Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,712
Mitigations
Mitigation rules
13,213
No official fix
10,019
In triage
1,591
Published soon
51
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
TI WooCommerce Wishlist
<= 2.10.0
Unauthenticated HTML Injection vulnerability
5.3
23 minutes ago
WidgetKit
<= 2.5.6
Authenticated (Contributor+) Stored Cross-Site Scripting via Team and Countdown Widgets vulnerability
6.5
1 hour ago
myCred
<= 2.9.7
Missing Authorization to Unauthenticated Withdrawal Request Approval vulnerability
5.3
1 hour ago
MediaCommander – Bring Folders to Media, Posts, and Pages
<= 2.3.1
Missing Authorization to Authenticated (Author+) Media Folder Deletion vulnerability
6.5
1 hour ago
Lucky Draw Contests
<= 4.2
Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
1 hour ago
Popover Windows
<= 1.2
Missing Authorization to Authenticated (Subscriber+) Popover Configuration Update via AJAX Actions vulnerability
5.4
1 hour ago
Custom Frames
<= 1.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Parameter vulnerability
6.5
1 hour ago
Shortcode Ajax
<= 1.0
Unauthenticated Arbitrary Shortcode Execution via 'code' Parameter vulnerability
5.4
1 hour ago
Popover Windows
<= 1.2
Cross-Site Request Forgery to Arbitrary Popover Configuration Update vulnerability
4.3
1 hour ago
Quick Testimonials
<= 2.1
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
5.9
1 hour ago
Solutions Ad Manager
<= 1.0.0
Unauthenticated Open Redirect via 'sam-redirect-to' Parameter vulnerability
4.7
1 hour ago
AnnunciFunebri Impresa
<= 4.7.0
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Options Deletion vulnerability
5.4
1 hour ago
Devs CRM
<= 1.1.8
Missing Authorization to Unauthenticated Lead Tag Update vulnerability
5.3
1 hour ago
Popup Builder
<= 1.1.37
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Reset vulnerability
5.4
2 hours ago
Devs CRM
<= 1.1.8
Unauthenticated Information Expsoure vulnerability
5.3
2 hours ago
Userback
<= 1.0.15
Missing Authorization to Authenticated (Subscriber+) Plugin's Configuration Exposure vulnerability
5.4
2 hours ago
Easy Theme Options
<= 1.0
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Import vulnerability
5.3
2 hours ago
Eyewear prescription form
<= 6.0.1
Missing Authorization to Unauthenticated Arbitrary WooCommerce Product Creation vulnerability
5.3
2 hours ago
SimpLy Gallery
<= 3.3.0
Missing Authorization to Authenticated (Contributor+) Plugin Settings Modification vulnerability
4.3
2 hours ago
Redux Framework
<= 4.5.8
Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter vulnerability
6.5
3 hours ago
Load more