The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total49,025
Mitigations15,829
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
Printcart Web to Print Product Designer for WooCommerce<= 2.5.2
Unauthenticated Arbitrary File Deletion vulnerability
8.6
19 hours ago
AR For Woocommerce<= 8.40
Unauthenticated Path Traversal to Arbitrary File Read vulnerability
7.5
19 hours ago
AR For WordPress<= 8.40
Unauthenticated Arbitrary File Read vulnerability
7.5
19 hours ago
Ninja Forms File Uploads Extension<= 3.3.29
WordPress Ninja Forms - File Uploads plugin <= 3.3.29 - Unauthenticated Arbitrary File Read vulnerability
7.5
4 days ago
perfmatters<= 2.6.4
Unauthenticated Arbitrary File Read vulnerability
7.5
4 days ago
WP Review Slider Pro<= 12.7.2
Unauthenticated SQL Injection vulnerability
9.3
4 days ago
Blocksy Companion<= 2.1.46
Unauthenticated Arbitrary File Upload vulnerability
10
4 days ago
Divi Form Builder<= 5.1.8
Unauthenticated Arbitrary File Upload Leading to Remote Code Execution vulnerability
10
4 days ago
PrivateContent<= 9.9.2
Privilege Escalation vulnerability
9.8
5 days ago
Ninja Forms<= 3.14.1
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
5 days ago
BookingPress Appointment Booking Pro<= 5.7.1
Unauthenticated SQL Injection vulnerability
9.3
5 days ago
WP-BusinessDirectory<= 4.0.1
Unauthenticated Arbitrary File Deletion vulnerability
8.6
5 days ago
Taskbuilder<= 5.0.8
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
5 days ago
Taskbuilder<= 5.0.8
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
5 days ago
Visualizer<= 4.0.3
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
5 days ago
SMS Alert Order Notifications<= 3.9.5
Unauthenticated Privilege Escalation vulnerability
9.8
5 days ago
YouTube Showcase<= 4.0.3
Authenticated (Subscriber+) Arbitrary Function Call vulnerability
7.5
5 days ago
EventON<= 5.0.11
WordPress EventON (Pro) - WordPress Virtual Event Calendar Plugin plugin <= 5.0.11 - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection vulnerability
9.3
6 days ago
Export User Data<= 2.2.6
Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion vulnerability
8
6 days ago
ProfileGrid <= 5.9.9.5
User Profiles, Groups and Communities plugin <= 5.9.9.5 - User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation vulnerability
9.8
6 days ago