours ago
Editorial Rating – Product Review & Rating System
<= 4.0.5
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
Premium Addons for KingComposer
<= 1.1.1
Missing Authorization to Unauthenticated Arbitrary Custom Sidebar Creation and Deletion vulnerability
5.3
1 day ago
PixMagix – WordPress Image Editor
<= 1.7.2
Authenticated (Author+) Path Traversal in 'layers[].id' Parameter vulnerability
4.9
1 day ago
Plugin for Google Analytics by IO technologies
<= 1.1
Cross-Site Request Forgery vulnerability
4.3
1 day ago
Team Member
<= 8.7
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
Werkstatt
<= 4.7.2
Cross Site Request Forgery (CSRF) vulnerability
4.3
1 day ago
Werkstatt
<= 4.7.2
Broken Access Control vulnerability
4.3
1 day ago
Martfury - WooCommerce Marketplace WordPress Theme
<= 3.2.8
WordPress Martfury - WooCommerce Marketplace WordPress theme theme <= 3.2.8 - Broken Access Control vulnerability
4.3
1 day ago
TheFox
<= 3.9.70
Cross Site Scripting (XSS) vulnerability
6.5
1 day ago
Custom Field Template
<= 2.7.8
SQL Injection vulnerability
8.5
1 day ago
Woffice
<= 5.4.31
Broken Access Control vulnerability
5.3
1 day ago
Simple User Avatar
<= 4.9
Insecure Direct Object References (IDOR) vulnerability
4.3
1 day ago
Load more