WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
download-zip-attachments 2015-06-28 Download Zip Attachments <= 1.0 - Arbitrary File Download
double-opt-in-for-download 2015-11-28 Double Opt-In for Download <= 2.0.8 - SQL Injection
double-opt-in-for-download 2016-06-07 Double Opt-In for Download <= 2.0.9 - Authenticated SQL I...
bws-latest-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
wp-fail2ban 2019-03-01 Fremius Library <= 2.2.3 - Authenticated Option Update
dbox-slider-lite 2018-01-11 Dbox 3D Slider Lite <= 1.2.2 - Multiple Authenticated SQL...
database-sync 2015-08-04 Database Sync <= 0.4 - Reflected Cross-Site Scripting (XSS)
bws-latest-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
custom-metas 2016-04-17 custom-metas plugin <= 1.5.1 - Cross-Site Scripting (XSS)
bws-latest-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
csv2wpec-coupon 2015-09-16 Csv2WPeC Coupon <= 1.1 - Unauthenticated Remote File Upload
csv-import-export 2017-12-20 Csv Import-Export <= 1.1 - Authenticated Cross-Site Scrip...
crossslide-jquery-plugin-fo... 2015-02-26 CrossSlide jQuery Plugin <= 2.0.5 - Stored XSS & CSRF
crony 2015-10-27 Crony Cronjob Manager <= 0.4.4 - Cross-Site Scripting (X...
cp-reservation-calendar 2015-09-18 CP Reservation Calendar <= 1.1.6 - Unauthenticated SQL In...
cp-image-store 2015-07-13 CP Image Store with Slideshow <= 1.0.5 - Arbitrary File D...
cp-image-store 2015-07-13 CP Image Store with Slideshow <= 1.0.6 - Purchase ID Brut...
cp-polls 2016-03-02 CP Polls Plugin <= 1.0.8 - Multiple CSRF Vulnerabilities
cp-polls 2016-03-02 CP Polls Plugin <= 1.0.8 - Multiple XSS Vulnerabilities
copy-or-move-comments 2015-08-05 Copy Or Move Comments 1.0.0 - Cross-Site Scripting (XSS)
contus-video-comments 2016-06-23 Contus Video Comments - Unauthenticated Remote JPG File U...
bws-latest-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
contact-form-integrated-wit... 2015-11-13 Contact Form Integrated With Google Maps 1.0-2.4 - Stored...
bws-latest-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
mediaburst-ecommerce-sms-no... 2017-12-19 Multiple Mediaburst/Clockwork Plugins - Cross-Site Script...
wp-fail2ban 2019-03-01 Fremius Library <= 2.2.3 - Authenticated Option Update
commentator 2016-01-13 Commentator <= 2.5.2 - Reflected Cross-Site Scripting (XSS)
cms-commander-client 2017-01-26 CMS Commander Client <= 2.21 - Unauthenticated PHP Object...
cm-ad-changer 2016-04-25 CM Ad Changer <= 1.7.2 - Cross-Site Scripting (XSS)
cm-ad-changer 2016-06-13 CM Ad Changer <= 1.7.7 - Stored Cross-Site Scripting (XSS)
mediaburst-ecommerce-sms-no... 2017-12-19 Multiple Mediaburst/Clockwork Plugins - Cross-Site Script...
clickbank-ads-clickbank-widget 2015-05-06 ClickBank Affiliate Ads <= 1.7 - CSRF/XSS
clean-login 2017-05-11 Clean Login <= 1.7.12 - Change Redirect URL CSRF
claptastic-clap-button 2016-03-30 Claptastic clap! Button <= 1.3 - Authenticated Cross-Site...