Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,584
Mitigations
Mitigation rules
14,128
No official patch
10,975
In triage
1,272
Published soon
6
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Smartsupp – live chat, chatbots, AI and lead generation
<= 3.9.1
WordPress Smartsupp - live chat, AI shopping assistant and chatbots plugin <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
WooCommerce Checkout Manager
<= 7.8.1
Unauthenticated Limited File Upload vulnerability
5.3
1 day ago
Aruba HiSpeed Cache
<= 3.0.2
Missing Authorization to Unauthenticated Plugin's Settings Modification vulnerability
6.5
1 day ago
Aruba HiSpeed Cache
<= 3.0.2
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
Ultimate Member
<= 2.11.1
Reflected Cross-Site Scripting via Filter Parameters vulnerability
7.1
1 day ago
wpForo Forum
<= 2.4.14
Unauthenticated Time-Based SQL Injection vulnerability
9.3
1 day ago
WooCommerce Product Table Lite
<= 4.6.2
Unauthenticated Time-Based SQL Injection via 'search' Parameter vulnerability
9.3
1 day ago
Master Addons for Elementor
<= 2.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text' vulnerability
6.5
1 day ago
Quiz Maker
<= 6.7.1.7
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
1 day ago
Ally
<= 4.0.2
Broken Access Control vulnerability
5.3
2 days ago
Advanced AJAX Product Filters
<= 3.1.9.6
Authenticated (Author+) PHP Object Injection via Live Composer Compatibility vulnerability
8.8
2 days ago
Brevo
<= 3.3.0
Unauthenticated Authorization Bypass via Type Juggling vulnerability
6.5
2 days ago
Blog2Social
<= 8.7.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification vulnerability
6.5
2 days ago
Shield Security
<= 21.0.8
Cross-Site Request Forgery to SQL Injection vulnerability
9.3
2 days ago
WooCommerce Checkout Manager
<= 7.8.5
Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability
7.5
2 days ago
Prodigy Commerce
<= 3.2.9
Unauthenticated Local File Inclusion via parameters[template_name] vulnerability
8.1
2 days ago
URL Shortify
<= 1.12.3
Server Side Request Forgery (SSRF) vulnerability
5.5
2 days ago
Orderable
<= 1.20.0
Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Installation vulnerability
8.8
2 days ago
WP-Lister Lite for eBay
<= 3.8.5
Broken Access Control vulnerability
5.3
2 days ago
Two Factor (2FA) Authentication via Email
<= 1.9.8
Two-Factor Authentication Bypass via token vulnerability
6.5
2 days ago
Load more