Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,846
Mitigations
Mitigation rules
13,231
No official fix
10,085
In triage
1,532
Published soon
58
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Ninja Forms
<= 3.13.2
Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer Token vulnerability
7.5
37 minutes ago
Download Plugins and Themes from Dashboard
<= 1.9.6
Cross-Site Request Forgery to Bulk Plugin/Theme Archival vulnerability
4.3
6 hours ago
Converter for Media
<= 6.3.2
Missing Authorization to Authenticated (Subscriber+) Optimized Image Deletion via regenerate-attachment REST Endpoint vulnerability
4.3
6 hours ago
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent
<= 4.0.7
Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability
5.3
7 hours ago
WP Recipe Maker
<= 10.2.3
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
7 hours ago
Essential Addons for Elementor
<= 6.5.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
7 hours ago
Essential Blocks for Gutenberg
<= 5.7.2
Missing Authorization To Authenticated (Author+) Information Disclosure vulnerability
4.3
7 hours ago
WP to LinkedIn Auto Publish
<= 1.9.8
Reflected Cross-Site Scripting via PostMessage vulnerability
7.1
12 hours ago
Social Media Auto Publish
<= 3.6.5
Reflected Cross-Site Scripting via PostMessage vulnerability
7.1
12 hours ago
WP3D Model Import Viewer
<= 1.0.7
Authenticated (Contributor+) Arbitrary File Upload vulnerability
9.9
12 hours ago
Filter & Grids
<= 3.2.0
Unauthenticated SQL Injection vulnerability
9.3
12 hours ago
Export WP Page to Static HTML/CSS
<= 4.3.4
Unauthenticated Cookie Exposure via Log File vulnerability
9.8
12 hours ago
Postem Ipsum
<= 3.0.1
Missing Authorization to Authenticated (Subscriber+) Privilege Escalation in postem_ipsum_generate_users vulnerability
8.8
12 hours ago
افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce
<= 1.3.5
Unauthenticated Time-Based Blind SQL Injection vulnerability
9.3
12 hours ago
wpForo Forum
<= 2.4.12
Unauthenticated SQL Injection vulnerability
9.3
12 hours ago
URL Shortener
<= 3.0.7
Unauthenticated SQL Injection vulnerability
9.3
12 hours ago
WP Directory Kit
<= 1.4.7
Unauthenticated SQL Injection vulnerability
9.3
12 hours ago
Doubly - Cross Domain Copy Paste for WordPress
<= 1.0.46
Authenticated (Subscriber+) PHP Object Injection via ZIP File Import vulnerability
8.8
12 hours ago
JAY Login & Register
<= 2.4.01
Authentication Bypass via Cookie vulnerability
9.8
12 hours ago
Login Lockdown
<= 2.14
IP Block Bypass vulnerability
5.3
16 hours ago
Load more