Pricing

WordPress security

Instantly fix and mitigate vulnerabilities

Plugin auditing

Paid auditing for WordPress vendors

Managed VDP

Start a security program for your plugin

Bug Bounty

Join the community and earn bounties

Enterprise API

At scale monitoring and vPatching for hosts

Vulnerability database

The latest WordPress security intelligence
Login
Start FREE
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Logo

WP Cookie Notice for GDPR, CCPA & ePrivacy Consent

Plugin

Changelog

Claim

VDP

Developer

WPEkaClub

Current version

3.6.3

Installations

9,000

Last updated

3 days ago

Vulnerability history

Not fixed 0 present
Fixed 3 patched

Unauthenticated Stored CrossSite Scripting via ClientIP header vulnerability <= 3.2.0

Patch priority: medium Fixed

7.1

25 June, 2024

Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability <= 3.0.2

Patch priority: low Fixed

5.3

17 April, 2024

CSV Injection vulnerability <= 2.2.5

Badge Patch priority: low Fixed

4.0

20 June, 2023

Protection

Pricing WordPress For agencies Standard API Documentation

Solutions

WordPress security Plugin auditing Managed VDP Bug bounty Enterprise API

Bug bounty

Leaderboard Security programs Guidelines Report LearnNEW

Resources

Vulnerability Database Vulnerability Statistics Whitepaper 2024NEW Articles Join Discord

Patchstack

About StoreNEW Careers Media kit LinkedIn Facebook X
© 2024 Patchstack DPA Privacy Policy Terms & Conditions

Protection

Pricing WordPress For agencies Standard API Documentation

Solutions

WordPress security Plugin auditing Managed VDP Bug bounty Enterprise API

Bug bounty

Leaderboard Security programs Guidelines Report LearnNEW

Resources

Vulnerability Database Vulnerability Statistics Whitepaper 2024NEW Articles Join Discord

Patchstack

About StoreNEW Careers Media kit LinkedIn Facebook X
Mobile Menu

Let us know if we have missed a vulnerability reported elsewhere

Mobile Menu Close

Thank you for contributing!

Close Mobile Menu