WordPress securityInstantly fix and mitigate vulnerabilities Plugin auditingPaid auditing for WordPress vendors Managed VDPStart a security program for your plugins Bug BountyJoin the community and earn bounties Enterprise APIAt scale monitoring and vPatching for hosts Vulnerability databaseThe latest WordPress security intelligence

Login Start trial

KB Support

N/A

Developer

N/A

Latest version

N/A

Installations

N/A

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Vulnerability history

1 present

7 fixed

4 Mitigation rules

Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability
<= 1.7.4
Apr 4, 2025
Open Redirection vulnerability
<= 1.6.7
Jan 24, 2025
Missing Authorization to Unauthenticated Ticket Reply Exposure vulnerability
<= 1.6.6
Oct 1, 2024
Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions vulnerability
<= 1.6.6
Oct 1, 2024
Broken Access Control vulnerability
<= 1.6.0
Apr 25, 2024
Missing Authorization vulnerability
<= 1.5.88
Jul 11, 2023
CSV Injection vulnerability
<= 1.5.84
Feb 24, 2023
Multiple Unauth. Stored Cross-Site Scripting (XSS) vulnerabilities
<= 1.5.5
Apr 15, 2022

Vulnerability mitigation

Pricing
Application security (SCA)
RapidMitigate New
Threat Intelligence (API)
Documentation
VS Monarx
VS Imunify360
VS Wordfence
Log in

Code security

Managed VDP New
Active VDP directory
Security auditing
Compliance (CRA) New
Log in New

Bug bounty

Bug bounty
Leaderboard
Guidelines
Learn New
Report
Discord
Log in New

Use cases

Web developers
Webhosts New
Software vendors
WordPress
WooCommerce

Resources

Vulnerability database
Whitepaper 2025 New
Articles
Case studies New
Webinars New
Vulnerability statistics

Patchstack

About
Careers
Merch store
Media kit
LinkedIn
Facebook
X

© 2025 Patchstack

Terms & Conditions