WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
q2w3-inc-manager 2014-08-01 q2w3-inc-manager <= 2.3.1 - XSS in ZeroClipboard
scorerender 2014-08-01 scorerender <= 0.3.4 - XSS in ZeroClipboard
wppygments 2014-08-01 wppygments <= 0.3.2 - XSS in ZeroClipboard
copy-in-clipboard 2014-08-01 copy-in-clipboard <= 0.8 - XSS in ZeroClipboard
search-and-share 2014-08-01 search-&-share 0.9.3 - SearchAndShare.php Direct Request ...
search-and-share 2014-08-01 search-&-share <= 0.9.3 - XSS in ZeroClipboard
placester 2014-08-01 placester <= 0.3.12 - XSS in ZeroClipboard
zopim-live-chat 2014-08-01 Zopim Live Chat <= 1.2.5 - XSS in ZeroClipboard
ed2k-link-selector 2014-08-01 ed2k-link-selector <= 1.1.7 - XSS in ZeroClipboard
marekkis-watermark 2014-08-01 Marekkis Watermark 0.9.2 - wp-admin/options-general.php p...
responsive-logo-slideshow 2014-08-01 Responsive Logo Slideshow - URL & Image Field XSS
contact-form-plugin 2014-08-01 Contact Form 3.34 - contact_form.php cntctfrm_contact_mes...
contact-form-plugin 2014-08-01 Contact Form 3.36 - contact_form.php cntctfrm_contact_ema...
contact-form-plugin 2015-01-22 Contact Form 3.82 - Unauthorized Language Manipulation
contact-form-plugin 2017-03-02 Contact Form by BestWebSoft <= 4.0.1 - Stored Cross-Site ...
relevant 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
smart-flv 2014-08-01 smart-flv - jwplayer.swf XSS
GoogleAlertandtwitterplugin 2014-08-01 Google Alert And Twitter 3.1.5 - XSS Exploit, SQL Injection
php-shell 2014-08-01 PHP Shell Plugin
ckeditor-for-wordpress 2015-11-22 CKEditor for WordPress <= 4.5.3 - Authenticated Reflected...
audio-player 2014-08-01 Audio Player - player.swf playerID Parameter XSS
myftp-ftp-like-plugin-for-w... 2014-08-01 myftp-ftp-like-plugin-for-wordpress v2 - SQL Injection
password-protected 2014-08-01 Password Protected 1.4 - Login Process redirect_to Parame...
newsletter 2014-08-01 Newsletter <= 3.0.8 - SQL Injection
newsletter 2014-08-01 Newsletter <= 3.2.6 - Cross-Site Scripting (XSS)
newsletter 2015-03-30 Newsletter 3.7.0 - Open Redirect
commentluv 2014-08-01 CommentLuv 2.92.3 - Cross Site Scripting
wp-forum 2014-08-01 wp-forum - SQL Injection
wp-ecommerce-shop-styling 2014-08-01 WP e-Commerce Shop Styling <= 1.7.2 - Remote File Inclusion
wp-ecommerce-shop-styling 2015-07-06 WP e-Commerce Shop Styling <= 2.5 - Local File Inclusion
wp-table-reloaded 2014-08-01 wp-table-reloaded <= 1.9.3 - zeroclipboard.swf id Paramet...
wordpress-gallery 2014-08-01 Gallery - "load" Remote File Inclusion
forumconverter 2014-08-01 ForumConverter - SQL Injection
p1m-media-manager 2014-08-01 p1m media manager - SQL Injection
wordpress-simple-shout-box 2014-08-01 wordpress-simple-shout-box - SQL Injection
portfolio-slideshow-pro 2014-08-01 portfolio-slideshow-pro v3 - SQL Injection
simple-history 2014-08-01 Simple History - RSS Feed "rss_secret" Disclosure Weakness
wp-explorer-gallery 2014-08-01 wp-explorer-gallery - Arbitrary File Upload