Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,408
Mitigations
Mitigation rules
14,671
No official patch
11,207
In triage
1,321
Published soon
31
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
EmailKit
<= 1.6.3
Authenticated (Administrator+) Path Traversal via 'emailkit-editor-template' REST API Parameter vulnerability
4.9
1 day ago
Contact List
<= 3.0.18
Authenticated (Contributor+) Stored Cross-Site Scripting via '_cl_map_iframe' Parameter vulnerability
6.5
1 day ago
Keep Backup Daily
<= 2.1.2
Authenticated (Admin+) Stored Cross-Site Scripting via Backup Title vulnerability
5.9
1 day ago
Keep Backup Daily
<= 2.1.1
Authenticated (Admin+) Limited Path Traversal via 'kbd_path' Parameter vulnerability
2.7
1 day ago
Alt Manager
<= 1.8.2
Authenticated (Author+) Stored Cross-Site Scripting via Post Title vulnerability
5.9
1 day ago
Kargo Takip
< 0.2.4
Broken Access Control vulnerability
6.5
2 days ago
WP Terms Popup
<= 2.10.0
Broken Access Control vulnerability
7.5
2 days ago
Bit SMTP
<= 1.2.2
Broken Authentication vulnerability
9
2 days ago
RewardsWP
<= 1.0.4
Privilege Escalation vulnerability
9.8
2 days ago
Lumise Product Designer
< 2.0.9
SQL Injection vulnerability
9.3
2 days ago
Spam Protect for Contact Form 7
<= 1.2.9
Arbitrary File Deletion vulnerability
6.8
2 days ago
RegistrationMagic
<= 6.0.7.6
Broken Access Control vulnerability
7.5
2 days ago
ChatBot
<= 7.7.9
SQL Injection vulnerability
9.3
2 days ago
Petitioner
<= 0.7.3
Broken Access Control vulnerability
6.5
2 days ago
Kiddy
<= 2.0.8
Local File Inclusion vulnerability
8.1
2 days ago
JS Archive List
<= 6.1.7
PHP Object Injection vulnerability
8.8
2 days ago
Miraculous
< 2.1.2
Broken Access Control vulnerability
7.5
2 days ago
WooCommerce Support Ticket System
< 18.5
Arbitrary File Deletion vulnerability
8.6
2 days ago
Abandoned Cart Recovery for WooCommerce
<= 1.1.10
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
Miraculous Core Plugin
< 2.1.2
SQL Injection vulnerability
8.5
2 days ago
Load more