Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,799
Mitigations
Mitigation rules
14,323
No official patch
11,114
In triage
1,236
Published soon
50
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WP User Frontend
<= 4.2.8
Authenticated (Author+) Arbitrary File Upload vulnerability
8.8
1 day ago
Fluent Forms Pro Add On Pack
<= 6.1.17
Missing Authorization to Unauthenticated Payment Status modification vulnerability
7.5
1 day ago
Listee
<= 1.1.6
Unauthenticated Privilege Escalation vulnerability
9.8
1 day ago
PKT1 Centro de envios
<= 1.2.1
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
Analytics Cat
<= 1.1.2
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
MailArchiver
<= 4.5.0
Authenticated (Admininistrator+) SQL Injection via 'logid' Parameter vulnerability
7.6
1 day ago
Japanized For WooCommerce
<= 2.8.4
Missing Authorization to Unauthenticated Paidy Order Manipulation vulnerability
5.3
1 day ago
Electric Enquiries
<= 1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'button' Shortcode Attribute vulnerability
6.5
1 day ago
WP Accessibility
<= 2.3.1
Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via 'alt' Attribute vulnerability
6.5
1 day ago
Simple Download Monitor
<= 4.0.5
Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field vulnerability
6.5
1 day ago
Xpro Elementor Addons
<= 1.4.24
WordPress Xpro Addons - 140+ Widgets for Elementor plugin <= 1.4.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Scroller Widget box link vulnerability
6.5
1 day ago
Automotive Car Dealership Business
<= 13.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields vulnerability
6.5
1 day ago
WP Recipe Maker
<= 10.3.2
Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter vulnerability
5.3
1 day ago
Good Energy
<= 1.7.7
PHP Object Injection vulnerability
9.8
2 days ago
LambertGroup - AllInOne - Banner with Thumbnails
<= 3.8
WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
LambertGroup - AllInOne - Content Slider
<= 3.8
WordPress LambertGroup - AllInOne - Content Slider plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
LambertGroup - AllInOne - Banner with Playlist
<= 3.8
WordPress LambertGroup - AllInOne - Banner with Playlist plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
AllInOne - Banner Rotator
<= 3.8
WordPress AllInOne - Banner Rotator plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Ultimate Learning Pro
<= 3.9.1
Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
WooCommerce License Manager
<= 7.0.6
Arbitrary File Upload vulnerability
9.1
2 days ago
Load more