ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Gigya Socialize WordPress Gigya Socialize Plugin 1.0/1.1.x - Cross-Site Scripting Vulnerability 2010-06-04
Cimy Counter WordPress Cimy Counter Plugin 0.9.4 - HTTP Response Splitting and Cross-Site Scripting Vulnerabilities 2010-05-05
NextGEN Gallery WordPress NextGEN Gallery Plugin <= 1.5.1 - XSS Vulnerability 2010-04-06
Copperleaf Photolog WordPress Copperleaf Photolog Plugin 0.16 - SQL injection Vulnerability 2010-02-15
WordPress WordPress 2.9 - Failure to Restrict URL Access 2010-02-13
Events WordPress Events Plugin - SQL Injection Vulnerability 2010-01-02
WordPress WordPress <= 2.9 - DoS (0day) 2009-12-31
Pyrmont WordPress Pyrmont Theme 2.x - SQL Injection Vulnerability 2009-12-18
Image Manager WordPress Image Manager Plugins - Shell Upload 2009-12-05
Google Analytics WordPress Google Analytics Plugin 3.2.4 - 404 Error Page Cross-Site Scripting Vulnerability 2009-12-04
WP Cumulus WordPress WP Cumulus Plugin <= 1.21 - XSS 2009-12-02
WP-PHPList WordPress WP-PHPList Plugin 2.10.2 - Cross-Site Scripting Vulnerability 2009-11-29
WP Cumulus WordPress WP-Cumulus <= 1.20 - Vulnerabilities 2009-11-25
FireStats WordPress FireStats Plugin 1.0.2 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities 2009-11-24
Subscribe to Comments WordPress Subscribe to Comments Plugin 2.0 - Multiple Cross-Site Scripting Vulnerabilities 2009-11-16
Trashbin WordPress Trashbin Plugin 0.1 - Cross-Site Scripting Vulnerability 2009-11-15
FuctWeb CapCC WordPress CAPTCHA Fuctweb CapCC Plugin 1.0 - Security Bypass Vulnerability 2009-11-13
WordPress WordPress <= 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution 2009-11-11
WordPress MU WordPress MU 1.2.2-1.3.1 - Cross-Site Scripting 2009-11-10
WordPress WordPress 2.0 - 2.7.1 - Module Configuration Security Bypass Vulnerability 2009-11-10