WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
g-lock-double-opt-in-manager 2014-08-01 G-Lock Double Opt-in Manager - Two Security Bypass Vulner...
g-web-shop 2014-08-01 Zingiri Web Shop <= 2.2.3 - ajax_file_cut.php selectedDoc...
ga-universal 2014-08-01 GA Universal 1.0 - Setting Manipulation CSRF
gallery-bank 2014-08-01 Gallery Bank 2.0.19 - edit-album.php album_id Parameter R...
gallery-bank 2014-08-01 Gallery Bank 2.0.19 - Multiple Unspecified Issues
gallery-bank 2014-08-01 Gallery Bank 2.0.19 - album-gallery-bank-class.php record...
gallery-bank 2014-11-25 Gallery Bank <= 3.0.60 - Shell Upload
gallery-bank 2015-02-23 Gallery Bank <= 3.0.101 - SQL Injection
gallery-bank 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
gallery-bank 2015-11-13 Gallery Bank 2.0.26-3.0.69 - Reflected Cross-Site Scripti...
gallery-bank 2015-11-24 Gallery Bank <= 3.0.229 - Authenticated Blind SQL Injection
gallery-by-supsystic 2016-08-16 Photo Gallery by Supsystic <= 1.8.5 - Cross-Site Request ...
gallery-by-supsystic 2016-08-16 Photo Gallery by Supsystic <= 1.8.5 - Authenticated Store...
gallery-images 2014-10-11 Huge IT Image Gallery 1.0.1 - SQL Injection
gallery-images 2015-11-23 Huge IT Image Gallery <= 1.5.1 - Authenticated Cross-Site...
gallery-images 2016-02-10 Huge IT Image Gallery <= 1.7.0 - Reflected Cross-Site Scr...
gallery-images 2016-11-23 Huge IT Image Gallery <= 2.0.5 - Stored Cross-Site Script...
gallery-objects 2014-09-19 Gallery Objects <= 0.4 - SQL Injection
gallery-plugin 2014-08-01 Gallery 3.06 - gallery-plugin/upload/php.php File Upload ...
gallery-plugin 2014-08-01 Gallery Plugin 3.8.3 - gallery-plugin.php filename_1 Para...
gallery-video 2016-05-30 Gallery - Video Gallery <= 1.7.01 - Stored Cross-Site Scr...
gallery-video 2016-11-15 Gallery - Video Gallery <= 2.0.3 - Cross-Site Scripting (...
gb-gallery-slideshow 2014-11-02 GB Gallery Slideshow 1.5 - SQL Injection
gd-bbpress-attachments 2015-07-09 GD bbPress Attachments <= 2.2 - Local File Inclusion
gd-bbpress-attachments 2015-07-09 GD bbPress Attachments <= 2.2 - Authenticated Reflected C...
gd-star-rating 2014-08-01 GD Star Rating 1.9.22 - SQL Injection
gd-star-rating 2014-08-01 GD Star Rating 1.9.22 - Cross-Site Request Forgery (CSRF)
gd-star-rating 2014-08-01 GD Star Rating 1.9.18 - Export Security Bypass
gd-star-rating 2014-08-01 GD Star Rating <= 1.9.16 - Cross-Site Scripting (XSS)
gd-star-rating 2014-08-01 GD Star Rating <= 1.9.10 - SQL Injection
gd-star-rating 2014-08-01 GD Star Rating 1.9.7 - Cross-Site Scripting (XSS)
geo-mashup 2015-01-28 Geo Mashup <= 1.8.2 - Cross-Site Scripting (XSS)
geshi-source-colorer 2014-08-01 geshi-source-colorer <= 0.13 - XSS in ZeroClipboard
ghost 2016-05-02 Ghost Plugin <= 0.5.5 - Unrestricted Export Download
gi-media-library 2015-01-15 GI-Media Library <= 2.2.2 - Arbitrary File Download
gigpress 2014-08-01 GigPress 2.1.10 - Stored Cross-Site Scripting (XSS)
gigpress 2015-05-26 GigPress <= 2.3.8 - Authenticated SQL Injection
gigpress 2015-11-24 GigPress <= 2.3.10 - Authenticated XSS & Blind SQLi
give 2015-04-20 Give - Cross-Site Scripting (XSS)
global-content-blocks 2014-08-01 Global Content Blocks <= 1.2 - SQL Injection
global-content-blocks 2017-03-03 Global Content Blocks - Cross-Site Request Forgery (CSRF)
global-flash-galleries 2014-08-01 Global Flash Galleries - popup.php id Parameter SQL Injec...
global-flash-galleries 2014-08-01 Global Flash Galleries - swfupload.php Unauthenticated Im...
gocodes 2015-11-24 GoCodes <= 1.3.5 - Authenticated XSS & Blind SQL Injection
godaddy-email-marketing-sig... 2016-11-02 GoDaddy Email Marketing <= 1.1.3 - Cross-Site Request For...
google-adsense-and-hotel-bo... 2015-08-24 Google Adsense & Hotel Booking <= 1.05 - Open Proxy
google-analyticator 2015-06-21 Google Analyticator <= 6.4.9.3 - Cross-Site Request Forge...
google-analyticator 2015-08-24 Google Analyticator <= 6.4.9.4 - Multiple Cross-Site Scri...
google-analytics-dashboard 2014-08-01 Google Analytics Dashboard 2.0.4 - gad-admin-pages-posts....
google-analytics-dashboard 2017-03-02 Google Analytics Dashboard - Authenticated Cross-Site Scr...
google-analytics-for-wordpress 2014-11-26 Google Analytics by Yoast <= 5.1.2 Cross-Site Scripting (...
google-analytics-for-wordpress 2015-03-10 Google Analytics by Yoast <= 5.3.2 - Cross-Site Scripting...
google-analytics-for-wordpress 2015-03-19 Google Analytics by Yoast <= 5.3.2 - Stored Cross-Site Sc...
google-analytics-for-wordpress 2015-04-20 Google Analytics by Yoast <= 5.3.3 - Unauthenticated Cros...
google-analytics-for-wordpress 2015-08-10 Google Analytics by Yoast <= 5.4.4 - Authenticated Stored...
google-analytics-mu 2014-08-01 Google Analytics MU 2.3 - google-analytics-mu-network.php...
google-authenticator 2016-04-29 Google Authenticator <= 0.47 - Two Factor Authentication ...
google-captcha 2015-03-03 Google Captcha <= 1.12 - Authentication Bypass
google-document-embedder 2014-08-01 Google Document Embedder 2.4.6 - pdf.php file Parameter A...
google-document-embedder 2014-11-25 Google Document Embedder <= 2.5.14 - SQL Injection
google-document-embedder 2014-12-03 Google Document Embedder <= 2.5.16 - SQL Injection
google-document-embedder 2015-02-11 Google Doc Embedder <= 2.5.18 - Cross-Site Scripting (XSS)