Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,682
Mitigations
Mitigation rules
13,512
No official fix
10,507
In triage
1,000
Published soon
52
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
SearchWiz
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title vulnerability
6.5
43 minutes ago
Kunze Law
<= 2.1
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
45 minutes ago
CP Image Store with Slideshow
<= 1.1.9
Missing Authorization to Authenticated (Contributor+) Arbitrary Product Import vulnerability
4.3
57 minutes ago
WP Duplicate Page
<= 1.8
Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication vulnerability
5.4
1 hour ago
Quiz Maker
< 6.7.0.89
Admin+ Stored XSS vulnerability
5.9
1 day ago
NEX-Forms
< 9.1.8
Authenticated Stored XSS vulnerability
6.5
1 day ago
Shabat Keeper
<= 0.4.4
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
1 day ago
WP Page Permalink Extension
<= 1.5.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Rewrite Rules Flush vulnerability
6.5
1 day ago
WooCommerce Square
<= 5.1.1
Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability
7.5
1 day ago
Post Expirator
<= 4.9.3
Broken Access Control vulnerability
4.3
2 days ago
TheGem Theme Elements (for WPBakery)
<= 5.11.0
Cross Site Scripting (XSS) vulnerability
6.5
3 days ago
Creator LMS
<= 1.1.12
Broken Access Control vulnerability
5.3
3 days ago
TheGem Theme Elements (for Elementor)
<= 5.11.0
Cross Site Scripting (XSS) vulnerability
6.5
3 days ago
TheGem Theme Elements (for Elementor)
<= 5.11.0
Local File Inclusion vulnerability
7.5
3 days ago
User Registration
<= 4.4.8
Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability
4.3
4 days ago
Templately
<= 3.4.8
Unauthenticated Limited Arbitrary JSON File Write vulnerability
5.3
4 days ago
miniOrange OTP Verification and SMS Notification for WooCommerce
<= 4.3.8
Missing Authorization to Unauthenticated Notification Settings Modification vulnerability
5.3
4 days ago
Blog2Social
<= 8.7.2
Incorrect Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability
4.3
4 days ago
Autogen Headers Menu
<= 1.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'head_class' Shortcode Parameter vulnerability
6.5
4 days ago
Woodpecker for WordPress
<= 3.0.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_name' Shortcode Attribute vulnerability
6.5
4 days ago
Load more
