Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,828
Mitigations
Mitigation rules
13,214
No official fix
10,090
In triage
1,478
Published soon
72
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Auto Featured Image (Auto Post Thumbnail)
<= 4.2.1
Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification vulnerability
4.3
9 minutes ago
Dokan Pro
<= 4.1.3
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
26 minutes ago
LearnPress
<= 4.3.1
Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability
5.3
36 minutes ago
Modula Image Gallery
<= 2.13.3
Missing Authorization to Authenticated (Author+) Arbitrary Gallery Modification vulnerability
4.3
53 minutes ago
OneSignal – Web Push Notifications
<= 3.6.1
Missing Authorization to Unauthenticated Plugin Settings Update vulnerability
5.3
1 hour ago
FluentAuth – The Ultimate Authorization & Security Plugin for WordPress
<= 2.0.3
WordPress FluentAuth - Auth Security Plugin plugin <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluent_auth_reset_password' Shortcode vulnerability
6.5
1 hour ago
RegistrationMagic
<= 6.0.6.7
Authenticated (Contributor+) Stored Cross-Site Scripting via 'RM_Forms' Shortcode vulnerability
6.5
1 hour ago
CC Child Pages
<= 2.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'child_pages' Shortcode vulnerability
6.5
1 hour ago
User Registration
<= 4.4.6
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
1 hour ago
Filebird
<= 6.5.1
Missing Authorization to Authenticated (Author+) Global Folders Tampering vulnerability
4.3
1 hour ago
Lightweight Accordion
<= 1.5.20
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
5 hours ago
Elementor Addon Elements
<= 1.14.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
6 hours ago
HandL UTM Grabber
<= 2.8.0
Reflected Cross-Site Scripting vulnerability
7.1
6 hours ago
JetWidgets For Elementor
<= 1.0.20
Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets vulnerability
6.5
6 hours ago
MinimogWP
<= 3.9.6
Local File Inclusion vulnerability
7.5
2 days ago
Restrict Elementor Widgets, Columns and Sections
<= 1.12
Broken Access Control vulnerability
4.3
2 days ago
Turitor
< 1.5.3
Local File Inclusion vulnerability
7.5
2 days ago
Digiqole
< 2.2.7
Local File Inclusion vulnerability
7.5
2 days ago
Brizy
<= 2.7.16
Authenticated (Contributor+) Sensitive Information Exposure via get_users Function vulnerability
6.5
2 days ago
King Addons for Elementor
<= 51.1.39
Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
6.5
2 days ago
Load more