Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,865
Mitigations
Mitigation rules
13,238
No official fix
10,062
In triage
1,596
Published soon
0
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Slimstat Analytics
<= 5.3.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
7 hours ago
Html5 Audio Player
2.4.0-2.5.1
Unauthenticated Server-Side Request Forgery vulnerability
7.2
7 hours ago
Hummingbird
<= 3.18.0
Unauthenticated Sensitive Information Exposure via Log File vulnerability
7.5
7 hours ago
Image Photo Gallery Final Tiles Grid
<= 3.6.7
Missing Authorization to Authenticated (Contributor+) Gallery Management vulnerability
5.4
16 hours ago
myCred
<= 2.9.7.1
Missing Authorization to Sensitive Information Exposure vulnerability
4.3
16 hours ago
Colibri Page Builder
<= 1.0.345
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
16 hours ago
BA Book Everything
<= 1.8.14
Authenticated (Contributor+) Stored Cross-Site Scripting via babe-search-form Shortcode vulnerability
6.5
16 hours ago
Simply Schedule Appointments
<= 1.6.9.16
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
17 hours ago
Sweet Energy Efficiency
<= 1.0.6
Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion vulnerability
4.3
17 hours ago
Prime Slider – Addons For Elementor
<= 4.0.9
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
4.3
17 hours ago
HUSKY
<= 1.3.7.3
Authenticated (Subscriber+) Insecure Direct Object Reference via 'woof_add_subscr' vulnerability
4.3
18 hours ago
Ultimate Member
<= 2.11.0
Authenticated (Subscriber+) Stored Cross-Site Scripting via 'value' vulnerability
6.5
1 day ago
Demo Importer Plus
<= 2.0.8
Missing Authorization to Authenticated (Subscriber+) Site Reset and Privilege Escalation vulnerability
8.8
1 day ago
OpenID Connect Generic Client
<= 3.10.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
1 day ago
NextGEN Gallery
<= 3.59.12
Authenticated (Contributor+) Local File Inclusion via 'template' vulnerability
8.8
1 day ago
Events Manager
<= 7.2.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'events_list_grouped' Shortcode vulnerability
6.5
1 day ago
Embed Any Document
<= 2.7.10
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Page Builder: Live Composer
<= 2.0.2
Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Ultimate Member
<= 2.11.0
Authenticated (Subscriber+) Profile Privacy Setting Bypass vulnerability
4.3
1 day ago
HTML Forms
<= 1.6.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 days ago
Load more