Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,443
Mitigations
Mitigation rules
15,254
No official patch
12,888
In triage
1,599
Published soon
3
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
WP ERP Pro
<= 1.5.1
Unauthenticated SQL Injection vulnerability
8.5
3 minutes ago
BookingPress Appointment Booking Pro
<= 5.6
Unauthenticated Arbitrary File Upload vulnerability
10
8 minutes ago
Easy Elements for Elementor – Addons & Website Templates
<= 1.4.5
Unauthenticated Privilege Escalation vulnerability
9.8
9 minutes ago
Widget Context
<= 1.3.3
Cross-Site Request Forgery to Settings Update vulnerability
4.3
11 hours ago
Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder
<= 1.1.1
Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Structure Modification vulnerability
4.3
11 hours ago
Slider by Soliloquy
<= 2.8.1
Authenticated (Subscriber+) Information Disclosure vulnerability
4.3
11 hours ago
Hotel Booking Lite
<= 6.0.1
Missing Authorization to Unauthenticated Arbitrary Booking Notes Modification vulnerability
5.3
11 hours ago
Fluent CRM
<= 2.9.87
Unauthenticated Blind Server-Side Request Forgery vulnerability
5.4
11 hours ago
The Plus Addons for Elementor Page Builder Lite
<= 6.4.11
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
11 hours ago
Alfie
<= 1.2.1
Cross-Site Request Forgery to Feed Deletion vulnerability
4.3
14 hours ago
WP Blockade
<= 0.9.14
Reflected Cross-Site Scripting vulnerability
7.1
14 hours ago
FastX
<= 1.0.2
Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation and Activation vulnerability
4.3
14 hours ago
KIA Subtitle
<= 4.0.1
[Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')] vulnerability
6.5
16 hours ago
Location Weather
<= 3.0.2
Missing Authorization to Authenticated (Contributor+) Block Settings Modification and Cache Purging vulnerability
4.3
16 hours ago
Fusion Builder
<= 3.15.2
Unauthenticated Remote Code Execution vulnerability
10
19 hours ago
AcyMailing SMTP Newsletter
<= 10.8.2
Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vulnerability
8.8
19 hours ago
Creative Mail
<= 1.6.9
Unauthenticated SQL Injection vulnerability
9.3
19 hours ago
Infility Global
<= 2.15.16
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
19 hours ago
Kirki – Freeform Page Builder, Website Builder & Customizer
<= 6.0.6
Unauthenticated Limited Arbitrary File Read and Deletion vulnerability
7.5
19 hours ago
Zoho ZeptoMail
<= 3.2.9
Broken Access Control vulnerability
4.3
22 hours ago
Load more