Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
37,118
Mitigations
Mitigation rules
13,701
No official fix
10,694
In triage
1,195
Published soon
48
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Save as PDF
<= 4.5.5
Reflected Cross-Site Scripting via options vulnerability
7.1
7 hours ago
AhaChat Messenger Marketing
<= 1.1
Reflected XSS vulnerability
7.1
8 hours ago
Hustle
<= 7.8.9.2
Authenticated (Subscriber+) Arbitrary File Upload via Module Import vulnerability
7.5
8 hours ago
WP Go Maps
<= 10.0.04
Missing Authorization to Authenticated (Subscriber+) Map Engine Setting Modification vulnerability
5.3
11 hours ago
WP Directory Kit
<= 1.4.9
Unauthenticated Email Exposure via wdk_public_action vulnerability
5.3
11 hours ago
Responsive Header
<= 1.0
Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Parameters vulnerability
5.9
11 hours ago
Friendly Functions for Welcart
<= 1.2.5
Cross-Site Request Forgery to Settings Update vulnerability
4.3
11 hours ago
JavaScript Notifier
<= 1.2.8
Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability
5.9
11 hours ago
Recipe Card Blocks for Gutenberg & Elementor
< 3.4.13
Contributor+ SQLi vulnerability
8.5
11 hours ago
Invoice Payment for WooCommerce
<= 2.8.0
Missing Authorization to Unauthenticated Arbitrary Partial Payment Creation/Cancellation vulnerability
5.3
11 hours ago
Meta-box GalleryMeta
<= 3.0.1
Missing Authorization to Authenticated (Author+) Gallery Management vulnerability
3.8
19 hours ago
Postalicious
<= 3.0.1
Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability
5.9
19 hours ago
Meta-box GalleryMeta
<= 3.0.1
Authenticated (Editor+) Stored Cross-Site Scripting via Image Caption vulnerability
6.5
19 hours ago
User Submitted Posts
<= 20251210
WordPress User Submitted Posts - Enable Users to Submit Posts from the Front End plugin <= 20251210 - Unauthenticated Stored Cross-Site Scripting via Custom Field vulnerability
7.1
1 day ago
Metform
<= 4.1.0
WordPress MetForm - Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin <= 4.1.0 - Unauthenticated Form Submission Exposure via Forgeable Cookie Value vulnerability
3.7
1 day ago
JustClick registration plugin
<= 0.1
Reflected Cross-Site Scripting via PHP_SELF vulnerability
7.1
1 day ago
Frontis Blocks
<= 1.1.6
Unauthenticated Server-Side Request Forgery via 'url' Parameter vulnerability
7.2
1 day ago
Kalrav AI Agent
<= 2.3.3
Unauthenticated Arbitrary File Upload via kalrav_upload_file AJAX Action vulnerability
10
1 day ago
Booter
<= 1.5.7
Broken Access Control vulnerability
4.3
2 days ago
Automatic Featured Images from Videos
<= 1.2.7
Broken Access Control vulnerability
4.3
2 days ago
Load more
