Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
39,242
Mitigations
Mitigation rules
14,546
No official patch
11,205
In triage
1,328
Published soon
10
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Formidable Forms
<= 6.28
Unauthenticated Payment Amount Manipulation via 'item_meta' Parameter vulnerability
5.3
1 day ago
Formidable Forms
<= 6.28
Missing Authorization to Unauthenticated Payment Integrity Bypass via PaymentIntent Reuse vulnerability
7.5
1 day ago
Simply Schedule Appointments
<= 1.6.9.29
Missing Authorization to Unauthenticated Sensitive Information Exposure via Settings REST API Endpoint vulnerability
7.5
1 day ago
Pix for WooCommerce
<= 1.5.0
Unauthenticated Arbitrary File Upload vulnerability
10
1 day ago
Calculated Fields Form
<= 5.4.5.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Form Settings vulnerability
6.5
1 day ago
Social Icons Widget & Block by WPZOOM
<= 4.5.8
Missing Authorization to Authenticated (Subscriber+) Sharing Configuration Creation vulnerability
4.3
1 day ago
GetGenie
<= 4.3.2
Insecure Direct Object Reference to Authenticated (Author+) Stored Cross-Site Scripting via REST API vulnerability
5.9
1 day ago
GetGenie
<= 4.3.2
Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Post Overwrite/Deletion vulnerability
5.4
1 day ago
Simply Schedule Appointments
<= 1.6.9.29
Insecure Direct Object Reference to Authenticated (Staff+) Sensitive Information Exposure vulnerability
4.3
1 day ago
Reading progressbar
< 1.3.1
Admin+ Stored XSS vulnerability
5.9
1 day ago
Timetics
< 1.0.52
Unauthenticated Payment/Booking Status Update vulnerability
4.3
1 day ago
BuilderPress
<= 2.0.1
Local File Inclusion vulnerability
9.8
2 days ago
Mobile App Editor
<= 1.3.1
Arbitrary File Upload vulnerability
9.1
2 days ago
Website LLMs.txt
<= 8.2.6
Reflected Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
WOLF
<= 1.0.8.7
SQL Injection vulnerability
7.6
2 days ago
RegistrationMagic
<= 6.0.7.1
Account Takeover vulnerability
8.1
2 days ago
Everest Forms Pro
<= 1.9.10
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
WPCafe
<= 3.0.6
Broken Access Control vulnerability
9.1
2 days ago
Simple Ajax Chat
<= 20260217
Unauthenticated Stored Cross-Site Scripting via 'c' vulnerability
7.1
2 days ago
PixelYourSite PRO
<= 12.4.0.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 days ago
Load more