Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,314
Mitigations
Mitigation rules
13,730
No official fix
10,743
In triage
1,259
Published soon
25
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WP Online Users Stats
<= 1.0.0
Authenticated (Editor+) SQL Injection via table_name Parameter vulnerability
7.6
5 minutes ago
TableOn
<= 1.0.4.1
Authenticated (Contributor+) Stored Cross-Site Scripting via tableon_popup_iframe_button Shortcode vulnerability
6.5
8 minutes ago
3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery
<= 1.16.15
WordPress 3D FlipBook - Lite Edition plugin <= 1.16.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via style and mode Parameters vulnerability
6.5
9 minutes ago
FooBox Image Lightbox
<= 2.7.34
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
10 minutes ago
Dynamic AJAX Product Filters for WooCommerce
<= 1.3.7
Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter vulnerability
6.5
15 minutes ago
WP VR
<= 8.5.32
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
16 minutes ago
CubeWP
<= 1.1.27
Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php vulnerability
4.3
17 minutes ago
EZ SQL Reports Shortcode Widget and DB Backup
<= 5.25.11
Authenticated (Contributor+) Stored Cross-Site Scripting via SQLREPORT Shortcode vulnerability
6.5
19 minutes ago
Magic Buttons for Elementor
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via magic-button Shortcode vulnerability
6.5
21 minutes ago
Anber Elementor Addon
<= 1.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Banner button link vulnerability
6.5
26 minutes ago
Stratum
<= 1.6.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Google Maps and Image Hotspot Widgets vulnerability
6.5
31 minutes ago
Sertifier Certificate & Badge Maker
<= 1.19
Cross-Site Request Forgery to Settings Update vulnerability
4.3
31 minutes ago
WP Customer Area
< 8.2.5
Bulk Delete via CSRF vulnerability
4.3
33 minutes ago
Email Subscribers & Newsletters
< 5.7.45
Admin+ Stored XSS vulnerability
5.9
34 minutes ago
Email Subscribers & Newsletters
< 5.7.45
Admin+ Stored XSS vulnerability
5.9
35 minutes ago
Email Subscribers & Newsletters
< 5.7.45
Admin+ Stored XSS vulnerability
5.9
36 minutes ago
Gutenberg Blocks by Kadence Blocks
<= 3.2.53
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
5.9
37 minutes ago
Prisna GWT – Google Website Translator
< 1.4.14
Admin+ Stored XSS vulnerability
5.9
48 minutes ago
Twitter Bootstrap Collapse aka Accordian Shortcode
<= 1.0
Stored XSS via Shortcode vulnerability
6.5
49 minutes ago
Paid Memberships Pro
< 2.12.9
Contributor+ Arbitrary User Custom Field Disclosure vulnerability
4.9
1 hour ago
Load more