Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,797
Mitigations
Mitigation rules
14,323
No official patch
11,115
In triage
1,235
Published soon
110
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WP User Frontend
<= 4.2.8
Authenticated (Author+) Arbitrary File Upload vulnerability
8.8
4 hours ago
Fluent Forms Pro Add On Pack
<= 6.1.17
Missing Authorization to Unauthenticated Payment Status modification vulnerability
7.5
4 hours ago
Listee
<= 1.1.6
Unauthenticated Privilege Escalation vulnerability
9.8
4 hours ago
PKT1 Centro de envios
<= 1.2.1
Reflected Cross-Site Scripting vulnerability
7.1
5 hours ago
Analytics Cat
<= 1.1.2
Reflected Cross-Site Scripting vulnerability
7.1
10 hours ago
MailArchiver
<= 4.5.0
Authenticated (Admininistrator+) SQL Injection via 'logid' Parameter vulnerability
7.6
12 hours ago
Japanized For WooCommerce
<= 2.8.4
Missing Authorization to Unauthenticated Paidy Order Manipulation vulnerability
5.3
12 hours ago
Electric Enquiries
<= 1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'button' Shortcode Attribute vulnerability
6.5
12 hours ago
WP Accessibility
<= 2.3.1
Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via 'alt' Attribute vulnerability
6.5
12 hours ago
Simple Download Monitor
<= 4.0.5
Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field vulnerability
6.5
12 hours ago
Xpro Elementor Addons
<= 1.4.24
WordPress Xpro Addons - 140+ Widgets for Elementor plugin <= 1.4.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Scroller Widget box link vulnerability
6.5
12 hours ago
Automotive Car Dealership Business
<= 13.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields vulnerability
6.5
12 hours ago
WP Recipe Maker
<= 10.3.2
Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter vulnerability
5.3
12 hours ago
Planaday API
<= 11.4
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
Cost Calculator Pro
<= 2.3.1
Unauthenticated Stored Cross-Site Scripting via 'customer_name' vulnerability
7.1
1 day ago
Responsive Lightbox
< 2.6.1
Unauthenticated Stored XSS vulnerability
7.1
1 day ago
OVRI Payment
1.7.0
Malicious .htaccess directive vulnerability
6.5
1 day ago
Worry Proof Backup
<= 0.2.4
Authenticated (Subscriber+) Path Traversal via Backup Upload vulnerability
8.8
1 day ago
User Registration
<= 5.1.2
Authentication Bypass vulnerability
8.1
1 day ago
WP Responsive Images
<= 1.0
Unauthenticated Path Traversal to Arbitrary File Read via src vulnerability
7.5
1 day ago
Load more