Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,728
Mitigations
Mitigation rules
15,387
No official patch
12,986
In triage
1,532
Published soon
4
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.8
SQL Injection vulnerability
8.5
04/06/2026
Sunshine Photo Cart
<= 3.6.7
Broken Access Control vulnerability
6.3
02/06/2026
SePay Gateway
<= 1.1.20
Sensitive Data Exposure vulnerability
6.5
02/06/2026
HT Contact Form 7
<= 2.8.2
Unauthenticated Stored Cross-Site Scripting via File Upload Field vulnerability
7.1
2 hours ago
GutenBee
<= 2.20.1
Authenticated (Author+) Arbitrary File Upload vulnerability
9.1
2 hours ago
Crawlomatic Multisite Scraper Post Generator
<= 2.7.2
Authenticated (Author+) Remote Code Execution vulnerability
8.8
3 hours ago
ACF Extended
<= 0.9.2.5
Unauthenticated Privilege Escalation vulnerability
9.8
3 hours ago
Affiliate Super Assistent
<= 1.10.1
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
WebinarIgnition
< 4.08.253
Privilege Escalation vulnerability
9.8
2 days ago
WebinarIgnition
< 4.08.253
Arbitrary File Deletion vulnerability
9.9
2 days ago
QuickWebP – Compress / Optimize Images & Convert WebP | SEO Friendly
<= 3.2.7
Arbitrary File Deletion vulnerability
9.9
2 days ago
TableOn
<= 1.0.5.1
SQL Injection vulnerability
9.3
2 days ago
Favicon
<= 1.3.46
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
WCFM Membership
<= 2.11.10
Broken Access Control vulnerability
7.3
2 days ago
Stripe Payments
<= 2.0.98
Bypass Vulnerability vulnerability
6.5
2 days ago
Booking Manager
<= 2.1.18
Cross Site Scripting (XSS) vulnerability
6.5
2 days ago
WPComplete
<= 2.9.5.4
Cross Site Scripting (XSS) vulnerability
6.5
2 days ago
LiteSpeed Cache
<= 7.7
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 days ago
WP Travel Pro
<= 10.6.0
Missing Authorization to Unauthenticated Arbitrary User Deletion Including Administrators vulnerability
9.1
2 days ago
WooCommerce Infinite Scroll
<= 1.8
Authenticated (Subscriber+) PHP Object Injection vulnerability
8.8
2 days ago
Load more