Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,683
Mitigations
Mitigation rules
13,213
No official fix
9,999
In triage
1,591
Published soon
51
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Redux Framework
<= 4.5.8
Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter vulnerability
6.5
3 minutes ago
a3 Lazy Load
<= 2.7.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
4 minutes ago
rtMedia for WordPress, BuddyPress and bbPress
4.7.0-4.7.3
Missing Authorization to Unauthenticated Information Disclosure
3.7
5 minutes ago
Colibri Page Builder
<= 1.0.335
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
39 minutes ago
Kingcabs
<= 1.1.9
Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter vulnerability
6.5
45 minutes ago
YITH WooCommerce Quick View
<= 2.7.0
Authenticated (Contributor+) Stored Cross-Site Scripting via yith_quick_view Shortcode vulnerability
6.5
46 minutes ago
Mavix Education
<= 1.0
Missing Authorization to Authenticated (Subscriber+) 'Creativ Demo Importer' Plugin Activation vulnerability
4.3
52 minutes ago
Header Footer Script Adder
<= 2.0.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
53 minutes ago
Emplibot
<= 1.0.9
Authenticated (Admin+) Server-Side Request Forgery vulnerability
4.4
1 hour ago
HT Slider For Elementor
<= 1.7.4
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 hour ago
404 Solution
<= 3.1.0
Authenticated (Admin+) SQL Injection via 'filterText' Parameter vulnerability
7.6
1 hour ago
Design Import/Export
<= 2.2
Authenticated (Administrator+) SQL Injection via XML File Import vulnerability
7.6
1 hour ago
HAPPY
<= 1.0.9
Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply vulnerability
5.4
1 hour ago
Custom Post Type UI
<= 1.18.1
Authenticated (Administrator+) Stored Cross-Site Scripting via 'label' Import Parameter vulnerability
5.9
1 hour ago
Employee Spotlight
<= 5.1.3
Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out Modification vulnerability
5.3
1 hour ago
Image Slider by Ays
<= 2.7.0
Cross-Site Request Forgery to Arbitrary Slider Deletion vulnerability
4.3
1 hour ago
GenerateBlocks
<= 2.1.2
Authenticated (Contributor+) Information Exposure via Metadata vulnerability
4.3
1 hour ago
WPGraphQL Smart Cache
< 2.0.1
Unauthenticated Private Content Disclosure vulnerability
7.5
5 hours ago
WPMasterToolKit
<= 2.13.0
Authenticated (Author+) Code Injection vulnerability
7.2
12 hours ago
Simple CSV Table
<= 1.0.1
Directory Traversal to Authenticated (Contributor+) Arbitrary File Read vulnerability
6.5
14 hours ago
Load more