Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,164
Mitigations
Mitigation rules
13,720
No official fix
10,700
In triage
1,245
Published soon
49
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WP Adminify
<= 4.0.7.7
Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST API vulnerability
5.3
8 hours ago
Vzaar Media Management
<= 1.2
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
23 hours ago
TelSender
<= 1.14.14
Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability
7.1
23 hours ago
SEO Links Interlinking
<= 1.7.5
Reflected Cross-Site Scripting via 'google_error' Parameter vulnerability
7.1
23 hours ago
AI Engine
<= 3.3.2
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
6.4
23 hours ago
VidShop
<= 1.1.4
Unauthenticated Time-Based SQL Injection via 'fields' vulnerability
9.3
23 hours ago
Snow Monkey Forms
<= 12.0.3
Unauthenticated Arbitrary File Deletion via Path Traversal vulnerability
8.6
23 hours ago
New User Approve
<= 3.2.2
Missing Authorization to Unauthenticated Arbitrary User Approval, Denial, and Information Disclosure vulnerability
7.3
1 day ago
Search Atlas SEO
2.4.4-2.5.12
WordPress Search Atlas SEO plugin 2.4.4 - 2.5.12 - Missing Authorization to Authenticated (Subscriber+) Authentication Bypass via Account Takeover vulnerability
8.8
1 day ago
Stop Spammers
<= 2026.1
Cross-Site Request Forgery via Email Allowlist vulnerability
4.3
1 day ago
Passster
<= 4.2.24
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
1 day ago
Frontend File Manager
<= 23.5
Missing Authorization to Unauthenticated Arbitrary File Sharing via 'file_id' Parameter vulnerability
5.3
1 day ago
Bitcoin Donate Button
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
Recooty
1.0.1-1.0.6
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
Change WP URL
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
imwptip
<= 1.1
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
WP Google Ad Manager
<= 1.1.0
Authenticated (Administrator+) Stored Cross-Site Scripting via Admin Settings vulnerability
5.9
1 day ago
Rupantorpay
<= 2.0.0
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
1 day ago
BlockArt Blocks
<= 2.2.14
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Ivory Search
<= 5.5.13
Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters vulnerability
5.9
1 day ago
Load more