Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,070
Mitigations
Mitigation rules
13,661
No official fix
10,686
In triage
1,141
Published soon
12
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Moderate Selected Posts
<= 1.4
Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
1 day ago
All-in-One Video Gallery
4.1.0-4.6.4
Missing Authorization to Authenticated (Subscriber+) Limited User Meta Update vulnerability
5.4
1 day ago
CM CSS Columns
<= 1.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag' Shortcode Attribute vulnerability
6.5
1 day ago
AdminQuickbar
<= 1.9.3
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
Canto Testimonials
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'fx' Shortcode Attribute vulnerability
6.5
1 day ago
GZSEO
<= 2.0.11
Authenticated (Contributor+) Authorization Bypass to Stored Cross-Site Scripting vulnerability
6.5
1 day ago
WP-ClanWars
<= 2.0.1
Authenticated (Administrator+) SQL Injection via 'orderby' Parameter vulnerability
7.6
1 day ago
Login Page Editor
<= 1.2
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
ThemeRuby Multi Authors
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'before' and 'after' Shortcode Attributes vulnerability
6.5
1 day ago
Wizit Gateway for WooCommerce
<= 1.2.9
Missing Authentication to Unauthenticated Arbitrary Order Cancellation vulnerability
5.3
1 day ago
Set Bulk Post Categories
<= 1.1
Cross-Site Request Forgery to Bulk Post Category Update vulnerability
4.3
1 day ago
Alex User Counter
<= 6.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
Alpha Blocks
<= 1.5.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'alpha_block_css' Post Meta vulnerability
6.5
1 day ago
Star Review Manager
<= 1.2.2
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
Administrative Shortcodes
<= 0.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'login' and 'logout' Shortcode Attributes vulnerability
6.5
1 day ago
Administrative Shortcodes
<= 0.3.4
Authenticated (Contributor+) Local File Inclusion via 'slug' Shortcode Attribute vulnerability
7.5
1 day ago
ZT Captcha
<= 1.0.4
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
Cookie consent for developers
<= 1.7.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Multiple Settings Fields vulnerability
5.9
1 day ago
Wise Analytics
<= 1.1.9
Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter vulnerability
5.3
1 day ago
AIKTP
<= 5.0.04
Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions vulnerability
5.4
1 day ago
Load more