Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
49,025
Mitigations
Mitigation rules
15,829
No official patch
13,069
In triage
1,286
Published soon
20
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
wpDiscuz
<= 7.6.56
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
11 hours ago
Ultimate Member
<= 2.11.4
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
11 hours ago
JSON API User
<= 4.1.0
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
11 hours ago
NEX-Forms
<= 9.2.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
11 hours ago
CURCY
<= 2.2.14
Unauthenticated Arbitrary Shortcode Execution vulnerability
5.4
12 hours ago
Printcart Web to Print Product Designer for WooCommerce
<= 2.5.2
Unauthenticated Arbitrary File Deletion vulnerability
8.6
12 hours ago
AR For Woocommerce
<= 8.40
Unauthenticated Path Traversal to Arbitrary File Read vulnerability
7.5
13 hours ago
AR For WordPress
<= 8.40
Unauthenticated Arbitrary File Read vulnerability
7.5
13 hours ago
Index Now
<= 3.0.16
Cross Site Request Forgery (CSRF) vulnerability
4.3
1 day ago
FormLayer
<= 1.0.6
Sensitive Data Exposure vulnerability
5.3
1 day ago
Exclusive Addons Elementor
<= 2.7.9.9
Sensitive Data Exposure vulnerability
5.3
1 day ago
LatePoint
<= 5.6.1
Missing Authorization to Unauthenticated Arbitrary Customer Data Modification vulnerability
5.3
4 days ago
Zakra
<= 4.2.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
4 days ago
Ad Inserter
<= 2.8.16
Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Post Content Disclosure vulnerability
4.3
4 days ago
Quiz And Survey Master
<= 11.1.4
Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute vulnerability
4.3
4 days ago
RTMKit
<= 2.0.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
4 days ago
CM Business Directory
<= 1.5.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
4 days ago
WP Import Export Lite
<= 3.9.30
Authenticated (Administrator+) Server-Side Request Forgery vulnerability
5.5
4 days ago
Ninja Forms File Uploads Extension
<= 3.3.29
WordPress Ninja Forms - File Uploads plugin <= 3.3.29 - File Uploads <= 3.3.29 - Missing Authorization to Unauthenticated Log Disclosure and Deletion vulnerability
5.3
4 days ago
Tonda
<= 2.5
Local File Inclusion vulnerability
7.5
4 days ago
Load more