Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,472
Mitigations
Mitigation rules
15,257
No official patch
12,884
In triage
1,599
Published soon
0
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Ditty
<= 3.1.65
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
16 hours ago
AudioIgniter Music Player
<= 2.0.2
Unauthenticated Insecure Direct Object Reference to 'audioigniter_playlist_id' Parameter vulnerability
7.5
16 hours ago
WP ERP Pro
<= 1.5.1
Unauthenticated SQL Injection vulnerability
8.5
16 hours ago
BookingPress Appointment Booking Pro
<= 5.6
Unauthenticated Arbitrary File Upload vulnerability
10
17 hours ago
Easy Elements for Elementor – Addons & Website Templates
<= 1.4.5
Unauthenticated Privilege Escalation vulnerability
9.8
17 hours ago
network-ai
<= 5.4.4
NPM: Network-AI: Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret
7.6
1 day ago
@boxlite-ai/boxlite
< 0.9.0
NPM: Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host
9.6
1 day ago
@boxlite-ai/boxlite
< 0.9.0
NPM: BoxLite: Permission Bypass Allows Modification of Read-Only Files
10
1 day ago
@nevware21/ts-utils
<= 0.13.0
NPM: @nevware21/ts-utils: Prototype Pollution in objDeepCopy/objCopyProps via for...in without hasOwnProperty
7.2
1 day ago
@libp2p/gossipsub
<= 15.0.22
NPM: js-libp2p: Memory DoS via subscription flood of unique topics
7.5
1 day ago
js-cookie
<= 3.0.5
NPM: JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection
7.5
1 day ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: Stack-wide evidence bypassed Cloudflare and deployment-governance guardrails
8.7
1 day ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: GitHub OIDC trust policy bypass via AWS set-qualified condition operators
9.3
1 day ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: CIS 1.16 admin policy bypass for inline and attached IAM policies
8.7
1 day ago
@hulumi/policies
< 1.3.2
NPM: @hulumi/policies: HULUMI-H1 SecureBucket parent spoof bypass
8.7
1 day ago
@hulumi/drift
< 1.3.2
NPM: @hulumi/drift: Orphan reconciler accepted externally supplied execute plans
8.7
1 day ago
@hulumi/baseline
< 1.3.2
NPM: @hulumi/baseline: CloudTrail selector tampering events were not fully detected
6.9
1 day ago
nocodb
<= 0.301.3
NPM: NocoDB: Stale Auth Cache After API Token Deletion
2.3
1 day ago
nocodb
<= 0.301.3
NPM: NocoDB: Attachment Size Limit Bypass via Upload-by-URL
2.1
1 day ago
nocodb
<= 0.301.3
NPM: NocoDB: Shared-base link access can invite arbitrary users as persistent base members
5.8
1 day ago
Load more