Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,785
Mitigations
Mitigation rules
13,557
No official fix
10,543
In triage
1,101
Published soon
29
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
PAYGENT for WooCommerce
<= 2.4.6
Missing Authorization to Unauthenticated Payment Callback Manipulation vulnerability
5.3
9 hours ago
Integrate Dynamics 365 CRM
<= 1.1.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration vulnerability
5.9
9 hours ago
Advanced Ads
<= 2.0.15
WordPress Advanced Ads - Ad Manager & AdSense plugin <= 2.0.15 - Authenticated (Admin+) SQL Injection vulnerability
7.6
9 hours ago
Spin Wheel
<= 2.1.0
Unauthenticated Client-Side Prize Manipulation via 'prize_index' Parameter vulnerability
5.3
9 hours ago
CM Email Registration Blacklist and Whitelist
<= 1.6.2
Authenticated (Administrator+) Stored Cross-Site Scripting via 'black_email' Parameter vulnerability
5.9
9 hours ago
Team Section Block
<= 2.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Social Network Link vulnerability
6.5
9 hours ago
Community Events
<= 1.5.6
Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter vulnerability
5.3
9 hours ago
Phrase TMS Integration for WordPress
<= 4.7.5
Missing Authorization to Authenticated (Subscriber+) Log Deletion vulnerability
5.4
9 hours ago
User Registration Using Contact Form 7
<= 2.5
Authenticated (Subscriber+) Information Exposure vulnerability
5.3
9 hours ago
Church Admin
<= 5.0.28
Authenticated (Administrator+) Blind Server-Side Request Forgery via 'audio_url' Parameter vulnerability
4.4
9 hours ago
RepairBuddy
<= 4.1116
Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Signature Upload to Orders vulnerability
5.3
9 hours ago
Filr
<= 1.2.11
WordPress Filr - Secure document library plugin <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML Upload vulnerability
5.9
9 hours ago
Modular DS
2.5.2
Privilege Escalation vulnerability
10
13 hours ago
WP RSS Aggregator
<= 5.0.10
WordPress RSS Aggregator - RSS Import, News Feeds, Feed to Post, and Autoblogging plugin <= 5.0.10 - Reflected Cross-Site Scripting via className vulnerability
7.1
1 day ago
Awesome Support
<= 6.3.6
WordPress Awesome Support - WordPress HelpDesk & Support Plugin plugin <= 6.3.6 - Missing Authorization to Unauthenticated Role Demotion vulnerability
6.5
1 day ago
Supreme Modules Lite
<= 2.5.62
Authenticated (Author+) Arbitrary File Upload via JSON Upload Bypass vulnerability
9.1
1 day ago
AffiliateX
1.0.0-1.3.9.3
Authenticated (Subscriber+) Missing Authorization to Stored Cross-Site Scripting
6.5
1 day ago
Restrict Content
<= 3.2.16
WordPress Membership Plugin - Restrict Content plugin <= 3.2.16 - Missing Authentication to Insecure Direct Object Reference and Sensitive Information Exposure vulnerability
7.5
1 day ago
Cost Calculator Builder
<= 3.6.9
Missing Authorization to Unauthenticated Payment Status Bypass vulnerability
5.3
1 day ago
User Submitted Posts
<= 20260110
Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode vulnerability
6.5
1 day ago
Load more