Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,418
Mitigations
Mitigation rules
14,677
No official patch
11,209
In triage
1,320
Published soon
0
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Kali Forms
<= 2.4.9
Unauthenticated Remote Code Execution via form_process vulnerability
10
46 minutes ago
Injection Guard
<= 1.2.9
Unauthenticated Stored Cross-Site Scripting via Query Parameter Name vulnerability
7.1
1 hour ago
WowOptin
<= 1.4.29
Unauthenticated Server-Side Request Forgery via 'link' Parameter in REST API vulnerability
7.2
2 hours ago
Pre* Party Resource Hints
<= 1.8.20
Authenticated (Subscriber+) SQL Injection via 'hint_ids' Parameter vulnerability
8.5
2 hours ago
Expire Users
<= 1.2.2
Authenticated (Subscriber+) Privilege Escalation to Administrator via save_extra_user_profile_fields vulnerability
8.8
2 hours ago
Linksy Search and Replace
<= 1.0.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Update via linksy_search_and_replace_item_details vulnerability
8.8
2 hours ago
WP-Chatbot for Messenger
<= 4.9
Missing Authorization to Unauthenticated Chatbot Configuration Takeover vulnerability
6.5
12 hours ago
Autoptimize
<= 3.1.14
Authenticated (Contributor+) Stored Cross-Site Scripting via Lazy-loaded Image Attributes vulnerability
6.5
12 hours ago
Scoreboard for HTML5 Games Lite
<= 1.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
12 hours ago
Autoptimize
<= 3.1.14
Authenticated (Contributor+) Stored Cross-Site Scripting via 'ao_post_preload' Meta Value vulnerability
6.5
12 hours ago
RepairBuddy
<= 4.1132
Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via wc_rep_shop_settings_submission AJAX Action vulnerability
5.3
12 hours ago
EmailKit
<= 1.6.3
Authenticated (Administrator+) Path Traversal via 'emailkit-editor-template' REST API Parameter vulnerability
4.9
2 days ago
Contact List
<= 3.0.18
Authenticated (Contributor+) Stored Cross-Site Scripting via '_cl_map_iframe' Parameter vulnerability
6.5
2 days ago
Keep Backup Daily
<= 2.1.2
Authenticated (Admin+) Stored Cross-Site Scripting via Backup Title vulnerability
5.9
2 days ago
Keep Backup Daily
<= 2.1.1
Authenticated (Admin+) Limited Path Traversal via 'kbd_path' Parameter vulnerability
2.7
2 days ago
Motta Addons
< 1.6.1
Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
My Tickets
<= 2.1.1
Bypass Vulnerability vulnerability
5.3
2 days ago
FAQ Builder AYS
<= 1.8.2
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Image Slider by Ays
<= 2.7.1
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Jaroti
< 1.4.8
Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Load more