ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WP Survey And Quiz Tool WordPress WP Survey And Quiz Tool Plugin 1.2.1 - Cross-Site Scripting Vulnerability 2010-11-08
FeedList WordPress FeedList Plugin 2.61.01 - Cross-Site Scripting Vulnerability 2010-11-08
jRSS Widget WordPress jRSS Widget Plugin 1.1.1 - Information Disclosure Vulnerability 2010-11-08
Vodpod Video Gallery WordPress Vodpod Video Gallery Plugin 3.1.5 - Cross-Site Scripting Vulnerability 2010-11-08
SEO Tools WordPress SEO Tools Plugin 3.0 - Directory Traversal 2010-11-08
Live Wire WordPress Live Wire Theme 2.3.1 - Multiple Security Vulnerabilities 2010-11-08
CformsII WordPress CformsII Plugin 11.5 / 13.1 - Multiple Cross-Site Scripting Vulnerabilities 2010-11-01
Events Manager Extended WordPress Events Manager Extended Plugin - Persistent XSS Vulnerability 2010-09-06
NextGEN Smooth Gallery WordPress NextGEN Smooth Gallery Plugin 0.12 - Blind SQL Injection Vulnerability 2010-08-03
myLDlinker WordPress myLDlinker Plugin - SQL Injection Vulnerability 2010-07-22
FireStats WordPress Firestats Plugin <= 1.6.5 - Remote Configuration File Download 2010-07-09
Simple:Press WordPress Simple:Press Plugin 4.3.0 - SQL Injection Vulnerability 2010-07-04
WordPress WordPress cache_lastpostdate - Arbitrary Code Execution 2010-07-03
Cimy Counter WordPress Cimy Counter Plugin <= 0.9.5 - Vulnerabilities 2010-06-26
Gigya Socialize WordPress Gigya Socialize Plugin 1.0/1.1.x - Cross-Site Scripting Vulnerability 2010-06-04
Cimy Counter WordPress Cimy Counter Plugin 0.9.4 - HTTP Response Splitting and Cross-Site Scripting Vulnerabilities 2010-05-05
NextGEN Gallery WordPress NextGEN Gallery Plugin <= 1.5.1 - XSS Vulnerability 2010-04-06
Copperleaf Photolog WordPress Copperleaf Photolog Plugin 0.16 - SQL injection Vulnerability 2010-02-15
WordPress WordPress 2.9 - Failure to Restrict URL Access 2010-02-13
Events WordPress Events Plugin - SQL Injection Vulnerability 2010-01-02