Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
48,862
Mitigations
Mitigation rules
15,764
No official patch
13,021
In triage
1,365
Published soon
62
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
YouTube Showcase
<= 4.0.3
Authenticated (Subscriber+) Arbitrary Function Call vulnerability
7.5
23 minutes ago
WP Photo Album Plus
<= 9.1.13.005
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
11 hours ago
MotoPress Appointment Booking
<= 2.4.5
Authenticated (Staff+) SQL Injection vulnerability
8.5
13 hours ago
RegistrationMagic
<= 6.0.9.1
Cross-Site Request Forgery to Privilege Escalation vulnerability
8.8
13 hours ago
Slim SEO
<= 4.9.8
Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure vulnerability
4.3
13 hours ago
Qi Blocks
<= 1.4.9
Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Style Modification vulnerability
4.3
14 hours ago
Motors
<= 1.4.111
Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Modification vulnerability
4.3
14 hours ago
LearnPress
<= 4.4.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
Download Manager
<= 3.3.60
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
GiveWP
<= 4.15.3
Cross-Site Request Forgery vulnerability
4.3
16 hours ago
Appointment Booking Calendar
<= 1.4.02
Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure vulnerability
4.3
16 hours ago
Contact Form by WPForms
<= 1.10.2
Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection vulnerability
5.3
17 hours ago
JetWidgets For Elementor
<= 1.0.21
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
17 hours ago
Event Organiser
<= 3.12.9
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
17 hours ago
FV Flowplayer Video Player
<= 7.5.51.7212
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
18 hours ago
Kali Forms
<= 2.4.13
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
18 hours ago
Tutor LMS
<= 3.9.13
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
18 hours ago
Gutenberg Blocks by Kadence Blocks
<= 3.7.7
Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Optimizer Data Deletion/Read/Modification vulnerability
4.3
18 hours ago
GiveWP
<= 4.16.0
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
18 hours ago
JoomSport
<= 5.7.8
Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Deletion vulnerability
4.3
18 hours ago
Load more