Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,969
Mitigations
Mitigation rules
13,879
No official fix
10,820
In triage
1,209
Published soon
27
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
UserPlus
<= 2.0
Missing Authorization via Multiple Functions vulnerability
6.3
4 hours ago
Sell BTC – Cryptocurrency Selling Calculator
<= 1.5
WordPress Sell BTC - Cryptocurrency Selling Calculator plugin <= 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderform_data' AJAX Action vulnerability
7.1
4 hours ago
School Management
<= 91.5.0
Authenticated (Student+) Arbitrary File Upload vulnerability
9.9
4 hours ago
Booking Calendar and Notification
<= 4.0.3
Missing Authorization via wpcb_all_bookings, wpcb_update_booking_post, and wpcb_delete_posts Functions vulnerability
6.5
4 hours ago
MyRewards
<= 5.6.0
WordPress MyRewards - Loyalty Points and Rewards for WooCommerce plugin <= 5.6.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Loyalty Rule Modification vulnerability
6.5
5 hours ago
Smart Appointment & Booking
<= 1.0.7
Authenticated (Subscriber+) Stored Cross-Site Scripting via saab_save_form_data AJAX Action vulnerability
6.5
5 hours ago
WebPurify Profanity Filter
<= 4.0.2
Missing Authorization to Unauthenticated Plugin Settings Change via webpurify_save_options vulnerability
6.5
5 hours ago
WP FOFT Loader
<= 2.1.39
Authenticated (Author+) Arbitrary File Upload vulnerability
8.8
6 hours ago
Persian Woocommerce SMS
<= 7.0.5
Reflected Cross-Site Scripting vulnerability
7.1
6 hours ago
WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto
<= 8.0.11
Unauthentiated Stored Cross-Site Scripting via Form File Upload vulnerability
7.2
6 hours ago
ForumWP
<= 2.1.2
WordPress ForumWP - Forum & Discussion Board plugin <= 2.1.2 - Reflected Cross-Site Scripting via url Parameter vulnerability
7.1
7 hours ago
WooCommerce PDF Invoice Builder
<= 1.2.136
Reflected Cross-Site Scripting vulnerability
7.1
8 hours ago
Schema App Structured Data
<= 2.2.4
Reflected Cross-Site Scripting vulnerability
7.1
8 hours ago
Ebook Store
<= 5.8001
Reflected Cross-Site Scripting vulnerability
7.1
8 hours ago
Infility Global
<= 2.14.46
Unauthenticated SQL Injection via Predictable API Key and IP Whitelist Bypass vulnerability
9.3
9 hours ago
SEO Flow by LupsOnline
<= 2.2.1
Unauthenticated Arbitrary Post/Category Modification vulnerability
7.5
9 hours ago
Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce
<= 1.1.1
Missing Authorization to Unauthenticated Arbitrary plugin Installation/Activation vulnerability
9.8
9 hours ago
WebinarPress
<= 1.33.24
WordPress WordPress Webinar Plugin - WebinarPress plugin <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Webinar Updates vulnerability
8.8
9 hours ago
WooCommerce Support Ticket System
<= 17.7
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
8.8
9 hours ago
WP JobHunt
<= 7.1
Unauthenticated Privilege Escalation via Email Update/Account Takeover vulnerability
9.8
9 hours ago
Load more