Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
46,499
Mitigations
Mitigation rules
15,086
No official patch
13,377
In triage
1,443
Published soon
9
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
WP Meteor Page Speed Optimization Topping
<= 3.4.16
Unauthenticated Stored Cross-Site Scripting vulnerability
7.1
2 hours ago
Complianz
<= 7.4.5
Missing Authorization to Unauthenticated Private Post Content Disclosure vulnerability
5.3
16 hours ago
Check & Log Email
< 2.0.13
Unauthenticated Stored XSS vulnerability
7.1
1 day ago
Woostify
<= 2.5.0
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Timeline Blocks for Gutenberg
<= 1.1.10
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Social Post Embed
<= 2.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
LatePoint
<= 5.4.1
Authenticated (Agent+) Privilege Escalation to Administrator via 'connect-customer-to-wp-user' Ability vulnerability
8.8
2 days ago
TheGem Theme Elements (for Elementor)
< 5.12.1.1
Cross Site Scripting (XSS) vulnerability
6.5
2 days ago
Highland Software Custom Role Manager
<= 1.0.0
Authenticated (Subscriber+) Privilege Escalation vulnerability
8.8
2 days ago
SureForms Pro
<= 2.8.0
Broken Access Control vulnerability
7.3
2 days ago
Templately
<= 3.6.1
Sensitive Data Exposure vulnerability
7.7
2 days ago
myCred
<= 3.0.3
Broken Access Control vulnerability
6.5
4 days ago
Groundhogg
< 4.4.1
Broken Access Control vulnerability
6.5
4 days ago
HT Mega
< 3.0.7
Unauthenticated PII Disclosure vulnerability
7.5
5 days ago
Drag and Drop File Upload for Contact Form 7
<= 1.1.3
Unauthenticated Arbitrary File Upload vulnerability
8.1
5 days ago
reCaptcha by WebDesignBy
< 2.0
Admin+ Stored XSS vulnerability
5.9
5 days ago
KiviCare
<= 4.2.1
Insecure Direct Object References (IDOR) vulnerability
6.3
5 days ago
ITERAS
<= 1.8.2
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
5 days ago
HubSpot
<= 11.3.32
Forms, Popups, Live Chat plugin <= 11.3.32 - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin Disclosure vulnerability
4.3
5 days ago
Liaison Site Prober
<= 1.2.1
Missing Authorization to Unauthenticated Information Exposure in '/logs' REST API Endpoint vulnerability
5.3
5 days ago
Load more