WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
cac-featured-content 2014-08-01 CAC Featured Content 0.8 - Shell Upload
calculated-fields-form 2015-03-02 Calculated Fields Form <= 1.0.10 - SQL Injection via CSRF
caldera-forms 2016-11-08 Caldera Forms <= 1.3.5.3 - Cross Site Scripting
calendar 2014-08-01 Calendar <= 1.3.2 - Entry Addition Cross-Site Request For...
calendar 2016-11-08 Calendar <= 1.3.7 - Cross Site Scripting
candidate-application-form 2015-07-14 C&idate Application Form <= 1.0 - Arbitrary File Download
captain-slider 2015-08-30 Captain Slider 1.0.6 - Cross-Site Scripting (XSS)
captcha 2014-08-01 Captcha 2.12-3.8.1 - Captcha Bypass
captcha 2015-03-03 Captcha <= 4.0.6 - Captcha Bypass
car-demon 2014-08-01 Car Demon 1.0.1 - /wp-admin/edit.php Multiple Parameter XSS
car-demon 2014-08-01 Car Demon 1.0.1 - /wp-admin/post.php Multiple Parameter XSS
car-rental-system 2015-08-26 Car Rental System <= 3.0 - SQL Injection
cardoza-ajax-search 2014-08-01 Ajax Post Search <= 1.3 - SQL Injection
cardoza-wordpress-poll 2014-08-01 Cardoza WordPress Poll <= 34.05 - Multiple External Funct...
cardoza-wordpress-poll 2014-08-01 WordPress Poll <= 34.05 - SQL Injection
cardoza-wordpress-poll 2014-08-01 Cardoza WordPress poll - Multiple SQL Injection Vulnerabi...
cart66 2015-01-01 Cart66 Pro <= 1.5.3 Arbitrary File Disclosure
cart66-lite 2014-08-01 Cart66 Lite 1.5.1.14 - admin.php cart66-products Page Pro...
cart66-lite 2014-08-01 Cart66 Lite - admin.php cart66-products Page Multiple Fie...
cart66-lite 2014-12-03 Cart66 Lite <= 1.5.1.17 - Blind SQL Injection
cart66-lite 2015-01-01 Cart66 Lite <= 1.5.3 - SQL Injection
cart66-lite 2015-05-29 Cart66 Lite 1.5.4 - XSS
catablog 2014-08-01 Catablog <= 1.6 - Cross Site Scripting
category-grid-view-gallery 2014-08-01 Category Grid View Gallery 0.1.1 - Shell Upload
category-grid-view-gallery 2014-08-01 Category Grid View Gallery 2.3.1 - CatGridPost.php ID Par...
category-list-portfolio-page 2014-08-01 Category List Portfolio Page 0.9 - Shell Upload
category-wise-search 2014-08-01 Wise Search Widget 1.1 - s Parameter Reflected XSS
catholic-liturgical-calendar 2014-08-01 Catholic Liturgical Calendar Widget 0.0.1 - Title Field S...
cbi-referral-manager 2014-11-01 CBI Referral Manager <= 1.2.1 Cross-Site Scripting (XSS)
cevhershare 2014-08-01 CevherShare 2.0 - SQL Injection
cforms 2015-01-13 Cforms & CformsII <= 14.7 - Remote Code Execution via Una...
cforms 2017-03-20 Cforms & CformsII <= 14.10.1 - CAPTCHA Bypass
cforms 2017-03-20 Cforms <= 13.1 - 'lib_ajax.php' Cross-Site Scripting (XSS)
cforms2 2015-01-13 Cforms & CformsII <= 14.7 - Remote Code Execution via Una...
cforms2 2017-03-20 Cforms & CformsII <= 14.10.1 - CAPTCHA Bypass
chained-quiz 2017-01-04 Chained Quiz <= 0.9.8 - Cross-Site Scripting (XSS)
chat 2014-08-01 Chat <= 1.0.8 - Cross-Site Scripting (XSS) in 'message' P...
check-email 2016-11-15 Check Email <= 0.5 - Cross-Site Scripting (XSS)
chikuncount 2014-08-01 chikuncount - ofc_upload_image.php Arbitrary File Upload
church-admin 2014-08-01 church_admin 0.33.4.5 - includes/validate.php id Paramete...
church-admin 2015-05-22 church_admin <= 0.800 - Stored Cross-Site Scripting (XSS)
cimy-counter 2014-08-01 Cimy Counter - Vulnerabilities
cimy-user-extra-fields 2014-08-01 Cimy User Extra Fields - Arbitrary File Upload
cimy-user-manager 2014-08-01 Cimy User Manager <= 1.4.2 - Arbitrary File Disclosure