Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,599
Mitigations
Mitigation rules
14,780
No official patch
11,283
In triage
1,411
Published soon
77
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WPGraphQL
<= 2.9.1
Broken Access Control vulnerability
5.4
10 minutes ago
Woocommerce Custom Product Addons Pro
<= 5.4.1
Unauthenticated Remote Code Execution via Custom Pricing Formula vulnerability
10
1 hour ago
Contest Gallery
<= 28.1.5
Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion vulnerability
8.1
1 hour ago
JupiterX Core
<= 4.14.1
Authenticated (Subscriber+) Missing Authorization To Limited File Upload via Popup Template Import vulnerability
8.8
1 hour ago
WP Job Portal
<= 2.4.8
Unauthenticated SQL Injection via 'radius' Parameter vulnerability
9.3
1 hour ago
Product Filter by WBW
<= 3.1.2
Missing Authorization to Unauthenticated Filter Data Deletion via TRUNCATE TABLE vulnerability
6.5
1 hour ago
LearnDash LMS
<= 5.0.3
Authenticated (Contributor+) SQL Injection via 'filters[orderby_order]' Parameter vulnerability
8.5
2 hours ago
User Registration
<= 5.1.4
Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation vulnerability
5.4
2 hours ago
LearnPress
<= 4.3.2.8
Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Answer Deletion vulnerability
4.3
2 hours ago
Quiz And Survey Master
<= 10.3.5
Authenticated (Contributor+) SQL Injection via 'merged_question' Parameter vulnerability
8.5
2 hours ago
Smart Custom Fields
<= 5.0.6
Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Relational Post Search vulnerability
4.3
3 hours ago
King Addons for Elementor
<= 51.1.49
Unauthenticated API Keys Disclosure vulnerability
5.3
4 hours ago
Sina Extension for Elementor
<= 3.7.0
Authenticated (Contributor+) Stored Cross-Site Scripting via `Fancy Text Widget` And `Countdown Widget` vulnerability
6.5
4 hours ago
JetFormBuilder
<= 3.5.6.2
Unauthenticated Arbitrary File Read via Media Field vulnerability
7.5
9 hours ago
Shortcodes Blocks Creator Ultimate
<= 2.2.0
Reflected Cross-Site Scripting via 'page' vulnerability
7.1
10 hours ago
Shortcodes Blocks Creator Ultimate
<= 2.2.0
Reflected Cross-Site Scripting via _wpnonce vulnerability
7.1
10 hours ago
SEO Help
<= 6.1.3
Reflected Cross-Site Scripting vulnerability
7.1
10 hours ago
Video & Photo Gallery for Ultimate Member
<= 1.1.1
Reflected Cross-Site Scripting vulnerability
7.1
10 hours ago
ReviewX
<= 2.2.10
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.10 - Incorrect Authorization to Unauthenticated Information Exposure and Data Manipulation vulnerability
6.5
10 hours ago
Task Manager
<= 3.0.2
Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'task_id' Parameter vulnerability
6.5
10 hours ago
Load more