The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total47,938

MitigationsMitigation rules15,495

No official patch12,980

In triage1,553

Published soon23

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Newsletters<= 4.13 Unauthenticated SQL Injection vulnerability	9.3	13 minutes ago
Doctreat Core<= 1.6.8 Unauthenticated Privilege Escalation vulnerability	9.8	17 minutes ago
aThemes Addons for Elementor<= 1.1.8 Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	6.5	14 hours ago
MW WP Form<= 5.1.3 Authenticated (Editor+) Stored Cross-Site Scripting vulnerability	5.9	14 hours ago
Easy Image Collage<= 1.13.6 Authenticated (Author+) Stored Cross-Site Scripting vulnerability	5.9	14 hours ago
Slider Revolution<= 7.0.10 Authenticated (Subscriber+) Sensitive Information Disclosure vulnerability	6.5	20 hours ago
WP GDPR Cookie Consent<= 1.0.0 Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability	6.5	20 hours ago
FV Flowplayer Video Player<= 7.5.49.7212 Unauthenticated Stored Cross-Site Scripting vulnerability	7.1	20 hours ago
Booking Package<= 1.7.16 Authenticated (Editor+) Privilege Escalation vulnerability	7.2	23 hours ago
Ad Inserter<= 2.8.15 Reflected Cross-Site Scripting vulnerability	7.1	23 hours ago
Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More<= 1.0.15 Unauthenticated Stored Cross-Site Scripting vulnerability	7.1	23 hours ago
All In One WP Security & Firewall<= 5.4.7 Unauthenticated Stored Cross-Site Scripting vulnerability	7.1	23 hours ago
Advanced Google reCAPTCHA<= 5.38 Authenticated (Subscriber+) Authentication Bypass vulnerability	8.8	23 hours ago
Hippoo Mobile App for WooCommerce<= 1.9.4 Unauthenticated Authentication Bypass to Administrator Account Takeover vulnerability	9.8	23 hours ago
WP User Manager<= 2.9.17 Unauthenticated Path Traversal to Local File Inclusion vulnerability	7.5	23 hours ago
6Storage Rentals<= 2.22.0 Unauthenticated Insecure Direct Object Reference to Arbitrary User Disclosure and Modification vulnerability	7.5	23 hours ago
Advanced Google reCAPTCHA<= 5.38 Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload vulnerability	8.8	23 hours ago
Events Calendar for GeoDirectory<= 2.3.28 Authenticated (Subscriber+) Privilege Escalation vulnerability	8.8	1 day ago
Recover Exit For WooCommerce<= 1.0.3 Unauthenticated Local File Inclusion vulnerability	10	1 day ago
Animation Addons for Elementor<= 2.6.7 Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability	6.5	1 day ago