Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
40,094
Mitigations
Mitigation rules
14,934
No official patch
11,323
In triage
1,367
Published soon
1
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WCFM Marketplace
<= 3.7.1
SQL Injection vulnerability
7.6
43 minutes ago
Accept Cryptocurrencies with Plisio
<= 2.0.5
Payment Bypass vulnerability
7.5
48 minutes ago
Mini Ajax Cart for WooCommerce
<= 1.3.4
Cross Site Scripting (XSS) vulnerability
5.9
1 hour ago
YouTube Showcase
<= 3.5.1
Cross Site Scripting (XSS) vulnerability
6.5
1 hour ago
Smart Online Order for Clover
<= 1.6.0
Cross Site Request Forgery (CSRF) vulnerability
4.3
1 hour ago
Userpro
< 5.1.11
Cross Site Request Forgery (CSRF) vulnerability
4.3
1 hour ago
Quick Interest Slider
<= 3.1.5
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
3 hours ago
Visa Acceptance Solutions
<= 2.1.0
Unauthenticated Authentication Bypass via Billing Email vulnerability
9.8
3 hours ago
Accessibly – WordPress Website Accessibility
<= 3.0.3
Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Widget Source Injection via REST API vulnerability
7.1
3 hours ago
Age Verification & Identity Verification by Token of Trust
<= 3.32.3
Unauthenticated Stored Cross-Site Scripting via 'description' Parameter vulnerability
7.1
3 hours ago
Eleganzo
<= 1.2
Authenticated (Subscriber+) Arbitrary Directory Deletion vulnerability
6.5
3 hours ago
Login as User
<= 1.0.1
Authenticated (Subscriber+) Privilege Escalation via 'oclaup_original_admin' Cookie vulnerability
8.8
3 hours ago
WebStack
<= 1.2024
Unauthenticated Arbitrary File Upload vulnerability
10
3 hours ago
MetForm Pro
<= 3.9.7
Unauthenticated Payment Amount Manipulation via 'mf-calculation' vulnerability
5.3
12 hours ago
Coachific Shortcode
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'userhash' Shortcode Attribute vulnerability
6.5
12 hours ago
WP Circliful
<= 1.2
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
12 hours ago
WM JqMath
<= 1.3
Authenticated (Contributor+) Stored Cross-Site Scripting via 'style' Shortcode Attribute vulnerability
6.5
12 hours ago
Katalogportal-pdf-sync Widget
<= 1.0.0
Missing Authorization to Authenticated (Subscriber+) Information Disclosure via 'katalogportal_shortcodePrinter' AJAX Action vulnerability
5.3
12 hours ago
OPEN-BRAIN
<= 0.5.0
Cross-Site Request Forgery vulnerability
4.3
13 hours ago
Petje.af
<= 2.1.8
Cross-Site Request Forgery to Account Deletion via 'petjeaf_disconnect' AJAX Action vulnerability
4.3
13 hours ago
Load more