Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,151
Mitigations
Mitigation rules
13,701
No official fix
10,706
In triage
1,206
Published soon
46
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Stop Spammers
<= 2026.1
Cross-Site Request Forgery via Email Allowlist vulnerability
4.3
1 hour ago
Passster
<= 4.2.24
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
1 hour ago
Frontend File Manager
<= 23.5
Missing Authorization to Unauthenticated Arbitrary File Sharing via 'file_id' Parameter vulnerability
5.3
1 hour ago
Bitcoin Donate Button
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 hour ago
Recooty
1.0.1-1.0.6
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 hour ago
Change WP URL
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 hour ago
imwptip
<= 1.1
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 hour ago
WP Google Ad Manager
<= 1.1.0
Authenticated (Administrator+) Stored Cross-Site Scripting via Admin Settings vulnerability
5.9
1 hour ago
Rupantorpay
<= 2.0.0
Missing Authorization to Unauthenticated Order Status Modification vulnerability
5.3
1 hour ago
BlockArt Blocks
<= 2.2.14
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 hour ago
Ivory Search
<= 5.5.13
Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters vulnerability
5.9
1 hour ago
Order Minimum/Maximum Amount Limits for WooCommerce
<= 4.6.8
Authenticated (Shop Manager+) Stored Cross-Site Scripting via Hide Add to Cart Content Fields vulnerability
5.9
1 hour ago
Document Embedder
<= 2.0.4
Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion vulnerability
5.3
2 hours ago
RegistrationMagic
<= 6.0.7.4
Missing Authorization to Unauthenticated Arbitrary Settings Modification vulnerability
5.3
2 hours ago
Simple calendar for Elementor
<= 1.6.6
Missing Authorization to Unauthenticated Arbitrary Calendar Entry Deletion vulnerability
5.3
2 hours ago
Interactions
<= 1.3.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Buy Now Plus
<= 1.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
2 hours ago
Contact Form Entries
<= 1.4.5
Missing Authorization to Unauthenticated Form Data Exfiltration via CSV Export vulnerability
5.3
2 hours ago
WPBITS Addons For Elementor Page Builder
<= 1.8
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
Forms Bridge
<= 4.2.5
Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
6.5
2 hours ago
Load more