Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
40,222
Mitigations
Mitigation rules
15,013
No official patch
11,313
In triage
1,417
Published soon
37
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Email Encoder Bundle
< 2.3.4
Admin+ Stored XSS vulnerability
5.9
2 hours ago
Responsive Blocks
<= 2.2.0
Unauthenticated Open Email Relay via REST API 'email_to' Parameter vulnerability
5.3
2 hours ago
Website LLMs.txt
<= 8.2.6
Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
4.4
10 hours ago
Hostel
<= 1.1.6
Reflected Cross-Site Scripting via 'shortcode_id' Parameter vulnerability
7.1
19 hours ago
Youzify
<= 1.3.6
Authenticated (Subscriber+) Stored Cross-Site Scripting via 'checkin_place_id' Parameter vulnerability
6.5
19 hours ago
Easy Appointments
<= 3.12.21
Unauthenticated Sensitive Information Exposure via REST API vulnerability
7.5
19 hours ago
wpDataTables
<= 6.5.0.4
Unauthenticated Stored Cross-Site Scripting vulnerability
4.7
19 hours ago
Drag and Drop Multiple File Upload – Contact Form 7
<= 1.3.9.6
Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass vulnerability
8.1
19 hours ago
Drag and Drop Multiple File Upload – Contact Form 7
<= 1.3.9.6
Unauthenticated Limited Arbitrary File Read via mfile Field vulnerability
7.5
19 hours ago
WP Customer Area
<= 8.3.4
Authenticated (Subscriber+) Arbitrary File Read/Deletion via ajax_attach_file vulnerability
8.8
19 hours ago
Image Source Control
<= 3.9.1
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
6.4
20 hours ago
Everest Forms
<= 3.4.4
Unauthenticated Arbitrary File Read and Deletion vulnerability
8.1
21 hours ago
wpForo Forum
<= 3.0.5
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
8.1
22 hours ago
Website LLMs.txt
<= 8.2.6
Reflected Cross-Site Scripting vulnerability
6.1
1 day ago
CMP – Coming Soon & Maintenance
<= 4.1.16
WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin <= 4.1.16 - Missing Authorization to Authenticated (Administrator+) Arbitrary File Upload and Remote Code Execution vulnerability
7.2
1 day ago
Ultimate Flipbox Addon for Elementor
<= 2.0.8
Authenticated (Author+) Stored Cross-Site Scripting via Custom Attributes vulnerability
5.9
1 day ago
Pz-LinkCard
<= 2.5.8.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
1 day ago
Embed Calendly
<= 4.4
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.4
2 days ago
Contextual Related Posts
<= 4.2.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.4
3 days ago
Content Blocks (Custom Post Widget)
<= 3.3.9
Authenticated (Author+) Stored Cross-Site Scripting vulnerability
6.4
3 days ago
Load more