Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,738
Mitigations
Mitigation rules
14,272
No official patch
11,068
In triage
1,224
Published soon
95
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Planaday API
<= 11.4
Reflected Cross-Site Scripting vulnerability
7.1
13 hours ago
Cost Calculator Pro
<= 2.3.1
Unauthenticated Stored Cross-Site Scripting via 'customer_name' vulnerability
7.1
16 hours ago
Responsive Lightbox
< 2.6.1
Unauthenticated Stored XSS vulnerability
7.1
16 hours ago
Worry Proof Backup
<= 0.2.4
Authenticated (Subscriber+) Path Traversal via Backup Upload vulnerability
8.8
16 hours ago
User Registration
<= 5.1.2
Authentication Bypass vulnerability
8.1
16 hours ago
WP Responsive Images
<= 1.0
Unauthenticated Path Traversal to Arbitrary File Read via src vulnerability
7.5
17 hours ago
Advanced Woo Labels
<= 2.36
Authenticated (Contributor+) Remote Code Execution via 'callback' Parameter vulnerability
8.8
22 hours ago
User Registration
<= 5.1.2
Insecure Direct Object Reference to Unauthenticated Limited User Deletion vulnerability
5.3
1 day ago
TP2WP Importer
<= 1.1
Authenticated (Administrator+) Stored Cross-Site Scripting via 'Watched domains' Textarea vulnerability
5.9
1 day ago
WP Social Meta
<= 1.0.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings vulnerability
5.9
1 day ago
Custom Logo
<= 2.2
Authenticated (Administrator+) Stored Cross-Site Scripting via Logo Path Setting vulnerability
5.9
1 day ago
The Events Calendar
<= 6.15.16
Improper Authorization to Authenticated (Contributor+) Event/Organizer/Venue Update/Trash via REST API vulnerability
5.4
1 day ago
Geo Mashup
<= 1.13.17
Unauthenticated SQL Injection via 'sort' Parameter vulnerability
9.3
1 day ago
Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins.
<= 3.8.3
Missing Authorization to Unauthenticated Arbitrary Post Creation and Deletion via Forged Base64 Token vulnerability
7.5
1 day ago
Post Duplicator
<= 3.0.8
Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter vulnerability
4.3
2 days ago
WP Recipe Maker
<= 10.2.3
Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability
4.3
2 days ago
Disable Admin Notices individually
<= 1.4.2
WordPress Disable Admin Notices - Hide Dashboard Notifications plugin <= 1.4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
2 days ago
Secure Copy Content Protection and Content Locking
<= 5.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attribute vulnerability
6.5
2 days ago
Responsive Lightbox
<= 2.7.1
Authenticated (Author+) Server-Side Request Forgery via Remote Library Image Upload vulnerability
5
2 days ago
Rise Blocks
<= 3.7
WordPress Rise Blocks - A Complete Gutenberg Page Builder plugin <= 3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Identity Block Attributes vulnerability
6.5
2 days ago
Load more