Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
46,861
Mitigations
Mitigation rules
15,193
No official patch
13,394
In triage
1,547
Published soon
7
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Custom Twitter Feeds (Tweets Widget)
<= 2.5.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
1 hour ago
ProfileGrid
<= 5.9.8.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Group Joining vulnerability
7.1
1 hour ago
Fusion Builder
<= 3.15.1
Unauthenticated SQL Injection vulnerability
9.3
1 hour ago
Fusion Builder
<= 3.15.2
Authenticated (Subscriber+) Arbitrary File Read vulnerability
6.5
1 hour ago
Court Reservation
<= 1.10.11
Unauthenticated SQL Injection vulnerability
9.3
1 hour ago
coreActivity: Activity Logging plugin for WordPress
<= 3.0
Unauthenticated PHP Object Injection vulnerability
8.1
2 hours ago
ProfileGrid
<= 5.9.8.4
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
2 hours ago
Tutor LMS
<= 3.9.9
Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Post Deletion vulnerability
5.3
18 hours ago
Woocommerce Support System
<= 1.3.0
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
18 hours ago
Hustle
<= 7.8.10.1
Broken Access Control vulnerability
5.3
19 hours ago
Cost of Goods for WooCommerce
<= 4.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
20 hours ago
Charitable
<= 1.8.10.4
Authenticated (Custom+) SQL Injection vulnerability
6.5
20 hours ago
Broadstreet Ads
<= 1.53.1
Missing Authorization to Authenticated (Subscriber+) Advertiser Creation vulnerability
4.3
20 hours ago
Broadstreet Ads
<= 1.53.1
Authenticated (Subscriber+) Information Disclosure vulnerability
5.3
20 hours ago
Broadstreet Ads
<= 1.53.1
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
5.9
20 hours ago
Blog2Social
<= 8.9.0
Missing Authorization to Authenticated (Subscriber+) Delete Arbitrary B2S Post Records vulnerability
5.4
20 hours ago
Cost Calculator Builder
<= 4.0.1
Unauthenticated Price Manipulation and Insecure Direct Object Reference vulnerability
5.3
20 hours ago
LifePress
<= 2.2.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
1 day ago
WP Google Maps Integration
<= 1.2
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
AzonPost
<= 1.3
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
Load more