WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
facebook-members 2014-08-01 facebook-members 5.0.4 - Setting Manipulation CSRF
facebook-opengraph-meta-plugin 2014-08-01 Facebook Opengraph Meta <= 1.0 - SQL Injection
facebook-page-photo-gallery 2015-05-06 Facebook Page Photo Gallery <= 2.0.9 - DOM Cross-Site Scr...
fancybox-for-wordpress 2015-02-04 FancyBox for WordPress 3.0.0-3.0.2 - Stored Cross-Site S...
fancyflickr 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
faq-wd 2016-04-17 FAQ WD <= 1.0.14 - Cross-Site Scripting (XSS)
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - Blind SQL Injection
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - Ask Question Form question Pa...
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - CAPTCHA Value Disclosure
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - FAQ Setting Manipulation CSRF
fast-image-adder 2015-07-11 Fast Image Adder <= 1.1 - Unauthenticated Remote File Upload
favicon-by-realfavicongener... 2015-04-01 Favicon by RealFaviconGenerator <= 1.2.12 - Cross-Site Sc...
fbgorilla 2014-09-19 FB Gorilla SQL Injection
fbpromotions 2014-08-01 Facebook Promotions <= 1.3.3 - SQL Injection
fbsurveypro 2014-08-01 fbsurveypro - XSS
fcchat 2014-08-01 FCChat 2.2.11-2.2.13 - Upload.php Arbitrary File Upload
feature-comments 2014-08-01 Featured Comments 1.2.1 - wp-admin/admin-ajax.php Comment...
featured-post-with-thumbnail 2014-08-01 Featured Post with thumbnail 1.4 - Unspecified timthumb
feedweb 2014-08-01 Feedweb 2.4 - DOM Cross-Site Scripting (XSS)
feedweb 2014-08-01 Feedweb <= 1.8.8 - Cross-Site Scripting (XSS)
feedweb 2015-01-15 Feedweb 2.4.1-3.0.6 - SQL Injection
feedwordpress 2015-04-30 FeedWordPress <= 2015.0426 - Cross-Site Scripting (XSS)
feedwordpress 2015-05-19 FeedWordPress <= 2015.0426 - XSS & SQL-Injection
fgallery 2014-08-01 fGallery 2.4.1 - fimrss.php SQL Injection
fgallery_plus 2014-08-01 fGallery_Plus - fim_rss.php album Parameter Reflected XSS
file-gallery 2014-08-01 File Gallery 1.7.9 - Settings Page create_function Functi...
file-groups 2014-08-01 File Groups <= 1.1.2 - SQL Injection
file-manager 2017-03-20 File Manager - Cross-Site Request Forgery (CSRF) Arbitrar...
filedownload 2014-08-01 Filedownload 0.1 - (download.php) Remote File Disclosure
finalist 2014-08-01 Finalist - vote.php id Parameter Reflected XSS
finalist 2014-08-01 Finalist - vote.php id Parameter SQL Injection
firestats 2014-08-01 Firestats - Remote Configuration File Download
flagallery-skins 2014-08-01 GRAND FlAGallery Skins - compact_music_player/gallery.php...
FlagEm 2014-08-01 FlagEm - flagit.php cID Parameter XSS
flash-album-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery 2.70- "s" Cross-Site Scripting
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery 2.55 - "gid" SQL Injection
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery - Multiple Vulnerabilities
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery 1.9.0 & 2.0.0 - Multiple Vulner...
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery <= 1.71 - wp-admin/admin.php sk...
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery <= 1.56 - XSS
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery 0.55 - lib/hitcounter.php pid P...
flash-album-gallery 2014-08-01 GRAND Flash Album Gallery 0.55 - admin/news.php want2Read...
flash-album-gallery 2015-11-13 Gr& Flagallery <= 4.24 - Full Path Disclosure
flash-player-widget 2014-08-01 Flash Player Widget - dewplayer.swf Content Spoofing
flexi-quote-rotator 2014-08-01 Flexi Quote Rotator - Cross-Site Request Forgery & SQL In...