Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
40,071
Mitigations
Mitigation rules
14,927
No official patch
11,328
In triage
1,452
Published soon
11
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
MetForm Pro
<= 3.9.7
Unauthenticated Payment Amount Manipulation via 'mf-calculation' vulnerability
5.3
1 hour ago
Coachific Shortcode
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'userhash' Shortcode Attribute vulnerability
6.5
1 hour ago
WP Circliful
<= 1.2
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
1 hour ago
WM JqMath
<= 1.3
Authenticated (Contributor+) Stored Cross-Site Scripting via 'style' Shortcode Attribute vulnerability
6.5
1 hour ago
Katalogportal-pdf-sync Widget
<= 1.0.0
Missing Authorization to Authenticated (Subscriber+) Information Disclosure via 'katalogportal_shortcodePrinter' AJAX Action vulnerability
5.3
1 hour ago
OPEN-BRAIN
<= 0.5.0
Cross-Site Request Forgery vulnerability
4.3
1 hour ago
Petje.af
<= 2.1.8
Cross-Site Request Forgery to Account Deletion via 'petjeaf_disconnect' AJAX Action vulnerability
4.3
1 hour ago
e-shot
<= 1.0.2
Missing Authorization to Authenticated (Subscriber+) Form Settings Modification via AJAX vulnerability
5.3
1 hour ago
Power Charts
<= 0.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
1 hour ago
VI: Include Post By
<= 0.4.200706
Authenticated (Contributor+) Stored Cross-Site Scripting via 'class_container' Shortcode Attribute vulnerability
6.5
1 hour ago
Advanced Custom Fields
<= 6.7.0
Unauthenticated Missing Authorization to Arbitrary Post/Page Disclosure via AJAX Field Query Parameters vulnerability
5.3
1 hour ago
Fusion Builder
<= 3.15.1
Authenticated (Subscriber+) Sensitive Information Exposure via Insecure Direct Object Reference vulnerability
4.3
1 hour ago
Fusion Builder
<= 3.15.1
Authenticated (Subscriber+) Limited Arbitrary WordPress Action Execution vulnerability
5.4
1 hour ago
List View Google Calendar
<= 7.4.3
Authenticated (Administrator+) Stored Cross-Site Scripting via Event Description vulnerability
5.9
1 hour ago
3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery
<= 1.16.17
WordPress 3D FlipBook - PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin <= 1.16.17 - Missing Authorization to Unauthenticated Private/Draft Flipbook Data Exposure vulnerability
5.3
1 hour ago
Nexi XPay
<= 8.3.0
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
1 hour ago
WP Logo Showcase Responsive Slider and Carousel
<= 3.8.7
Backdoor vulnerability
10
17 hours ago
Popup Anything
<= 2.9.1
Backdoor vulnerability
10
17 hours ago
Countdown Timer Ultimate
<= 2.6.9
Backdoor vulnerability
10
17 hours ago
WP Responsive Recent Post Slider/Carousel
<= 3.7.1
Backdoor vulnerability
10
17 hours ago
Load more