WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Published Title
moreads-se 2017-01-17 Moreads Se < 1.4.7 - XSS
wangguard 2016-08-02 WangGuard <= 1.7.1 - Cross-Site Scripting (XSS)
event-notifier 2017-01-16 Event Notifier < 1.2.1 - XSS
stop-user-enumeration 2017-01-04 Stop User Enumeration <= 1.3.4 - Username Enumeration Byp...
responsive-poll 2017-01-10 Responsive Poll 1.6.4,1.7.4 - Cross-Site Scripting (XSS) ...
byrev-wp-picshield-hotlink-... 2017-01-04 ByREV WP-PICShield - Cross-Site Request Forgery (CSRF)
stop-user-enumeration 2017-01-04 Stop User Enumeration <= 1.3.4 - Username Enumeration Byp...
xcloner-backup-and-restore 2016-12-31 XCloner - Backup and Restore <= 3.1.4 - Authenticated Pat...
nelio-ab-testing 2016-05-11 Nelio AB Testing <= 4.4.4 - Path Traversal
buddypress 2020-01-03 BuddyPress 5.0.0 - 5.1.1 - Private Data Exposure via REST...
image-slider-widget 2016-12-23 Slider <= 1.1.89 - Authenticated Arbitrary File Deletion
buddypress-media 2016-01-28 trMedia for WordPress <= 3.10.1 - XSS
chained-quiz 2020-01-16 Chained Quiz < 1.1.8.2 - Unauthenticated Reflected XSS
chained-quiz 2020-01-16 Chained Quiz < 1.1.8.2 - Unauthenticated Reflected XSS
copy-me 2016-12-21 copy-me 1.0.0 - Copy Posts Cross-Site Request Forgery (CSRF)
404-redirection-manager 2016-12-19 404 Redirection Manager 1.0 - SQL Injection
quiz-master-next 2015-07-16 Quiz And Survey Master <= 4.4.2 - Authenticated Blind SQL...
all-in-one-wp-security-and-... 2016-07-31 All In One WP Security & Firewall <= 4.1.2 - Multiple vul...
podlove-podcasting-plugin-f... 2016-12-14 Podlove Podcast Publisher <= 2.3.15 - Multiple SQLi & XSS
xtremelocator 2016-12-14 Xtreme Locator Dealer Locator Plugin 1.5 – Authenticated ...
zm-gallery 2016-12-14 ZM Gallery 1.0 – Authenticated Blind SQL Injection
wp-private-messages 2014-08-01 wp-private-messages - /wp-admin/profile.php msgid Paramet...
wp-support-plus-responsive-... 2014-11-15 WP Support Plus Responsive Ticket System < 4.2 - Multiple...
zx-csv-upload 2016-12-12 ZX_CSV Upload 1 – Authenticated SQL Injection
delete-all-comments 2016-12-10 Delete All Comments 2.0 - Unauthenticated Arbitrary File ...