Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,616
Mitigations
Mitigation rules
13,460
No official fix
10,476
In triage
881
Published soon
44
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Lesson Plan Book
<= 1.3
Reflected Cross-Site Scripting vulnerability
7.1
3 hours ago
MG AdvancedOptions
<= 1.2
Reflected Cross-Site Scripting vulnerability
7.1
3 hours ago
Top Position Google Finance
<= 0.1.0
Reflected Cross-Site Scripting vulnerability
7.1
3 hours ago
Eventin
<= 4.0.51
WordPress Eventin - Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) plugin <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' vulnerability
7.1
3 hours ago
Frontend Admin by DynamiApps
<= 3.28.23
Unauthenticated Stored Cross-Site Scripting via 'update_field' vulnerability
7.1
3 hours ago
Slimstat Analytics
<= 5.3.3
Unauthenticated Stored Cross-Site Scripting via 'fh' Parameter vulnerability
7.1
4 hours ago
Slimstat Analytics
<= 5.3.4
Unauthenticated Stored Cross-Site Scripting via 'notes/resource' Parameters vulnerability
7.1
4 hours ago
Sendinblue for WooCommerce
<= 4.0.49
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
4 hours ago
Frontend Admin by DynamiApps
<= 3.28.25
Unauthenticated Privilege Escalation to Administrator via Role Form Field vulnerability
9.8
5 hours ago
Frontend Admin by DynamiApps
<= 3.28.25
Missing Authorization to Unauthenticated Arbitrary Data Deletion via 'delete post' Form Element vulnerability
9.1
5 hours ago
Client Testimonial Slider
<= 2.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'aft_testimonial_meta_name' Metabox Field vulnerability
6.5
13 hours ago
Contact Form vCard Generator
<= 2.4
Missing Authorization to Unauthenticated Sensitive Information Exposure via 'wp-gvc-cf-download-id' Parameter vulnerability
5.3
13 hours ago
Debt.com Business in a Box
<= 4.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
13 hours ago
Menu Card
<= 0.8.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
13 hours ago
Entry Views
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
13 hours ago
Curved Text
<= 0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
13 hours ago
Header and Footer Scripts
<= 2.2.2
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
13 hours ago
The Tooltip
<= 1.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
13 hours ago
WP Popup Magic
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'name' Shortcode Attribute vulnerability
6.5
13 hours ago
Nearby Now Reviews
<= 5.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
13 hours ago
Load more