Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
48,890
Mitigations
Mitigation rules
15,792
No official patch
13,025
In triage
1,325
Published soon
46
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear filters
Affected software | Vulnerability
Risk
Disclosed
Shortcodes and extra features for Phlox theme
<= 2.17.16
Cross Site Scripting (XSS) vulnerability
6.5
2 hours ago
HubSpot
<= 11.3.51
Sensitive Data Exposure vulnerability
7.4
2 hours ago
VikBooking Hotel Booking Engine & PMS
<= 1.8.12
CSRF to Arbitrary File Deletion vulnerability
7.4
3 hours ago
Enable Media Replace
<= 4.2.1
Cross Site Scripting (XSS) vulnerability
5.9
3 hours ago
ApplyOnline
<= 2.6.7.6
Broken Access Control vulnerability
5.3
3 hours ago
ThumbPress
<= 6.3.2
Broken Access Control vulnerability
4.3
3 hours ago
Webba Booking
<= 6.4.13
Broken Access Control vulnerability
5.3
4 hours ago
PrivateContent
<= 9.9.2
Privilege Escalation vulnerability
9.8
6 hours ago
LatePoint
<= 5.6.3
Authenticated (Custom+) Privilege Escalation to Administrator vulnerability
8.8
7 hours ago
NEX-Forms
<= 9.2.2
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
7 hours ago
VikBooking Hotel Booking Engine & PMS
<= 1.8.12
Reflected Cross-Site Scripting vulnerability
7.1
7 hours ago
LearnPress
<= 4.3.9.1
Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Disclosure vulnerability
6.5
9 hours ago
Custom Payment Gateways for WooCommerce
<= 2.1.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
9 hours ago
ChatBot
<= 8.4.9
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
9 hours ago
WP Google Review Slider
<= 18.1
Reflected Cross-Site Scripting vulnerability
7.1
9 hours ago
Webmention
<= 5.8.0
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
10 hours ago
Ninja Forms
<= 3.14.1
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
7.5
10 hours ago
BookingPress Appointment Booking Pro
<= 5.7.1
Unauthenticated SQL Injection vulnerability
9.3
10 hours ago
WP-BusinessDirectory
<= 4.0.1
Unauthenticated Arbitrary File Deletion vulnerability
8.6
10 hours ago
Taskbuilder
<= 5.0.8
Authenticated (Subscriber+) SQL Injection vulnerability
8.5
10 hours ago
Load more