Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,439
Mitigations
Mitigation rules
13,770
No official fix
10,766
In triage
1,259
Published soon
1
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Shortcodes Ultimate
<= 7.4.5
Authenticated (Administrator+) Server-Side Request Forgery vulnerability
5.5
1 minute ago
Booking Calendar
<= 10.14.6
Authenticated (Contributor+) Stored Cross-Site Scripting via bookingcalendar Shortcode vulnerability
6.5
3 minutes ago
Funnel Builder by FunnelKit
<= 3.13.1.2
Authenticated (Contributor+) Stored Cross-Site Scripting via wfop_phone Shortcode vulnerability
6.5
6 minutes ago
Survey Maker
<= 5.1.9.4
Missing Authorization to Unauthenticated Limited Option Update vulnerability
5.3
8 minutes ago
Ultimate Blocks
<= 3.2.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 minutes ago
SurveyJS
<= 1.12.20
Cross-Site Request Forgery to Survey Creation vulnerability
4.3
14 minutes ago
Contentstudio
<= 1.3.7
Cross-Site Request Forgery to Settings Update vulnerability
4.3
16 minutes ago
SurveyJS
<= 1.12.20
Cross-Site Request Forgery to Survey Renaming vulnerability
4.3
16 minutes ago
SurveyJS
<= 1.12.20
Cross-Site Request Forgery to Survey Deletion vulnerability
4.3
16 minutes ago
SurveyJS
<= 1.12.20
Cross-Site Request Forgery to Survey Cloning vulnerability
4.3
17 minutes ago
Shortcodes and extra features for Phlox theme
<= 2.17.13
Unauthenticated Draft Posts Information Exposure vulnerability
5.3
18 minutes ago
Ultimate Member
<= 2.11.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
19 minutes ago
CodeConfig Accessibility
<= 1.0.2
Authenticated (Subscriber+) Missing Authorization to Modify Accessibility Settings vulnerability
4.3
19 minutes ago
CRM Memberships
<= 2.5
Missing Authorization to Unauthenticated 'ntzcrm_add_new_tag' AJAX Action vulnerability
5.3
20 minutes ago
Quantic Social Image Hover
<= 1.0.8
Cross-Site Request Forgery to Settings Update vulnerability
4.3
21 minutes ago
Web to SugarCRM Lead
<= 1.0.0
Cross-Site Request Forgery to Custom Field Deletion vulnerability
4.3
22 minutes ago
Norby AI
<= 1.0.3
Cross-Site Request Forgery to Settings Update vulnerability
4.3
24 minutes ago
Featured Image from URL
<= 5.3.1
Authenticated (Contributor+) Server-Side Request Forgery via 'fifu_input_url' vulnerability
4.3
25 minutes ago
Premmerce Wishlist for WooCommerce
<= 1.1.10
Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist Deletion vulnerability
4.3
26 minutes ago
SSP Debug
<= 1.0.0
Unauthenticated Sensitive Information Exposure vulnerability
5.3
26 minutes ago
Load more