Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
47,802
Mitigations
Mitigation rules
15,428
No official patch
12,981
In triage
1,549
Published soon
26
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
<= 2.0.8
SQL Injection vulnerability
8.5
04/06/2026
ARMember Premium
<= 7.3.1
Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation vulnerability
9.8
8 minutes ago
ARMember Premium
<= 7.3.1
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
12 minutes ago
ARMember Premium
<= 7.3.1
Unauthenticated SQL Injection vulnerability
9.3
29 minutes ago
MasterStudy LMS Pro
<= 4.8.20
Authenticated (Instructor+) SQL Injection vulnerability
8.5
21 hours ago
Sunshine Photo Cart
<= 3.6.7
Broken Access Control vulnerability
6.3
1 day ago
Elementor Website Builder
<= 4.1.0
Broken Access Control vulnerability
5.4
1 day ago
Crew HRM
<= 1.2.2
Broken Access Control vulnerability
5.4
1 day ago
Progress Planner
<= 1.9.0
Cross Site Scripting (XSS) vulnerability
5.9
1 day ago
EmergencyWP – Dead Man's switch & legacy deliverance
<= 1.4.2
Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
1 day ago
Passeum Ticketing
<= 1.0
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
1 day ago
FPW Category Thumbnails
<= 1.9.5
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
2 days ago
hiWeb Migration Simple
<= 2.0.0.1
Reflected Cross-Site Scripting vulnerability
7.1
2 days ago
rognone
<= 0.6.2
Reflected Cross-Site Scripting vulnerability
7.1
2 days ago
rognone
<= 0.6.2
Reflected Cross-Site Scripting vulnerability
7.1
2 days ago
Simple Custom Login Page
<= 1.0.3
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
7.1
2 days ago
Spectra
<= 2.19.25
Authenticated (Contributor+) Remote Code Execution vulnerability
8.8
2 days ago
GEO my WordPress
<= 4.5.5
Unauthenticated SQL Injection vulnerability
9.3
2 days ago
Simple History
<= 5.26.0
Authenticated (Subscriber+) Account Takeover vulnerability
7.5
2 days ago
SePay Gateway
<= 1.1.20
Sensitive Data Exposure vulnerability
6.5
2 days ago
Load more