WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
forumconverter 2014-08-01 ForumConverter - SQL Injection
simple-history 2014-08-01 Simple History - RSS Feed "rss_secret" Disclosure Weakness
wordpress-simple-shout-box 2014-08-01 wordpress-simple-shout-box - SQL Injection
portfolio-slideshow-pro 2014-08-01 portfolio-slideshow-pro v3 - SQL Injection
wp-explorer-gallery 2014-08-01 wp-explorer-gallery - Arbitrary File Upload
accordion 2014-08-01 accordion - Arbitrary File Upload
wp-catpro 2014-08-01 wp-catpro - Arbitrary File Upload
RLSWordPressSearch 2014-08-01 RLSWordPressSearch - register.php agentid Parameter SQL I...
gotmls 2014-08-01 Get Off Malicious Scripts - Cross-Site Scripting (XSS)
gotmls 2015-05-15 Anti-Malware & Brute-Force Security by ELI <= 4.15.17 - M...
gotmls 2015-05-26 Anti-Malware & Brute-Force Security by ELI <= 4.15.22 - S...
gotmls 2016-03-23 Anti-Malware Security & Brute-Force Firewall <= 4.15.42 -...
cimy-user-extra-fields 2014-08-01 Cimy User Extra Fields - Arbitrary File Upload
nmedia-user-file-uploader 2014-08-01 N-Media File Uploader < 2.0 Arbitrary File Upload
nmedia-user-file-uploader 2014-09-28 N-Media File Uploader < 3.4 Arbitrary File Upload
nmedia-user-file-uploader 2015-06-11 N-Media File Uploader <= 3.7 - Arbitrary File Upload
nmedia-user-file-uploader 2015-06-29 N-Media File Uploader <= 3.7 - Unauthenticated Arbitrary ...
nmedia-user-file-uploader 2016-09-27 Front end file upload and manager Plugin <= 3.9 - Arbitra...
flexi-quote-rotator 2014-08-01 Flexi Quote Rotator - Cross-Site Request Forgery & SQL In...
wp-effective-lead-management 2014-08-01 WP Lead Management 3.0.0 - Script Insertion Vulnerabilities
xve-various-embed 2014-08-01 XVE Various Embed - JW Player Multiple Cross-Site Scripti...
g-lock-double-opt-in-manager 2014-08-01 G-Lock Double Opt-in Manager - Two Security Bypass Vulner...
kau-boys-backend-localization 2014-08-01 Backend Localization 1.6.1 - options-general.php kau-boys...
kau-boys-backend-localization 2014-08-01 Backend Localization 1.6.1 - wp-login.php kau-boys_backen...
vitamin 2014-08-01 Vitamin 1.0 - add_headers.php path Parameter Traversal Ar...
vitamin 2014-08-01 Vitamin 1.0 - minify.php path Parameter Traversal Arbitra...
featured-post-with-thumbnail 2014-08-01 Featured Post with thumbnail 1.4 - Unspecified timthumb
cloudsafe365-for-wp 2014-08-01 Cloudsafe365 - Multiple Vulnerabilities
token-manager 2014-08-01 Token Manager 1.0.2 - "tid" Cross-Site Scripting Vulnerab...
sexy-add-template 2014-08-01 Sexy Add Template 1.0 - PHP Code Execution CSRF
notices 2014-08-01 Notices Ticker 5.0 - Cross-Site Request Forgery
mf-gig-calendar 2014-08-01 MF Gig Calendar 0.9.4.1 - URL Cross-Site Scripting
wp-topbar 2014-08-01 WP-TopBar 4.02 - wp-topbar.php wptbbartext Parameter XSS
wp-topbar 2014-08-01 WP-TopBar 4.02 - TopBar Message Manipulation CSRF
wp-topbar 2014-08-01 wp-topbar <= 3.04 - XSS in ZeroClipboard.swf
pinterest-pin-it-button 2014-08-01 Pinterest "Pin It" Button Lite 1.3.1 - Multiple Unspecifi...
css-plus 2014-08-01 CSS Plus 1.3.1 - Unspecified Vulnerabilities
multisite-plugin-manager 2014-08-01 Multisite plugin Manager 3.1.1 - Two Cross-Site Scripting...
abc-test 2014-08-01 ABC Test - "id" Cross-Site Scripting
form 2014-08-01 Zingiri Form Builder - "error" Cross-Site Scripting
white-label-cms 2014-08-01 White Label CMS - Cross-Site Request Forgery
white-label-cms 2015-04-29 White Label CMS <= 1.5.2 - Stored XSS