Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,781
Mitigations
Mitigation rules
13,803
No official fix
10,781
In triage
1,168
Published soon
4
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Kona Gallery Block
<= 1.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Post Grid, Slider & Carousel Ultimate
<= 1.6.10
Authenticated (Contributor+) Local File Inclusion vulnerability
7.5
2 hours ago
WP Job Portal
<= 2.2.6
Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion vulnerability
6.4
2 hours ago
Autoship Cloud for WooCommerce Subscription Products
<= 2.8.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Shortcodes and extra features for Phlox theme
<= 2.15.7
Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS vulnerability
6.5
2 hours ago
GamiPress
<= 7.2.1
Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() Function vulnerability
5.3
2 hours ago
ABC Notation
<= 6.1.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Shortcodes and extra features for Phlox theme
<= 2.15.7
Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode vulnerability
6.5
2 hours ago
Zigaform
<= 7.4.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Simplebooklet PDF Viewer and Embedder
<= 1.1.2
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Zigaform – Price Calculator & Cost Estimation Form Builder Lite
<= 7.4.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Piotnet Addons For Elementor
<= 2.4.36
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
RapidLoad
<= 2.4.4
Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset vulnerability
4.3
2 hours ago
SlingBlocks
<= 1.5.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Jobify
<= 4.2.7
Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation vulnerability
5.4
2 hours ago
Tutor LMS
<= 3.9.5
Authenticated (Subscriber+) Information Disclosure in Coupon Details via 'tutor_coupon_details' AJAX Action vulnerability
5.3
5 hours ago
Happy Addons for Elementor
<= 3.20.7
Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field vulnerability
6.5
5 hours ago
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget vulnerability
6.5
5 hours ago
Spectra
<= 2.19.17
Unauthenticated Information Disclosure in Sensitive Data vulnerability
5.3
5 hours ago
WP ULike
<= 4.8.3.1
Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' Parameter vulnerability
5.3
5 hours ago
Load more