WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
userpro 2017-11-12 UserPro <= 4.9.17 - Authentication Bypass
wpml-translation-management 2017-11-09 WPML Translation Management <= 2.4.1 - PHP Object Injection
wordcamp-talks 2017-10-30 WordCamp Talks <= 1.0.0-beta2 - Formula injection via CSV...
qards 2017-10-17 Qards - Server Side Request Forgery (SSRF)
qards 2017-10-17 Qards - Stored Cross-Site Scripting (XSS)
wphrm 2017-10-11 WPHRM <= 1.0 - Authenticated SQL Injection
content_timeline 2017-10-03 Content Timeline - Multiple Blind SQL Injection
woocommerce-product-vendors 2017-08-31 WooCommerce Product Vendors Plugin <= 2.0.27 - Unauthenti...
formcraft3 2017-08-02 FormCraft - Premium WordPress Form Builder <= v3.2.31 - A...
indeed-affiliate-pro 2017-08-02 Ultimate Affiliate Pro WordPress Plugin <= v3.6 - Authent...
wp-rocket 2017-07-28 WP Rocket <= 2.10.3 - Local File Inclusion (LFI)
task-manager-pro 2017-07-25 Task Manager Pro <= 1.3.1 - Authenticated Cross-Site Scri...
task-manager-pro 2017-07-25 WordPress Task Manager Pro <= 1.3.1 - Authenticated SQL I...
examapp 2017-07-25 WordPress Plugin IBPS Online Exam <= 1.0 - Authenticated ...
ultimate-instagram-feed 2017-11-09 Ultimate Instagram Feed <= 1.3 - Authenticated Cross-Site...
ultimate-instagram-feed 2017-11-12 Ultimate Instagram Feed <= 1.3.1 - Authenticated Cross-Si...
AffiliateWP 2017-05-26 AffiliateWP <= 2.0.9 - Authenticated Cross-Site Scripting...
Ultimate_VC_Addons 2017-05-17 Ultimate Addons for Visual Composer <= 3.16.11 - Authenti...
divi-builder 2016-02-18 ElegantThemes - Privilege Escalation
gallery-album 2017-09-22 Responsive Image Gallery, Gallery Album <= 1.2.0 - Authen...
social-login-bws 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
directdownload 2017-01-18 Direct Download for WooCommerce <= 1.15 - Unauthenticated...
responsive-poll 2017-01-11 Responsive Poll 1.6.4,1.7.4 - Cross-Site Scripting (XSS) ...
rating-bws 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
post-indexer 2016-11-21 Post Indexer <= 3.0.6.1 - PHP Object Injection via MitM
post-indexer 2016-11-21 Post Indexer <= 3.0.6.1 - Authenticated SQL Injection
relevanssi-premium 2016-11-21 Relevanssi Premium <= 1.14.4 - SQL Injection & PHP Object...
basic-contact-form 2017-09-28 Basic Contact Form <= 1.0.3 - Potential Unauthenticated S...
404-redirection-manager 2017-01-14 404 Redirection Manager 1.0 - SQL Injection
mobile-friendly-app-builder... 2017-03-08 mobile-friendly-app-builder-by-easytouch 3.0 - Unauthenti...
mobile-app-builder-by-wappress 2017-03-08 WordPress Mobile app Builder 1.05 - Unauthenticated File ...
zen-mobile-app-native 2017-03-01 Mobile App Native <= 3.0 - Remote File Upload
BraftonWordpressPlugin 2016-09-07 brafton WordPress Plugin <=3.4.7 - Reflected XSS
inazo-advanced-ads-management 2016-09-16 Advanced ads Management <= 1.3 - Authenticated Stored Cro...