ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WP Syntax WordPress WP-Syntax Plugin <= 0.9.1 - Remote Command Execution 2009-08-27
Simple:Press WordPress Simple Forum Plugin - SQL Injection 2009-08-23
WordPress WordPress <= 2.8.2 - Multiple Vulnerabilities #2 2009-08-18
WordPress WordPress <= 2.8.2 - Multiple Vulnerabilities #1 2009-08-18
WordPress WordPress <= 2.8.2 - BYPASS 2009-08-13
WordPress WordPress 2.8.1 - Remote Cross-Site Scripting Vulnerability 2009-07-24
My Category Order WordPress My Category Order Plugin <= 2.8 - SQL Injection Vulnerability 2009-07-15
WordPress WordPress - Privileges Unchecked in admin.php and Multiple Information 2009-07-10
WordPress WordPress <= 2.8.0 - Multiple vulnerabilities 2009-07-10
WordPress WordPress <= 2.7.1 - Information Disclosure 2009-07-10
WordPress WordPress <= 2.8.0 - Multiple Existing/Non-Existing Username Enumeration Weaknesses 2009-07-05
Related Sites WordPress Related Sites Plugin 2.1 - Blind SQL Injection Vulnerability 2009-06-30
DM Albums WordPress DM Albums Plugin 1.9.2 - Remote File Inclusion Vulnerability 2009-06-29
FireStats WordPress FireStats Plugin <= 1.6.1 - SQL Injection 2009-06-22
FireStats WordPress FireStats Plugin <= 1.6.1 - Remote File Inclusion 2009-06-22
Photoracer WordPress Photoracer Plugin 1.0 - SQL Injection Vulnerability 2009-06-15
Lytebox WordPress Lytebox Plugin 1.3 - Local File Inclusion 2009-05-26
E-commerce WordPress e-Commerce Plugin <= 3.4 - Unrestricted File Upload 2009-05-17
WordPress WordPress <= 2.6.9 - Denial Of Service Attacks 2009-04-28
WordPress WordPress <= 2.6.9 - Open Redirection 2009-04-28