The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total36,126

MitigationsMitigation rules13,308

No official fix10,171

In triage1,275

Published soon56

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Easy Digital Downloads<= 3.6.2 Unvalidated Redirect in Password Reset Flow via edd_redirect vulnerability	4.3	23 minutes ago
WP-CalDav2ICS<= 1.3.4 Cross Site Request Forgery (CSRF) vulnerability	7.1	44 minutes ago
MAS Videos<= 1.3.2 Local File Inclusion vulnerability	7.5	1 hour ago
Email Verification for WooCommerce<= 3.0.2 Cross Site Scripting (XSS) vulnerability	6.5	2 hours ago
Appointify<= 1.0.8 SQL Injection vulnerability	7.6	6 hours ago
WING WordPress Migrator<= 1.1.9 Cross Site Request Forgery (CSRF) vulnerability	9.6	6 hours ago
WPCal.io<= 0.9.5.9 Cross Site Scripting (XSS) vulnerability	6.5	6 hours ago
SiteLock Security<= 5.0.1 Broken Access Control vulnerability	4.3	7 hours ago
Import into Easy Property Listings<= 2.2.1 Cross Site Request Forgery (CSRF) vulnerability	4.3	7 hours ago
Yada Wiki<= 3.5 Cross Site Scripting (XSS) vulnerability	6.5	7 hours ago
Featured Video for WordPress – VideographyWP<= 1.0.18 Cross Site Scripting (XSS) vulnerability	6.5	7 hours ago
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent<= 4.0.3 Broken Access Control vulnerability	5.3	7 hours ago
WBC907 Core<= 3.4.1 Cross Site Scripting (XSS) vulnerability	6.5	7 hours ago
XStore Core< 5.6 Cross Site Scripting (XSS) vulnerability	6.5	7 hours ago
Advance WP Query Search Filter<= 1.0.10 Reflected XSS via taxo_ajax vulnerability	7.1	15 hours ago
Advance WP Query Search Filter<= 1.0.10 Reflected XSS via counter vulnerability	7.1	15 hours ago
Strong Testimonials<= 3.2.18 Missing Authorization to Authenticated (Contributor+) Rating Meta Update vulnerability	4.3	17 hours ago
Lucky Wheel for WooCommerce – Spin a Sale<= 1.1.13 Authenticated (Administrator+) PHP Code Injection via Conditional Tags vulnerability	9.1	17 hours ago
Plugin Organizer< 10.2.4 Subscriber+ SQLi vulnerability	8.5	1 day ago
YaMaps for WordPress< 0.6.40 Contributor+ Stored XSS vulnerability	6.5	1 day ago