WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
funcaptcha 2014-08-01 FunCaptcha 0.3.2- Setting Manipulation CSRF
funcaptcha 2014-08-01 FunCaptcha 0.4.3 - wp_funcaptcha_admin_activate.php URI XSS
xili-language 2014-08-01 xili-language - index.php lang Parameter XSS
wordpress-seo 2014-08-01 Yoast SEO - Security issue which allowed any user to rese...
wordpress-seo 2014-08-01 Yoast SEO < 1.4.7 - Reset Settings Feature Access Restric...
wordpress-seo 2015-03-11 Yoast SEO <= 1.7.3.3 - Blind SQL Injection
wordpress-seo 2015-06-12 Yoast SEO <= 2.1.1 - Authenticated Stored DOM XSS
wordpress-seo 2016-05-06 Yoast SEO <= 3.2.4 - Subscriber Settings Sensitive Data E...
wordpress-seo 2016-07-28 Yoast SEO <= 3.2.5 - Unspecified Cross-Site Scripting (XSS)
wordpress-seo 2016-08-03 Yoast SEO <= 3.4.0 - Authenticated Stored Cross-Site Scri...
wordpress-seo 2017-11-16 Yoast SEO <= 5.7.1 - Authenticated Cross-Site Scripting (...
wordpress-seo 2018-11-20 Yoast SEO <= 9.1 - Authenticated Race Condition
wordpress-seo-premium 2019-07-10 Yoast SEO 1.2.0-11.5 - Authenticated Stored XSS
digg-digg 2014-08-01 Digg Digg 5.3.4 - Setting Manipulation CSRF
ssquiz 2014-08-01 SS Quiz - Multiple Unspecified Vulnerabilities
wp-print 2014-08-01 WP-Print 2.51 - Setting Manipulation CSRF
trafficanalyzer 2014-08-01 Traffic Analyzer 3.3.2 - js/ta_loaded.js.php aoid Paramet...
wp-download-manager 2014-08-01 WP-DownloadManager 1.60 - Script Insertion CSRF
contextual-related-posts 2014-08-01 Contextual Related Posts 1.8.10.1 - contextual-related-po...
contextual-related-posts 2014-08-01 Contextual Related Posts 1.8.6 - Cross-Site Request Forgery
calendar 2014-08-01 Calendar <= 1.3.2 - Entry Addition Cross-Site Request For...
calendar 2016-11-08 Calendar <= 1.3.7 - Cross-Site Scripting (XSS)
calendar 2018-11-02 Calendar <= 1.3.10 - Authenticated Stored Cross-Site Scr...
feedweb 2014-08-01 Feedweb 2.4 - DOM Cross-Site Scripting (XSS)
feedweb 2014-08-01 Feedweb <= 1.8.8 - Cross-Site Scripting (XSS)
feedweb 2015-01-15 Feedweb 2.4.1-3.0.6 - SQL Injection
wordpress-23-related-posts-... 2014-08-01 WordPress Related Posts 2.6.1 - Cross-Site Request Forgery
related-posts 2014-08-01 Related Posts 2.7.1 - Cross-Site Request Forgery
wp-print-friendly 2014-08-01 WP Print Friendly 3.3.7 - wp-admin/options.php printfrien...
wp-print-friendly 2014-08-01 WP Print Friendly <= 0.5.2 - Security Bypass
related-posts-by-zemanta 2014-08-01 Related Posts by Zemanta 1.3.1 - Cross-Site Request Forgery
mail-on-update 2014-08-01 Mail On Update 5.1.0 - Email Option Manipulation CSRF
advanced-xml-reader 2014-08-01 Advanced XML Reader 0.3.4 - XML External Entity (XXE) Inj...
advanced-xml-reader 2014-08-01 Advanced XML Reader 0.1.1 - XML External Entity (XXE) Dat...
top-10 2014-08-01 Top 10 <= 1.9.2 - Setting Manipulation CSRF
top-10 2016-07-14 Top 10 <= 2.3.0 - Cross-Site Scripting (XSS)
top-10 2017-12-19 Top 10 <= 2.4.3 - Authenticated SQL Injection
easy-adsense-lite 2014-08-01 Easy AdSense Lite 6.06 - Setting Manipulation CSRF
uk-cookie 2014-08-01 uk-cookie - Cross-Site Scripting (XSS)
uk-cookie 2014-08-01 uk-cookie - Cross-Site Request Forgery (CSRF)
wp-cleanfix 2014-08-01 wp-cleanfix - Remote Comm& Execution, CSRF & XSS
background-music 2014-08-01 background-music 1.0 - jPlayer.swf XSS
haiku-minimalist-audio-player 2014-08-01 haiku-minimalist-audio-player <= 1.1.0 - jPlayer.swf XSS
jammer 2014-08-01 jammer <= 0.2 - jPlayer.swf XSS
syntaxhighlighter 2014-08-01 SyntaxHighlighter Evolved <= 3.1.9 - Unspecified Cross-Si...
syntaxhighlighter 2014-08-01 SyntaxHighlighter Evolved 3.1.5 - clipboard.swf Unspecifi...
facebook-members 2014-08-01 facebook-members 5.0.4 - Setting Manipulation CSRF
foursquare-checkins 2014-08-01 foursquare-checkins - CSRF
formidable 2014-08-01 Formidable Forms Pro <= 1.06.02 - ofc_upload_image.php Ar...
formidable 2014-08-01 Formidable Pro - Unspecified Vulnerabilities
formidable 2016-01-29 Formidable Forms <= 1.07.11 - Authenticated Blind SQL Inj...
formidable 2017-11-16 Formidable Forms <= 2.05.02 - Multiple Vulnerabilities
all-in-one-webmaster 2014-08-01 All in one webmaster 8.2.3 - Script Insertion CSRF
social-media-widget 2014-08-01 Social Media Widget - malicious code
social-media-widget 2014-08-01 Social Media Widget 4.0 - social-widget.php MITM Weakness...