The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total49,005
Mitigations15,810
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
wpDiscuz<= 7.6.56
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 hours ago
Ultimate Member<= 2.11.4
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
JSON API User<= 4.1.0
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
NEX-Forms<= 9.2.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 hours ago
CURCY<= 2.2.14
Unauthenticated Arbitrary Shortcode Execution vulnerability
5.4
3 hours ago
Printcart Web to Print Product Designer for WooCommerce<= 2.5.2
Unauthenticated Arbitrary File Deletion vulnerability
8.6
3 hours ago
AR For Woocommerce<= 8.40
Unauthenticated Path Traversal to Arbitrary File Read vulnerability
7.5
3 hours ago
AR For WordPress<= 8.40
Unauthenticated Arbitrary File Read vulnerability
7.5
3 hours ago
Index Now<= 3.0.16
Cross Site Request Forgery (CSRF) vulnerability
4.3
14 hours ago
FormLayer<= 1.0.6
Sensitive Data Exposure vulnerability
5.3
14 hours ago
Exclusive Addons Elementor<= 2.7.9.9
Sensitive Data Exposure vulnerability
5.3
15 hours ago
LatePoint<= 5.6.1
Missing Authorization to Unauthenticated Arbitrary Customer Data Modification vulnerability
5.3
3 days ago
Zakra<= 4.2.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
3 days ago
Ad Inserter<= 2.8.16
Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Post Content Disclosure vulnerability
4.3
3 days ago
Quiz And Survey Master<= 11.1.4
Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute vulnerability
4.3
3 days ago
RTMKit<= 2.0.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
3 days ago
CM Business Directory<= 1.5.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
3 days ago
WP Import Export Lite<= 3.9.30
Authenticated (Administrator+) Server-Side Request Forgery vulnerability
5.5
3 days ago
Ninja Forms File Uploads Extension<= 3.3.29
WordPress Ninja Forms - File Uploads plugin <= 3.3.29 - File Uploads <= 3.3.29 - Missing Authorization to Unauthenticated Log Disclosure and Deletion vulnerability
5.3
3 days ago
Tonda<= 2.5
Local File Inclusion vulnerability
7.5
3 days ago