WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
simple-backup 2015-05-21 Simple Backup <= 2.7.10 - Arbitrary File Download
simple-custom-website-data 2014-08-01 Custom Website Data 1.2 - Record Deletion CSRF
simple-custom-website-data 2014-08-01 Custom Website Data 1.0 - wp-admin/admin.php ref Paramete...
simple-download-button-shor... 2014-08-01 Simple Download Button Shortcode 1.0 - Remote File Disclo...
simple-download-monitor 2016-01-19 Simple Download Monitor <= 3.2.8 - Insufficient Authorisa...
simple-download-monitor 2018-01-09 Simple Download Monitor <= 3.5.3 - Authenticated Cross-Si...
simple-dropbox-upload-form 2014-08-01 Simple Dropbox Upload - Arbitrary File Upload
simple-embed-code 2014-08-01 Artiss Code Embed 2.0.1 - wp-admin/admin.php suffix Param...
simple-events-calendar 2017-11-12 Simple Events Calendar <= 1.3.5 - Authenticated SQL Injec...
simple-fields 2014-08-01 Simple Fields 1.1.6 - Admin Functions CSRF
simple-fields 2014-08-01 Simple Fields 0.3.5 - Remote File Inclusion
simple-fields 2015-11-24 Simple Fields <= 1.4.10 - Authenticated Reflected Cross-S...
simple-file-list 2019-05-27 Simple File List Plugin <= 3.2.4 - Unauthenticated Arbitr...
simple-file-list 2019-05-27 Simple File List Plugin <= 3.2.4 - Authenticated Arbitrar...
simple-flash-video 2014-08-01 Simple Flash Video 1.7 - Cross Site Scripting
simple-flickr-display 2014-08-01 Simple Flickr Display - Username Field Stored Cross-Site ...
simple-forum 2014-08-01 Simple Forum - File Upload
simple-forum 2014-08-01 Simple Forum sf-profile.php u Parameter SQL Injection
simple-history 2014-08-01 Simple History - RSS Feed "rss_secret" Disclosure Weakness
simple-image-manipulator 2015-08-03 simple-image-manipulator <= 1.0 - Remote File Download
simple-link-directory 2019-06-26 Simple Link Directory <= 5.5.0 - Authenticated PHP Object...
simple-login-log 2014-08-01 Simple Login Log - Cross-Site Scripting (XSS)
simple-login-log 2014-08-01 Simple Login Log - SQL Injection
simple-login-log 2017-10-11 Simple Login Log <= 1.1.0 - Authenticated SQL Injection
simple-mail-address-encoder 2019-07-03 Simple Mail Address Encoder <= 1.6.1 - Reflected Authenti...
simple-membership 2016-07-14 Simple Membership <= 3.2.8 - Cross-Site Scripting (XSS)
simple-personal-message 2016-12-18 Single Personal Message 1.0.3 – Authenticated SQL Injection
simple-photo-gallery 2015-05-22 Simple Photo Gallery 1.7.8 - Blind SQL Injection
simple-photo-gallery 2016-04-29 Simple Photo Gallery <= 1.8.0 - Stored Cross-Site Scripti...
simple-popup 2014-08-01 Simple Popup - popup.php z Parameter XSS
simple-press 2014-08-01 Simple Press - SQL Injection
simple-retail-menus 2014-08-01 Simple Retail Menus 4.0.1 - includes/actions.php targetme...
simple-retail-menus 2014-08-01 Simple Retail Menus 4.0.1 - includes/mode-edit.php target...
simple-security 2015-01-14 Simple Security <= 1.1.5 - 2 x Cross-Site Scripting (XSS)
simple-share-buttons-adder 2014-08-01 Simple Share Buttons Adder 4.4 - options-general.php Mult...
simple-share-buttons-adder 2014-08-01 Simple Share Buttons Adder 4.4 - options-general.php ssba...
simple-share-buttons-adder 2015-06-02 Simple Share Buttons Adder <= 6.0.0 - Reflected Cross-Sit...
simple-slider 2014-08-01 Simple Slider 1.0 - New Image URL Field XSS
simple-slideshow-manager 2017-06-01 Simple Slideshow Manager <= 2.3 – Multiple Vulnerabilities
simple-social-buttons 2019-02-12 Simple Social Buttons 2.0.4-2.0.21 - Authenticated Option...
simple-student-result 2017-09-28 Student Result or Employee Database <= 1.6.3 - Auth Bypass
simple-support-ticket-system 2015-10-07 Support Ticket System <= 1.2 - Unauthenticated SQL Injection