WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Published Title
jsmol2wp 2019-01-07 JSmol2WP <= 1.07 - Unauthenticated Cross-Site Scripting (...
ninja-forms 2018-07-06 Ninja Forms < 3.3.9 - Insufficient Restrictions during Ex...
adicons 2018-12-28 Adicon Server <= 1.2 - SQL Injection
order-xml-file-export-impor... 2018-12-28 Order XML File Export Import for WooCommerce <= 1.2.2 - XSS
jsmol2wp 2018-12-25 JSmol2WP <= 1.07 - Unauthenticated Server Side Request Fo...
audio-record 2018-12-24 Audio Record 1.0 - Arbitrary File Upload
baggage-freight 2018-12-24 Baggage Freight Shipping Australia 0.1.0 - Unauthenticate...
wp-job-manager 2018-12-22 WP Job Manager <= 1.31.2 - Phar Deserialization
woocommerce 2019-07-07 WooCommerce <= 3.6.4 - Cross-Site Request Forgery (CSRF) ...
wp-ultimate-csv-importer 2018-12-19 WP Ultimate CSV Importer <= 5.6 - CSRF
wp-ultimate-exporter 2018-12-19 WP Ultimate Exporter < 1.4.2 - CSRF
google-sitemap-generator 2018-12-18 Google XML Sitemaps <= 4.0.9 - Authenticated Cross-Site S...
two-factor-authentication 2018-12-18 Two Factor Authentication <= 1.3.12 - Disable Two Factor ...
import-users-from-csv-with-... 2018-12-11 Import users from CSV with meta <= 1.12 - Import Cross-Si...
jetpack 2018-12-11 Jetpack <= 6.4.2 - Authenticated Stored Cross-Site Script...
wp-autosuggest 2018-12-11 WP AutoSuggest 0.24 - Unauthenticated SQL Injection
woocommerce 2019-07-07 WooCommerce <= 3.6.4 - Cross-Site Request Forgery (CSRF) ...
woocommerce 2019-07-07 WooCommerce <= 3.6.4 - Cross-Site Request Forgery (CSRF) ...
wpforms-lite 2018-12-02 WPForms <= 1.4.7 - Authenticated Stored Cross-Site Script...
css-javascript-toolbox 2018-12-08 CSS & JavaScript Toolbox <= 8.4.1 - Database backup Discl...
wp-smushit 2018-12-08 Smush Image Compression and Optimization <= 2.9.1 - Authe...
advanced-custom-fields 2018-12-07 Advanced Custom Fields <= 5.7.7 - Authenticated Cross-Sit...
themeisle-companion 2018-12-07 Orbit Fox by ThemeIsle <= 2.6.3 -Does not properly Authen...
wp-payeezy-pay 2018-12-07 WP Payeezy Pay < 2.98 - Local File Inclusion
redirection 2018-12-05 Redirection <= 3.6.2 - Cross-Site Request Forgery (CSRF)