Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,942
Mitigations
Mitigation rules
13,661
No official fix
10,564
In triage
1,236
Published soon
40
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Melapress Role Editor
<= 1.1.1
Improper Authorization to Authenticated (Subscriber+) Privilege Escalation via Secondary Role Assignment vulnerability
8.8
2 hours ago
BuddyPress
<= 14.3.3
Unauthenticated Arbitrary Shortcode Execution vulnerability
7.3
2 hours ago
All-in-One Video Gallery
<= 4.6.4
Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion vulnerability
6.5
2 hours ago
WP DSGVO Tools (GDPR)
<= 3.1.36
Authenticated (Contributor+) Stored Cross-Site Scripting via 'lw_content_block' Shortcode vulnerability
6.5
3 hours ago
weDocs
<= 2.1.16
Missing Authorization to Authenticated (Subscriber+) Documentation Post Update vulnerability
4.3
3 hours ago
Schema & Structured Data for WP & AMP
<= 1.54
Authenticated (Contributor+) Stored Cross-Site Scripting via User Custom Schema vulnerability
6.5
3 hours ago
KiviCare
<= 3.6.15
WordPress KiviCare - Clinic & Patient Management System (EHR) plugin <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload vulnerability
5.3
3 hours ago
WP RSS Aggregator
<= 5.0.10
Authenticated (Contributor+) Stored Cross-Site Scripting via wp-rss-aggregator Shortcode vulnerability
6.5
3 hours ago
Uncanny Automator
<= 6.10.0.2
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
6.5
3 hours ago
LA-Studio Element Kit for Elementor
<= 1.5.6.3
Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter vulnerability
9.8
1 day ago
Photo Gallery by 10Web
<= 1.8.36
Missing Authorization to Unauthenticated Arbitrary Comment Deletion vulnerability
5.3
1 day ago
WP BackItUp
<= 2.0.0
Broken Access Control vulnerability
6.5
2 days ago
WorkScout-Core
<= 1.7.06
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
WorkScout
<= 4.1.07
Cross Site Scripting (XSS) vulnerability
7.1
2 days ago
TaxCloud for WooCommerce
<= 8.3.8
Broken Access Control vulnerability
6.5
2 days ago
User Registration
<= 4.4.6
Broken Access Control vulnerability
8.2
2 days ago
Tabby Checkout
<= 5.8.4
Sensitive Data Exposure vulnerability
7.5
2 days ago
Hydra Booking
<= 1.1.32
Privilege Escalation vulnerability
7.3
2 days ago
EcoBlue
<= 1.15
Local File Inclusion vulnerability
8.1
2 days ago
Listivo Core
<= 2.3.77
Local File Inclusion vulnerability
8.1
2 days ago
Load more
