Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,155
Mitigations
Mitigation rules
13,712
No official fix
10,708
In triage
1,224
Published soon
43
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Vzaar Media Management
<= 1.2
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
35 minutes ago
TelSender
<= 1.14.14
Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability
7.1
38 minutes ago
SEO Links Interlinking
<= 1.7.5
Reflected Cross-Site Scripting via 'google_error' Parameter vulnerability
7.1
40 minutes ago
AI Engine
<= 3.3.2
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
6.4
43 minutes ago
VidShop
<= 1.1.4
Unauthenticated Time-Based SQL Injection via 'fields' vulnerability
9.3
48 minutes ago
Snow Monkey Forms
<= 12.0.3
Unauthenticated Arbitrary File Deletion via Path Traversal vulnerability
8.6
1 hour ago
New User Approve
<= 3.2.2
Missing Authorization to Unauthenticated Arbitrary User Approval, Denial, and Information Disclosure vulnerability
7.3
1 hour ago
Search Atlas SEO
2.4.4-2.5.12
WordPress Search Atlas SEO plugin 2.4.4 - 2.5.12 - Missing Authorization to Authenticated (Subscriber+) Authentication Bypass via Account Takeover vulnerability
8.8
1 hour ago
Stop Spammers
<= 2026.1
Cross-Site Request Forgery via Email Allowlist vulnerability
4.3
5 hours ago
Passster
<= 4.2.24
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
5 hours ago
Frontend File Manager
<= 23.5
Missing Authorization to Unauthenticated Arbitrary File Sharing via 'file_id' Parameter vulnerability
5.3
5 hours ago
Bitcoin Donate Button
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
5 hours ago
Recooty
1.0.1-1.0.6
Cross-Site Request Forgery to Settings Update vulnerability
4.3
5 hours ago
Change WP URL
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
5 hours ago
imwptip
<= 1.1
Cross-Site Request Forgery to Settings Update vulnerability
4.3
5 hours ago
WP Google Ad Manager
<= 1.1.0
Authenticated (Administrator+) Stored Cross-Site Scripting via Admin Settings vulnerability
5.9
5 hours ago
Rupantorpay
<= 2.0.0
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
5 hours ago
BlockArt Blocks
<= 2.2.14
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
5 hours ago
Ivory Search
<= 5.5.13
Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters vulnerability
5.9
5 hours ago
Order Minimum/Maximum Amount Limits for WooCommerce
<= 4.6.8
Authenticated (Shop Manager+) Stored Cross-Site Scripting via Hide Add to Cart Content Fields vulnerability
5.9
5 hours ago
Load more