Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,482
Mitigations
Mitigation rules
13,770
No official fix
10,776
In triage
1,258
Published soon
1
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Cookie Notice & Compliance for GDPR / CCPA
<= 2.5.8
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
11 minutes ago
VK All in One Expansion Unit
<= 9.112.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
13 minutes ago
JetFormBuilder
<= 3.5.3
Missing Authorization to Unauthenticated Form Generation vulnerability
5.3
19 minutes ago
Double the Donation
<= 3.0.0
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
5.9
20 minutes ago
ELEX WordPress HelpDesk & Customer Ticketing System
<= 3.3.1
Missing Authorization to Authenticated (Subscriber+) Ticket Restore vulnerability
4.3
21 minutes ago
ELEX WordPress HelpDesk & Customer Ticketing System
<= 3.3.1
Missing Authorization to Authenticated (Subscriber+) Trash Restore vulnerability
4.3
21 minutes ago
Course Booking System
<= 6.1.5
Missing Authorization to Unauthenticated Booking Data Export vulnerability
5.3
1 hour ago
Return Refund and Exchange For WooCommerce
<= 4.5.5
Insecure Direct Object Reference to Authenticated (Subscriber+) Refund Request Cancellation vulnerability
4.3
1 hour ago
ELEX WordPress HelpDesk & Customer Ticketing System
<= 3.3.1
Missing Authorization to Authenticated (Subscriber+) Trash Empty vulnerability
4.3
1 hour ago
CubeWP
<= 1.1.27
Unauthenticated Information Exposure vulnerability
5.3
1 hour ago
EPROLO Dropshipping
<= 2.3.1
Missing Authorization to Authenticated (Subscriber+) Tracking Data Modification vulnerability
4.3
1 hour ago
Hide Categories Or Products On Shop Page
<= 1.0.7
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 hour ago
XCloner
<= 4.8.2
Cross-Site Request Forgery in Xcloner_Remote_Storage:save() vulnerability
4.3
1 hour ago
Omnipress
<= 1.6.5
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
1 hour ago
Webcake
<= 1.1
Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
4.3
1 hour ago
Bread & Butter
<= 7.11.1374
Cross-Site Request Forgery to Arbitrary File Upload vulnerability
9.6
1 hour ago
Image Optimizer by wps.sk
<= 1.2.0
Cross-Site Request Forgery to Bulk Image Optimization vulnerability
4.3
1 hour ago
Sermon Manager
<= 2.30.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 hour ago
Takeads
<= 1.0.13
Missing Authorization to Plugin Settings Deletion vulnerability
4.3
1 hour ago
Shortcodes and extra features for Phlox theme
<= 2.17.13
Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading Widget vulnerability
6.5
1 hour ago
Load more