WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
category-grid-view-gallery 2014-08-01 Category Grid View Gallery 0.1.1 - Shell Upload
category-grid-view-gallery 2014-08-01 Category Grid View Gallery 2.3.1 - CatGridPost.php ID Par...
auto-attachments 2014-08-01 Auto Attachments 0.2.9 - Shell Upload
disclosure-policy-plugin 2014-08-01 Disclosure Policy 1.0 - Remote File Inclusion
mailz 2014-08-01 Mailing List 1.3.2 - Remote File Inclusion
mailz 2014-08-01 Mailing List - Arbitrary file download
g-web-shop 2014-08-01 Zingiri Web Shop <= 2.2.3 - ajax_file_cut.php selectedDoc...
mini-mail-dashboard-widget 2014-08-01 Mini Mail Dashboard Widget 1.36 - wp-mini-mail.php abspat...
mini-mail-dashboard-widget 2014-08-01 Mini Mail Dashboard Widget 1.42 - Message Body XSS
filedownload 2014-08-01 Filedownload 0.1 - (download.php) Remote File Disclosure
thecartpress 2014-08-01 TheCartPress <= 1.6 - Cross-Site Scripting (XSS)
thecartpress 2014-08-01 TheCartPress 1.1.1 - Remote File Inclusion
thecartpress 2015-04-29 TheCartPress <= 1.3.9 - Multiple Vulnerabilities
wpeasystats 2014-08-01 WPEasyStats 1.8 - Remote File Inclusion
annonces 2014-08-01 Annonces 1.2.0.1 - admin/theme.php File Upload PHP Code E...
livesig 2014-08-01 Livesig 0.4 - Remote File Inclusion
wp-filebase 2014-08-01 WP-Filebase Download Manager 0.3.0.02 - class/Admin.php G...
wp-filebase 2014-08-01 WP-Filebase 0.2.9.24- Unspecified Vulnerabilities
wp-filebase 2014-08-01 WP-Filebase Download Manager <= 0.2.9 - SQL Injection
wp-filebase 2017-03-20 WP-Filebase Download Manager - Authenticated Cross-Site S...
a-to-z-category-listing 2014-08-01 A to Z Category Listing <= 1.3 - SQL Injection
wp-e-commerce 2014-08-01 WP eCommerce 3.8.9.5 - Cross-Site Scripting (XSS)
wp-e-commerce 2014-08-01 WP eCommerce 3.8.9 - Cross-Site Scripting (XSS)
wp-e-commerce 2014-08-01 WP eCommerce 3.8.9 - SQL Injection
wp-e-commerce 2014-08-01 WP eCommerce 3.8.6 - Cross-Site Scripting (XSS)
wp-e-commerce 2014-08-01 WP eCommerce <= 3.8.6 - SQL Injection
wp-e-commerce 2014-10-05 WP eCommerce <= 3.8.7.5 - Unspecified SQL Injection
wp-e-commerce 2014-11-01 WP eCommerce <= 3.8.14.3 - Authorisation Bypass
wp-e-commerce 2015-04-20 WP eCommerce <= 3.9.2 - Reflected Cross-Site Scripting (XSS)
wp-e-commerce 2016-11-15 WP eCommerce <= 3.11.3 - SQL Injection in sessionid
eventify 2014-08-01 Eventify - Simple Events <= 1.7.f - SQL Injection
paid-downloads 2014-08-01 Paid Downloads <= 2.01 - SQL Injection
community-events 2014-08-01 Community Events <= 1.2.1 - SQL Injection
community-events 2015-04-14 Community Events <= 1.3.5 - SQL Injection
1-flash-gallery 2014-08-01 1-flash-gallery <= 1.9.0 - XSS in ZeroClipboard.swf
1-flash-gallery 2014-08-01 1 Flash Gallery - Arbiraty File Upload Exploit (MSF)
tweet-old-post 2014-08-01 Tweet Old Post <= 3.2.5 - Authenticated SQL Injection
tweet-old-post 2015-02-02 Revive Old Post <= 6.9.0 - Privilege Escalation
post-highlights 2014-08-01 post highlights <= 2.2 - SQL Injection
post-highlights 2015-11-13 Post highlights 2.0-2.6 - Stored Cross-Site Scripting (XSS)
knr-author-list-widget 2014-08-01 KNR Author List Widget <= 2.0.0 - SQL Injection
scormcloud 2014-08-01 SCORM Cloud <= 1.0.6.6 - SQL Injection
zotpress 2014-08-01 Zotpress <= 4.4 - SQL Injection
oqey-gallery 2014-08-01 oQey Gallery <= 0.4.8 - SQL Injection
videowhisper-video-presenta... 2014-08-01 VideoWhisper Video Presentation <= 1.1 - SQL Injection
videowhisper-video-presenta... 2014-08-01 VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Ar...
videowhisper-video-presenta... 2014-09-20 VideoWhisper Video Presentation 3.25 - vp/c_login.php roo...
videowhisper-video-presenta... 2015-04-01 VideoWhisper Video Presentation 3.31.17 - Remote File Upload
facebook-opengraph-meta-plugin 2014-08-01 Facebook Opengraph Meta <= 1.0 - SQL Injection
image-gallery-with-slideshow 2014-08-01 image-gallery-with-slideshow <= 1.5 - Arbitrary File Uplo...
wordpress-donation-plugin-w... 2014-08-01 Donation <= 1.0 - SQL Injection
wp-bannerize 2014-08-01 WP Bannerize <= 2.8.6 - SQL Injection
wp-bannerize 2014-08-01 WP Bannerize <= 2.8.7 - SQL Injection
search-autocomplete 2014-08-01 SearchAutocomplete <= 1.0.8 - Unauthenticated SQL Injection