WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
google-captcha 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
membersonic-lite 2016-06-29 MemberSonic Lite <= 1.2 - Authentication Bypass
wpforo 2018-05-30 wpForo Forum <= 1.4.9 - Unauthenticated SQL Injection
wpforo 2018-06-01 wpForo Forum <= 1.4.11 - Unauthenticated Reflected Cross-...
custom-map 2017-12-20 Custom Map <= 1.1 - Authenticated Cross-Site Scripting (XSS)
order-import-export-for-woo... 2016-09-21 Order Export Import for WooCommerce 1.0.8 - Order Informa...
ultimate-product-catalog 2016-06-20 Product Catalog <= 3.8.1 - Privilege Escalation
google-captcha 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
simple-personal-message 2016-12-18 Single Personal Message 1.0.3 – Authenticated SQL Injection
google-captcha 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
responsive-coming-soon-page 2018-01-22 Coming Soon <= 1.1.18 - Authenticated Stored XSS & CSRF
elementor 2017-11-29 Elementor Page Builder <= 1.7.12 - Authenticated Unrestri...
fluid-respnsive-slideshow 2016-05-23 Fluid Responsive Slideshow <= 2.2.6 - CSRF & XSS
webapp-builder 2017-03-08 Webapp builder 2.0 - Unauthenticated File Upload
google-captcha 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
user-login-history 2017-10-30 User Login History <= 1.5 - Cross-Site Scripting (XSS)
Tevolution 2016-05-03 Tevolution <= 2.2.7 - Unrestricted File Upload
easy-social-share-buttons-f... 2016-04-25 Easy Social Share Buttons <= 3.2.5 - Cross-Site Scripting...
google-captcha 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
ocim-mp3 2016-03-29 Ocim MP3 Plugin - Unauthenticated Reflected Cross-Site Sc...
multi-meta-box 2016-04-12 WP Multiple Meta Box 1.0 - Authenticated Blind SQL Injection
bbs-e-franchise 2016-12-06 BBS e-Franchise 1.1.1 - Unauthenticated SQL Injection
pootle-button 2017-10-13 pootle button <= 1.1.1 - Authenticated Cross-Site Scripti...
woo-custom-checkout-field 2016-07-26 Woo Custom Checkout Field <= 1.3.4 - CSRF & Stored XSS
divi-builder 2016-02-18 ElegantThemes - Privilege Escalation
bloom 2016-02-18 ElegantThemes - Privilege Escalation
file-manager 2017-03-20 File Manager <= 4.1.4 - Cross-Site Request Forgery (CSRF)...
file-manager 2018-03-02 File Manager <= 5.0.0 - Information Disclosure
loginizer 2017-08-08 Loginizer <= 1.3.5 - Blind SQL Injection
loginizer 2017-08-08 Loginizer <= 1.3.5 - Cross-Site Request Forgery (CSRF)
loginizer 2018-05-22 Loginizer 1.3.8-1.3.9 - Unauthenticated Stored Cross-Site...
wp-ultimate-exporter 2016-03-03 WP Ultimate Exporter 1.0.0 - Reflected Cross-Site Scripti...
wp-ultimate-exporter 2016-03-13 WP Ultimate Exporter <= 1.1 - Unauthenticated SQL Injection
remote-upload 2016-06-14 Remote Upload <= 1.2.1 - Unrestricted File Upload
social-pug 2016-12-11 Social Share Buttons - Social Pug <= 1.2.5 - Authenticate...