Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
36,664
Mitigations
Mitigation rules
13,499
No official fix
10,495
In triage
990
Published soon
38
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Quiz Maker
< 6.7.0.89
Admin+ Stored XSS vulnerability
5.9
10 hours ago
NEX-Forms
< 9.1.8
Authenticated Stored XSS vulnerability
6.5
21 hours ago
Shabat Keeper
<= 0.4.4
Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
7.1
22 hours ago
WP Page Permalink Extension
<= 1.5.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Rewrite Rules Flush vulnerability
6.5
22 hours ago
WooCommerce Square
<= 5.1.1
Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability
7.5
22 hours ago
Post Expirator
<= 4.9.3
Broken Access Control vulnerability
4.3
2 days ago
TheGem Theme Elements (for WPBakery)
<= 5.11.0
Cross Site Scripting (XSS) vulnerability
6.5
2 days ago
Creator LMS
<= 1.1.12
Broken Access Control vulnerability
5.3
2 days ago
TheGem Theme Elements (for Elementor)
<= 5.11.0
Cross Site Scripting (XSS) vulnerability
6.5
3 days ago
TheGem Theme Elements (for Elementor)
<= 5.11.0
Local File Inclusion vulnerability
7.5
3 days ago
User Registration
<= 4.4.8
Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability
4.3
3 days ago
Templately
<= 3.4.8
Unauthenticated Limited Arbitrary JSON File Write vulnerability
5.3
3 days ago
miniOrange OTP Verification and SMS Notification for WooCommerce
<= 4.3.8
Missing Authorization to Unauthenticated Notification Settings Modification vulnerability
5.3
3 days ago
Blog2Social
<= 8.7.2
Incorrect Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability
4.3
3 days ago
Autogen Headers Menu
<= 1.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via 'head_class' Shortcode Parameter vulnerability
6.5
3 days ago
Woodpecker for WordPress
<= 3.0.4
Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_name' Shortcode Attribute vulnerability
6.5
3 days ago
PullQuote
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
6.5
3 days ago
Tickera
<= 3.5.6.4
Broken Access Control vulnerability
4.3
3 days ago
Better Business Reviews
<= 0.1.1
Broken Access Control vulnerability
4.3
3 days ago
Lesson Plan Book
<= 1.3
Reflected Cross-Site Scripting vulnerability
7.1
3 days ago
Load more
