The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total47,423

MitigationsMitigation rules15,249

No official patch12,918

In triage1,591

Published soon4

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Zoho ZeptoMail<= 3.2.9 Broken Access Control vulnerability	4.3	2 hours ago
CF7 WOW Styler<= 1.7.6 Broken Access Control vulnerability	5.3	2 hours ago
Mail Mint<= 1.19.5 Sensitive Data Exposure vulnerability	4.3	2 hours ago
Piotnet Addons For Elementor Pro<= 7.1.70 Unauthenticated Arbitrary File Upload vulnerability	10	3 hours ago
Piotnet Forms<= 2.1.40 Unauthenticated Arbitrary File Upload vulnerability	10	3 hours ago
Account Switcher<= 1.0.2 Authenticated (Subscriber+) Authentication Bypass to Privilege Escalation vulnerability	8.8	3 hours ago
ProSolution WP Client<= 2.0.0 Unauthenticated Arbitrary File Upload vulnerability	10	3 hours ago
Easy Elements for Elementor – Addons & Website Templates<= 1.4.4 Unauthenticated Privilege Escalation vulnerability	9.8	3 hours ago
Advanced Database Cleaner – Premium<= 4.1.0 Authenticated (Subscriber+) Local File Inclusion vulnerability	8.8	3 hours ago
Gift Cards For WooCommerce Pro<= 4.2.6 Arbitrary File Upload vulnerability	10	17 hours ago
WPB Floating Menu or Categories – Sticky Floating Side Menu & Categories with Icons<= 1.0.8 Authenticated (Editor+) Stored Cross-Site Scripting vulnerability	5.9	20 hours ago
Broadstreet Ads<= 1.52.2 Authenticated (Subscriber+) Private Post Meta Disclosure vulnerability	4.3	21 hours ago
YITH WooCommerce Product Add-Ons<= 4.29.0 SQL Injection vulnerability	7.6	21 hours ago
Visualizer< 4.0.0 Cross Site Scripting (XSS) vulnerability	6.5	21 hours ago
WpBookingly<= 1.2.9 Broken Access Control vulnerability	6.5	22 hours ago
Image Photo Gallery Final Tiles Grid<= 3.6.11 Broken Access Control vulnerability	4.3	22 hours ago
PDF for Elementor Forms + Drag And Drop Template Builder<= 5.5.1 Broken Access Control vulnerability	5	22 hours ago
Slider Revolution<= 7.0.9 Unauthenticated Sensitive Information Exposure vulnerability	5.3	1 day ago
@angular/platform-server<= 18.2.14 NPM: @angular/platform-server: SSRF via Hostname Hijacking	8.8	1 day ago
@beproduct/nestjs-auth>= 0.1.2, <= 0.1.19 NPM: Malicious code in @beproduct/nestjs-auth (0.1.2 through 0.1.19) — Mini Shai-Hulud worm	10	1 day ago