Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
48,824
Mitigations
Mitigation rules
15,761
No official patch
13,022
In triage
1,355
Published soon
62
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Ajax Load More - Filters
<= 3.4.1
WordPress Ajax Load More - Filters plugin <= 3.4.1 - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
5 hours ago
Dokan
<= 5.0.4
Authenticated (Custom+) Stored Cross-Site Scripting vulnerability
7.1
5 hours ago
Frisbii Pay
<= 1.8.9
Missing Authorization to Authenticated (Subscriber+) Payment Token Modification vulnerability
6.5
5 hours ago
MaxButtons
<= 9.8.5
Reflected Cross-Site Scripting vulnerability
7.1
5 hours ago
EventON
<= 5.0.11
WordPress EventON (Pro) - WordPress Virtual Event Calendar Plugin plugin <= 5.0.11 - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection vulnerability
9.3
6 hours ago
Export User Data
<= 2.2.6
Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion vulnerability
8
6 hours ago
ProfileGrid
<= 5.9.9.5
User Profiles, Groups and Communities plugin <= 5.9.9.5 - User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation vulnerability
9.8
6 hours ago
Frontend File Manager
<= 23.6
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
7.7
6 hours ago
Editorial Rating – Product Review & Rating System
<= 4.0.5
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
23 hours ago
Premium Addons for KingComposer
<= 1.1.1
Missing Authorization to Unauthenticated Arbitrary Custom Sidebar Creation and Deletion vulnerability
5.3
23 hours ago
PixMagix – WordPress Image Editor
<= 1.7.2
Authenticated (Author+) Path Traversal in 'layers[].id' Parameter vulnerability
4.9
23 hours ago
Plugin for Google Analytics by IO technologies
<= 1.1
Cross-Site Request Forgery vulnerability
4.3
23 hours ago
Team Member
<= 8.7
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
Werkstatt
<= 4.7.2
Cross Site Request Forgery (CSRF) vulnerability
4.3
1 day ago
Werkstatt
<= 4.7.2
Broken Access Control vulnerability
4.3
1 day ago
Martfury - WooCommerce Marketplace WordPress Theme
<= 3.2.8
WordPress Martfury - WooCommerce Marketplace WordPress theme theme <= 3.2.8 - Broken Access Control vulnerability
4.3
1 day ago
TheFox
<= 3.9.70
Cross Site Scripting (XSS) vulnerability
6.5
1 day ago
Custom Field Template
<= 2.7.8
SQL Injection vulnerability
8.5
1 day ago
Woffice
<= 5.4.31
Broken Access Control vulnerability
5.3
1 day ago
Simple User Avatar
<= 4.9
Insecure Direct Object References (IDOR) vulnerability
4.3
1 day ago
Load more