The leading open source vulnerability database

Patchstack finds & mitigates vulnerabilities in websites. Connect your sites for FREE to see if they are exposed to any vulnerabilities.

See pricing

Rated 4.6

Total35,194

Mitigation rules13,107

No official fix9,832

In triage1,347

Published soon27

WordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
AI Feeds<= 1.0.11 Unauthenticated Arbitrary File Upload vulnerability	10	7 hours ago
CIBELES AI<= 1.10.8 Unauthenticated Arbitrary File Upload vulnerability	10	7 hours ago
Sneeit Framework<= 8.3 Unauthenticated Remote Code Execution in sneeit_articles_pagination_callback vulnerability	10	7 hours ago
Search Exclude<= 2.5.7 Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST API vulnerability	4.3	15 hours ago
Wishlist for WooCommerce<= 1.0.9 Insecure Direct Object Reference to Unauthenticated Wishlist Manipulation vulnerability	6.5	1 day ago
ProjectList<= 0.3.0 Authenticated (Editor+) Arbitrary File Upload vulnerability	9.1	1 day ago
Job Board by BestWebSoft<= 1.2.1 Cross-Site Request Forgery to Stored Cross-Site Scripting via $_GET Array Storage vulnerability	7.1	1 day ago
AI Engine for WordPress: ChatGPT, GPT Content Generator<= 1.0.1 Authenticated (Contributor+) Arbitrary File Read vulnerability	6.5	1 day ago
Telegram Bot & Channel<= 4.1 Unauthenticated Stored Cross-Site Scripting via Telegram Username vulnerability	7.1	1 day ago
WavePlayer<= 3.7.0 Unauthenticated Arbitrary File Upload vulnerability	10	1 day ago
EduKart Pro<= 1.0.3 Unauthenticated Privilege Escalation vulnerability	9.8	1 day ago
Attention Bar<= 0.7.2.1 Authenticated (Contributor+) SQL Injection vulnerability	8.5	1 day ago
OrderConvo<= 14 Missing Authorization to Unauthenticated Information Disclosure vulnerability	5.3	1 day ago
OrderConvo<= 14 Missing Authorization to Unauthenticated User Impersonation in Order Messages vulnerability	4.3	1 day ago
Chamber Dashboard Business Directory<= 3.3.11 Missing Authorization to Unauthenticated Business Information Export vulnerability	5.3	1 day ago
Refund Request for WooCommerce<= 1.0 Missing Authorization to Authenticated (Subscriber+) Refund Status Update vulnerability	5.4	1 day ago
Locker Content<= 1.0.0 Unauthenticated Information Exposure vulnerability	5.3	1 day ago
Frontend File Manager<= 23.4 Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming vulnerability	5.4	1 day ago
Social Images Widget<= 2.1 Missing Authorization to Unauthenticated Arbitrary Plugin Settings Deletion vulnerability	5.3	1 day ago
Autochat Automatic Conversation<= 1.1.9 Missing Authorization to Unauthenticated Settings Update vulnerability	5.3	1 day ago