WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
sprapid 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
power-zoomer 2014-08-01 powerzoomer - Arbitrary File Upload
power-zoomer 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
fluid-accessible-ui-options 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
fresh-page 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
pdw-file-browser 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
pdw-file-browser 2014-08-01 PDW File Browser - upload.php Arbitrary File Upload
fluid-accessible-rich-inlin... 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
comment-extra-field 2014-08-01 Comment Extra Field 1.7 - CSRF / XSS
fluid-accessible-pager 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
fluid-accessible-uploader 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
blaze-slide-show-for-wordpress 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
blaze-slide-show-for-wordpress 2014-08-01 Blaze Slideshow 2.1 - Unspecified Security
asset-manager 2014-08-01 Asset Manager 0.2 - Arbitrary File Upload
asset-manager 2014-08-01 Asset Manager - upload.php Arbitrary Code Execution
apptha-banner 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
apptha-slider-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
uploader 2014-08-01 Uploader 1.0.4 - Shell Upload
uploader 2014-08-01 Uploader 1.0.4 - notify.php blog Parameter XSS
uploader 2014-08-01 Uploader 1.0.0 - wp-content/plugins/uploader/views/notify...
xerte-online 2014-08-01 Xerte Online <= 0.35 - File Upload
advanced-custom-fields 2014-08-01 Advanced Custom Fields <= 3.5.1 - Remote File Inclusion
sitepress-multilingual-cms 2014-08-01 sitepress-multilingual-cms - Full Path Disclosure
sitepress-multilingual-cms 2015-03-12 WPML <= 3.1.7.2 - Multiple Vulnerabilities (Including SQLi)
sitepress-multilingual-cms 2015-09-02 WPML 2.9.3-3.2.6 - Cross-Site Scripting (XSS) in Accept-L...
reflex-gallery 2014-08-01 ReFlex Gallery 1.4.2 - Unspecified XSS
reflex-gallery 2014-08-01 ReFlex Gallery 1.3 - Shell Upload
reflex-gallery 2015-03-29 Reflex Gallery <= 3.1.3 - Arbitrary File Upload
reflex-gallery 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
grou-random-image-widget 2014-08-01 grou-r&om-image-widget - Full Path Disclosure
sintic_gallery 2014-08-01 sintic_gallery - Arbitrary File Upload
sintic_gallery 2014-08-01 sintic_gallery - Path Disclosure
wp-useronline 2014-08-01 Wp-UserOnline <= 2.62 - Stored Cross-Site Scripting (XSS)
levelfourstorefront 2014-08-01 Shopping Cart 8.1.14 - Shell Upload, SQL Injection
levelfourstorefront 2014-08-01 Level Four Storefront - levelfourstorefront/getsortmanufa...
wp_rokintroscroller 2014-08-01 RokIntroScroller <= 1.8 - XSS,DoS,Disclosure,Upload Vulne...
wp_rokmicronews 2014-08-01 RokMicroNews <= 1.5 - XSS,DoS,Disclosure,Upload Vulnerabi...
wp_roknewspager 2014-08-01 RokNewsPager <= 1.17 - XSS,DoS,Disclosure,Upload Vulnerab...
wp_rokstories 2014-08-01 RokStories <= 1.25 - XSS,DoS,Disclosure,Upload Vulnerabil...
openinviter-for-wordpress 2014-08-01 OpenInviter - Error Log Information Disclosure
wp_rokbox 2014-08-01 RokBox - Multiple Vulnerabilities
wp_rokbox 2014-08-01 RokBox <= 2.13 - thumb.php src Parameter Malformed Input ...
wp_rokbox 2014-08-01 RokBox <= 2.13 - thumb.php src Parameter XSS
wp_rokbox 2014-08-01 RokBox <= 2.13 - rokbox.php Direct Request Path Disclosure
wp_rokbox 2014-08-01 RokBox <= 2.13 - error_log Direct Request Error Log Infor...
wp_rokbox 2014-08-01 RokBox <= 2.13 - jwplayer/jwplayer.swf abouttext Paramete...
wp_rokbox 2014-08-01 RokBox <= 2.13 - thumb.php src Parameter Arbitrary File U...
post-views 2014-08-01 Post views 2.6.1.2 - search_input Parameter Cross-Site Sc...
floating-social-media-links 2014-08-01 Floating Social Media Links <= 1.4.2 - fsml-admin.js.php ...
floating-social-media-links 2014-08-01 Floating Social Media Links <= 1.4.2 - fsml-hideshow.js.p...