The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total36,006

MitigationsMitigation rules13,264

No official fix10,103

In triage1,386

Published soon30

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Frontend Post Submission Manager Lite<= 1.2.6 Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability	5.3	10 hours ago
Gravity Forms < 2.9.23.1 Unauthenticated Arbitrary File Upload vulnerability	10	15 hours ago
URL Shortify<= 1.11.3 Reflected Cross-Site Scripting vulnerability	7.1	1 day ago
URL Shortify<= 1.11.2 Reflected Cross-Site Scripting vulnerability	7.1	1 day ago
Overstock Affiliate Links<= 1.1 Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability	7.1	1 day ago
Print Invoice & Delivery Notes for WooCommerce<= 5.8.0 Unauthenticated Remote Code Execution vulnerability	10	1 day ago
PhastPress<= 3.7 Unauthenticated Arbitrary File Read via Null Byte Injection vulnerability	7.5	1 day ago
Ocean Modal Window< 2.3.3 Editor+ Remote Code Execution vulnerability	9.1	1 day ago
WP Hallo Welt<= 1.4. Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability	7.1	1 day ago
Attachments Handler<= 1.1.7 Reflected Cross-Site Scripting vulnerability	7.1	1 day ago
Flex Store Users<= 1.1.0 Unauthenticated Privilege Escalation vulnerability	9.8	1 day ago
File Uploader for WooCommerce<= 1.0.3 Unauthenticated Arbitrary File Upload via add-image-data vulnerability	10	1 day ago
WP JobHunt<= 7.7 Authenticated (Candidate+) Insecure Direct Object Reference vulnerability	4.3	2 days ago
WP JobHunt<= 7.7 Missing Authorization to Authenticated (Candidate+) Stored Cross-Site Scripting via 'status' vulnerability	6.5	2 days ago
GiveWP<= 4.13.1 Cross Site Request Forgery (CSRF) vulnerability	5.4	2 days ago
Brave<= 0.8.3 Broken Access Control vulnerability	5.3	2 days ago
Nika<= 1.2.14 Local File Inclusion vulnerability	7.5	2 days ago
Diza<= 1.3.15 Local File Inclusion vulnerability	7.5	2 days ago
Responsive Posts Carousel Pro<= 15.2 Cross Site Scripting (XSS) vulnerability	6.5	2 days ago
WPBulky<= 1.1.13 SQL Injection vulnerability	7.6	2 days ago