WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
unite-gallery-lite 2015-07-25 Unite Gallery Lite <= 1.4.6 - CSRF & Authenticated SQL In...
tracking-code-manager 2017-05-12 Tracking Code Manager - Authenticated XSS, CSRF & DoS
sourceafrica 2015-09-02 sourceAFRICA <= 0.1.3 - Unauthenticated Cross-Site Script...
social-buttons-pack 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
multisite-post-duplicator 2016-12-11 Multisite Post Duplicator <= 0.9.5.1 - Cross-Site Request...
echosign 2016-04-22 Echosign <= 1.1 - Reflected Cross-Site Scripting (XSS)
stats-counter 2017-03-03 Analytics Stats Counter Statistics - Unauthenticated PHP ...
optinmonster 2016-03-22 OptinMonster <= 1.1.4.5 - Execution of Arbitrary Shortcodes
showbizpro 2015-05-03 WordPress Showbiz Pro Shell Upload
wwc-amz-aff 2015-04-26 WooCommerce Amazon Affiliates - Arbitrary File Upload
premium-seo-pack 2015-04-24 Premium SEO Pack 1.8.0 - Unauthenicated Arbitrary File Up...
wordpress-seo-premium 2015-04-20 WordPress SEO by Yoast <= 2.0.1 - Cross-Site Scripting (XSS)
fusion-engage 2015-04-13 Fusion Engage 1.0.5 - Local File Disclosure
mklasens-photobox 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
wp-business-intelligence 2015-04-01 WP Business Intelligence Lite <= 1.6.1 - SQL Injection
realty 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
estatik 2016-08-12 Estatik 2.2.5 - Arbitrary File Upload
admin-custom-login 2017-03-03 Admin Custom Login - Authenticated Stored Cross-Site Scri...
ajax-search-pro 2015-03-21 Ajax Search Pro <= 3.5 - Cross-Site Request Forgery (CSRF...
wp-business-directory 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
image-export 2015-07-14 Image Export <= 1.1.0 - Directory Traversal
promobar 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
gravityforms 2015-03-02 Gravity Forms <= 1.8.19 - Arbitrary File Upload
gravityforms 2015-03-17 Gravity Forms 1.8 <= 1.9.3.5 - Authenticated Blind SQL In...
gravityforms 2015-04-20 Gravity Forms <= 1.9.6 - Cross-Site Scripting (XSS)
gravityforms 2016-03-01 Gravity Forms <= 1.9.15.11 - Authenticated Reflected Cro...
gravityforms 2016-10-17 Gravity Forms <= 2.0.6.5 - Authenticated Blind Cross-Site...
ptengine-real-time-web-anal... 2015-04-01 Ptengine <= 1.0.1 - Reflected Cross-Site Scripting (XSS)
google-map-wp 2015-11-24 Huge IT Google Map <= 2.2.5 - Authenticated SQL Injection
wp-all-import-pro 2015-02-26 WP All Import Pro <= 4.1.0 - RCE
wp-all-import-pro 2015-03-17 WP All Import Pro <= 4.1.1 - Multiple Vulnerabilities
tweet-wheel 2016-04-22 Tweet Wheel <= 1.0.3.2 - Reflected Cross-Site Scripting (...
syndication-links 2015-05-13 Syndication Links <= 1.0.2 - DOM Cross-Site Scripting (XSS)
give 2015-04-20 Give - Cross-Site Scripting (XSS)
ez-portfolio 2015-03-03 EZ Portfolio <= 1.0.1 - Multiple Cross-Site Scripting (XSS)