Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,581
Mitigations
Mitigation rules
14,124
No official patch
10,976
In triage
1,271
Published soon
11
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Aruba HiSpeed Cache
<= 3.0.2
Missing Authorization to Unauthenticated Plugin's Settings Modification vulnerability
6.5
1 hour ago
Aruba HiSpeed Cache
<= 3.0.2
Reflected Cross-Site Scripting vulnerability
7.1
1 hour ago
Ultimate Member
<= 2.11.1
Reflected Cross-Site Scripting via Filter Parameters vulnerability
7.1
1 hour ago
wpForo Forum
<= 2.4.14
Unauthenticated Time-Based SQL Injection vulnerability
9.3
2 hours ago
WooCommerce Product Table Lite
<= 4.6.2
Unauthenticated Time-Based SQL Injection via 'search' Parameter vulnerability
9.3
2 hours ago
Master Addons for Elementor
<= 2.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text' vulnerability
6.5
10 hours ago
Quiz Maker
<= 6.7.1.7
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
10 hours ago
Advanced AJAX Product Filters
<= 3.1.9.6
Authenticated (Author+) PHP Object Injection via Live Composer Compatibility vulnerability
8.8
20 hours ago
Brevo
<= 3.3.0
Unauthenticated Authorization Bypass via Type Juggling vulnerability
6.5
21 hours ago
Blog2Social
<= 8.7.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification vulnerability
6.5
21 hours ago
Shield Security
<= 21.0.8
Cross-Site Request Forgery to SQL Injection vulnerability
9.3
21 hours ago
WooCommerce Checkout Manager
<= 7.8.5
Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability
7.5
23 hours ago
Prodigy Commerce
<= 3.2.9
Unauthenticated Local File Inclusion via parameters[template_name] vulnerability
8.1
23 hours ago
Orderable
<= 1.20.0
Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Installation vulnerability
8.8
1 day ago
Two Factor (2FA) Authentication via Email
<= 1.9.8
Two-Factor Authentication Bypass via token vulnerability
6.5
1 day ago
Library Management System
<= 3.2.1
Unauthenticated SQL Injection vulnerability
9.3
1 day ago
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent
<= 4.1.2
Missing Authorization to Sensitive Information Exposure vulnerability
7.5
1 day ago
Video Conferencing with Zoom
< 4.6.6
Unauthenticated SDK Signature Generation vulnerability
7.5
1 day ago
WP Ultimate CSV Importer
<= 7.37
WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin <= 7.37 - Authenticated (Subscriber+) SQL Injection via File Name vulnerability
8.5
1 day ago
s2Member
<= 260127
Unauthenticated Privilege Escalation via Account Takeover vulnerability
9.8
1 day ago
Load more