WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
php-shell 2014-08-01 PHP Shell Plugin
phpfreechat 2014-08-01 PHPFreeChat 0.2.8 - lib/csstidy-1.2/css_optimiser.php url...
wp-matrix-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
pica-photo-gallery 2014-08-01 Pica Photo Gallery - Arbitrary File Upload
pica-photo-gallery 2014-08-01 PICA Photo Gallery - Remote File Disclosure
pictpress 2014-08-01 PictPress <= 0.91 - Remote File Disclosure
picturesurf-gallery 2014-08-01 Picturesurf Gallery 1.2 - upload.php Arbitrary File Upload
pie-register 2014-08-01 Pie Register - wp-login.php Multiple Parameter XSS
pie-register 2015-01-17 Pie Register <= 2.0.13 - Privilege escalation
pie-register 2015-03-11 Pie Register <= 2.0.14 - Cross-Site Scripting (XSS)
pie-register 2015-05-04 Pie Register 2.0.14-2.0.15 - SQL Injection
pie-register 2015-05-04 Pie Register 2.0.14-2.0.15 - Privilege Escalation
pie-register 2015-10-12 Pie-Register <= 2.0.18 - Unauthenticated Reflected Cross-...
pie-register 2015-10-12 Pie-Register <= 2.0.18 - Authenticated Blind SQL Injection
pie-register 2018-06-14 Pie Register <= 3.0.9 - Authenticated Blind SQL Injection
pie-register 2018-10-29 Pie Register <= 3.0.17 - Unauthenticated Cross-Site Scrip...
pinterest-pin-it-button 2014-08-01 Pinterest "Pin It" Button Lite 1.3.1 - Multiple Unspecifi...
pixabay-images 2015-01-19 Pixabay Images <= 2.3 - Multiple Vulnerabilities (RCE, XS...
placester 2014-08-01 placester <= 0.3.12 - XSS in ZeroClipboard
plainview-activity-monitor 2018-08-27 Plainview Activity Monitor <= 20161228 - Remote Command E...
platinum-seo-pack 2014-08-01 platinum_seo_pack.php - s Parameter Reflected XSS
player 2014-08-01 Spider Video Player <= 2.1 - SQL Injection
player 2014-08-01 Spider Video Player <= 2.1 - Reflected Cross-Site Scripti...
player 2014-11-11 WordPress Video Player < 1.5.2 - Multiple Cross-Site Scri...
player 2015-02-02 WordPress Video Player <= 1.5.4 - Reflected Cross-Site Sc...
player 2016-07-20 WordPress Video Player <= 1.5.16 - Multiple Authenticated...
plg_novana 2014-08-01 Plg Novana - wp-content/plugins/plg_novana/novana_detail....
plugin-central 2015-11-24 Plugin Central <= 2.5 - Authenticated Reflected Cross-Sit...
plugin-newsletter 2014-08-01 Plugin Newsletter 1.5 - Remote File Disclosure
plugmatter-optin-feature-bo... 2015-11-24 Plugmatter Optin Feature Box <= 2.0.13 - Unauthenticated ...
plugnedit 2015-11-24 PlugNedit Adaptive Editor <= 5.2.0 - Authenticated Stored...
pluscaptcha 2015-03-31 PlusCaptcha Plugin <= 2.0.14 - Cross-Site Request Forgery...
podlove-podcasting-plugin-f... 2016-12-14 Podlove Podcast Publisher <= 2.3.15 - Multiple SQLi & XSS
podlove-podcasting-plugin-f... 2017-08-07 Podlove Podcast Publisher <= 2.5.3 - Authenticated SQL In...
podpress 2014-08-01 podPress 8.8.10.13 - players/1pixelout/1pixelout_player.s...
pods 2015-01-12 Pods <= 2.4.3 - Authenticated XSS & CSRF
pods 2015-03-17 Pods 1.4.7 <= 2.5.1.1 - Blind SQL Injection
polldaddy 2014-08-01 Polldaddy Polls & Rating 2.0.24 - polldaddy-org.php uniqu...
polldaddy 2014-08-01 Polldaddy Polls & Rating 2.0.23 - polldaddy-org.php polld...
polldaddy 2014-08-01 Polldaddy Polls & Ratings 2.0.20 - Cross-Site Request For...
polldaddy 2016-05-28 Polldaddy Polls & Ratings <= 2.0.31 - Shortcode Stored Cr...
polylang 2014-08-01 Polylang 1.5.1 - User Description H&ling Stored XSS
pondol-carousel 2016-05-11 pondol-carousel 1.0 - Cross-Site Scripting (XSS)
pondol-formmail 2016-04-19 Pondol Form to Mail <= 1.1 - Unauthenticated Reflected Cr...
pootle-button 2017-10-13 pootle button <= 1.1.1 - Authenticated Cross-Site Scripti...
popcashnet-code-integration... 2017-10-26 PopCash.Net Code Integration Tool <= 1.0 - Cross-Site Scr...
popup-by-supsystic 2017-03-02 Popup by Supsystic <= 1.7.8 - Cross-Site Request Forgery...
popup-images 2014-08-01 Popup Images - popup-images/popup.php z Parameter XSS
popup-maker 2017-08-03 Popup Maker <= 1.6.4 - Authenticated Cross-Site Scripting...
wp-affiliate-disclosure 2019-03-01 Fremius Library <= 2.2.3 - Authenticated Option Update