WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
leaflet 2014-08-01 Leaflet <= 0.0.1 - Cross Site Scripting
joliprint 2014-08-01 PDF And Print Button Joliprint <= 1.3.0 - Cross Site Scri...
iframe-admin-pages 2014-08-01 IFrame Admin Pages <= 0.1 - Cross Site Scripting
network-publisher 2014-08-01 Network Publisher <= 5.0.1 - Cross Site Scripting
leaguemanager 2014-08-01 LeagueManager <= 3.7 - wp-admin/admin.php Multiple Parame...
leaguemanager 2014-08-01 LeagueManager 3.8 - SQL Injection
leaguemanager 2015-06-02 LeagueManager <= 3.9.11 - Unauthenticated SQL Injection
pretty-link 2014-08-01 Pretty Link Lite <= 1.5.3 - Cross-Site Scripting (XSS)
pretty-link 2014-08-01 Pretty Link Lite <= 1.6.0 - Cross-Site Scripting (XSS)
pretty-link 2014-08-01 Pretty Link Lite <= 1.6.2 - XSS in SWF
pretty-link 2015-11-22 Pretty Link Lite <= 1.6.7 - Authenticated SQL Injection
newsletter-manager 2014-08-01 Newsletter Manager <= 1.0.2 - Cross Site Scripting
newsletter-manager 2014-08-01 Newsletter Manager 1.0.2 - Cross Site Scripting & Cross-S...
soundcloud-is-gold 2014-08-01 Soundcloud Is Gold <= 2.1 - Cross-Site Scripting (XSS)
soundcloud-is-gold 2015-11-24 SoundCloud Is Gold <= 2.3.1 - Unauthenticated Reflected C...
sharebar 2014-08-01 Sharebar <= 1.2.5 - Reflected Cross-Site Scripting (XSS)
sharebar 2014-08-01 Sharebar <= 1.2.5 - Button Manipulation CSRF
sharebar 2014-08-01 Sharebar <= 1.2.1 - SQL Injection & Cross-Site Scripting ...
sharebar 2014-08-01 Sharebar <= 1.2.1 - SQL Injection & Cross Site Scripting
share-and-follow 2014-08-01 Share And Follow <= 1.80.3 - Cross Site Scripting
sabre 2014-08-01 SABRE <= 1.2.0 - Cross Site Scripting
wp-statistics 2014-08-01 WP Statistics <= 2.2.4 - Cross-Site Scripting (XSS)
wp-statistics 2014-11-20 WP Statistics <= 8.3 - Stored & Reflected Cross-Site Scri...
wp-statistics 2014-12-03 WP Statistics <= 8.4 - Unauthenticated Referer Header Sto...
wp-statistics 2015-04-15 WP Statistics <= 9.1.2 - Authenticated Stored Cross-Site ...
wp-statistics 2015-07-26 WP Statistics <= 9.4 - Authenticated SQL Injection
wp-statistics 2015-08-10 WP Statistics <= 9.5.1 - Referer Cross-Site Scripting (XSS)
wp-statistics 2017-04-10 WP Statistics <= 12.0.4 - Reflected Cross-Site Scripting ...
wp-statistics 2017-07-01 WP Statistics <= 12.0.7 - Authenticated SQL Injection
wp-statistics 2017-07-03 WP Statistics <= 12.0.8.1 - Authenticated Reflected Cross...
wp-statistics 2017-07-19 WP Statistics <= 12.0.9 - Authenticated Cross-Site Script...
wp-easy-gallery 2014-08-01 WP Easy Gallery <= 2.7 - Cross-Site Request Forgery (CSRF)
wp-easy-gallery 2014-08-01 WP Easy Gallery 2.7 - admin/overview.php galleryId Parame...
wp-easy-gallery 2014-08-01 WP Easy Gallery 2.7 - admin/add-images.php Multiple Param...
wp-easy-gallery 2014-08-01 WP Easy Gallery 2.7 - Multiple Admin Function CSRF
wp-easy-gallery 2014-08-01 WP Easy Gallery <= 1.7 - Cross-Site Scripting (XSS)
wp-easy-gallery 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
wp-easy-gallery 2016-01-26 WP Easy Gallery <= 4.1.4 - Reflected Cross-Site Scripting...
subscribe2 2014-08-01 Subscribe2 <= 8.0 - Cross Site Scripting
wp-survey-and-quiz-tool 2014-08-01 Survey And Quiz Tool <= 2.9.2 - Cross Site Scripting
track-that-stat 2014-08-01 Track That Stat <= 1.0.8 - Cross Site Scripting
wp-facethumb 2014-08-01 WP-Facethumb Gallery <= 0.1 - Reflected Cross Site Scripting
wpmarketplace 2014-08-01 WP Marketplace 1.5.0-1.6.1 - Arbitrary File Upload
wpmarketplace 2014-08-01 WP Marketplace 1.2.1 - File Enumeration Weakness & File U...
wpmarketplace 2015-03-22 WP Marketplace <= 2.4.0 - Arbitrary File Download
wpmarketplace 2016-10-18 WP Marketplace - Arbitrary File Upload
store-locator-le 2014-08-01 Google Maps via Store Locator - Multiple Vulnerabilities
store-locator-le 2014-08-01 store-locator-le - SQL Injection
store-locator-le 2015-05-31 Store Locator Plus 4.2.23 - Email Injection
store-locator-le 2016-08-12 Store Locator Plus for WordPress <= 4.5.10 - Authenticate...
html5avmanager 2014-08-01 HTML5 AV Manager 0.2.7 - Arbitrary File Upload
foxypress 2014-08-01 Foxypress 0.4.1.1-0.4.2.1 - Arbitrary File Upload
foxypress 2014-08-01 FoxyPress 0.4.2.5-0.4.2.8 - Multiple Vulnerabilities
gallery-plugin 2014-08-01 Gallery 3.06 - gallery-plugin/upload/php.php File Upload ...
gallery-plugin 2014-08-01 Gallery Plugin 3.8.3 - gallery-plugin.php filename_1 Para...
gallery-plugin 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
font-uploader 2014-08-01 Font Uploader 1.2.4 - Arbitrary File Upload
wp-property 2014-08-01 WP Property <= 1.38.3.2 - Non-administrative User XMLI Re...
wp-property 2014-08-01 WP Property <= 1.35.0 - Arbitrary File Upload
tinymce-thumbnail-gallery 2014-08-01 Tinymce Thumbnail Gallery <= 1.0.7 - download-image.php L...
wpstorecart 2014-08-01 wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload
thinkun-remind 2014-08-01 Thinkun Remind 1.1.3 - exportData.php dirPath Parameter T...
plugin-newsletter 2014-08-01 Plugin Newsletter 1.5 - Remote File Disclosure
rbxgallery 2014-08-01 RBX Gallery 2.1 - uploader.php File Upload PHP Code Execu...
simple-download-button-shor... 2014-08-01 Simple Download Button Shortcode 1.0 - Remote File Disclo...