WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
wp-advance-comment 2016-03-13 WP Advanced Comment <= 0.10 - Stored Cross-Site Scripting...
bws-linkedin 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
gravitate-qa-tracker 2017-05-21 Gravitate QA Tracker <= 1.2.1 - Unauthenticated PHP Objec...
z-url-preview 2018-01-08 Z-URL Preview <= 1.6.2 - Cross-Site Scripting (XSS)
woo-order-export-lite 2018-06-21 Advanced Order Export For WooCommerce <= 1.5.4 - CSV Inje...
propertyhive 2018-02-01 PropertyHive <= 1.4.14 - Cross-Site Scripting (XSS)
mdc-private-message 2015-08-22 MDC Private Message <= 1.0.0 - Authenticated Stored Cross...
faq-wd 2016-04-17 FAQ WD <= 1.0.14 - Cross-Site Scripting (XSS)
zx-csv-upload 2016-12-20 ZX_CSV Upload 1 – Authenticated SQL Injection
payment-form-for-paypal-pro 2015-10-11 Payment Form for PayPal Pro <= 1.0.1 - Multiple Reflected...
hide_my_wp 2015-07-29 Hide My WP <= 4.51.1 - Stored Cross-Site Scripting (XSS)
hide_my_wp 2015-08-13 Hide My WP <= 4.53 - Stored-Cross Site Scripting (XSS)
sirv 2016-11-21 Sirv <= 1.3.1 - Authenticated SQL Injection
robo-gallery 2016-04-12 Robo Gallery <= 2.0.14 - Remote Code Execution
jtrt-responsive-tables 2017-11-12 JTRT Responsive Tables <= 4.1 – Authenticated SQL Injection
copy-me 2016-12-22 copy-me 1.0.0 - Copy Posts Cross-Site Request Forgery (CSRF)
peepso-core 2016-06-30 PeepSo <= 1.6.0 - Authenticated Privilege Escalation
godaddy-email-marketing-sig... 2016-11-02 GoDaddy Email Marketing <= 1.1.3 - Cross-Site Request For...
3bubble-amazon-s3-html-5-vi... 2015-07-08 S3Bubble Cloud Video With Adverts & Analytics <= 0.7 - Ar...
localize-my-post 2018-09-20 Localize My Post 1.0 - Unauthenticated Local File Inclusi...
bws-linkedin 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
robotcpa 2015-06-11 RobotCPA Plugin V5 - Local File Inclusion
portfolio-by-lisa-westlund 2015-07-21 Portfolio 1.0 - Cross-Site Request Forgery (CSRF)
imdb-widget 2016-03-30 IMDb Profile Widget <= 1.0.8 - Local File Inclusion (LFI)
event-calendar-wd 2017-07-16 Event Calendar WD <= 1.0.93 - Authenticated Cross-Site Sc...
easy-appointments 2017-10-26 Easy Appointments <= 1.11.7 - Cross-Site Scripting (XSS)
defa-online-image-protector 2016-04-15 defa-online-image-protector <= 3.3 - Unauthenticated Refl...
dzs-zoomsounds 2015-06-01 ZoomSounds <= 2.0 - Remote File Upload
wp-image-zoooom 2018-04-12 WP Image Zoom <= 1.23 - Cross-Site Request Forgery (CSRF)
woocommerce-catalog-enquiry 2017-07-19 WooCommerce Catalog Enquiry - Arbitrary File Upload
wf-cookie-consent 2018-05-03 WF Cookie Consent <= 1.1.3 - Authenticated Persistent Cro...