WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
wa-form-builder 2016-12-06 WA Form Builder 1.1 - Unauthenticated SQL Injection
users-to-csv 2015-06-15 Users to CSV <= 1.4.5 - Cross-Site Request Forgery (CSRF)
user-role 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
user-meta-manager 2016-02-04 User Meta Manager <= 3.4.6 - Privilege Escalation
user-meta-manager 2016-02-04 User Meta Manager <= 3.4.6 - Authenticated Blind SQL Inje...
user-meta-manager 2016-02-08 User Meta Manager <= 3.4.7 - Information Disclosure
user-login-log 2017-03-02 User Login Log - Stored Cross-Site Scripting (XSS)
updraft 2015-04-20 UpdraftPlus Backup & Restoration <= 1.9.6.3 - Cross-Site ...
universal-analytics 2016-02-06 Universal Analytics <= 1.3.0 - Authenticated Cross-Site S...
ultimate-profile-builder 2015-05-06 Ultimate Profile Builder By CMSHelpLive <= 2.3.3 - CSRF/XSS
tune-library 2015-04-14 Tune Library <= 1.5.4 - SQL Injection
trust-form 2017-03-03 Trust Form - Authenticated Reflected Cross-Site Scripting...
titan-framework 2015-11-13 Titan Framework 1.0.1-1.5.2 - Reflected Cross-Site Script...
tidio-gallery 2016-04-14 Tidio Gallery <= 1.1 - Unauthenticated Reflected Cross-S...
tidio-form 2016-04-15 Easy Contact Form Builder <= 1.0 - Unauthenticated Reflec...
ticket-manager 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
the-holiday-calendar 2015-08-10 The Holiday Calendar <= 1.11.2 - Cross-Site Scripting (XSS)
tallykit 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
surveys 2017-05-26 Surveys 1.01.8 - Authenticated SQL Injection
supportflow 2016-06-29 SupportFlow <= 0.6 - Stored Cross-Site Scripting (XSS)
subscribe-to-comments 2015-07-15 Subscribe to Comments <= 2.1.2 - Authenticated Local File...
stageshow 2015-07-05 StageShow <= 5.0.8 - Open Redirect
sql-shortcode 2017-09-20 SQL Shortcode <= 1.1 - Authenticated SQL Execution
spiffy-calendar 2017-06-12 Spiffy Calendar <= 3.2.0 - Reflected Cross-Site Scripting...
sola-support-tickets 2016-02-14 Sola Support Ticket <= 3.12 - XSS & Configuration Change
smokesignal 2017-09-19 SmokeSignal <= 1.2.6 - Authenticated Stored XSS
sitebuilder-dynamic-components 2017-05-21 SiteBuilder Dynamic Components <= 1.0 - Unauthenticated P...
simple-student-result 2017-09-28 Student Result or Employee Database <= 1.6.3 - Auth Bypass
simple-slideshow-manager 2017-06-01 Simple Slideshow Manager <= 2.3 – Multiple Vulnerabilities
simple-image-manipulator 2015-08-03 simple-image-manipulator <= 1.0 - Remote File Download
simpel-reserveren 2016-04-19 Simpel Reserveren 3 <= 3.5.2 - Unauthenticated Reflected ...
shibboleth 2017-09-12 Shibboleth <= 1.7 - Cross-Site Scripting (XSS)