WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
post-grid 2016-11-17 Post Grid <= 2.0.12 - Unauthenticated Arbitrary File Dele...
content-grabber 2015-08-05 Content Grabber 1.0 - Cross-Site Scripting (XSS)
bws-testimonials 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
bws-popular-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
bws-featured-posts 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
wp-plotly 2015-07-14 Plotly <= 1.0.2 - Authenticated Stored Cross-Site Scripti...
gallery-by-supsystic 2016-08-16 Photo Gallery by Supsystic <= 1.8.5 - Cross-Site Request ...
gallery-by-supsystic 2016-08-16 Photo Gallery by Supsystic <= 1.8.5 - Authenticated Store...
encrypted-contact-form 2015-05-15 Encrypted Contact Form <= 1.0.4 - CSRF & XSS
aspose-cloud-ebook-generator 2015-03-27 Aspose Cloud eBook Generator - File Download
zip-attachments 2015-06-15 Zip Attachments <= 1.1.4 - Arbitrary File Download
youtube-embed 2015-08-26 YouTube Embed <= 3.3.2 - Authenticated Stored Cross-Site ...
xtremelocator 2016-12-20 Xtreme Locator Dealer Locator Plugin 1.5 – Authenticated ...
xpinner-lite 2015-09-20 xPinner Lite <= 2.2 - Cross-Site Scripting (XSS) & CSRF
x-forms-express 2015-11-13 NEX-Forms Lite <= 2.1.0 - Stored Cross-Site Scripting (XSS)
wsecure 2016-08-12 wSecure Lite <= 2.3 - Remote Code Execution (RCE)
wr-contactform 2015-11-24 WR ContactForm <= 1.1.9 - Authenticated SQL Injection
wptf-image-gallery 2015-07-20 wptf-image-gallery 1.0.3 - Remote File Download
wpsolr-search-engine 2016-04-14 WPSOLR <= 8.6 - Unauthenticated Reflected Cross-Site Scri...
wpshop 2015-03-09 Wpshop - eCommerce <= 1.3.9.5 - Arbitrary File Upload
wplegalpages 2015-11-24 WP Legal Pages <= 1.0.1 - Authenticated Stored Cross-Site...
wpdiscuz 2016-05-30 wpDiscuz <= 3.1.4 - Reflected Cross-Site Scripting (XSS)
wpbook 2015-02-27 WPBook <= 3.7 - Cross-Site Request Forgery (CSRF)
wp-vipergb 2015-03-02 WP-ViperGB 1.3.10 - XSS Weakness & CSRF
wp-vertical-image-slider 2015-09-21 wordpress vertical image slider plugin - Cross-Site Scrip...
wp-vault 2016-12-01 WP Vault 0.8.6.6 - Unauthenticated Local File Inclusion (...
wp-testimonials 2017-06-12 WP-Testimonials - Authenticated SQL Injection
wp-swimteam 2015-07-03 Swim Team <= v1.44.10777 - Local File Inclusion
wp-survey-and-poll 2015-02-12 WordPress Survey & Poll <= 1.1.7 - Blind SQL Injection
wp-support-plus-responsive-... 2016-12-18 WP Support Plus Responsive Ticket System <= 7.1.3 – Authe...
wp-stats-dashboard 2015-11-24 WP-Stats-Dashboard <= 2.9.4 - Authenticated Blind SQL Inj...