Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
40,088
Mitigations
Mitigation rules
14,934
No official patch
11,320
In triage
1,372
Published soon
8
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Quick Interest Slider
<= 3.1.5
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
22 minutes ago
Visa Acceptance Solutions
<= 2.1.0
Unauthenticated Authentication Bypass via Billing Email vulnerability
9.8
25 minutes ago
Accessibly – WordPress Website Accessibility
<= 3.0.3
Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Widget Source Injection via REST API vulnerability
7.1
26 minutes ago
Age Verification & Identity Verification by Token of Trust
<= 3.32.3
Unauthenticated Stored Cross-Site Scripting via 'description' Parameter vulnerability
7.1
30 minutes ago
Eleganzo
<= 1.2
Authenticated (Subscriber+) Arbitrary Directory Deletion vulnerability
6.5
32 minutes ago
Login as User
<= 1.0.1
Authenticated (Subscriber+) Privilege Escalation via 'oclaup_original_admin' Cookie vulnerability
8.8
35 minutes ago
WebStack
<= 1.2024
Unauthenticated Arbitrary File Upload vulnerability
10
38 minutes ago
MetForm Pro
<= 3.9.7
Unauthenticated Payment Amount Manipulation via 'mf-calculation' vulnerability
5.3
9 hours ago
Coachific Shortcode
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'userhash' Shortcode Attribute vulnerability
6.5
9 hours ago
WP Circliful
<= 1.2
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
9 hours ago
WM JqMath
<= 1.3
Authenticated (Contributor+) Stored Cross-Site Scripting via 'style' Shortcode Attribute vulnerability
6.5
9 hours ago
Katalogportal-pdf-sync Widget
<= 1.0.0
Missing Authorization to Authenticated (Subscriber+) Information Disclosure via 'katalogportal_shortcodePrinter' AJAX Action vulnerability
5.3
9 hours ago
OPEN-BRAIN
<= 0.5.0
Cross-Site Request Forgery vulnerability
4.3
9 hours ago
Petje.af
<= 2.1.8
Cross-Site Request Forgery to Account Deletion via 'petjeaf_disconnect' AJAX Action vulnerability
4.3
9 hours ago
e-shot
<= 1.0.2
Missing Authorization to Authenticated (Subscriber+) Form Settings Modification via AJAX vulnerability
5.3
9 hours ago
Power Charts
<= 0.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
9 hours ago
VI: Include Post By
<= 0.4.200706
Authenticated (Contributor+) Stored Cross-Site Scripting via 'class_container' Shortcode Attribute vulnerability
6.5
9 hours ago
Advanced Custom Fields
<= 6.7.0
Unauthenticated Missing Authorization to Arbitrary Post/Page Disclosure via AJAX Field Query Parameters vulnerability
5.3
10 hours ago
Fusion Builder
<= 3.15.1
Authenticated (Subscriber+) Sensitive Information Exposure via Insecure Direct Object Reference vulnerability
4.3
10 hours ago
Fusion Builder
<= 3.15.1
Authenticated (Subscriber+) Limited Arbitrary WordPress Action Execution vulnerability
5.4
10 hours ago
Load more