WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
p1m-media-manager 2014-08-01 p1m media manager - SQL Injection
p3-profiler 2015-04-20 P3 (Plugin Performance Profiler) <= 1.5.3.8 - Cross-Site ...
page-flip-image-gallery 2014-08-01 Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln
page-layout-builder 2014-08-01 Page Layout Builder 1.3.4 - includes/layout-settings.php ...
page-layout-builder 2014-08-01 Page Layout Builder 1.3.4 - Unspecified Issue
page-layout-builder 2016-04-14 MiniMax <= 2.0.2 - Unauthenticated Reflected Cross-Site S...
page-showcaser-boxes 2014-08-01 Page Showcaser Boxes - Title Field Stored XSS
pagerestrict 2015-11-24 Page Restrict <= 2.2.1 - Authenticated Stored Cross-Site ...
pagination 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
paid-business-listings 2014-08-01 Paid Business Listings - Blind SQL Injection
paid-downloads 2014-08-01 Paid Downloads <= 2.01 - SQL Injection
paid-memberships-pro 2014-08-01 Paid Memberships Pro 1.4.7 - adminpages/memberslist-csv.p...
paid-memberships-pro 2014-11-19 Paid Memberships Pro 1.7.14.2 - Path Traversal
paid-memberships-pro 2015-07-23 Paid Memberships Pro 1.8.4.2 - Cross-Site Scripting (XSS)
parsi-font 2016-04-13 MW Font Changer <= 4.2.5 - Unauthenticated Reflected Cros...
participants-database 2014-08-01 Participants Database 1.5.4.8 - pdb-signup CSV_type Actio...
participants-database 2017-09-06 Participants Database <= 1.7.5.9 - Cross-Site Scripting
password-protected 2014-08-01 Password Protected 1.4 - Login Process redirect_to Parame...
passwordless-login 2014-11-13 Passwordless Login Plugin - Multiple Input XSS
pay-with-tweet 2014-08-01 Pay With Tweet <= 1.1 - Multiple Vulnerabilities
payment-form-for-paypal-pro 2015-10-11 Payment Form for PayPal Pro <= 1.0.1 - Multiple Reflected...
payment-gateways-caller-for... 2014-08-01 Payment Gateways Caller for WP e-Commerce 0.1.0 - load_me...
paypal-currency-converter-b... 2015-06-11 Paypal Currencucy Converter Basic For Woocommerce <= 1.3 ...
paypal-digital-goods-moneti... 2014-08-01 paypal-digital-goods-monetization-powered-by-cleeng <= 2....
pdf-print 2016-01-06 PDF And Print <= 1.7.4 - Cross Site Scripting
pdf-print 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
pdw-file-browser 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
pdw-file-browser 2014-08-01 PDW File Browser - upload.php Arbitrary File Upload
peepso-core 2016-06-30 PeepSo <= 1.6.0 - Authenticated Privilege Escalation
persian-woocommerce-sms 2016-04-22 Persian Woocommerce SMS <= 3.3.3 - Reflected Cross-Site S...
peters-login-redirect 2016-08-16 Peter's Login Redirect <= 2.9.0 - Cross-Site Scripting (X...
photo-gallery 2014-08-01 Photo-Gallery <= 1.2.41 - UploadHandler.php File Upload CSRF
photo-gallery 2015-01-12 Photo Gallery <= 1.2.7 - Unauthenticated SQL injection
photo-gallery 2015-01-27 Photo Gallery <= 1.2.5 - Unrestricted File Upload
photo-gallery 2015-01-28 Photo Gallery <= 1.2.8 - Blind SQL Injection
photo-gallery 2015-02-01 Photo Gallery 1.1.30 - Cross Site Scripting
photo-gallery 2015-03-21 Photo Gallery <= 1.2.11 - Cross-Site Scripting (XSS)
photo-gallery 2017-05-05 Photo Gallery by WD <= 1.3.35 - Authenticated SQL Injection
photo-gallery 2017-06-19 Photo Gallery by WD <= 1.3.42 - Authenticated Path Traversal
photo-gallery 2017-08-25 Photo Gallery by WD <= 1.3.50 - Authenticated SQL Injection
photoracer 2014-08-01 Photoracer 1.0 - (id) SQL Injection
photoracer 2014-08-01 Photoracer <= 1.0 - SQL Injection
photoracer 2014-08-01 Photoracer <= 1.0 - Multiple Vulnerabilities
php_speedy_wp 2014-08-01 PHP Speedy <= 0.5.2 - (admin_container.php) Remote Code E...
php-analytics 2014-08-01 php-analytics - ofc_upload_image.php Arbitrary File Upload
php-event-calendar 2015-04-05 PHP Event Calendar <= 1.5 - Arbitrary File Upload
php-shell 2014-08-01 PHP Shell Plugin