Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,471
Mitigations
Mitigation rules
13,770
No official fix
10,776
In triage
1,258
Published soon
1
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Course Booking System
<= 6.1.5
Missing Authorization to Unauthenticated Booking Data Export vulnerability
5.3
1 hour ago
Return Refund and Exchange For WooCommerce
<= 4.5.5
Insecure Direct Object Reference to Authenticated (Subscriber+) Refund Request Cancellation vulnerability
4.3
1 hour ago
ELEX WordPress HelpDesk & Customer Ticketing System
<= 3.3.1
Missing Authorization to Authenticated (Subscriber+) Trash Empty vulnerability
4.3
1 hour ago
CubeWP
<= 1.1.27
Unauthenticated Information Exposure vulnerability
5.3
1 hour ago
EPROLO Dropshipping
<= 2.3.1
Missing Authorization to Authenticated (Subscriber+) Tracking Data Modification vulnerability
4.3
1 hour ago
Hide Categories Or Products On Shop Page
<= 1.0.7
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 hour ago
XCloner
<= 4.8.2
Cross-Site Request Forgery in Xcloner_Remote_Storage:save() vulnerability
4.3
1 hour ago
Omnipress
<= 1.6.5
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
1 hour ago
Webcake
<= 1.1
Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
4.3
1 hour ago
Bread & Butter
<= 7.11.1374
Cross-Site Request Forgery to Arbitrary File Upload vulnerability
9.6
1 hour ago
Image Optimizer by wps.sk
<= 1.2.0
Cross-Site Request Forgery to Bulk Image Optimization vulnerability
4.3
1 hour ago
Sermon Manager
<= 2.30.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 hour ago
Takeads
<= 1.0.13
Missing Authorization to Plugin Settings Deletion vulnerability
4.3
1 hour ago
Shortcodes and extra features for Phlox theme
<= 2.17.13
Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading Widget vulnerability
6.5
1 hour ago
Private Google Calendars
<= 20250811
Missing Authorization to Authenticated (Subscriber+) Settings Reset vulnerability
4.3
1 hour ago
WPvivid Backup and Migration
<= 0.9.120
Authenticated (Admin+) Arbitrary Directory Creation vulnerability
2.7
3 hours ago
KiotViet Sync
<= 1.8.5
Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
4.3
3 hours ago
Subscriptions & Memberships for PayPal
<= 1.1.7
Unauthenticated Fake Payment Creation vulnerability
5.3
3 hours ago
g-FFL Cockpit
<= 1.7.1
Missing Authorization to Unauthenticated Information Exposure vulnerability
5.3
3 hours ago
Premmerce Brands for WooCommerce
<= 1.2.13
Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update vulnerability
4.3
3 hours ago
Load more