WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
power-zoomer 2014-08-01 powerzoomer - Arbitrary File Upload
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
smart-slide-show 2014-08-01 Smart Slideshow - upload.php Multiple File Extension Uplo...
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
pdw-file-browser 2014-08-01 PDW File Browser - upload.php Arbitrary File Upload
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
comment-extra-field 2014-08-01 Comment Extra Field 1.7 - CSRF / XSS
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
wp-vertical-gallery 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
asset-manager 2014-08-01 Asset Manager 0.2 - Arbitrary File Upload
asset-manager 2014-08-01 Asset Manager - upload.php Arbitrary Code Execution
dm-albums 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
dm-albums 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
dm-albums 2014-08-01 SWFUpload - Cross-Site Scripting (XSS)
blaze-slide-show-for-wordpress 2014-08-01 Blaze Slideshow 2.1 - Unspecified Security
sitepress-multilingual-cms 2015-03-12 WPML <= 3.1.7.2 - Multiple Vulnerabilities (Including SQLi)
sitepress-multilingual-cms 2015-09-02 WPML 2.9.3-3.2.6 - Cross-Site Scripting (XSS) in Accept-L...
uploader 2014-08-01 Uploader 1.0.4 - Shell Upload
uploader 2014-08-01 Uploader 1.0.4 - notify.php blog Parameter XSS
uploader 2014-08-01 Uploader 1.0.0 - wp-content/plugins/uploader/views/notify...
xerte-online 2014-08-01 Xerte Online <= 0.35 - File Upload
advanced-custom-fields 2014-08-01 Advanced Custom Fields <= 3.5.1 - Remote File Inclusion
advanced-custom-fields 2018-12-10 Download Advanced Custom Fields <= 5.7.7 - Authenticated ...
grou-random-image-widget 2014-08-01 grou-r&om-image-widget - Full Path Disclosure
sintic_gallery 2014-08-01 sintic_gallery - Arbitrary File Upload
sintic_gallery 2014-08-01 sintic_gallery - Path Disclosure
wp-useronline 2014-08-01 Wp-UserOnline <= 2.62 - Stored Cross-Site Scripting (XSS)
levelfourstorefront 2014-08-01 Shopping Cart 8.1.14 - Shell Upload, SQL Injection
levelfourstorefront 2014-08-01 Level Four Storefront - levelfourstorefront/getsortmanufa...
reflex-gallery 2014-08-01 ReFlex Gallery 1.4.2 - Unspecified XSS
reflex-gallery 2014-08-01 ReFlex Gallery 1.3 - Shell Upload
reflex-gallery 2015-03-29 Reflex Gallery <= 3.1.3 - Arbitrary File Upload
image-slider-widget 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
wp_rokmicronews 2014-08-01 RokMicroNews <= 1.5 - XSS,DoS,Disclosure,Upload Vulnerabi...
wp_roknewspager 2014-08-01 RokNewsPager <= 1.17 - XSS,DoS,Disclosure,Upload Vulnerab...
wp_rokstories 2014-08-01 RokStories <= 1.25 - XSS,DoS,Disclosure,Upload Vulnerabil...
wp_rokintroscroller 2014-08-01 RokIntroScroller <= 1.8 - XSS,DoS,Disclosure,Upload Vulne...
openinviter-for-wordpress 2014-08-01 OpenInviter - Error Log Information Disclosure