Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,408
Mitigations
Mitigation rules
14,671
No official patch
11,207
In triage
1,321
Published soon
50
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
EmailKit
<= 1.6.3
Authenticated (Administrator+) Path Traversal via 'emailkit-editor-template' REST API Parameter vulnerability
4.9
1 day ago
Contact List
<= 3.0.18
Authenticated (Contributor+) Stored Cross-Site Scripting via '_cl_map_iframe' Parameter vulnerability
6.5
1 day ago
Keep Backup Daily
<= 2.1.2
Authenticated (Admin+) Stored Cross-Site Scripting via Backup Title vulnerability
5.9
1 day ago
Keep Backup Daily
<= 2.1.1
Authenticated (Admin+) Limited Path Traversal via 'kbd_path' Parameter vulnerability
2.7
1 day ago
Alt Manager
<= 1.8.2
Authenticated (Author+) Stored Cross-Site Scripting via Post Title vulnerability
5.9
1 day ago
Visual Portfolio, Photo Gallery & Post Grid
<= 3.5.1
Local File Inclusion vulnerability
7.5
2 days ago
Comments Import & Export
<= 2.4.9
Broken Access Control vulnerability
7.7
2 days ago
SMTP Mailer
<= 1.1.24
Sensitive Data Exposure vulnerability
7.5
2 days ago
Green Downloads
<= 2.08
Arbitrary File Upload vulnerability
9.9
2 days ago
Premmerce Redirect Manager
<= 1.0.12
Broken Access Control vulnerability
6.5
2 days ago
Scape
< 1.5.16
Arbitrary File Deletion vulnerability
8.6
2 days ago
Fusion Builder
< 3.15.0
Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Taboola Pixel
<= 1.1.4
Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Restrict Content
<= 3.2.22
Broken Access Control vulnerability
7.5
2 days ago
Product Rearrange for WooCommerce
<= 1.2.2
SQL Injection vulnerability
9.3
2 days ago
Product Rearrange for WooCommerce
<= 1.2.2
Broken Access Control vulnerability
8.2
2 days ago
KiviCare
<= 4.1.2
WordPress KiviCare - Clinic & Patient Management System (EHR) plugin <= 4.1.2 - Unauthenticated Authentication Bypass via Social Login Token vulnerability
9.8
2 days ago
KiviCare
<= 4.1.2
Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability
8.2
2 days ago
Post SMTP
<= 3.8.0
Unauthenticated Stored Cross-Site Scripting via 'event_type' vulnerability
7.1
2 days ago
Slimstat Analytics
<= 5.3.5
Unauthenticated Stored Cross-Site Scripting via 'fh' vulnerability
7.1
2 days ago
Load more