The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total48,862
Mitigations15,764
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
YouTube Showcase<= 4.0.3
Authenticated (Subscriber+) Arbitrary Function Call vulnerability
7.5
38 minutes ago
WP Photo Album Plus<= 9.1.13.005
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
11 hours ago
MotoPress Appointment Booking<= 2.4.5
Authenticated (Staff+) SQL Injection vulnerability
8.5
13 hours ago
RegistrationMagic<= 6.0.9.1
Cross-Site Request Forgery to Privilege Escalation vulnerability
8.8
13 hours ago
Slim SEO<= 4.9.8
Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure vulnerability
4.3
14 hours ago
Qi Blocks<= 1.4.9
Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Style Modification vulnerability
4.3
14 hours ago
Motors<= 1.4.111
Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Modification vulnerability
4.3
14 hours ago
LearnPress<= 4.4.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
Download Manager<= 3.3.60
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
GiveWP<= 4.15.3
Cross-Site Request Forgery vulnerability
4.3
16 hours ago
Appointment Booking Calendar<= 1.4.02
Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure vulnerability
4.3
17 hours ago
Contact Form by WPForms<= 1.10.2
Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection vulnerability
5.3
17 hours ago
JetWidgets For Elementor<= 1.0.21
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
17 hours ago
Event Organiser<= 3.12.9
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
17 hours ago
FV Flowplayer Video Player<= 7.5.51.7212
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
18 hours ago
Kali Forms<= 2.4.13
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
18 hours ago
Tutor LMS<= 3.9.13
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
18 hours ago
Gutenberg Blocks by Kadence Blocks<= 3.7.7
Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Optimizer Data Deletion/Read/Modification vulnerability
4.3
18 hours ago
GiveWP<= 4.16.0
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
18 hours ago
JoomSport<= 5.7.8
Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Deletion vulnerability
4.3
18 hours ago