Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
35,835
Mitigations
Mitigation rules
13,223
No official fix
10,089
In triage
1,512
Published soon
59
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Doubly - Cross Domain Copy Paste for WordPress
<= 1.0.46
Authenticated (Subscriber+) PHP Object Injection via ZIP File Import vulnerability
8.8
8 minutes ago
JAY Login & Register
<= 2.4.01
Authentication Bypass via Cookie vulnerability
9.8
12 minutes ago
Login Lockdown
<= 2.14
IP Block Bypass vulnerability
5.3
4 hours ago
WPS Visitor Counter
<= 1.4.8
Reflected XSS vulnerability
7.1
4 hours ago
HelloLeads CRM Form Shortcode
<= 1.0
Unauthenticated Settings Reset vulnerability
6.5
4 hours ago
MailerLite – WooCommerce integration
<= 3.1.3
WordPress MailerLite - WooCommerce integration plugin <= 3.1.3 - Missing Authorization to Data Deletion vulnerability
6.5
4 hours ago
Fancy Product Designer
<= 6.4.8
Unauthenticated Information Disclosure via 'url' Parameter vulnerability
5.9
5 hours ago
Fancy Product Designer
<= 6.4.8
Unauthenticated Server-Side Request Forgery via Race Condition vulnerability
7.2
8 hours ago
LearnPress
<= 4.3.1
Authenticated (Subscriber+) Stored Cross-Site Scripting via get_profile_social vulnerability
6.5
8 hours ago
Booking Calendar
<= 10.14.8
Unauthenticated SQL Injection via dates_to_check vulnerability
9.3
8 hours ago
Fox LMS
1.0.4.7-1.0.5.1
Unauthenticated Privilege Escalation vulnerability
9.8
8 hours ago
WPCOM Member
<= 1.7.16
Authentication Bypass via Weak OTP vulnerability
8.1
8 hours ago
Post Expirator
<= 4.9.2
Missing Authorization to Authenticated (Contributor+) Authors' Emails Exposure vulnerability
4.3
16 hours ago
Elementor Website Builder
<= 3.33.3
Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Text Path vulnerability
6.5
16 hours ago
Fancy Product Designer
<= 6.4.8
Unauthenticated Full Path Disclosure via 'pdf' Parameter vulnerability
5.3
16 hours ago
Auto Featured Image (Auto Post Thumbnail)
<= 4.2.1
Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification vulnerability
4.3
17 hours ago
Dokan Pro
<= 4.1.3
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
5.3
17 hours ago
LearnPress
<= 4.3.1
Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability
5.3
17 hours ago
Modula Image Gallery
<= 2.13.3
Missing Authorization to Authenticated (Author+) Arbitrary Gallery Modification vulnerability
4.3
17 hours ago
OneSignal – Web Push Notifications
<= 3.6.1
Missing Authorization to Unauthenticated Plugin Settings Update vulnerability
5.3
18 hours ago
Load more