Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,715
Mitigations
Mitigation rules
13,512
No official fix
10,540
In triage
1,000
Published soon
52
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WMF Mobile Redirector
<= 1.2
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Parameters vulnerability
5.9
21 minutes ago
Short Link
<= 1.0
Authenticated (Administrator+) Stored Cross-Site Scripting via Administration Settings Page vulnerability
5.9
22 minutes ago
Aplazo Payment Gateway
<= 1.4.2
Missing Authorization to Unauthenticated Order Status Manipulation vulnerability
5.3
23 minutes ago
PayHere Payment Gateway Plugin for WooCommerce
<= 2.3.9
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
26 minutes ago
Float Payment Gateway
<= 1.1.9
Improper Authorization to Unauthenticated Order Status Manipulation vulnerability
5.3
31 minutes ago
WP Allowed Hosts
<= 1.0.8
Authenticated (Administrator+) Stored Cross-Site Scripting via 'allowed-hosts' Parameter vulnerability
5.9
33 minutes ago
LinkedIn SC
<= 1.1.9
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Page vulnerability
5.9
34 minutes ago
Stopwords for comments
<= 1.1
Missing Authorization to Cross-Site Request Forgery vulnerability
4.3
38 minutes ago
SocialChamp with WordPress
<= 1.3.3
Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
40 minutes ago
Electric Studio Download Counter
<= 2.4
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Parameters vulnerability
5.9
42 minutes ago
Perfit WooCommerce
<= 1.0.1
Missing Authorization to Unauthenticated Arbitrary Plugin Settings Deletion vulnerability
5.3
43 minutes ago
Sosh Share Buttons
<= 1.1.0
Cross-Site Request Forgery vulnerability
4.3
46 minutes ago
GetContentFromURL
<= 1.0
Authenticated (Contributor+) Server-Side Request Forgery via 'url' Shortcode Attribute vulnerability
6.4
58 minutes ago
Gotham Block Extra Light
<= 1.5.0
Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability
5.9
1 hour ago
Netcash WooCommerce Payment Gateway
<= 4.1.3
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
1 hour ago
WPBlogSyn
<= 1.0
Cross-Site Request Forgery to Arbitrary Remote Sync Configuration Update vulnerability
4.3
1 hour ago
Shipping Rates by City for WooCommerce
<= 1.0.3
Authenticated (Shop Manager+) SQL Injection via 'cities' Parameter vulnerability
8.5
1 hour ago
SpiceForms Form Builder
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
1 hour ago
Crush.pics Image Optimizer
<= 1.8.7
Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update vulnerability
4.3
1 hour ago
Real Post Slider Lite
<= 2.4
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings vulnerability
5.9
1 hour ago
Load more