Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,584
Mitigations
Mitigation rules
14,130
No official patch
10,973
In triage
1,283
Published soon
0
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
xmlrpc attacks blocker
<= 1.0
Unauthenticated Stored Cross-Site Scripting via 'X-Forwarded-For' vulnerability
7.1
4 minutes ago
iXML
<= 0.6
WordPress iXML - Google XML sitemap generator plugin <= 0.6 - Reflected Cross-Site Scripting via 'iXML_email' Parameter vulnerability
7.1
53 minutes ago
Easy Author Image
<= 1.7
Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Picture URL vulnerability
6.5
59 minutes ago
Wholesale Suite
<= 2.2.1
Privilege Escalation vulnerability
7.2
2 days ago
Woocommerce Wholesale Lead Capture
<= 1.17.8
Privilege Escalation vulnerability
9.8
2 days ago
Woocommerce Wholesale Lead Capture
<= 1.17.8
Arbitrary File Upload vulnerability
9
2 days ago
EventPrime
<= 4.2.8.3
Sensitive Data Exposure vulnerability
5.3
2 days ago
Smartsupp – live chat, chatbots, AI and lead generation
<= 3.9.1
WordPress Smartsupp - live chat, AI shopping assistant and chatbots plugin <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
2 days ago
WooCommerce Checkout Manager
<= 7.8.1
Unauthenticated Limited File Upload vulnerability
5.3
2 days ago
Aruba HiSpeed Cache
<= 3.0.2
Missing Authorization to Unauthenticated Plugin's Settings Modification vulnerability
6.5
2 days ago
Ads Pro
<= 5.0
Broken Access Control vulnerability
5.4
2 days ago
Aruba HiSpeed Cache
<= 3.0.2
Reflected Cross-Site Scripting vulnerability
7.1
2 days ago
Ultimate Member
<= 2.11.1
Reflected Cross-Site Scripting via Filter Parameters vulnerability
7.1
2 days ago
Image Optimizer by Elementor
<= 1.7.1
Broken Access Control vulnerability
4.3
2 days ago
wpForo Forum
<= 2.4.14
Unauthenticated Time-Based SQL Injection vulnerability
9.3
3 days ago
WooCommerce Product Table Lite
<= 4.6.2
Unauthenticated Time-Based SQL Injection via 'search' Parameter vulnerability
9.3
3 days ago
Master Addons for Elementor
<= 2.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text' vulnerability
6.5
3 days ago
Quiz Maker
<= 6.7.1.7
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
3 days ago
Ally
<= 4.0.2
Broken Access Control vulnerability
5.3
3 days ago
Advanced AJAX Product Filters
<= 3.1.9.6
Authenticated (Author+) PHP Object Injection via Live Composer Compatibility vulnerability
8.8
3 days ago
Load more