Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,070
Mitigations
Mitigation rules
13,661
No official fix
10,686
In triage
1,141
Published soon
19
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Moderate Selected Posts
<= 1.4
Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
11 hours ago
All-in-One Video Gallery
4.1.0-4.6.4
Missing Authorization to Authenticated (Subscriber+) Limited User Meta Update vulnerability
5.4
11 hours ago
CM CSS Columns
<= 1.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag' Shortcode Attribute vulnerability
6.5
11 hours ago
AdminQuickbar
<= 1.9.3
Cross-Site Request Forgery to Settings Update vulnerability
4.3
11 hours ago
Canto Testimonials
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'fx' Shortcode Attribute vulnerability
6.5
11 hours ago
GZSEO
<= 2.0.11
Authenticated (Contributor+) Authorization Bypass to Stored Cross-Site Scripting vulnerability
6.5
11 hours ago
WP-ClanWars
<= 2.0.1
Authenticated (Administrator+) SQL Injection via 'orderby' Parameter vulnerability
7.6
11 hours ago
Login Page Editor
<= 1.2
Cross-Site Request Forgery to Settings Update vulnerability
4.3
11 hours ago
ThemeRuby Multi Authors
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'before' and 'after' Shortcode Attributes vulnerability
6.5
12 hours ago
Wizit Gateway for WooCommerce
<= 1.2.9
Missing Authentication to Unauthenticated Arbitrary Order Cancellation vulnerability
5.3
12 hours ago
Set Bulk Post Categories
<= 1.1
Cross-Site Request Forgery to Bulk Post Category Update vulnerability
4.3
13 hours ago
Alex User Counter
<= 6.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
13 hours ago
Alpha Blocks
<= 1.5.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'alpha_block_css' Post Meta vulnerability
6.5
13 hours ago
Star Review Manager
<= 1.2.2
Cross-Site Request Forgery to Settings Update vulnerability
4.3
14 hours ago
Administrative Shortcodes
<= 0.3.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'login' and 'logout' Shortcode Attributes vulnerability
6.5
14 hours ago
Administrative Shortcodes
<= 0.3.4
Authenticated (Contributor+) Local File Inclusion via 'slug' Shortcode Attribute vulnerability
7.5
14 hours ago
ZT Captcha
<= 1.0.4
Cross-Site Request Forgery to Settings Update vulnerability
4.3
14 hours ago
Cookie consent for developers
<= 1.7.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Multiple Settings Fields vulnerability
5.9
14 hours ago
Wise Analytics
<= 1.1.9
Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter vulnerability
5.3
16 hours ago
AIKTP
<= 5.0.04
Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions vulnerability
5.4
16 hours ago
Load more