WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
postmatic 2015-09-13 Postmatic <= 1.4.5 - Cross-Site Scripting (XSS)
post-to-csv 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
popup-by-supsystic 2017-03-02 Popup by Supsystic <= 1.7.8 - Cross-Site Request Forgery...
pondol-formmail 2016-04-19 Pondol Form to Mail <= 1.1 - Unauthenticated Reflected Cr...
pondol-carousel 2016-05-11 pondol-carousel 1.0 - Cross-Site Scripting (XSS)
podlove-podcasting-plugin-f... 2016-12-14 Podlove Podcast Publisher <= 2.3.15 - Multiple SQLi & XSS
plugmatter-optin-feature-bo... 2015-11-24 Plugmatter Optin Feature Box <= 2.0.13 - Unauthenticated ...
php-event-calendar 2015-04-05 PHP Event Calendar <= 1.5 - Arbitrary File Upload
persian-woocommerce-sms 2016-04-22 Persian Woocommerce SMS <= 3.3.3 - Reflected Cross-Site S...
paypal-currency-converter-b... 2015-06-11 Paypal Currencucy Converter Basic For Woocommerce <= 1.3 ...
parsi-font 2016-04-13 MW Font Changer <= 4.2.5 - Unauthenticated Reflected Cros...
onelogin-saml-sso 2016-06-06 OneLogin SAML SSO <= 2.1.5 - Authentication Bypass
onelogin-saml-sso 2016-06-06 OneLogin SAML SSO <= 2.1.8 - Provisioned User Hardcoded P...
onelogin-saml-sso 2016-10-17 OneLogin SAML SSO <= 2.4.2 - Signature Wrapping
onclick-show-popup 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
olimometer 2016-11-22 Olimometer <= 2.56 - Unauthenticated SQL Injection
olevmedia-shortcodes 2015-11-24 Olevmedia Shortcodes <= 1.1.8 - Authenticated Reflected C...
oauth2-provider 2015-08-14 WP OAuth Server <= 3.1.4 - Insecure Pseudor&om Number Gen...
nofollow-links 2016-08-03 Nofollow Links <= 1.0.10 - Cross-Site Scripting (XSS)
nextgen-gallery-geo 2017-05-21 NextGEN Gallery geo <= 1.0 - Unauthenticated PHP Object I...
newsletters-lite 2017-06-01 Tribulant Newsletters <= 4.6.4.2 – Multiple Vulnerabilities
new-year-firework 2016-04-15 New Year Firework <= 1.1.9 - Unauthenticated Reflected Cr...
neuvoo-jobroll 2015-11-09 neuvoo-jobroll <= 2.0 - Unauthenticated Reflected Cross-S...
nelio-ab-testing 2016-05-11 Nelio AB Testing <= 4.4.4 - Path Traversal
nelio-ab-testing 2016-12-21 Nelio AB Testing <= 4.5.8 - Server Side Request Forgery (...
navis-documentcloud 2015-08-26 Navis DocumentCloud 0.1 - Unauthenticated Reflected Cross...
mytreasures 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
mypixs 2015-09-18 MyPixs <= 0.3 - Unauthenticated Local File Inclusion (LFI)
myblogu 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
my-wish-list 2015-04-26 My Wish List - Multiple Parameter XSS
my-link-order 2015-11-23 My Link Order <= 4.3 - Authenticated Cross-Site Scripting...
my-geo-posts-free 2017-05-21 My Geo Posts Free <= 1.2 - Unauthenticated PHP Object Inj...
music-store 2015-07-25 Music Store <= 1.0.14 - Referer Header Open Redirect
music-store 2016-03-30 Music Store <= 1.0.41 - Cross-Site Scripting (XSS)