Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
46,820
Mitigations
Mitigation rules
15,174
No official patch
13,399
In triage
1,588
Published soon
2
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Continually
<= 4.3.1
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
12 hours ago
FastBots
<= 1.0.12
Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
5.9
12 hours ago
Motors
<= 1.4.103
Missing Authorization to Authenticated (Subscriber+) Payment Bypass vulnerability
4.3
13 hours ago
WP SEO Structured Data Schema
<= 2.8.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
BJ Lazy Load
<= 1.0.9
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
Rate Star Review
<= 1.6.4
Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification vulnerability
4.3
14 hours ago
Next Date
<= 1.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
SP Blog Designer
<= 1.0.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
Woo Commerce Minimum Weight
<= 3.0.1
Cross-Site Request Forgery vulnerability
4.3
14 hours ago
GWD Conex
<= 2.9
Unauthenticated Limited Code Execution vulnerability
4.8
14 hours ago
Slek Gateway for WooCommerce
<= 1.0
Unauthenticated Insufficiently Protected Credentials vulnerability
5.3
14 hours ago
Zawgyi Embed
<= 2.1.1
Cross-Site Request Forgery vulnerability
4.3
14 hours ago
WP-Redirection
<= 1.0.3
Cross-Site Request Forgery to Settings Update vulnerability
4.3
14 hours ago
Tm – WordPress Redirection
<= 1.2
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
6.1
14 hours ago
Forms Rb
<= 1.1.9
Missing Authorization to Authenticated (Contributor+) Arbitrary Modification vulnerability
4.3
14 hours ago
Shortcodely
<= 1.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
Skysa Text Ticker App
<= 1.4
Cross-Site Request Forgery to Settings Modification vulnerability
4.3
14 hours ago
Voyage Plus
<= 1.0.6
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
14 hours ago
HEL Online Classroom: AI-powered Online Classrooms
<= 1.0.3
Missing Authorization to Unauthenticated Arbitrary Classroom Deletion vulnerability
5.3
14 hours ago
Coinbase Commerce for Contact Form 7
<= 1.1.2
Missing Authorization to Authenticated (Subscriber+) API Key Modification vulnerability
4.3
14 hours ago
Load more