eshop logo


Plugin Vulnerabilities

2016-02-02 eShop - Unauthenticated Reflected Cross-Site Scripting (XSS) no known fix  - plugin closed
2016-02-02 eShop - Authenticated Blind SQL Injection no known fix  - plugin closed
2015-09-09 eShop - Reflected Cross-Site Scripting (XSS) & CSRF no known fix  - plugin closed
2015-05-06 eShop <= 6.3.11 - Remote Code Execution fixed in version 6.3.12  - plugin closed
2014-08-01 eShop - wp-admin/admin.php Multiple Parameter XSS fixed in version 6.2.9  - plugin closed

Is this your plugin?

We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.