WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
simple-dropbox-upload-form 2014-08-01 Simple Dropbox Upload - Arbitrary File Upload
simple-embed-code 2014-08-01 Artiss Code Embed 2.0.1 - wp-admin/admin.php suffix Param...
simple-events-calendar 2017-11-12 Simple Events Calendar <= 1.3.5 - Authenticated SQL Injec...
simple-fields 2014-08-01 Simple Fields 1.1.6 - Admin Functions CSRF
simple-fields 2014-08-01 Simple Fields 0.3.5 - Remote File Inclusion
simple-fields 2015-11-24 Simple Fields <= 1.4.10 - Authenticated Reflected Cross-S...
simple-flash-video 2014-08-01 Simple Flash Video 1.7 - Cross Site Scripting
simple-flickr-display 2014-08-01 Simple Flickr Display - Username Field Stored Cross-Site ...
simple-forum 2014-08-01 Simple Forum - File Upload
simple-forum 2014-08-01 Simple Forum sf-profile.php u Parameter SQL Injection
simple-history 2014-08-01 Simple History - RSS Feed "rss_secret" Disclosure Weakness
simple-image-manipulator 2015-08-03 simple-image-manipulator <= 1.0 - Remote File Download
simple-login-log 2014-08-01 Simple Login Log - Cross-Site Scripting (XSS)
simple-login-log 2014-08-01 Simple Login Log - SQL Injection
simple-login-log 2017-10-11 Simple Login Log <= 1.1.0 - Authenticated SQL Injection
simple-membership 2016-07-14 Simple Membership <= 3.2.8 - Cross-Site Scripting (XSS)
simple-personal-message 2016-12-18 Single Personal Message 1.0.3 – Authenticated SQL Injection
simple-photo-gallery 2015-05-22 Simple Photo Gallery 1.7.8 - Blind SQL Injection
simple-photo-gallery 2016-04-29 Simple Photo Gallery <= 1.8.0 - Stored Cross-Site Scripti...
simple-popup 2014-08-01 Simple Popup - popup.php z Parameter XSS
simple-press 2014-08-01 Simple Press - SQL Injection
simple-retail-menus 2014-08-01 Simple Retail Menus 4.0.1 - includes/actions.php targetme...
simple-retail-menus 2014-08-01 Simple Retail Menus 4.0.1 - includes/mode-edit.php target...
simple-security 2015-01-14 Simple Security <= 1.1.5 - 2 x Cross-Site Scripting (XSS)
simple-share-buttons-adder 2014-08-01 Simple Share Buttons Adder 4.4 - options-general.php Mult...
simple-share-buttons-adder 2014-08-01 Simple Share Buttons Adder 4.4 - options-general.php ssba...
simple-share-buttons-adder 2015-06-02 Simple Share Buttons Adder <= 6.0.0 - Reflected Cross-Sit...
simple-slider 2014-08-01 Simple Slider 1.0 - New Image URL Field XSS
simple-slideshow-manager 2017-06-01 Simple Slideshow Manager <= 2.3 – Multiple Vulnerabilities
simple-social-buttons 2019-02-12 Simple Social Buttons 2.0.4-2.0.21 - Authenticated Option...
simple-student-result 2017-09-28 Student Result or Employee Database <= 1.6.3 - Auth Bypass
simple-support-ticket-system 2015-10-07 Support Ticket System <= 1.2 - Unauthenticated SQL Injection
simpleflickr 2015-01-03 SimpleFlickr 3.0.3 - CSRF & XSS
simply-poll 2014-08-01 Simply Poll 1.4.1 - wp-admin/admin.php question Parameter...
simply-poll 2014-08-01 Simply Poll 1.4.1 - wp-admin/admin.php Poll Manipulation ...
sintic_gallery 2014-08-01 sintic_gallery - Arbitrary File Upload
sintic_gallery 2014-08-01 sintic_gallery - Path Disclosure
sirv 2016-11-21 Sirv <= 1.3.1 - Authenticated SQL Injection
site-editor 2018-03-19 Site Editor <= 1.1.1 - Local File Inclusion (LFI)
site-reviews 2018-06-28 Site Reviews <= 2.15.2 - Cross-Site Scripting (XSS)
sitebuilder-dynamic-components 2017-05-21 SiteBuilder Dynamic Components <= 1.0 - Unauthenticated P...