Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,629
Mitigations
Mitigation rules
15,332
No official patch
12,973
In triage
1,509
Published soon
59
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.8
SQL Injection vulnerability
8.5
04/06/2026
Sunshine Photo Cart
<= 3.6.7
Broken Access Control vulnerability
6.3
02/06/2026
SePay Gateway
<= 1.1.20
Sensitive Data Exposure vulnerability
6.5
02/06/2026
Booking Calendar – Event Calendar
<= 2.1.6
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
Just now
Query Shortcode
<= 0.2.1
Authenticated (Contributor+) Local File Inclusion vulnerability
7.5
Just now
NS Product icon badge
<= 1.2.4
Reflected Cross-Site Scripting vulnerability
6.1
1 minute ago
Livemesh SiteOrigin Widgets
<= 3.9.2
Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.4
2 minutes ago
Livemesh Addons for WPBakery Page Builder
<= 3.9.4
Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.4
2 minutes ago
Livemesh Addons for Beaver Builder
<= 3.9.2
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.4
2 minutes ago
Enable jQuery Migrate Helper
<= 1.4.1
Missing Authorization to Authenticated (Subscriber+) jQuery Version Downgrade vulnerability
6.5
3 minutes ago
WPCode
<= 2.3.5
Authenticated (Author+) Remote Code Execution vulnerability
8.8
3 minutes ago
Firebase Support & Chat Management
<= 3.1.1
Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vulnerability
8.8
5 minutes ago
Login with NEAR
<= 0.3.3
Authentication Bypass vulnerability
8.1
6 minutes ago
Boost
<= 2.0.3
Unauthenticated PHP Object Injection vulnerability
9.8
10 minutes ago
Master Slider
<= 3.10.8
Cross Site Scripting (XSS) vulnerability
6.5
29 minutes ago
GenerateBlocks
<= 2.1.0
Sensitive Data Exposure vulnerability
6.5
30 minutes ago
Xpro Elementor Addons - Pro
<= 1.4.7
WordPress Xpro Elementor Addons - Pro plugin <= 1.4.7 - Pro <= 1.4.7 - Authenticated (Contributor+) Arbitrary File Read vulnerability
6.5
12 hours ago
MinhNhut Link Gateway
<= 3.6.1
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
4.4
12 hours ago
myLinksDump
<= 1.6
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
12 hours ago
rexCrawler
<= 1.0.15
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
12 hours ago
Load more