The leading open source vulnerability database

Patchstack finds & mitigates vulnerabilities in websites. Connect your sites for FREE to see if they are exposed to any vulnerabilities.

See pricing

Rated 4.6

Total35,249

Mitigation rules13,125

No official fix9,836

In triage1,491

Published soon10

WordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Cost Calculator Builder<= 3.6.3 Unauthenticated Arbitrary File Deletion vulnerability	8.6	26 minutes ago
StreamTube Core<= 4.78 Unauthenticated Arbitrary User Password Change vulnerability	9.8	33 minutes ago
WP Directory Kit<= 1.4.6 Authenticated (Admin+) SQL Injection vulnerability	7.6	9 hours ago
VikRentCar<= 1.4.4 Authenticated (Author+) SQL Injection via 'month' Parameter vulnerability	7.6	9 hours ago
Beaver Builder<= 2.9.4 Missing Authorization to Authenticated (Contributor+) Global Preset Modification vulnerability	5.4	9 hours ago
Zigaform – Price Calculator & Cost Estimation Form Builder Lite<= 7.6.5 Unauthenticated Form Submission Data Disclosure in rocket_front_payment_seesummary AJAX Endpoint vulnerability	5.3	9 hours ago
Photo Gallery by Ays<= 6.4.8 Cross-Site Request Forgery to Bulk Actions vulnerability	4.3	9 hours ago
Visualizer<= 3.11.12 Authenticated (Contributor+) SQL Injection vulnerability	8.5	9 hours ago
WP Front User Submit / Front Editor<= 4.9.5 Open Redirect vulnerability	4.7	9 hours ago
WP Ultimate Exporter<= 2.19 Cross-Site Request Forgery to Sensitive Information Exposure vulnerability	4.3	10 hours ago
BlockArt Blocks<= 2.2.13 Authenticated (Contributor+) Stored Cross-Site Scripting via `timestamp` Attribute vulnerability	6.5	10 hours ago
Arconix Shortcodes<= 2.1.19 Cross Site Scripting (XSS) vulnerability	6.5	15 hours ago
WpEvently<= 5.0.4 Broken Access Control vulnerability	5.3	2 days ago
Cart Weight for WooCommerce<= 1.9.11 Broken Access Control vulnerability	5.3	2 days ago
TNC Toolbox: Web Performance<= 2.0.4 Broken Access Control vulnerability	4.3	2 days ago
JetFormBuilder<= 3.5.3 Broken Access Control vulnerability	5.3	2 days ago
Nextend Facebook Connect <= 3.1.21 Cross-Site Request Forgery to Unlink User Social Login vulnerability	4.3	3 days ago
Reuters Direct<= 3.0.0 Missing Authorization to Unauthenticated Settings Reset vulnerability	5.3	3 days ago
Analytics Germanized for Google Analytics<= 1.6.2 Cross Site Scripting (XSS) vulnerability	6.5	3 days ago
Subscriptions & Memberships for PayPal<= 1.1.7 Broken Access Control vulnerability	5.3	3 days ago