WordPress securityInstantly fix and mitigate vulnerabilities Plugin auditingPaid auditing for WordPress vendors Managed VDPStart a security program for your plugins Bug BountyJoin the community and earn bounties Enterprise APIAt scale monitoring and vPatching for hosts Vulnerability databaseThe latest WordPress security intelligence

Login Start trial

Automatic

N/A

Developer

N/A

Latest version

N/A

Installations

N/A

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Vulnerability history

0 present

9 fixed

4 Mitigation rules

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
<= 3.118.0
Aug 25, 2025
Authenticated (Author+) Arbitrary File Upload vulnerability
<= 3.115.0
Jun 11, 2025
Authenticated (Contributor+) Stored Cross-Site Scripting via autoplay Parameter vulnerability
<= 3.94.0
May 20, 2024
Multiple Cross Site Request Forgery (CSRF) vulnerability
< 3.93.0
Apr 19, 2024
Unauthenticated Arbitrary SQL Execution vulnerability
<= 3.92.0
Mar 13, 2024
CSRF to Privilege Escalation vulnerability
<= 3.92.0
Mar 13, 2024
Unauthenticated Arbitrary File Download and SSRF vulnerability
<= 3.92.0
Mar 13, 2024
Unauthenticated Arbitrary WordPress Options Change vulnerability
<= 3.53.2
Sep 6, 2021
SQL Injection
<= 2.0.3
Jun 16, 2012

Vulnerability mitigation

Pricing
Application security (SCA)
RapidMitigate New
Threat Intelligence (API)
Documentation
VS Monarx
VS Imunify360
VS Wordfence
Log in

Code security

Managed VDP New
Active VDP directory
Security auditing
Compliance (CRA) New
Log in New

Bug bounty

Bug bounty
Leaderboard
Guidelines
Learn New
Report
Discord
Log in New

Use cases

Web developers
Webhosts New
Software vendors
WordPress
WooCommerce

Resources

Vulnerability database
Whitepaper 2025 New
Articles
Case studies New
Webinars New
Vulnerability statistics

Patchstack

About
Careers
Merch store
Media kit
LinkedIn
Facebook
X

© 2025 Patchstack

Terms & Conditions