Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,325
Mitigations
Mitigation rules
14,072
No official fix
10,918
In triage
1,460
Published soon
25
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Paytium
<= 4.3.7
Missing Authorization in 'create_mollie_account' vulnerability
7.1
48 minutes ago
MP-Ukagaka
<= 1.5.2
Reflected Cross-Site Scripting vulnerability
7.1
49 minutes ago
Paytium
<= 4.3.7
Missing Authorization in 'create_mollie_profile' vulnerability
7.1
57 minutes ago
Super Page Cache for Cloudflare
<= 5.2.2
Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability
7.1
58 minutes ago
Geo Widget
<= 1.0
Reflected Cross-Site Scripting vulnerability
7.1
1 hour ago
Address Bar Ads
<= 1.0.0
Reflected Cross-Site Scripting vulnerability
7.1
1 hour ago
StyleBidet
<= 1.0.0
Reflected Cross-Site Scripting vulnerability
7.1
1 hour ago
WP Maps
<= 4.8.6
Authenticated (Subscriber+) Limited Local File Inclusion vulnerability
8.8
1 hour ago
Super Simple Contact Form
<= 1.6.2
Reflected Cross-Site Scripting via 'sscf_name' Parameter vulnerability
7.1
1 hour ago
Zarinpal Gateway
<= 5.0.16
Improper Access Control to Payment Status Update vulnerability
7.7
1 hour ago
WowRevenue
<= 2.1.3
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation vulnerability
8.8
1 hour ago
Build App Online
<= 1.0.22
Account Takeover via Weak Password Reset Mechanism vulnerability
8.1
2 hours ago
EventPrime
<= 4.2.8.4
Missing Authorization to Unauthenticated Image Upload via 'ep_upload_file_media' AJAX Endpoint vulnerability
5.3
9 hours ago
Forminator
<= 1.50.2
WordPress Forminator Forms - Contact Form, Payment Form & Custom Form Builder plugin <= 1.50.2 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
10 hours ago
RegistrationMagic
< 6.0.7.2
Subscriber+ Form Creation vulnerability
4.3
10 hours ago
WP-Members
<= 3.4.8
Missing Authorization to Sensitive Information Exposure vulnerability
6.5
10 hours ago
Easy Social Feed
<= 6.5.2
Missing Authorization to Settings Modification vulnerability
4.3
13 hours ago
Backup Migration
<= 1.3.9
Authenticated (Admin+) OS Command Injection via url vulnerability
7.2
13 hours ago
Auto Featured Image (Auto Post Thumbnail)
<= 4.1.7
Authenticated (Author+) Server-Side Request Forgery vulnerability
6.4
13 hours ago
Paytium
<= 4.3.7
Missing Authorization in 'pt_cancel_subscription' vulnerability
5.4
14 hours ago
Load more