Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
46,469
Mitigations
Mitigation rules
15,071
No official patch
13,382
In triage
1,444
Published soon
3
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
HT Mega
< 3.0.7
Unauthenticated PII Disclosure vulnerability
7.5
1 day ago
Drag and Drop File Upload for Contact Form 7
<= 1.1.3
Unauthenticated Arbitrary File Upload vulnerability
8.1
1 day ago
reCaptcha by WebDesignBy
< 2.0
Admin+ Stored XSS vulnerability
5.9
1 day ago
ITERAS
<= 1.8.2
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
HubSpot
<= 11.3.32
Forms, Popups, Live Chat plugin <= 11.3.32 - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin Disclosure vulnerability
4.3
1 day ago
Liaison Site Prober
<= 1.2.1
Missing Authorization to Unauthenticated Information Exposure in '/logs' REST API Endpoint vulnerability
5.3
1 day ago
Taqnix
<= 1.0.3
Cross-Site Request Forgery to Account Deletion vulnerability
4.3
1 day ago
Books Gallery
<= 4.8.0
Missing Authorization to Unauthenticated Settings Update vulnerability
5.3
1 day ago
Royal Elementor Addons
<= 1.7.1056
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
2 days ago
Booking Calendar Contact Form
<= 1.2.63
Authenticated (Subscriber+) Insecure Direct Object Reference to Calendar Takeover vulnerability
4.3
2 days ago
ExactMetrics
<= 9.1.2
Authenticated (Subscriber+) Missing Authorization to Google Ads Access Token Retrieval vulnerability
4.3
2 days ago
BetterDocs
<= 4.3.11
Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API Usage vulnerability
4.3
2 days ago
MaxiBlocks
<= 2.1.8
Missing Authorization to Authenticated (Author+) Media File Deletion vulnerability
3.8
2 days ago
WP Time Slots Booking Form
<= 1.2.46
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Kapee
< 1.7.1
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
MasterStudy LMS Pro
< 4.7.16
Broken Access Control vulnerability
6.5
2 days ago
Learnify
<= 1.15.0
Local File Inclusion vulnerability
8.1
2 days ago
Bookify
<= 1.1.1
Broken Access Control vulnerability
6.5
2 days ago
ProfilePress
<= 4.16.13
Cross Site Scripting (XSS) vulnerability
6.5
2 days ago
WP SMS
<= 7.2.1
Sensitive Data Exposure vulnerability
6.5
2 days ago
Load more