WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
wordcamp-talks 2017-10-30 WordCamp Talks <= 1.0.0-beta2 - Formula injection via CSV...
qards 2017-10-17 Qards - Server Side Request Forgery (SSRF)
qards 2017-10-17 Qards - Stored Cross-Site Scripting (XSS)
wphrm 2017-10-11 WPHRM <= 1.0 - Authenticated SQL Injection
emag-marketplace-connector 2017-11-29 Emag Marketplace Connector 1.0 - Unauthenticated Cross-Si...
dark-mode 2018-01-22 Dark Mode <= 1.6 - Stored XSS
content_timeline 2017-10-03 Content Timeline <= 4.4.2 - Multiple Blind SQL Injection
wp-better-permalinks 2019-06-27 WP Better Permalinks <= 3.0.4 - CSRF allowing Option Update
furikake 2018-01-08 furikake - Unauthenticated Open Redirect
woocommerce-product-vendors 2017-08-31 WooCommerce Product Vendors Plugin <= 2.0.27 - Unauthenti...
cf7-invisible-recaptcha 2019-06-20 CF7 Invisible reCaptcha <= 1.3.1 - XSS
formcraft3 2017-08-02 FormCraft - Premium WordPress Form Builder <= v3.2.31 - A...
indeed-affiliate-pro 2017-08-02 Ultimate Affiliate Pro WordPress Plugin <= v3.6 - Authent...
dropshipping-xox 2019-06-20 Dropshix <= 4.0.11 - Arbitrary Product Import
wp-rocket 2017-07-28 WP Rocket <= 2.10.3 - Local File Inclusion (LFI)
task-manager-pro 2017-07-25 Task Manager Pro <= 1.3.1 - Authenticated Cross-Site Scri...
task-manager-pro 2017-07-25 WordPress Task Manager Pro <= 1.3.1 - Authenticated SQL I...
examapp 2017-07-25 WordPress Plugin IBPS Online Exam <= 1.0 - Authenticated ...
share-this-image 2018-01-08 Share This Image <= 1.03 - Cross-Site Scripting (XSS)
share-this-image 2019-06-17 Share This Image <= 1.19 - Stored XSS
advanced-cf7-db 2019-04-11 Download Advanced Contact form 7 DB <= 1.6.0 - Authentica...
add-pinterest-conversion-tags 2019-03-01 Freemius Library <= 2.2.3 - Authenticated Option Update
user-registration 2019-01-13 User Registration <= 1.5.5 - Authenticated Cross-Site Scr...
ultimate-instagram-feed 2017-11-09 Ultimate Instagram Feed <= 1.3 - Authenticated Cross-Site...
ultimate-instagram-feed 2017-11-12 Ultimate Instagram Feed <= 1.3.1 - Authenticated Cross-Si...
AffiliateWP 2017-05-26 AffiliateWP <= 2.0.9 - Authenticated Cross-Site Scripting...
Ultimate_VC_Addons 2017-05-17 Ultimate Addons for Visual Composer <= 3.16.11 - Authenti...
finale-woocommerce-sales-co... 2019-06-12 Finale WooCommerce Sale Countdown <= 2.9.0 - Arbitrary Fi...
audio-record 2019-01-07 Audio Record 1.0 - Arbitrary File Upload
divi-builder 2016-02-18 ElegantThemes - Privilege Escalation
divi-builder 2018-10-31 ElegantThemes (divi, extra, divi-builder) - Authenticated...
site-editor 2018-03-19 Site Editor <= 1.1.1 - Local File Inclusion (LFI)
block-wp-login 2019-06-27 Block WP Login <= 1.3.0 - CSRF and Unauthorised Settings ...
one-click-ssl 2019-07-11 One Click SSL <= 1.4.6 - Multiple Issues
gallery-album 2017-09-22 Responsive Image Gallery, Gallery Album <= 1.2.0 - Authen...