The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total37,546

MitigationsMitigation rules13,797

No official fix10,779

In triage1,257

Published soon1

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
FluentForm<= 5.1.19 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	1 minute ago
FluentForm<= 5.1.19 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	1 minute ago
The Plus Addons for Elementor Page Builder Lite<= 5.6.2 Authenticated (Contributor+) Stored Cross-Site Scripting via TP Page Scroll Widget vulnerability	6.5	2 minutes ago
Flamix: Bitrix24 and Contact Form 7 integrations<= 3.1.0 Unauthenticated Full Path Disclosure vulnerability	5.3	2 minutes ago
Elegant Addons for elementor<= 1.0.8 Authenticated (Contributor+) Stored Cross-Site Scripting via Switcher, Slider, and Iconbox Widgets vulnerability	6.5	3 minutes ago
Easy Digital Downloads<= 3.3.2 Authenticated (Admin+) Stored Cross-Site Scripting via Currency Settings vulnerability	5.9	8 minutes ago
HT Mega<= 2.5.5 WordPress HT Mega - Absolute Addons For Elementor plugin <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings vulnerability	6.5	9 minutes ago
Post and Page Builder by BoldGrid<= 1.26.6 Authenticated (Contributor+) Stored Cross-Site Scripting via File Upload vulnerability	6.5	10 minutes ago
Smart Online Order for Clover<= 1.5.6 Missing Authorization to Authenticated (Subscriber+) Plugin Data Update vulnerability	4.3	11 minutes ago
Elementor Addon Elements<= 1.13.6 Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability	6.5	12 minutes ago
Eventin<= 4.0.8 Authenticated (Contributor+) Local File Inclusion vulnerability	7.5	15 minutes ago
Geo Controller<= 8.6.9 Missing Authorization to Unauthenticated Shortcode Execution vulnerability	5.3	16 minutes ago
Ultimate Addons for WPBakery Page Builder<= 3.19.20 Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability	6.5	17 minutes ago
Ultimate Addons for WPBakery Page Builder<= 3.19.20 Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability	6.5	17 minutes ago
HelloAsso<= 1.1.10 Missing Authorization to Authenticated (Contributor+) Limited Options Update vulnerability	4.3	19 minutes ago
Ultimate Addons for WPBakery Page Builder<= 3.19.20 Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability	6.5	20 minutes ago
Enter Addons<= 2.1.8 Authenticated (Contributor+) Stored Cross-Site Scripting via Events Card Widget vulnerability	6.5	20 minutes ago
Ultimate Addons for WPBakery Page Builder<= 3.19.20 Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability	6.5	22 minutes ago
Community by PeepSo<= 6.4.5.0 Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability	5.9	23 minutes ago
WPBakery Page Builder<= 7.6 Authenticated (Contributor+) Stored Cross-Site Scripting via VC Single Image link attribute vulnerability	6.5	24 minutes ago