WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
wp-splashing-images 2018-01-29 Splashing Images <= 2.1 - Authenticated PHP Object Injection
wp-splashing-images 2018-01-29 Splashing Images <= 2.1 - Cross-Site Scripting (XSS)
basic-contact-form 2017-09-28 Basic Contact Form <= 1.0.3 - Potential Unauthenticated S...
404-redirection-manager 2017-01-14 404 Redirection Manager 1.0 - SQL Injection
wechat-broadcast 2018-09-24 Wechat Broadcast <= 1.2.0 - Local/Remote File Inclusion
mobile-friendly-app-builder... 2017-03-08 mobile-friendly-app-builder-by-easytouch 3.0 - Unauthenti...
mobile-app-builder-by-wappress 2017-03-08 WordPress Mobile app Builder 1.05 - Unauthenticated File ...
zen-mobile-app-native 2017-03-01 Mobile App Native <= 3.0 - Remote File Upload
site-reviews 2018-06-28 Site Reviews <= 2.15.2 - Cross-Site Scripting (XSS)
loginpress 2019-02-12 LoginPress <= 1.1.15 - Authenticated Blind SQL Injection
BraftonWordpressPlugin 2016-09-07 brafton WordPress Plugin <=3.4.7 - Reflected XSS
inazo-advanced-ads-management 2016-09-16 Advanced ads Management <= 1.3 - Authenticated Stored Cro...
affiliate-ads-builder-for-c... 2018-01-08 Affiliate Ads for Clickbank Products <= 1.6 - Stored Cros...
wp-file-manager 2018-09-09 File Manager <= 2.9 - Authenticated Cross-Site Scripting ...
vospari-forms 2017-07-16 Vospari Forms <= 1.3 - Cross-Site Scripting (XSS)
dwnldr 2016-07-19 Dwnldr 1.0 - Unauthenticated Stored Cross-Site Scripting ...
smart-marketing-for-wp 2017-12-07 Smart Marketing SMS and Newsletters Forms <= 1.1.1 - Unau...
wp-site-protect 2018-03-19 WP Site Protect 1.0 - Cross-Site Scripting (XSS)
social-warfare 2019-03-21 Social Warfare <= 3.5.2 - Unauthenticated Arbitrary Setti...
social-warfare 2019-04-24 Social Warfare <= 3.5.2 - Unauthenticated Remote Code Exe...
real3d-flipbook 2016-07-05 Real3D FlipBook - Multiple Vulnerabilities
popcashnet-code-integration... 2017-10-26 PopCash.Net Code Integration Tool <= 1.0 - Cross-Site Scr...
woo-email-control 2016-07-19 Woo Email Control <= 1.01 - Reflected Cross-Site Scriptin...
newsletter-by-supsystic 2017-05-24 Newsletter by Supsystic - Authenticated Stored XSS & CSRF
social-login-bws 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
timesheet 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
membersonic-lite 2016-06-29 MemberSonic Lite <= 1.2 - Authentication Bypass
wpforo 2018-05-30 wpForo Forum <= 1.4.9 - Unauthenticated SQL Injection
wpforo 2018-06-01 wpForo Forum <= 1.4.11 - Unauthenticated Reflected Cross-...
contact-form-7-multi-step-m... 2019-03-01 Fremius Library <= 2.2.3 - Authenticated Option Update
custom-map 2017-12-20 Custom Map <= 1.1 - Authenticated Cross-Site Scripting (XSS)
order-import-export-for-woo... 2016-09-21 Order Export Import for WooCommerce 1.0.8 - Order Informa...
ultimate-product-catalog 2016-06-20 Product Catalog <= 3.8.1 - Privilege Escalation