WordPress Plugin Vulnerabilities

0-9 - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Name Added Title
new-year-firework 2016-04-15 New Year Firework <= 1.1.9 - Unauthenticated Reflected Cr...
neuvoo-jobroll 2015-11-09 neuvoo-jobroll <= 2.0 - Unauthenticated Reflected Cross-S...
nelio-ab-testing 2016-05-11 Nelio AB Testing <= 4.4.4 - Path Traversal
nelio-ab-testing 2016-12-21 Nelio AB Testing <= 4.5.8 - Server Side Request Forgery (...
navis-documentcloud 2015-08-26 Navis DocumentCloud 0.1 - Unauthenticated Reflected Cross...
mytreasures 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
mypixs 2015-09-18 MyPixs <= 0.3 - Unauthenticated Local File Inclusion (LFI)
myblogu 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
my-wish-list 2015-04-26 My Wish List - Multiple Parameter XSS
my-link-order 2015-11-23 My Link Order <= 4.3 - Authenticated Cross-Site Scripting...
music-store 2015-07-25 Music Store <= 1.0.14 - Referer Header Open Redirect
music-store 2016-03-30 Music Store <= 1.0.41 - Cross-Site Scripting (XSS)
multicons 2015-11-24 Multicons <= 2.1 - Authenticated Stored Cross-Site Script...
monetize 2015-08-10 Monetize <= 1.03 - Cross-Site Scripting (XSS) & CSRF
mobile-domain 2015-02-11 Mobile Domain <= 1.5.2 - CSRF/XSS
mini-cart 2016-11-21 Mini Cart Plugin 1.00.1 - Authenticated SQL Injection
memphis-documents-library 2016-03-22 Memphis Document Library Plugin <= 3.1.5 - Arbitrary File...
membership-simplified-for-o... 2017-03-15 Membership Simplified 1.58 - Unauthenticated Arbitrary Fi...
mdc-youtube-downloader 2015-07-05 MDC YouTube Downloader <= 2.1.0 - Local File Inclusion
matrix-image-gallery 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
markdown-on-save-improved 2016-06-05 Markdown on Save Improved <= 2.5 - Stored Cross-Site Scri...
mailcwp 2015-07-11 MailCWP 1.100 - Unauthenticated Arbitrary File Upload
mailchimp-subscribe-sm 2015-04-25 MailChimp Subscribe Form <= 1.1 - Email Field Remote PHP ...
mail-masta 2016-08-24 Mail Masta 1.0 - Unauthenticated Local File Inclusion (LFI)
mail-masta 2017-02-23 Mail Masta 1.0 - Multiple SQL Injection
magic-fields 2017-03-03 Magic Fields <= 1.7.1 - Authenticated Cross-Site Scripti...
leenkme 2016-04-17 leenk.me <= 2.5.0 - XSS & CSRF
lb-tube-video 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...
kento-post-view-counter 2016-05-02 Kento Post View Counter <= 2.8 - CSRF & multiple XSS
kama-clic-counter 2017-02-28 Kama Click Counter - Authenticated Blind SQL Injection
job-manager 2015-08-04 Job Manager <= 0.7.22 - Unauthenticated Stored Cross-Site...
job-manager 2015-08-31 Job Manager <= 0.7.25 - Insecure Direct Object Reference
job-manager 2015-11-24 Job Manager <= 0.7.24 - Authenticated Reflected Cross-Sit...
job-board 2017-04-13 Multiple BestWebSoft Plugins - Authenticated Reflected GE...
jcwp-youtube-channel-embed 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri...