Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,583
Mitigations
Mitigation rules
14,771
No official patch
11,290
In triage
1,364
Published soon
77
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Shortcodes Blocks Creator Ultimate
<= 2.2.0
Reflected Cross-Site Scripting via 'page' vulnerability
7.1
1 minute ago
Shortcodes Blocks Creator Ultimate
<= 2.2.0
Reflected Cross-Site Scripting via _wpnonce vulnerability
7.1
4 minutes ago
SEO Help
<= 6.1.3
Reflected Cross-Site Scripting vulnerability
7.1
16 minutes ago
Video & Photo Gallery for Ultimate Member
<= 1.1.1
Reflected Cross-Site Scripting vulnerability
7.1
26 minutes ago
ReviewX
<= 2.2.10
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.10 - Incorrect Authorization to Unauthenticated Information Exposure and Data Manipulation vulnerability
6.5
35 minutes ago
Task Manager
<= 3.0.2
Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'task_id' Parameter vulnerability
6.5
47 minutes ago
WP-WebAuthn
<= 1.3.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
50 minutes ago
Comment Genius
<= 1.2.5
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
53 minutes ago
rexCrawler
<= 1.0.15
Reflected Cross-Site Scripting via 'url' and 'regex' Parameters vulnerability
7.1
55 minutes ago
SurveyJS
<= 2.5.3
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
57 minutes ago
ARForms Form Builder
<= 1.7.2
Unauthenticated Blind Arbitrary Shortcode Execution vulnerability
5.6
1 hour ago
WP Maps
<= 4.9.1
WordPress WP Maps - Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin <= 4.9.1 - Unauthenticated SQL Injection via 'orderby' Parameter vulnerability
9.3
1 hour ago
Import and export users and customers
<= 1.29.7
Privilege Escalation to Administrator via save_extra_user_profile_fields vulnerability
8.1
1 hour ago
The Ultimate WordPress Toolkit – WP Extended
<= 3.2.4
WordPress The Ultimate WordPress Toolkit - WP Extended plugin <= 3.2.4 - Authenticated (Subscriber+) Privilege Escalation via Menu Editor Module vulnerability
8.8
1 hour ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Limited Remote Code Execution vulnerability
7.3
1 hour ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure vulnerability
5.3
13 hours ago
ReviewX
<= 2.2.12
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export vulnerability
5.3
13 hours ago
Yoast SEO
<= 27.1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute vulnerability
6.5
13 hours ago
Filestack Official
<= 2.1.0
Reflected Cross-Site Scripting vulnerability
7.1
13 hours ago
Post Affiliate Pro
<= 1.28.0
Authenticated (Administrator+) Server-Side Request Forgery via 'Post Affiliate Pro URL' Field vulnerability
6.5
13 hours ago
Load more