WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
wptf-image-gallery 2015-07-20 wptf-image-gallery 1.0.3 - Remote File Download
wpsolr-search-engine 2016-04-14 WPSOLR <= 8.6 - Unauthenticated Reflected Cross-Site Scri...
wpshop 2015-03-09 Wpshop - eCommerce <= 1.3.9.5 - Arbitrary File Upload
wplegalpages 2015-11-24 WP Legal Pages <= 1.0.1 - Authenticated Stored Cross-Site...
wpdiscuz 2016-05-30 wpDiscuz <= 3.1.4 - Reflected Cross-Site Scripting (XSS)
wpbook 2015-02-27 WPBook <= 3.7 - Cross-Site Request Forgery (CSRF)
wp-vipergb 2015-03-02 WP-ViperGB 1.3.10 - XSS Weakness & CSRF
wp-vertical-image-slider 2015-09-21 wordpress vertical image slider plugin - Cross-Site Scrip...
wp-vault 2016-12-01 WP Vault 0.8.6.6 - Unauthenticated Local File Inclusion (...
wp-testimonials 2017-06-12 WP-Testimonials - Authenticated SQL Injection
wp-swimteam 2015-07-03 Swim Team <= v1.44.10777 - Local File Inclusion
wp-survey-and-poll 2015-02-12 WordPress Survey & Poll <= 1.1.7 - Blind SQL Injection
wp-support-plus-responsive-... 2016-12-18 WP Support Plus Responsive Ticket System <= 7.1.3 – Authe...
wp-support-plus-responsive-... 2017-11-12 WP Support Plus Responsive Ticket System <= 8.0.7 - Remot...
wp-stats-dashboard 2015-11-24 WP-Stats-Dashboard <= 2.9.4 - Authenticated Blind SQL Inj...
wp-smiley 2015-06-19 WP Smiley <= 1.4.1 - CSRF & Cross-Site Scripting (XSS)
wp-responsive-thumbnail-slider 2015-09-02 WordPress Responsive Thumbnail Slider 1.0 - Authenticated...
wp-responsive-thumbnail-slider 2015-09-02 WordPress Responsive Thumbnail Slider 1.0 - Stored Cross-...
wp-portfolio-gallery 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
wp-mon 2015-04-20 WP-Mon - Arbitrary File Download
wp-media-cleaner 2015-02-27 WP Media Cleaner <= 2.2.6 - Cross-Site Scripting (XSS)
wp-mail-logging 2017-11-13 WP Mail Logging <= 1.8.2 - Stored Cross-Site Scripting
wp-listings 2016-01-28 IMPress Listings <= 2.0.1 - Unauthenticated Reflected Cro...
wp-jobs 2017-06-14 WP Jobs <= 1.4 - Authenticated SQL Injection
wp-invoice 2016-02-04 WP-Invoice <= 4.1.0 - Multiple Vulnerabilities
wp-instance-rename 2015-06-24 wp-instance-rename <= 1.0 - Arbitrary File Download
wp-front-end-repository 2015-07-14 WP Front-End Repository Manager <= 1.1 - Arbitrary File U...
wp-front-end-profile 2016-09-15 WP Front End Profile <= 0.2.1 - Privilege Escalation & St...
wp-flash-player 2015-07-26 Flash Player Plugin <= 1.3 - Multiple Cross-Site Scriptin...
wp-fast-cache 2015-05-28 WP Fast Cache <= 1.4 - CSRF & Cross-Site Scripting (XSS)
wp-events 2017-11-12 Events <= 2.3.4 - Authenticated SQL Injection
wp-easy-slideshow 2015-04-07 WP Easy Slideshow <= 1.0.3 - Multiple Cross-Site Request ...