Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,472
Mitigations
Mitigation rules
15,257
No official patch
12,884
In triage
1,599
Published soon
1
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Ditty
<= 3.1.65
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
10 hours ago
AudioIgniter Music Player
<= 2.0.2
Unauthenticated Insecure Direct Object Reference to 'audioigniter_playlist_id' Parameter vulnerability
7.5
10 hours ago
WP ERP Pro
<= 1.5.1
Unauthenticated SQL Injection vulnerability
8.5
10 hours ago
BookingPress Appointment Booking Pro
<= 5.6
Unauthenticated Arbitrary File Upload vulnerability
10
10 hours ago
Easy Elements for Elementor – Addons & Website Templates
<= 1.4.5
Unauthenticated Privilege Escalation vulnerability
9.8
10 hours ago
network-ai
<= 5.4.4
NPM: Network-AI: Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret
7.6
18 hours ago
@boxlite-ai/boxlite
< 0.9.0
NPM: Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host
9.6
19 hours ago
@boxlite-ai/boxlite
< 0.9.0
NPM: BoxLite: Permission Bypass Allows Modification of Read-Only Files
10
19 hours ago
@nevware21/ts-utils
<= 0.13.0
NPM: @nevware21/ts-utils: Prototype Pollution in objDeepCopy/objCopyProps via for...in without hasOwnProperty
7.2
19 hours ago
@libp2p/gossipsub
<= 15.0.22
NPM: js-libp2p: Memory DoS via subscription flood of unique topics
7.5
19 hours ago
js-cookie
<= 3.0.5
NPM: JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection
7.5
19 hours ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: Stack-wide evidence bypassed Cloudflare and deployment-governance guardrails
8.7
20 hours ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: GitHub OIDC trust policy bypass via AWS set-qualified condition operators
9.3
20 hours ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: CIS 1.16 admin policy bypass for inline and attached IAM policies
8.7
20 hours ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: HULUMI-H1 SecureBucket parent spoof bypass
8.7
20 hours ago
@hulumi/drift
< 1.3.2
NPM: @hulumi/drift: Orphan reconciler accepted externally supplied execute plans
8.7
20 hours ago
@hulumi/baseline
< 1.3.2
NPM: @hulumi/baseline: CloudTrail selector tampering events were not fully detected
6.9
20 hours ago
nocodb
<= 0.301.3
NPM: NocoDB: Stale Auth Cache After API Token Deletion
2.3
20 hours ago
nocodb
<= 0.301.3
NPM: NocoDB: Attachment Size Limit Bypass via Upload-by-URL
2.1
20 hours ago
nocodb
<= 0.301.3
NPM: NocoDB: Shared-base link access can invite arbitrary users as persistent base members
5.8
20 hours ago
Load more