The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total36,311

MitigationsMitigation rules13,355

No official fix10,336

In triage1,157

Published soon10

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
ShopBuilder – Elementor WooCommerce Builder Addons< 3.2.2 Reflected XSS vulnerability	7.1	13 hours ago
Branda<= 3.4.24 WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability	9.8	13 hours ago
Logo Slider< 4.9.0 Contributor+ Stored XSS vulnerability	6.5	14 hours ago
WPBookit<= 1.0.7 Customer Deletion via CSRF vulnerability	5.4	14 hours ago
WP User Frontend<= 4.2.4 Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability	7.5	14 hours ago
wpDiscuz< 7.6.40 WordPress Comments - wpDiscuz plugin < 7.6.40 - Unauthenticated Account Takeover vulnerability	9.8	1 day ago
WP Ultimate CSV Importer<= 7.35 WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass vulnerability	6.4	1 day ago
Worker for Elementor<= 1.0.10 Broken Access Control vulnerability	5.4	2 days ago
Worker for WPBakery<= 1.1.1 Broken Access Control vulnerability	5.4	2 days ago
Logger for Elementor<= 1.0.9 Broken Access Control vulnerability	5.4	2 days ago
Conformer for Elementor<= 1.0.7 Broken Access Control vulnerability	5.4	2 days ago
UnGrabber<= 3.1.3 Broken Access Control vulnerability	5.4	2 days ago
Appender<= 1.1.1 Broken Access Control vulnerability	5.4	2 days ago
Countdowner for Elementor<= 1.0.4 Broken Access Control vulnerability	5.4	2 days ago
Criptopayer for Elementor<= 1.0.1 Broken Access Control vulnerability	5.4	2 days ago
Accessibility Press<= 1.0.2 Cross Site Scripting (XSS) vulnerability	5.9	2 days ago
Dashboard Beacon<= 1.2.0 Cross Site Scripting (XSS) vulnerability	5.9	2 days ago
Headinger for Elementor<= 1.1.4 Broken Access Control vulnerability	5.4	2 days ago
Behance Portfolio Manager<= 1.7.5 Cross Site Scripting (XSS) vulnerability	5.9	2 days ago
Cooked<= 1.11.2 Cross Site Scripting (XSS) vulnerability	5.9	2 days ago