Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,465
Mitigations
Mitigation rules
13,389
No official fix
10,387
In triage
1,166
Published soon
32
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Simcast
<= 1.0.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 minute ago
AH Shortcodes
<= 1.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability
6.5
1 minute ago
FluentForm
<= 6.1.7
Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI Builder vulnerability
5.4
2 minutes ago
Snillrik Restaurant
<= 2.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'menu_style' Shortcode Attribute vulnerability
6.5
4 minutes ago
Email Customizer for WooCommerce
<= 2.6.7
Authenticated (Administrator+) Stored Cross-Site Scripting via Email Template Content vulnerability
4.4
5 minutes ago
Cool YT Player
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
5 minutes ago
My Album Gallery
<= 1.0.4
Authenticated (Author+) Stored Cross-Site Scripting via Image Title vulnerability
5.9
6 minutes ago
My Album Gallery
<= 1.0.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'style_css' Shortcode Attribute vulnerability
6.5
7 minutes ago
AD Sliding FAQ
<= 2.4
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
7 minutes ago
Responsive Pricing Table
<= 5.1.12
Authenticated (Contributor+) Stored Cross-Site Scripting via 'table_currency' vulnerability
6.5
9 minutes ago
Responsive Pricing Table
<= 5.1.12
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
5.9
10 minutes ago
Niche Hero
<= 1.0.5
Authenticated (Contributor+) Stored Cross-Site Scripting via 'spacing' Shortcode Attribute vulnerability
6.5
10 minutes ago
QR Code Tag for WC
<= 1.9.42
Authenticated (Contributor+) Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
11 minutes ago
Viitor Button Shortcodes
<= 3.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'link' Shortcode Attribute vulnerability
6.5
12 minutes ago
Multi-column Tag Map
<= 17.0.39
Authenticated (Administrator+) Stored Cross-Site Scripting via 'mctm_css_conditional' Parameter vulnerability
5.9
13 minutes ago
Easy GitHub Gist Shortcodes
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
15 minutes ago
STM Gallery 1.9
<= 0.9
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
15 minutes ago
Reviewify
<= 1.0.6
Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation vulnerability
7.5
19 minutes ago
EDD Download Info
<= 1.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
20 minutes ago
Sticky Action Buttons
<= 1.1
Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
21 minutes ago
Load more