Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,721
Mitigations
Mitigation rules
15,377
No official patch
12,989
In triage
1,529
Published soon
24
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.8
SQL Injection vulnerability
8.5
04/06/2026
Sunshine Photo Cart
<= 3.6.7
Broken Access Control vulnerability
6.3
02/06/2026
SePay Gateway
<= 1.1.20
Sensitive Data Exposure vulnerability
6.5
02/06/2026
LiteSpeed Cache
<= 7.7
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
6 hours ago
WP Travel Pro
<= 10.6.0
Missing Authorization to Unauthenticated Arbitrary User Deletion Including Administrators vulnerability
9.1
6 hours ago
WooCommerce Infinite Scroll
<= 1.8
Authenticated (Subscriber+) PHP Object Injection vulnerability
8.8
6 hours ago
Link Whisper Free
<= 0.9.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
6 hours ago
StatCounter
<= 2.1.1
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
7.1
6 hours ago
Login with phone number
1.8.50-1.8.60
Unauthenticated Authentication Bypass vulnerability
9.8
10 hours ago
Advanced Google Maps
<= 6.0.4
Unauthenticated Privilege Escalation vulnerability
9.8
10 hours ago
Rank Math SEO
<= 1.0.271
Missing Authorization to Unauthenticated Homepage Settings Modification vulnerability
5.3
23 hours ago
Contact Form 7 – PayPal & Stripe Add-on
<= 2.4.9
Unauthenticated Payment Bypass vulnerability
5.3
1 day ago
Frontend Admin by DynamiApps
<= 3.28.8
Authenticated (Administrator+) SQL Injection vulnerability
7.6
1 day ago
Media LIbrary Assistant
<= 3.35
Cross-Site Request Forgery vulnerability
8.1
1 day ago
The Plus Addons for Elementor Page Builder Lite
<= 6.4.15
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Automotive Car Dealership Business
<= 13.4.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Simple Divi Shortcode
<= 1.2
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Breeze
<= 2.5.2
Unauthenticated Exposure of Sensitive Information to an Unauthorized Actor vulnerability
5.3
1 day ago
Post Snippets
<= 4.0.19
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
Poll Maker
<= 6.3.7
Authenticated (Subscriber+) Sensitive Information Exposure in 'ays_poll_get_user_information' AJAX Action vulnerability
4.3
1 day ago
Load more