Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
46,445
Mitigations
Mitigation rules
15,058
No official patch
13,383
In triage
1,419
Published soon
29
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Rescue Shortcodes
<= 3.3
Cross Site Scripting (XSS) vulnerability
6.5
2 hours ago
ACF Galerie 4
<= 1.4.2
Broken Access Control vulnerability
4.3
2 hours ago
Taxi Booking Manager for WooCommerce
<= 2.0.0
Cross Site Scripting (XSS) vulnerability
6.5
2 hours ago
Social Rocket
<= 1.3.4.2
WordPress Social Rocket - Social Sharing Plugin plugin <= 1.3.4.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via id vulnerability
6.5
4 hours ago
Breeze
<= 2.4.4
Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote vulnerability
10
4 hours ago
ExactMetrics
<= 9.1.2
Authenticated (Editor+) Arbitrary Plugin Installation/Activation via exactmetrics_connect_process vulnerability
7.2
9 hours ago
WP Store Locator
<= 2.2.261
Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsl_address' Post Meta vulnerability
6.5
9 hours ago
Gutentor
<= 3.5.5
WordPress Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor plugin <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gutentor Block HTML vulnerability
6.5
9 hours ago
Avada
< 7.13.2
Cross Site Request Forgery (CSRF) vulnerability
4.3
21 hours ago
Order Minimum/Maximum Amount Limits for WooCommerce
<= 4.6.4
Cross Site Scripting (XSS) vulnerability
6.5
21 hours ago
Maximum Products per User for WooCommerce
<= 4.3.6
Cross Site Scripting (XSS) vulnerability
6.5
21 hours ago
Breaking News WP
<= 1.3
Missing Authorization to Authenticated (Subscriber+) Local File Inclusion/Read vulnerability
7.5
1 day ago
Simple Random Posts Shortcode
<= 0.3
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Emailchef
<= 3.5.1
Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Settings Deletion vulnerability
5.4
1 day ago
WP Responsive Popup + Optin
<= 1.4
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
7.1
1 day ago
Create DB Tables
<= 1.2.1
Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Table Creation/Deletion vulnerability
9.1
1 day ago
Sendmachine for WordPress
<= 1.0.20
Unauthenticated SMTP Hijack to Privilege Escalation vulnerability
9.8
1 day ago
Short Comment Filter
<= 2.2
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
Private WP suite
<= 0.4.1
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
Real Estate Pro
<= 1.0.9
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
Load more