Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,570
Mitigations
Mitigation rules
14,115
No official patch
10,977
In triage
1,307
Published soon
16
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WooCommerce Checkout Manager
<= 7.8.5
Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability
7.5
47 minutes ago
Prodigy Commerce
<= 3.2.9
Unauthenticated Local File Inclusion via parameters[template_name] vulnerability
8.1
49 minutes ago
Orderable
<= 1.20.0
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation vulnerability
8.8
2 hours ago
Two Factor (2FA) Authentication via Email
<= 1.9.8
Two-Factor Authentication Bypass via token vulnerability
6.5
2 hours ago
Library Management System
<= 3.2.1
Unauthenticated SQL Injection vulnerability
9.3
2 hours ago
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent
<= 4.1.2
Missing Authorization to Sensitive Information Exposure vulnerability
7.5
2 hours ago
Video Conferencing with Zoom
< 4.6.6
Unauthenticated SDK Signature Generation vulnerability
7.5
2 hours ago
WP Ultimate CSV Importer
<= 7.37
WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin <= 7.37 - Authenticated (Subscriber+) SQL Injection via File Name vulnerability
8.5
2 hours ago
s2Member
<= 260127
Unauthenticated Privilege Escalation via Account Takeover vulnerability
9.8
2 hours ago
IDonate
2.1.5-2.1.9
WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function vulnerability
8.8
3 hours ago
Slider Future
<= 1.0.5
Unauthenticated Arbitrary File Upload vulnerability
10
3 hours ago
Lizza LMS Pro
<= 1.0.3
Unauthenticated Privilege Escalation vulnerability
9.8
3 hours ago
Buyent
<= 1.0.7
Unauthenticated Privilege Escalation via User Registration vulnerability
9.8
3 hours ago
WP AUDIO GALLERY
<= 2.0
Authenticated (Subscriber+) Arbitrary File Read via .htaccess Manipulation vulnerability
8.8
3 hours ago
Tablesome
0.5.4-1.2.1
Missing Authorization to Authenticated (Subscriber+) Information Exposure and Privilege Escalation vulnerability
8.8
3 hours ago
Clasifico Listing
<= 2.0
Unauthenticated Privilege Escalation vulnerability
9.8
4 hours ago
Dealia
<= 1.0.6
Authenticated (Contributor+) Stored Cross-Site Scripting via Gutenberg Block Attributes vulnerability
6.5
10 hours ago
Client Testimonial Slider
<= 2.0
Authenticated (Administrator+) Stored Cross-Site Scripting via 'Testimonial Heading' Setting vulnerability
5.9
10 hours ago
MP3 Audio Player for Music, Radio & Podcast by Sonaar
4.0-5.10
Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability
5.3
10 hours ago
XO Event Calendar
<= 3.2.10
Authenticated (Contributor+) Stored Cross-Site Scripting via 'xo_event_field' shortcode vulnerability
6.5
11 hours ago
Load more