Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,407
Mitigations
Mitigation rules
13,757
No official fix
10,756
In triage
1,259
Published soon
19
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Himer
< 2.1.1
Bypass Poll Voting Restrictions via CSRF vulnerability
4.3
9 minutes ago
Presto Player
< 2.2.3
Contributor+ Stored XSS vulnerability
6.5
12 minutes ago
GoZen Forms
<= 1.1.5
Unauthenticated SQL Injection via emdedSc() vulnerability
9.3
17 minutes ago
VikBooking Hotel Booking Engine & PMS
< 1.6.8
Broken Access Control vulnerability
5.4
26 minutes ago
Genesis Blocks
< 3.1.3
Contributor+ Stored XSS vulnerability
6.5
28 minutes ago
Feedback Modal for Website
<= 1.0.1
Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter vulnerability
5.3
38 minutes ago
Image Photo Gallery Final Tiles Grid
<= 3.6.8
Authenticated (Author+) Stored Cross-Site Scripting via 'Custom Scripts' Setting vulnerability
5.9
39 minutes ago
WishSuite
<= 1.5.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'button_text' Shortcode Attribute vulnerability
6.5
40 minutes ago
Easy Jump Links Menus
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
40 minutes ago
Modula Image Gallery
<= 2.13.3
Missing Authorization to Arbitrary Directory Listing vulnerability
6.5
41 minutes ago
TaxoPress
<= 3.40.1
Authenticated (Contributor+) SQL Injection via ORDER BY Clause vulnerability
8.5
42 minutes ago
Tutor LMS
<= 3.9.2
Missing Authorization to Authenticated (Subscriber+) Arbitrary Course Completion vulnerability
4.3
43 minutes ago
Bold Timeline Lite
<= 1.2.7
Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode vulnerability
6.5
43 minutes ago
PostX
< 4.0.2
Contributor+ Stored XSS vulnerability
6.5
44 minutes ago
Tainacan
<= 1.0.1
Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation vulnerability
5.3
44 minutes ago
All In One SEO Pack
< 4.6.1.1
Contributor+ Stored XSS vulnerability
6.5
45 minutes ago
WP Prayer
<= 2.0.9
Email Settings Update via CSRF vulnerability
4.3
45 minutes ago
WC Builder
<= 1.2.0
Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'heading_color' Shortcode Attribute vulnerability
5.9
45 minutes ago
ProfileGrid
<= 5.9.4.4
Missing Authorinzation to Authenticated (Subscriber+) Join Group Requests Management vulnerability
4.3
46 minutes ago
WP Prayer
<= 2.0.9
Arbitrary Prayer Deletion via CSRF vulnerability
4.3
46 minutes ago
Load more