The leading open source vulnerability database

Patchstack finds & mitigates vulnerabilities in websites. Connect your sites for FREE to see if they are exposed to any vulnerabilities.

See pricing
Rated 4.6
Total34,947
Mitigation rules12,994
WordPress stats
CVSS0
10
Affected software | Vulnerability
Risk
Disclosed
New User Approve<= 3.0.9
Unauthenticated Sensitive Information Disclosure via Type Juggling vulnerability
5.3
1 minute ago
Royal Elementor Addons<= 1.7.1036
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
18 minutes ago
YITH WooCommerce Wishlist<= 4.10.0
Unauthenticated Wishlist Token Disclosure to Wishlist Item Deletion vulnerability
5.3
20 minutes ago
YITH WooCommerce Wishlist<= 4.10.0
Unauthenticated Insecure Direct Object Reference to Unauthenticated Wishlist Rename vulnerability
5.3
23 minutes ago
wModes<= 1.2.2
Missing Authorization to Sensitive Information Disclosure vulnerability
4.3
31 minutes ago
Pixel Manager for WooCommerce<= 1.49.2
Unauthenticated Information Exposure vulnerability
5.3
18 hours ago
Icon List Block<= 1.2.1
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
6.4
18 hours ago
AI Engine<= 3.1.8
Authenticated (Editor+) Server-Side Request Forgery vulnerability
5.5
18 hours ago
WP Duplicate Page<= 1.7
Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure vulnerability
4.3
18 hours ago
WP Migrate Lite<= 2.7.6
Unauthenticated Blind Server-Side Request Forgery vulnerability
7.2
18 hours ago
Enable SVG, WebP & ICO Upload<= 1.1.2
Authenticated (Author+) Arbitrary File Upload via ICO Upload Bypass vulnerability
9.1
18 hours ago
Enable SVG, WebP & ICO Upload<= 1.1.2
Authenticated (Author+) Stored Cross-Site Scripting via SVG File Uploads vulnerability
5.9
18 hours ago
Element Pack Elementor Addons<= 8.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map widget vulnerability
6.5
18 hours ago
Live sales notification for WooCommerce<= 2.3.39
Missing Authorization to Unauthenticated Customer Data Exposure vulnerability
7.5
18 hours ago
Cryptocurrency Payment Gateway for WooCommerce<= 2.0.22
Missing Authorization to Unauthenticated Tracking Status Update vulnerability
5.3
21 hours ago
Restrictions for BuddyPress<= 1.5.2
Missing Authorization to Unauthenticated Tracking Status Update vulnerability
5.3
22 hours ago
Simple User Import Export<= 1.1.7
Authenticated (Admin+) CSV Injection vulnerability
6.6
22 hours ago
WP Twitter Auto Publish<= 1.7.3
Reflected Cross-Site Scripting via PostMessage vulnerability
7.1
23 hours ago
Meta Display Block<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
23 hours ago
Photonic Gallery & Lightbox for Flickr, SmugMug & Others<= 3.21
Authenticated (Contributor+) Stored Cross-Site Scripting via Caption Attribute vulnerability
6.5
23 hours ago