WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Published Title
downloads-manager 2014-08-01 Download Manager 0.2 - Arbitrary File Upload Exploit
duplicate-post 2014-08-01 Duplicate Post 2.5 - duplicate-post-admin.php User Login ...
event-registration 2014-08-01 Event Registration <= 5.44 - SQL Injection
events-manager 2018-03-26 Events Manager <= 5.8.1.1 - Unauthenticated Stored XSS
events-manager 2014-08-01 Events Manager 5.5.1 - Multiple Unspecified XSS Vulnerabi...
feature-comments 2014-08-01 Featured Comments 1.2.1 - wp-admin/admin-ajax.php Comment...
fgallery 2014-08-01 fGallery 2.4.1 - fimrss.php SQL Injection
fmoblog 2014-08-01 fMoblog 2.1 - (id) SQL Injection
foliopress-wysiwyg 2014-08-01 Foliopress WYSIWYG - Unspecified XSS
gravity-file-ajax-upload-free 2014-08-01 Gravity Upload Ajax <= 1.1 - Arbitrary File Upload
keyring 2014-08-01 Keyring <= 1.5 - OAuth Example Page XSS
leaguemanager 2014-08-01 LeagueManager <= 3.7 - wp-admin/admin.php Multiple Parame...
mail-on-update 2014-08-01 Mail On Update 5.1.0 - Email Option Manipulation CSRF
mm-forms-community 2014-08-01 MM Forms Community 2.2.6 - Arbitrary File Upload
my-category-order 2015-08-13 My Category Order <= 4.3 - Authenticated Cross-Site Scrip...
myflash 2014-08-01 Myflash <= 1.00 - (wppath) RFI
mylinksdump 2014-08-01 myLDlinker - SQL Injection
nextcellent-gallery-nextgen... 2014-08-01 NextCellent Gallery < 1.9.18 - Multiple Stored XSS
nextgen-gallery 2019-08-27 Nextgen Gallery < 3.2.11 - SQL Injection
photoracer 2014-08-01 Photoracer <= 1.0 - Multiple Vulnerabilities
pictpress 2014-08-01 PictPress <= 0.91 - Remote File Disclosure
redirection 2018-12-05 Redirection <= 3.6.2 - Cross-Site Request Forgery (CSRF)
reflex-gallery 2014-08-01 ReFlex Gallery 1.4.2 - Unspecified XSS
related-sites 2014-08-01 Related Sites 2.1 - Blind SQL Injection
sagepay-direct-for-woocomme... 2014-08-01 WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - page...