WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Published Title
portfolio-filter-gallery 2020-01-29 Portfolio Filter Gallery < 1.1.3 - CSRF & Reflected XSS
miniorange-saml-20-single-s... 2020-01-28 SAML SP Single Sign On < 4.8.84 - Cross-Site Scripting (X...
wordable 2020-01-28 Wordable < 3.1.2 - Plugin's Authentication Bypass
blnmrpb 2020-01-27 blnmrpb - Webshell in Fake Plugin
wps-hide-login 2020-01-27 WPS Hide Login < 1.5.5 - Secret Login Page Disclosure
multiple-domain 2020-01-25 Multiple Domain < 1.0.3 - XSS in Canonical/Alternate Tags
wp-central 2020-02-17 wpCentral < 1.5.1 - Improper Access Control to Privilege ...
wp-ds-faq-plus 2020-01-24 WP DS FAQ Plus < 1.4.2 - Stored Cross-Site Scripting (XSS)
calculated-fields-form 2020-01-22 Calculated Fields Form < 1.0.354 - Authenticated Stored XSS
clean-and-simple-contact-fo... 2020-01-22 Contact Form Clean and Simple < 4.7.1 - Authenticated Sto...
ultimate-addons-for-beaver-... 2020-01-22 Ultimate Addons for Beaver Builder < 1.25.0 - Cross-Site ...
accessally 2020-01-21 AccessAlly < 3.3.2 - Unauthenticated Arbitrary PHP Code E...
conversation-watson 2020-01-21 Chatbot with IBM Watson < 0.8.21 - DOM Cross-Site Scripti...
2j-slideshow 2020-01-20 2J SlideShow < 1.3.40 - Authenticated Arbitrary Plugin De...
batchmove 2020-01-19 Batch-Move Posts <= 1.5 - Broken Authentication leading t...
contextual-adminbar-color 2020-01-19 Contextual Adminbar Color < 0.3 - Authenticated Stored Cr...
marketo-forms-and-tracking 2020-01-17 Marketo Forms and Tracking <= 1.0.2 - CSRF to XSS
chained-quiz 2020-02-21 Chained Quiz < 1.1.9.1 - Authenticated Stored XSS
resim-ara 2020-01-16 Resim Ara <= 3.0 - Unauthenticated Reflected XSS
wordpress-database-reset 2020-01-16 WP Database Reset < 3.15 - Privilege Escalation
wordpress-database-reset 2020-01-16 WP Database Reset < 3.15 - Privilege Escalation
flamingo 2020-01-15 Flamingo < 2.1.1 - CSV Injection
sfwd-lms 2020-04-01 LearnDash < 3.1.6 - Unauthenticated SQL Injection
elementor 2020-06-05 Elementor Page Builder < 2.9.10 - Authenticated Stored XSS
iwp-client 2015-07-08 InfiniteWP Client <= 1.3.14 - Unspecified Critical