Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,180
Mitigations
Mitigation rules
13,730
No official fix
10,700
In triage
1,259
Published soon
25
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
YITH WooCommerce Ajax Search
< 2.7.1
Contributor+ Stored XSS vulnerability
6.5
24 minutes ago
PageLayer
< 1.8.8
Admin+ Stored XSS vulnerability
5.9
26 minutes ago
Relevanssi
< 4.26.0
Contributor+ SQLi vulnerability
6.8
34 minutes ago
The Wound
<= 0.0.1
Unauthenticated LFI vulnerability
8.1
36 minutes ago
Frontend File Manager
< 23.5
Subscriber+ Arbitrary File Deletion vulnerability
7.7
40 minutes ago
Ebook Store
< 5.8015
Reflected XSS vulnerability
7.1
4 hours ago
Markup Markdown
< 3.20.10
Contributor+ Stored XSS vulnerability
6.5
5 hours ago
WP Adminify
<= 4.0.7.7
Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST API vulnerability
5.3
19 hours ago
Vzaar Media Management
<= 1.2
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
1 day ago
TelSender
<= 1.14.14
Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability
7.1
1 day ago
SEO Links Interlinking
<= 1.7.5
Reflected Cross-Site Scripting via 'google_error' Parameter vulnerability
7.1
1 day ago
AI Engine
<= 3.3.2
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
6.4
1 day ago
VidShop
<= 1.1.4
Unauthenticated Time-Based SQL Injection via 'fields' vulnerability
9.3
1 day ago
Snow Monkey Forms
<= 12.0.3
Unauthenticated Arbitrary File Deletion via Path Traversal vulnerability
8.6
1 day ago
New User Approve
<= 3.2.2
Missing Authorization to Unauthenticated Arbitrary User Approval, Denial, and Information Disclosure vulnerability
7.3
1 day ago
Search Atlas SEO
2.4.4-2.5.12
WordPress Search Atlas SEO plugin 2.4.4 - 2.5.12 - Missing Authorization to Authenticated (Subscriber+) Authentication Bypass via Account Takeover vulnerability
8.8
1 day ago
Stop Spammers
<= 2026.1
Cross-Site Request Forgery via Email Allowlist vulnerability
4.3
1 day ago
Passster
<= 4.2.24
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
1 day ago
Frontend File Manager
<= 23.5
Missing Authorization to Unauthenticated Arbitrary File Sharing via 'file_id' Parameter vulnerability
5.3
1 day ago
Bitcoin Donate Button
<= 1.0
Cross-Site Request Forgery to Settings Update vulnerability
4.3
1 day ago
Load more