The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total49,338
Mitigations15,939
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
n8n-mcp<= 2.56.0
NPM: n8n-MCP: Cross-tenant access to workflow version backups in multi-tenant HTTP deployments
9.9
11 minutes ago
@fedify/fedify>= 0.11.2, < 1.9.12
NPM: Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges
8.6
1 hour ago
@fedify/vocab-runtime< 2.0.19
NPM: Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges
8.6
1 hour ago
Genolve<= 5.0.5
Authenticated (Contributor+) Incorrect Authorization to Privilege Escalation vulnerability
8.8
12 hours ago
bbp style pack<= 6.4.5
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
6.5
12 hours ago
CorvusPay WooCommerce Payment Gateway<= 2.7.4
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
12 hours ago
W3 Total Cache<= 2.9.4
Unauthenticated Arbitrary File Read vulnerability
7.5
12 hours ago
WordPress CTA<= 2.2.2
Unauthenticated Time-Based Blind SQL Injection vulnerability
9.3
12 hours ago
Aimogen Pro<= 2.8.4
WordPress Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin <= 2.8.4 - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit <= 2.8.4 - Unauthenticated Privilege Escalation vulnerability
9.8
12 hours ago
Ultimate Auction Pro<= 2.4.5
Reflected XSS via uwa_manage_auctions vulnerability
7.1
1 day ago
Ultimate Auction Pro<= 2.4.5
Reflected XSS via uwa_auctions_bids_list vulnerability
7.1
1 day ago
ICS Calendar<= 12.0.9
Reflected Cross-Site Scripting vulnerability
7.1
1 day ago
Booking Package<= 1.7.20
Unauthenticated SQL Injection vulnerability
9.3
1 day ago
WP Customer Area<= 8.3.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
FoodBook Lite – Online Food Ordering System<= 1.5.6
Missing Authorization to Unauthenticated User Registration vulnerability
5.3
1 day ago
News Kit Elementor Addons<= 1.4.6
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Fusion Builder<= 3.15.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Smart Slider 3<= 3.5.1.37
Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure vulnerability
4.3
1 day ago
Academy LMS<= 3.8.0
Authenticated (Subscriber+) Insecure Direct Object Reference vulnerability
4.3
1 day ago
ووسلام &#8211; همگام سازی ووکامرس و باسلام<= 1.9.1
Cross Site Request Forgery (CSRF) vulnerability
7.1
2 days ago