ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WordPress WordPress <= 2.9 - DoS (0day) 2009-12-31
Pyrmont WordPress Pyrmont Theme 2.x - SQL Injection Vulnerability 2009-12-18
Image Manager WordPress Image Manager Plugins - Shell Upload 2009-12-05
Google Analytics WordPress Google Analytics Plugin 3.2.4 - 404 Error Page Cross-Site Scripting Vulnerability 2009-12-04
WP Cumulus WordPress WP Cumulus Plugin <= 1.21 - XSS 2009-12-02
WP-PHPList WordPress WP-PHPList Plugin 2.10.2 - Cross-Site Scripting Vulnerability 2009-11-29
WP Cumulus WordPress WP-Cumulus <= 1.20 - Vulnerabilities 2009-11-25
FireStats WordPress FireStats Plugin 1.0.2 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities 2009-11-24
Subscribe to Comments WordPress Subscribe to Comments Plugin 2.0 - Multiple Cross-Site Scripting Vulnerabilities 2009-11-16
Trashbin WordPress Trashbin Plugin 0.1 - Cross-Site Scripting Vulnerability 2009-11-15
FuctWeb CapCC WordPress CAPTCHA Fuctweb CapCC Plugin 1.0 - Security Bypass Vulnerability 2009-11-13
WordPress WordPress <= 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution 2009-11-11
WordPress MU WordPress MU 1.2.2-1.3.1 - Cross-Site Scripting 2009-11-10
WordPress WordPress 2.0 - 2.7.1 - Module Configuration Security Bypass Vulnerability 2009-11-10
WP Cumulus WordPress WP-Cumulus Plugin 1.x - Cross-Site Scripting Vulnerability 2009-11-09
WordPress WordPress <= 2.8.5 - XSS 2009-11-05
JD WordPress JD-WordPress 2.0 RC2 - Remote file inclusion 2009-10-19
WP Forum Server WordPress WP Forum Server Plugin <= 2.3 - Multiple SQL Injection 2009-10-15
WordPress WordPress <= 2.8.4 - Algorithmic complexity 2009-10-09
Peter's Math Anti-Spam WordPress Peter's Math Anti-Spam Plugin - BYPASS 2009-09-11