WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
google-map-wp 2015-11-24 Huge IT Google Map <= 2.2.5 - Authenticated SQL Injection
wp-all-import-pro 2015-02-26 WP All Import Pro <= 4.1.0 - RCE
wp-all-import-pro 2015-03-17 WP All Import Pro <= 4.1.1 - Multiple Vulnerabilities
tweet-wheel 2016-04-22 Tweet Wheel <= 1.0.3.2 - Reflected Cross-Site Scripting (...
syndication-links 2015-05-13 Syndication Links <= 1.0.2 - DOM Cross-Site Scripting (XSS)
give 2015-04-20 Give - Cross-Site Scripting (XSS)
ez-portfolio 2015-03-03 EZ Portfolio <= 1.0.1 - Multiple Cross-Site Scripting (XSS)
contact-form-generator 2015-09-08 Contact Form Generator <= 2.0.1 - Multiple Cross-Site Req...
wonderplugin-audio 2015-02-19 WonderPlugin Audio Player 2.0 Blind SQL Injection & XSS
wp-easy-poll-afo 2015-12-11 WP Easy Poll <= 1.1.3 - Cross-Site Scripting (XSS) & CSRF
re-attacher 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
indieweb-post-kinds 2015-05-13 Indieweb Post Kinds <= 1.3.1 - DOM Cross-Site Scripting (...
hero-maps-pro 2016-04-14 Hero Maps Pro <= 2.1.0 - Unauthenticated Reflected Cross-...
gallery-categories 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
bws-smtp 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
post-grid 2016-11-17 Post Grid <= 2.0.12 - Unauthenticated Arbitrary File Dele...
content-grabber 2015-08-05 Content Grabber 1.0 - Cross-Site Scripting (XSS)
bws-popular-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
bws-testimonials 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
bws-featured-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
wp-plotly 2015-07-14 Plotly <= 1.0.2 - Authenticated Stored Cross-Site Scripti...
gallery-by-supsystic 2016-08-16 Photo Gallery by Supsystic <= 1.8.5 - Cross-Site Request ...
gallery-by-supsystic 2016-08-16 Photo Gallery by Supsystic <= 1.8.5 - Authenticated Store...
encrypted-contact-form 2015-05-15 Encrypted Contact Form <= 1.0.4 - CSRF & XSS
aspose-cloud-ebook-generator 2015-03-27 Aspose Cloud eBook Generator - File Download
zip-attachments 2015-06-15 Zip Attachments <= 1.1.4 - Arbitrary File Download
youtube-embed 2015-08-26 YouTube Embed <= 3.3.2 - Authenticated Stored Cross-Site ...
xtremelocator 2016-12-20 Xtreme Locator Dealer Locator Plugin 1.5 – Authenticated ...
xpinner-lite 2015-09-20 xPinner Lite <= 2.2 - Cross-Site Scripting (XSS) & CSRF
x-forms-express 2015-11-13 NEX-Forms Lite <= 2.1.0 - Stored Cross-Site Scripting (XSS)
wsecure 2016-08-12 wSecure Lite <= 2.3 - Remote Code Execution (RCE)
wr-contactform 2015-11-24 WR ContactForm <= 1.1.9 - Authenticated SQL Injection