The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total48,578

MitigationsMitigation rules15,630

No official patch12,994

In triage1,545

Published soon18

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Welcome Software Publishing<= 0.0.31 Authenticated (Subscriber+) Arbitrary Options Update to Privilege Escalation vulnerability	8.8	1 hour ago
WP Forms Connector<= 1.8 Missing Authorization to Unauthenticated Information Exposure vulnerability	7.5	1 hour ago
WP Forms Connector<= 1.8 Unauthenticated SQL Injection vulnerability	9.3	1 hour ago
Invoice Generator<= 1.0.0 Unauthenticated Account Takeover vulnerability	9.8	2 hours ago
SignUp & SignIn<= 1.0.0 Unauthenticated Privilege Escalation vulnerability	9.8	2 hours ago
Funnel Builder by FunnelKit<= 3.15.0.5 SQL Injection vulnerability	7.6	3 hours ago
WP Meta SEO<= 4.5.18 Authenticated (Contributor+) Server-Side Request Forgery vulnerability	6.4	17 hours ago
WP Latest Posts<= 5.0.11 Authenticated (Author+) Stored Cross-Site Scripting vulnerability	5.9	17 hours ago
MIR blocks and shortcodes<= 1.0.0 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	17 hours ago
Advanced Contact Form 7 – Compact DB<= 1.0.0 Missing Authorization to Unauthenticated Arbitrary Contact Form Submission Deletion vulnerability	5.3	17 hours ago
Bulk SEO Image<= 1.1 Cross-Site Request Forgery to Settings Update vulnerability	4.3	17 hours ago
Blue Captcha<= 2.0.1 Cross-Site Request Forgery vulnerability	4.3	17 hours ago
MotorDesk<= 1.1.2 Cross-Site Request Forgery to Settings Update vulnerability	4.3	17 hours ago
Book a Room Event Calendar<= 1.9 Cross-Site Request Forgery to Settings Update vulnerability	4.3	17 hours ago
Avalon23 Products Filter for WooCommerce<= 1.1.6 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	17 hours ago
Generate Security.txt<= 1.0.12 Missing Authorization to Authenticated (Subscriber+) Security.txt Deletion vulnerability	4.3	17 hours ago
Reviews and Rating – Docplanner<= 1.1.4 Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification vulnerability	4.3	17 hours ago
WhatsOrder – Instant Checkout for WooCommerce<= 1.0.1 Unauthenticated Sensitive Information Exposure vulnerability	5.3	17 hours ago
Devs Accounting – Simple Accounting and Invoicing Solution<= 1.2.0 Missing Authorization to Unauthenticated Account Deletion vulnerability	5.3	17 hours ago
Devs Accounting – Simple Accounting and Invoicing Solution<= 1.2.0 Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability	5.3	17 hours ago