Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,853
Mitigations
Mitigation rules
13,234
No official fix
10,071
In triage
1,536
Published soon
0
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
OpenID Connect Generic Client
<= 3.10.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
32 minutes ago
NextGEN Gallery
<= 3.59.12
Authenticated (Contributor+) Local File Inclusion via 'template' vulnerability
8.8
33 minutes ago
Events Manager
<= 7.2.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'events_list_grouped' Shortcode vulnerability
6.5
34 minutes ago
Embed Any Document
<= 2.7.10
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
36 minutes ago
Page Builder: Live Composer
<= 2.0.2
Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
6.5
1 hour ago
Ultimate Member
<= 2.11.0
Authenticated (Subscriber+) Profile Privacy Setting Bypass vulnerability
4.3
1 hour ago
HTML Forms
<= 1.6.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
15 hours ago
Zephyr Project Manager
<= 3.3.203
Authenticated (Custom+) Arbitrary File Read And Server-Side Request Forgery vulnerability
4.9
16 hours ago
BP Better Messages
<= 2.10.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
16 hours ago
WP Social Ninja
<= 4.0.1
Missing Authorization to Unauthenticated Plugin's Settings Disclosure And Modification vulnerability
6.5
16 hours ago
Ninja Forms
<= 3.13.2
Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer Token vulnerability
7.5
17 hours ago
Download Plugins and Themes from Dashboard
<= 1.9.6
Cross-Site Request Forgery to Bulk Plugin/Theme Archival vulnerability
4.3
23 hours ago
Converter for Media
<= 6.3.2
Missing Authorization to Authenticated (Subscriber+) Optimized Image Deletion via regenerate-attachment REST Endpoint vulnerability
4.3
1 day ago
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent
<= 4.0.7
Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability
5.3
1 day ago
WP Recipe Maker
<= 10.2.3
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
1 day ago
Essential Addons for Elementor
<= 6.5.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Essential Blocks for Gutenberg
<= 5.7.2
Missing Authorization To Authenticated (Author+) Information Disclosure vulnerability
4.3
1 day ago
WP to LinkedIn Auto Publish
<= 1.9.8
Reflected Cross-Site Scripting via PostMessage vulnerability
7.1
1 day ago
Social Media Auto Publish
<= 3.6.5
Reflected Cross-Site Scripting via PostMessage vulnerability
7.1
1 day ago
WP3D Model Import Viewer
<= 1.0.7
Authenticated (Contributor+) Arbitrary File Upload vulnerability
9.9
1 day ago
Load more