Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
49,336
Mitigations
Mitigation rules
15,939
No official patch
13,059
In triage
1,329
Published soon
3
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Genolve
<= 5.0.5
Authenticated (Contributor+) Incorrect Authorization to Privilege Escalation vulnerability
8.8
1 hour ago
bbp style pack
<= 6.4.5
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
1 hour ago
CorvusPay WooCommerce Payment Gateway
<= 2.7.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
1 hour ago
W3 Total Cache
<= 2.9.4
Unauthenticated Arbitrary File Read vulnerability
7.5
1 hour ago
WordPress CTA
<= 2.2.2
Unauthenticated Time-Based Blind SQL Injection vulnerability
9.3
1 hour ago
Aimogen Pro
<= 2.8.4
WordPress Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin <= 2.8.4 - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit <= 2.8.4 - Unauthenticated Privilege Escalation vulnerability
9.8
1 hour ago
Ultimate Auction Pro
<= 2.4.5
Reflected XSS via uwa_manage_auctions vulnerability
7.1
16 hours ago
Ultimate Auction Pro
<= 2.4.5
Reflected XSS via uwa_auctions_bids_list vulnerability
7.1
16 hours ago
ICS Calendar
<= 12.0.9
Reflected Cross-Site Scripting vulnerability
7.1
16 hours ago
Booking Package
<= 1.7.20
Unauthenticated SQL Injection vulnerability
9.3
16 hours ago
WP Customer Area
<= 8.3.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
19 hours ago
FoodBook Lite – Online Food Ordering System
<= 1.5.6
Missing Authorization to Unauthenticated User Registration vulnerability
5.3
19 hours ago
News Kit Elementor Addons
<= 1.4.6
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
19 hours ago
Fusion Builder
<= 3.15.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Smart Slider 3
<= 3.5.1.37
Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure vulnerability
4.3
1 day ago
Academy LMS
<= 3.8.0
Authenticated (Subscriber+) Insecure Direct Object Reference vulnerability
4.3
1 day ago
safeinstall-cli
< 0.10.2
NPM: SafeInstall agent guard shell parsing can miss raw package execution
8.8
3 days ago
NEX-Forms
<= 9.2.2
Missing Authorization to Unauthenticated Arbitrary Form Entry Modification vulnerability
5.3
3 days ago
TeraWallet – For WooCommerce
<= 1.6.4
Missing Authorization to Authenticated (Subscriber+) User/Email Enumeration vulnerability
4.3
3 days ago
WCFM – Frontend Manager for WooCommerce
<= 6.7.27
Missing Authorization to Unauthenticated Arbitrary Inquiry Reply Injection vulnerability
5.3
3 days ago
Load more