Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,616
Mitigations
Mitigation rules
13,450
No official fix
10,480
In triage
842
Published soon
45
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Client Testimonial Slider
<= 2.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'aft_testimonial_meta_name' Metabox Field vulnerability
6.5
2 hours ago
Contact Form vCard Generator
<= 2.4
Missing Authorization to Unauthenticated Sensitive Information Exposure via 'wp-gvc-cf-download-id' Parameter vulnerability
5.3
2 hours ago
Debt.com Business in a Box
<= 4.1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
2 hours ago
Menu Card
<= 0.8.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
2 hours ago
Entry Views
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
2 hours ago
Curved Text
<= 0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
2 hours ago
Header and Footer Scripts
<= 2.2.2
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
The Tooltip
<= 1.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
2 hours ago
WP Popup Magic
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via 'name' Shortcode Attribute vulnerability
6.5
2 hours ago
Nearby Now Reviews
<= 5.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
2 hours ago
AMP for WP
<= 1.1.10
Authenticated Stored Cross-Site Scripting via SVG File Upload vulnerability
5.9
2 hours ago
Booking Calendar
<= 10.14.10
Unauthenticated Sensitive Information Exposure vulnerability
5.3
2 hours ago
Tutor LMS
<= 3.9.3
WordPress Tutor LMS - eLearning and online course solution plugin <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Coupon Modification vulnerability
5.4
2 hours ago
WP Table Builder
<= 2.0.19
Incorrect Authorization to Authenticated (Subscriber+) Arbitrary Table Creation vulnerability
5.4
2 hours ago
Tutor LMS
<= 3.9.3
WordPress Tutor LMS - eLearning and online course solution plugin <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Course Enrollment Bypass vulnerability
4.3
2 hours ago
WP Google Street View
<= 1.1.8
Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpgsv_map' Shortcode vulnerability
6.5
2 hours ago
Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimization (image SEO) + Woocommerce
<= 2.2.1
WordPress BIALTY - Bulk Image Alt Text (Alt tag, Alt Attribute) with Yoast SEO + WooCommerce plugin <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
2 hours ago
BetterDocs
<= 4.3.3
Authenticated (Contributor+) Sensitive Information Exposure vulnerability
6.5
2 hours ago
IndieWeb
<= 4.0.5
Authenticated (Author+) Stored Cross-Site Scripting via 'Telephone' Parameter vulnerability
5.9
2 hours ago
Forminator
<= 1.49.1
Missing Authorization to Authenticated (Forminator User+) CSV Export vulnerability
5.3
2 hours ago
Load more