WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
rating-bws 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
facebook-for-woocommerce 2019-06-19 Facebook for WooCommerce <= 1.9.12 - CSRF allowing Option...
facebook-members 2014-08-01 facebook-members 5.0.4 - Setting Manipulation CSRF
facebook-messenger-customer... 2019-06-18 Messenger Customer Chat <=1.2 - CSRF
facebook-opengraph-meta-plugin 2014-08-01 Facebook Opengraph Meta <= 1.0 - SQL Injection
facebook-page-photo-gallery 2015-05-06 Facebook Page Photo Gallery <= 2.0.9 - DOM Cross-Site Scr...
fancybox-for-wordpress 2015-02-04 FancyBox for WordPress 3.0.0-3.0.2 - Stored Cross-Site S...
webrotate-360-product-viewer 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
faq-wd 2016-04-17 FAQ WD <= 1.0.14 - Cross-Site Scripting (XSS)
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - Blind SQL Injection
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - Ask Question Form question Pa...
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - CAPTCHA Value Disclosure
faqs-manager 2014-08-01 IndiaNIC FAQs Manager 1.0 - FAQ Setting Manipulation CSRF
fast-image-adder 2015-07-11 Fast Image Adder <= 1.1 - Unauthenticated Remote File Upload
favicon-by-realfavicongener... 2015-04-01 Favicon by RealFaviconGenerator <= 1.2.12 - Cross-Site Sc...
fb-messenger-live-chat 2019-05-22 Live Chat with Facebook Messenger <= 1.4.6 - Stored XSS
fbgorilla 2014-09-19 FB Gorilla SQL Injection
fbpromotions 2014-08-01 Facebook Promotions <= 1.3.3 - SQL Injection
fbsurveypro 2014-08-01 fbsurveypro - XSS
fcchat 2014-08-01 FCChat 2.2.11-2.2.13 - Upload.php Arbitrary File Upload
feature-comments 2014-08-01 Featured Comments 1.2.1 - wp-admin/admin-ajax.php Comment...
featured-post-with-thumbnail 2014-08-01 Featured Post with thumbnail 1.4 - Unspecified timthumb
feedweb 2014-08-01 Feedweb 2.4 - DOM Cross-Site Scripting (XSS)
feedweb 2014-08-01 Feedweb <= 1.8.8 - Cross-Site Scripting (XSS)
feedweb 2015-01-15 Feedweb 2.4.1-3.0.6 - SQL Injection
feedwordpress 2015-04-30 FeedWordPress <= 2015.0426 - Cross-Site Scripting (XSS)
feedwordpress 2015-05-19 FeedWordPress <= 2015.0426 - XSS & SQL-Injection
fg-prestashop-to-woocommerce 2019-06-20 FG PrestaShop for WooCommerce <= 3.19.0 - XSS
fgallery 2014-08-01 fGallery 2.4.1 - fimrss.php SQL Injection
fgallery_plus 2014-08-01 fGallery_Plus - fim_rss.php album Parameter Reflected XSS
file-gallery 2014-08-01 File Gallery 1.7.9 - Settings Page create_function Functi...
file-groups 2014-08-01 File Groups <= 1.1.2 - SQL Injection
file-manager 2017-03-20 File Manager <= 4.1.4 - Cross-Site Request Forgery (CSRF)...
file-manager 2018-03-02 File Manager <= 5.0.0 - Information Disclosure
filedownload 2014-08-01 Filedownload 0.1 - (download.php) Remote File Disclosure
add-pinterest-conversion-tags 2019-03-01 Fremius Library <= 2.2.3 - Authenticated Option Update
finale-woocommerce-sales-co... 2019-06-12 Finale WooCommerce Sale Countdown <= 2.9.0 - Arbitrary Fi...