WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
siteorigin-panels 2015-06-08 Page Builder by SiteOrigin 2.0.3 - Reflected XSS
sitepress-multilingual-cms 2015-03-12 WPML <= 3.1.7.2 - Multiple Vulnerabilities (Including SQLi)
sitepress-multilingual-cms 2015-09-02 WPML 2.9.3-3.2.6 - Cross-Site Scripting (XSS) in Accept-L...
sl-user-create 2014-08-01 SL User Create 0.2.4 - LSL script Secret String Weakness ...
mac-dock-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
slidedeck2 2014-08-01 slidedeck2 2.3.3 - Unspecified File Inclusion
slidedeck2 2014-08-01 slidedeck2 <= 2.1.20130228 - XSS in ZeroClipboard
slideoptinprox 2015-01-10 slideoptinprox - XSS
slider-image 2015-02-26 Huge IT Slider <= 2.6.8 - SQL Injection
slider-image 2015-11-22 Slider <= 2.8.6 - Authenticated Blind SQL Injection
slideshow-gallery 2014-09-17 Slideshow Gallery < 1.4.7 Arbitrary File Upload
slideshow-gallery 2015-11-22 Tribulant Slideshow Gallery <= 1.5.3 - Arbitrary file upl...
slideshow-gallery 2017-03-20 Tribulant Slideshow Gallery <= 1.6.4 - Authenticated Cros...
slideshow-gallery 2017-04-11 Slideshow Gallery <= 1.6.5 - Multiple Authenticated Cross...
slideshow-jquery-image-gallery 2014-08-01 Slideshow jQuery Image Gallery - Multiple Vulnerabilities
slideshow-jquery-image-gallery 2014-08-01 Slideshow - Multiple Script Insertion Vulnerabilities
slideshow-jquery-image-gallery 2015-05-03 Slideshow 2.2.8-2.2.21 - Option Value Disclosure
sliding-social-icons 2014-12-15 Sliding Social Icons <= 1.61 - CSRF & Stored XSS
smart-flv 2014-08-01 smart-flv - jwplayer.swf XSS
smart-forms 2014-11-24 Smart Forms 2.1.0 - Cross-Site Scripting (XSS)
smart-forms 2019-03-13 Smart Forms <= 2.5.15 - Cross-Site Request Forgery (CSRF)
smart-google-code-inserter 2018-01-08 Smart Google Code Inserter <= 3.4 - Unauthenticated Cross...
smart-google-code-inserter 2018-01-08 Smart Google Code Inserter <= 3.4 - Unauthenticated SQL I...
smart-manager-for-wp-e-comm... 2015-11-24 Smart Manager for WooCommerce & WPeC <= 3.9.6 - Unauthent...
smart-marketing-for-wp 2017-12-07 Smart Marketing SMS and Newsletters Forms <= 1.1.1 - Unau...
smart-slide-show 2014-08-01 Smart Slideshow - upload.php Multiple File Extension Uplo...
mac-dock-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
smart-slider-2 2015-11-24 Smart Slider 2 <= 2.3.11 - Authenticated Reflected Cross-...
smokesignal 2017-09-19 SmokeSignal <= 1.2.6 - Authenticated Stored XSS
smooth-slider 2015-11-24 Smooth Slider <= 2.6.5 - Authenticated SQL Injection
smooth-slider 2018-01-11 Smooth Slider <= 2.8.6 - Authenticated SQL Injection
snazzy-archives 2014-08-01 snazzy-archives <= 1.7.1 - swf/tagcloud.swf tagcloud Para...
snazzy-maps 2018-07-30 Snazzy Maps <= 1.1.3 - Multiple Cross-Site Scripting (XSS)
sniplets 2014-08-01 Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities
custom-admin-page 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
social-connect 2014-08-01 Social Connect 0.10.1 - diagnostics/test.php testing Para...
social-discussions 2014-08-01 Social Discussions - Multiple Path Disclosure
social-discussions 2014-08-01 Social Discussions 6.1.1 - Remote File Inclusion
social-hashtags 2014-08-01 Social Hashtags 2.0.0 - New Post Title Field Stored XSS
social-locker 2015-11-24 OnePress Social Locker <= 4.2.0 - Authenticated Reflected...
custom-admin-page 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
social-media-widget 2014-08-01 Social Media Widget - malicious code
social-media-widget 2014-08-01 Social Media Widget 4.0 - social-widget.php MITM Weakness...
social-network-tabs 2019-01-17 Social Network Tabs - Social Media API Key Leakage