WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
fs-shopping-cart 2016-11-21 FireStorm Shopping Cart eCommerce Plugin 2.07.02 - Authen...
freshmail-newsletter 2015-05-08 Freshmail for WordPress <= 1.5.8 - Unauthenticated SQL In...
freshmail-newsletter 2015-05-08 Freshmail for WordPress <= 1.5.8 - shortcode.php SQL Inj...
image-slider-widget 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
fossura-tag-miner 2016-05-05 Tag Miner <= 1.1.2 - Cross-Site Request Forgery (CSRF)
gravity-forms-sms-notificat... 2017-12-19 Multiple Mediaburst/Clockwork Plugins - Cross-Site Script...
form-lightbox 2016-07-19 Form Lightbox - Arbitrary Option Update Leading to Admin ...
flickr-picture-backup 2017-05-02 flickr-picture-backup <= 0.7 - Unauthenticated File Upload
flickr-gallery 2017-10-03 Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Inje...
wp-fail2ban 2019-03-01 Fremius Library <= 2.2.3 - Authenticated Option Update
fast-image-adder 2015-07-11 Fast Image Adder <= 1.1 - Unauthenticated Remote File Upload
image-slider-widget 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
facebook-page-photo-gallery 2015-05-06 Facebook Page Photo Gallery <= 2.0.9 - DOM Cross-Site Scr...
eventr 2017-05-31 eventr 1.02.2 - Blind SQL Injection
event-espresso-free 2017-08-16 Event Espresso Lite <= 3.1.37.11.L - Authenticates Blind ...
embed-comment-images 2017-08-25 Embed Images in Comments <= 0.5 - Unauthenticated Stored XSS
custom-admin-page 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
email-log 2017-11-13 Email Log <= 2.2.2 - Stored Cross-Site Scripting (XSS)
email-encoder-bundle 2015-11-24 Email Encoder Bundle <= 1.4.1 - Unauthenticated Cross-Sit...
elisqlreports 2015-09-15 EZ SQL Reports <= 4.11.33 - Authenticated Arbitrary File ...
elisqlreports 2015-09-15 EZ SQL Reports <= 4.11.33 - Authenticated Arbitrary Code ...
image-slider-widget 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
image-slider-widget 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
easy2map 2015-07-05 Easy2Map <= 1.24 - SQL Injection
easy2map 2015-10-05 Easy2Map <= 1.2.9 - Reflected Cross-Site Scripting (XSS)
easy2map 2015-10-05 Easy2Map <= 1.2.9 - Local File Inclusion
easy2map-photos 2015-07-06 Easy2Map Photos <= 1.0.9 - SQL Injection
easy-team-manager 2017-05-31 Easy Team Manager 1.3.2 - Authenticated Blind SQL Injection
easy-contact-form-solution 2015-11-13 Easy Contact Form Solution 1.0-1.6 - Stored Cross-Site Sc...
easy-author-image 2015-05-26 Easy Author Image 1.5 - Email Disclosure
e-search 2016-04-18 e-search <= 1.0 - Unauthenticated Reflected Cross-Site Sc...
dtracker 2017-03-09 DTracker 1.5 - Multiple Unauthenticated Blind SQL Injections
dsubscribers 2017-07-16 DSubscribers <= 1.2 - Authenticated SQL Injection
image-slider-widget 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...