The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total48,915
Mitigations15,797
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
Ninja Forms File Uploads Extension<= 3.3.29
WordPress Ninja Forms - File Uploads plugin <= 3.3.29 - Unauthenticated Arbitrary File Read vulnerability
7.5
48 minutes ago
perfmatters<= 2.6.4
Unauthenticated Arbitrary File Read vulnerability
7.5
49 minutes ago
WP Review Slider Pro<= 12.7.2
Unauthenticated SQL Injection vulnerability
9.3
54 minutes ago
Blocksy Companion<= 2.1.46
Unauthenticated Arbitrary File Upload vulnerability
10
59 minutes ago
Divi Form Builder<= 5.1.8
Unauthenticated Arbitrary File Upload Leading to Remote Code Execution vulnerability
10
1 hour ago
Wappointment<= 2.7.6
Unauthenticated Insecure Direct Object Reference vulnerability
5.3
11 hours ago
Feedzy<= 5.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
11 hours ago
Product Video Gallery for Woocommerce<= 1.5.1.8
Authenticated (Shop Manager+) Stored Cross-Site Scripting vulnerability
5.9
11 hours ago
Groundhogg<= 4.5.8
Authenticated (Custom+) SQL Injection vulnerability
8.5
11 hours ago
My Calendar<= 3.7.14
Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure vulnerability
5.3
11 hours ago
LatePoint<= 5.6.2
Unauthenticated Insecure Direct Object Reference to Arbitrary Creation vulnerability
5.3
11 hours ago
Kirki<= 6.0.11
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
11 hours ago
Kirki<= 6.0.11
Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) vulnerability
5.3
11 hours ago
JoomSport<= 5.7.8
Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification vulnerability
4.3
12 hours ago
JetFormBuilder<= 3.6.3
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
5.3
12 hours ago
Shortcodes and extra features for Phlox theme<= 2.17.16
Cross Site Scripting (XSS) vulnerability
6.5
14 hours ago
HubSpot<= 11.3.51
Sensitive Data Exposure vulnerability
7.4
14 hours ago
Image Optimizer by Elementor<= 1.7.4
Authenticated (Author+) Arbitrary File Deletion vulnerability
6.8
14 hours ago
Insert Pages<= 3.11.4
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
14 hours ago
Email Subscribers & Newsletters<= 5.9.27
Missing Authorization to Authenticated (Contributor+) Settings Modification vulnerability
4.3
14 hours ago