Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,468
Mitigations
Mitigation rules
13,392
No official fix
10,390
In triage
1,167
Published soon
31
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
iPaymu Payment Gateway for WooCommerce
<= 2.0.2
Missing Authentication to Unauthenticated Payment Bypass and Order Information Disclosure vulnerability
8.2
14 minutes ago
Yoco Payments
<= 3.8.8
Unauthenticated Arbitrary File Read vulnerability
7.5
25 minutes ago
Drag and Drop Multiple File Upload – Contact Form 7
<= 1.3.9.2
WordPress Drag and Drop Multiple File Upload - Contact Form 7 plugin <= 1.3.9.2 - Unauthenticated Limited Arbitrary File Upload vulnerability
10
31 minutes ago
Optional Email
<= 1.3.11
Unauthenticated Privilege Escalation to Account Takeover vulnerability
9.8
47 minutes ago
Wish To Go
<= 0.5.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
7 hours ago
Simcast
<= 1.0.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
7 hours ago
AH Shortcodes
<= 1.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability
6.5
7 hours ago
FluentForm
<= 6.1.7
Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI Builder vulnerability
5.4
7 hours ago
Snillrik Restaurant
<= 2.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'menu_style' Shortcode Attribute vulnerability
6.5
7 hours ago
Email Customizer for WooCommerce
<= 2.6.7
Authenticated (Administrator+) Stored Cross-Site Scripting via Email Template Content vulnerability
4.4
7 hours ago
Cool YT Player
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
7 hours ago
My Album Gallery
<= 1.0.4
Authenticated (Author+) Stored Cross-Site Scripting via Image Title vulnerability
5.9
7 hours ago
My Album Gallery
<= 1.0.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'style_css' Shortcode Attribute vulnerability
6.5
7 hours ago
AD Sliding FAQ
<= 2.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
7 hours ago
Responsive Pricing Table
<= 5.1.12
Authenticated (Contributor+) Stored Cross-Site Scripting via 'table_currency' vulnerability
6.5
7 hours ago
Responsive Pricing Table
<= 5.1.12
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
7 hours ago
Niche Hero
<= 1.0.5
Authenticated (Contributor+) Stored Cross-Site Scripting via 'spacing' Shortcode Attribute vulnerability
6.5
7 hours ago
QR Code Tag for WC
<= 1.9.42
Authenticated (Contributor+) Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
7 hours ago
Viitor Button Shortcodes
<= 3.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'link' Shortcode Attribute vulnerability
6.5
7 hours ago
Multi-column Tag Map
<= 17.0.39
Authenticated (Administrator+) Stored Cross-Site Scripting via 'mctm_css_conditional' Parameter vulnerability
5.9
7 hours ago
Load more