ID Added Title
8758 2017-03-03 WordPress Download Manager <= 2.9.45 - Cross-Site Request Forgery (CSRF)
8740 2017-02-23 Mail Masta 1.0 - Multiple SQL Injection
8738 2017-02-22 ByREV WP-PICShield - Cross-Site Request Forgery (CSRF)
8735 2017-02-09 Wordpress CodeArt Google MP3 Player - File Disclosure
8734 2017-02-01 WordPress 4.7.0-4.7.1 - Unauthenticated Page/Post Content Modification v...
8731 2017-01-26 WordPress 4.3.0-4.7.1 - Cross-Site Scripting (XSS) in posts list table
8730 2017-01-26 WordPress 3.5-4.7.1 - WP_Query SQL Injection
8729 2017-01-26 WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
8721 2017-01-12 WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generato...
8720 2017-01-12 WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
8719 2017-01-12 WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
8718 2017-01-12 WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fal...
8717 2017-01-12 WordPress <= 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload
8716 2017-01-12 WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-c...
8715 2017-01-12 WordPress 4.7 - User Information Disclosure via REST API
8714 2017-01-12 WordPress 4.3-4.7 - Remote Code Execution (RCE) in PHPMailer
8707 2017-01-03 XCloner - Backup and Restore <= 3.1.4 - Authenticated Path Traversal
8695 2016-12-13 MailChimp for WordPress <= 4.0.10 - Authenticated Cross-Site Scripting (...
8634 2016-10-04 WordPress Appointment Schedule Booking System - Authenticated Stored XSS
8628 2016-09-26 W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Download
8627 2016-09-26 W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Upload
8622 2016-09-20 Neosense Theme <= 1.7 - Unrestricted File Upload
8616 2016-09-08 WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
8615 2016-09-08 WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image ...
8614 2016-09-07 brafton WordPress Plugin <=3.4.7 - Reflected XSS
8611 2016-08-29 404 to 301 <= 2.3.0 - Unauthenticated Stored Cross-Site Scripting (XSS)
8608 2016-08-24 WordPress Zero Spam <= 2.1.1 - Unauthenticated Blind SQL Injection
8606 2016-08-20 WordPress 4.5.3 - Authenticated Denial of Service (DoS)
8591 2016-08-12 Store Locator Plus for WordPress <= 4.5.10 - Authenticated Cross-Site Sc...
8586 2016-08-04 WordPress Landing Pages <= 2.2.4 - Reflected Cross-Site Scripting (XSS)