WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Published Title
website-faq 2014-08-01 Website FAQ 1.0 - wp-admin/admin-ajax.php category Parame...
wordfence 2018-10-02 Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
wordfence 2018-10-02 Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
wp-automatic 2014-08-01 Automatic 2.0.3 - csv.php q Parameter SQL Injection
wp-predict 2014-08-01 WP-Predict 1.0 - Blind SQL Injection
wp-simplemail 2014-08-01 SimpleMail 1.0.6 - Stored XSS
answer-my-question 2017-04-24 Answer My Question 1.3 - Cross-Site Scripting (XSS)
wordfence 2018-10-02 Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
wordfence 2018-10-02 Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
wp-image-news-slider 2014-08-01 Image News Slider - Arbitrary File Upload
wp-image-news-slider 2014-08-01 Image News Slider - Arbitrary File Upload
wp-image-news-slider 2014-08-01 Image News Slider - Arbitrary File Upload
wp-image-news-slider 2014-08-01 Image News Slider - Arbitrary File Upload
wp-image-resizer 2014-08-01 Image Resizer - Cross Site Scripting
wp-levoslideshow 2016-06-07 Wordpress Levo-Slideshow - Arbitrary File Upload
wp-powerplaygallery 2015-07-01 Powerplay Gallery - Arbitrary File Upload & SQL Injection
wp-royal-gallery 2014-08-01 wp-royal-gallery - Arbitrary File Upload
advanced-custom-fields 2019-02-15 Advanced Custom Fields <= 5.7.10 - Unserialize of user input
apptha-banner 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
apptha-slider-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
blaze-slide-show-for-wordpress 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
dm-albums 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
flash-album-gallery 2014-10-30 Gr& Flagallery <= 4.24 - Full Path Disclosure
fluid-accessible-pager 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
fluid-accessible-rich-inlin... 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
fluid-accessible-ui-options 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
fluid-accessible-uploader 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
fresh-page 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
mac-dock-gallery 2014-08-01 Mac Photo Gallery - upload-file.php File Upload
pdw-file-browser 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
pica-photo-gallery 2014-08-01 Pica Photo Gallery - Arbitrary File Upload
power-zoomer 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
slide-show-pro 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
smart-slide-show 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
spotlightyour 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
sprapid 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-3dbanner-rotator 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-3dflick-slideshow 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-bliss-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-carouselslideshow 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-dreamworkgallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-ecommerce-cvs-importer 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-extended 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-flipslideshow 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-homepage-slideshow 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-image-news-slider 2014-08-01 Image News Slider - Arbitrary File Upload
wp-levoslideshow 2016-06-07 Wordpress Levo-Slideshow - Arbitrary File Upload
wp-matrix-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-powerplaygallery 2015-07-01 Powerplay Gallery - Arbitrary File Upload & SQL Injection
wp-royal-gallery 2014-08-01 wp-royal-gallery - Arbitrary File Upload
wp-superb-slideshow 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-yasslideshow 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
asset-manager 2014-08-01 Asset Manager - upload.php Arbitrary Code Execution
asset-manager 2014-08-01 Asset Manager - upload.php Arbitrary Code Execution
blaze-slide-show-for-wordpress 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
comment-extra-field 2014-08-01 Comment Extra Field 1.7 - CSRF / XSS