ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WP Download WordPress WP Download Plugin <= 1.2 - SQL Injecion 2008-04-02
WordPress WordPress <= 2.3.2 - Multiple XSS vulnerabilities 2008-03-12
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Multiple XSS vulnerabilities 2008-02-28
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Eval Injection 2008-02-28
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Remote File Inclusion 2008-02-28
WP Photo Album WordPress WP Photo Album Plugin <= 1.0 - Multiple SQL Injection 2008-02-25
WP People WordPress WP People Plugin <= 1.6.1 - SQL Injection 2008-02-20
Search Unleashed WordPress Search Unleashed Plugin <= 0.2.10 - XSS 2008-02-20
Footnotes WordPress Footnotes Plugin <= 2.2 - Multiple XSS vulnerabilities 2008-02-11
NewsLetter WordPress Newsletter Plugin - SQL Injection #2 2008-02-11
Wordspew WordPress Wordspew Plugin <= 3.7.1 - SQL Injection 2008-02-11
WordPress WordPress <= 2.3.2 - Unauthorized Access Vulnerability 2008-02-07
DMSGuestbook WordPress DMSGuestbook Plugin <= 1.8.0 - Multiple XSS vulnerabilities 2008-02-05
DMSGuestbook WordPress DMSGuestbook Plugin <= 1.7.0 - Multiple XSS 2008-02-05
DMSGuestbook WordPress DMSGuestbook Plugin <= 1.7.0 - SQL Injection 2008-02-05
DMSGuestbook WordPress DMSGuestbook Plugin <= 1.8.0 - Directory Traversal 2008-02-05
Contact Form WordPress Contact Form Plugin <= 7.3 - Remote File Inclusion 2008-02-04
WassUp WordPress WassUp Plugin <= 1.4.3 - Multiple SQL Injection 2008-01-31
Migration WordPress Migration Plugin <= 1.0 - CSRF 2008-01-31
AdServe WordPress AdServe Plugin <= 0.2 - SQL Injection 2008-01-31