The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total48,907
Mitigations15,792
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
My Calendar<= 3.7.14
Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure vulnerability
5.3
9 hours ago
LatePoint<= 5.6.2
Unauthenticated Insecure Direct Object Reference to Arbitrary Creation vulnerability
5.3
9 hours ago
Kirki<= 6.0.11
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
9 hours ago
Kirki<= 6.0.11
Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) vulnerability
5.3
9 hours ago
JoomSport<= 5.7.8
Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification vulnerability
4.3
9 hours ago
JetFormBuilder<= 3.6.3
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
5.3
10 hours ago
Shortcodes and extra features for Phlox theme<= 2.17.16
Cross Site Scripting (XSS) vulnerability
6.5
12 hours ago
HubSpot<= 11.3.51
Sensitive Data Exposure vulnerability
7.4
12 hours ago
Image Optimizer by Elementor<= 1.7.4
Authenticated (Author+) Arbitrary File Deletion vulnerability
6.8
12 hours ago
Insert Pages<= 3.11.4
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
12 hours ago
Email Subscribers & Newsletters<= 5.9.27
Missing Authorization to Authenticated (Contributor+) Settings Modification vulnerability
4.3
12 hours ago
GiveWP<= 4.16.1
Authenticated (Give Worker+) Stored Cross-Site Scripting vulnerability
6.5
12 hours ago
VikBooking Hotel Booking Engine & PMS<= 1.8.12
CSRF to Arbitrary File Deletion vulnerability
7.4
12 hours ago
Enable Media Replace<= 4.2.1
Cross Site Scripting (XSS) vulnerability
5.9
12 hours ago
ApplyOnline<= 2.6.7.6
Broken Access Control vulnerability
5.3
13 hours ago
ThumbPress<= 6.3.2
Broken Access Control vulnerability
4.3
13 hours ago
Houzez Property Feed<= 2.5.46
Authenticated (Administrator+) SQL Injection vulnerability
7.6
13 hours ago
Webba Booking<= 6.4.13
Broken Access Control vulnerability
5.3
13 hours ago
PrivateContent<= 9.9.2
Privilege Escalation vulnerability
9.8
16 hours ago
LatePoint<= 5.6.3
Authenticated (Custom+) Privilege Escalation to Administrator vulnerability
8.8
17 hours ago