The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total48,864
Mitigations15,778
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
LatePoint<= 5.6.3
Authenticated (Custom+) Privilege Escalation to Administrator vulnerability
8.8
34 minutes ago
NEX-Forms<= 9.2.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
39 minutes ago
VikBooking Hotel Booking Engine & PMS<= 1.8.12
Reflected Cross-Site Scripting vulnerability
7.1
52 minutes ago
LearnPress<= 4.3.9.1
Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Disclosure vulnerability
6.5
2 hours ago
Custom Payment Gateways for WooCommerce<= 2.1.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 hours ago
ChatBot<= 8.4.9
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 hours ago
WP Google Review Slider<= 18.1
Reflected Cross-Site Scripting vulnerability
7.1
3 hours ago
Webmention<= 5.8.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
3 hours ago
Ninja Forms<= 3.14.1
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
3 hours ago
BookingPress Appointment Booking Pro<= 5.7.1
Unauthenticated SQL Injection vulnerability
9.3
3 hours ago
WP-BusinessDirectory<= 4.0.1
Unauthenticated Arbitrary File Deletion vulnerability
8.6
3 hours ago
Taskbuilder<= 5.0.8
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
3 hours ago
Taskbuilder<= 5.0.8
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
3 hours ago
Visualizer<= 4.0.3
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
4 hours ago
SMS Alert Order Notifications<= 3.9.5
Unauthenticated Privilege Escalation vulnerability
9.8
4 hours ago
YouTube Showcase<= 4.0.3
Authenticated (Subscriber+) Arbitrary Function Call vulnerability
7.5
4 hours ago
WP Photo Album Plus<= 9.1.13.005
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
15 hours ago
MotoPress Appointment Booking<= 2.4.5
Authenticated (Staff+) SQL Injection vulnerability
8.5
17 hours ago
RegistrationMagic<= 6.0.9.1
Cross-Site Request Forgery to Privilege Escalation vulnerability
8.8
17 hours ago
Slim SEO<= 4.9.8
Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure vulnerability
4.3
17 hours ago