Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
49,294
Mitigations
Mitigation rules
15,929
No official patch
13,072
In triage
1,341
Published soon
36
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
All-in-One Video Gallery
<= 4.8.5
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
6.4
7 hours ago
WP Hotel Booking
<= 2.3.1
Reflected Cross-Site Scripting vulnerability
7.1
7 hours ago
Hide My WP Lite
<= 1.3
Unauthenticated Path Traversal to Arbitrary File Read vulnerability
7.5
7 hours ago
UsersWP
<= 1.2.65
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
8.8
8 hours ago
Super Forms
<= 6.3.313
Unauthenticated Arbitrary File Upload vulnerability
10
8 hours ago
LoginPress Pro
<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
8 hours ago
LoginPress Pro
<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
8 hours ago
LoginPress Pro
<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
8 hours ago
Mail Mint
<= 1.24.1
Authenticated (Administrator+) SQL Injection vulnerability
7.6
17 hours ago
Logo Slider
<= 5.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
17 hours ago
KiviCare
<= 4.4.0
Missing Authorization to Unauthenticated Payment Bypass and Appointment Status Manipulation vulnerability
5.3
17 hours ago
JoomSport
<= 5.7.9
Authenticated (Contributor+) SQL Injection vulnerability
6.5
17 hours ago
Jeg Elementor Kit
<= 3.2.6
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
17 hours ago
Invoice123
<= 1.7.0
Missing Authorization to Authenticated (Subscriber+) Setting Modification vulnerability
4.3
17 hours ago
Import and export users and customers
<= 2.4.0
Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability
4.3
18 hours ago
Hostel
<= 1.1.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
18 hours ago
Highlighting Code Block
<= 2.2.0
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
18 hours ago
Happyforms
<= 1.26.12
Authenticated (Admin+) Local File Inclusion vulnerability
6.6
18 hours ago
GW AI Website Builder
<= 1.0.1
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Deletion vulnerability
4.3
18 hours ago
GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference
<= 1.1.8
Cross-Site Request Forgery to Google Meet Credential Reset vulnerability
4.3
18 hours ago
Load more