Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
48,915
Mitigations
Mitigation rules
15,792
No official patch
13,025
In triage
1,325
Published soon
46
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Wappointment
<= 2.7.6
Unauthenticated Insecure Direct Object Reference vulnerability
5.3
9 hours ago
Feedzy
<= 5.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
10 hours ago
Product Video Gallery for Woocommerce
<= 1.5.1.8
Authenticated (Shop Manager+) Stored Cross-Site Scripting vulnerability
5.9
10 hours ago
Groundhogg
<= 4.5.8
Authenticated (Custom+) SQL Injection vulnerability
8.5
10 hours ago
My Calendar
<= 3.7.14
Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure vulnerability
5.3
10 hours ago
LatePoint
<= 5.6.2
Unauthenticated Insecure Direct Object Reference to Arbitrary Creation vulnerability
5.3
10 hours ago
Kirki
<= 6.0.11
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
10 hours ago
Kirki
<= 6.0.11
Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) vulnerability
5.3
10 hours ago
JoomSport
<= 5.7.8
Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification vulnerability
4.3
10 hours ago
JetFormBuilder
<= 3.6.3
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
5.3
10 hours ago
Shortcodes and extra features for Phlox theme
<= 2.17.16
Cross Site Scripting (XSS) vulnerability
6.5
12 hours ago
HubSpot
<= 11.3.51
Sensitive Data Exposure vulnerability
7.4
12 hours ago
Image Optimizer by Elementor
<= 1.7.4
Authenticated (Author+) Arbitrary File Deletion vulnerability
6.8
12 hours ago
Insert Pages
<= 3.11.4
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
12 hours ago
Email Subscribers & Newsletters
<= 5.9.27
Missing Authorization to Authenticated (Contributor+) Settings Modification vulnerability
4.3
12 hours ago
GiveWP
<= 4.16.1
Authenticated (Give Worker+) Stored Cross-Site Scripting vulnerability
6.5
13 hours ago
VikBooking Hotel Booking Engine & PMS
<= 1.8.12
CSRF to Arbitrary File Deletion vulnerability
7.4
13 hours ago
Enable Media Replace
<= 4.2.1
Cross Site Scripting (XSS) vulnerability
5.9
13 hours ago
ApplyOnline
<= 2.6.7.6
Broken Access Control vulnerability
5.3
13 hours ago
ThumbPress
<= 6.3.2
Broken Access Control vulnerability
4.3
13 hours ago
Load more