Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,539
Mitigations
Mitigation rules
14,099
No official fix
10,965
In triage
1,254
Published soon
33
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Slidorion
<= 1.0.2
Authenticated (Administrator+) Stored Cross-Site Scripting via Slidorion Settings vulnerability
5.9
2 minutes ago
News Element Elementor Blog Magazine
<= 1.0.8
Missing Authorization to Authenticated (Subscriber+) Data Loss vulnerability
5.4
3 minutes ago
Advance Block Extend
<= 1.0.4
Authenticated (Contributor+) Stored Cross-Site Scripting via TitleColor Block Attribute vulnerability
6.5
8 minutes ago
Toret Manager
<= 1.2.7
Authenticated (Subscriber+) Arbitrary Options Update via AJAX actions vulnerability
5.4
10 minutes ago
Whatsiplus Scheduled Notification for Woocommerce
<= 1.0.1
Cross-Site Request Forgery to 'wsnfw_save_users_settings' AJAX Action vulnerability
4.3
14 minutes ago
Razorpay for WooCommerce
<= 4.7.8
Missing Authentication to Unauthenticated Order Modification vulnerability
5.3
16 minutes ago
Mega Store Woocommerce
<= 5.9
Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation and Settings Change vulnerability
5.3
18 minutes ago
Breadcrumb NavXT
<= 7.5.0
Missing Authorization to Sensitive Information Exposure vulnerability
5.3
31 minutes ago
Country Blocker for AdSense
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
38 minutes ago
Page Title, Description & Open Graph Updater
<= 1.02
Cross-Site Request Forgery to Arbitrary Page Title Modification vulnerability
4.3
39 minutes ago
Easy Table of Contents
<= 2.0.78
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
41 minutes ago
s2Member
<= 251005
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
42 minutes ago
Album and Image Gallery plus Lightbox
<= 2.1.7
Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin's Shortcode vulnerability
6.5
51 minutes ago
Apollo13 Framework Extensions
<= 1.9.8
Authenticated (Contributor+) Stored Cross-Site Scripting via `a13_alt_link` Parameter vulnerability
6.5
52 minutes ago
Shopire
<= 1.0.57
Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install vulnerability
4.3
58 minutes ago
Renden
<= 1.8.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title vulnerability
6.5
1 hour ago
CTX Feed
<= 6.6.11
WordPress CTX Feed - WooCommerce Product Feed Manager plugin <= 6.6.11 - Missing Authorization to Authenticated (Shop Manager+) Arbitrary Plugin Installation vulnerability
7.2
1 hour ago
Web Accessibility By accessiBe
<= 2.11
Unauthenticated Sensitive Information Exposure vulnerability
5.3
1 hour ago
Advanced Ads
<= 2.0.14
WordPress Advanced Ads - Ad Manager & AdSense plugin <= 2.0.14 - Missing Authorization to Authenticated (Subscriber+) Ad Placements Update vulnerability
4.3
1 hour ago
StatCounter
<= 2.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Nickname vulnerability
6.5
1 hour ago
Load more