The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total46,925

MitigationsMitigation rules15,236

No official patch13,387

In triage1,553

Published soon7

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Essential Addons for Elementor<= 6.5.13 Authenticated (Author+) Limited Privilege Escalation vulnerability	6.5	5 hours ago
ManageWP Worker<= 4.9.31 Unauthenticated Stored Cross-Site Scripting vulnerability	7.1	5 hours ago
Interactive Geo Maps<= 1.6.27 Interactive Geo Maps plugin <= 1.6.27 - Interactive Geo Maps <= 1.6.27 - Reflected Cross-Site Scripting vulnerability	7.1	6 hours ago
Taskbuilder<= 5.0.6 Authenticated (Subscriber+) Time-Based Blind SQL Injection vulnerability	8.5	6 hours ago
InfusedWoo Pro<= 5.1.2 Unauthenticated Arbitrary File Read vulnerability	7.2	6 hours ago
InfusedWoo Pro<= 5.1.2 Unauthenticated Missing Authorization to Arbitrary Post Deletion vulnerability	9.1	6 hours ago
InfusedWoo Pro<= 5.1.2 Authenticated (Subscriber+) Missing Authorization to Privilege Escalation vulnerability	8.8	6 hours ago
InfusedWoo Pro<= 5.1.2 Unauthenticated Missing Authorization to Privilege Escalation vulnerability	9.8	6 hours ago
Motors<= 1.4.107 Authenticated (Subscriber+) Arbitrary File Deletion vulnerability	8.1	7 hours ago
FluentForm<= 6.2.0 Authenticated (Subscriber+) Authorization Bypass vulnerability	8.2	7 hours ago
FluentForm<= 6.1.21 Authenticated (Subscriber+) Authorization Bypass vulnerability	8.2	7 hours ago
Career Section<= 1.7 Unauthenticated Arbitrary File Upload vulnerability	10	7 hours ago
Burst Statistics3.4.0-3.4.1.1 Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability	9.8	7 hours ago
Royal Elementor Addons<= 1.7.1058 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	21 hours ago
User Registration<= 5.1.5 Unauthenticated Missing Authorization to Admin Approval Bypass vulnerability	5.3	21 hours ago
MW WP Form<= 5.1.2 Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure vulnerability	5.3	21 hours ago
CC Child Pages<= 2.1.1 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	21 hours ago
Bold Page Builder<= 5.6.8 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	22 hours ago
Meta Field Block<= 1.5.2 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	22 hours ago
Media Sync<= 1.4.9 Authenticated (Author+) Path Traversal vulnerability	6.5	22 hours ago