ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
SEO Tools WordPress SEO Tools Plugin 3.0 - Directory Traversal 2010-11-08
Live Wire WordPress Live Wire Theme 2.3.1 - Multiple Security Vulnerabilities 2010-11-08
CformsII WordPress CformsII Plugin 11.5 / 13.1 - Multiple Cross-Site Scripting Vulnerabilities 2010-11-01
Events Manager Extended WordPress Events Manager Extended Plugin - Persistent XSS Vulnerability 2010-09-06
NextGEN Smooth Gallery WordPress NextGEN Smooth Gallery Plugin 0.12 - Blind SQL Injection Vulnerability 2010-08-03
myLDlinker WordPress myLDlinker Plugin - SQL Injection Vulnerability 2010-07-22
FireStats WordPress Firestats Plugin <= 1.6.5 - Remote Configuration File Download 2010-07-09
Simple:Press WordPress Simple:Press Plugin 4.3.0 - SQL Injection Vulnerability 2010-07-04
WordPress WordPress cache_lastpostdate - Arbitrary Code Execution 2010-07-03
Cimy Counter WordPress Cimy Counter Plugin <= 0.9.5 - Vulnerabilities 2010-06-26
Gigya Socialize WordPress Gigya Socialize Plugin 1.0/1.1.x - Cross-Site Scripting Vulnerability 2010-06-04
Cimy Counter WordPress Cimy Counter Plugin 0.9.4 - HTTP Response Splitting and Cross-Site Scripting Vulnerabilities 2010-05-05
NextGEN Gallery WordPress NextGEN Gallery Plugin <= 1.5.1 - XSS Vulnerability 2010-04-06
Copperleaf Photolog WordPress Copperleaf Photolog Plugin 0.16 - SQL injection Vulnerability 2010-02-15
WordPress WordPress 2.9 - Failure to Restrict URL Access 2010-02-13
Events WordPress Events Plugin - SQL Injection Vulnerability 2010-01-02
WordPress WordPress <= 2.9 - DoS (0day) 2009-12-31
Pyrmont WordPress Pyrmont Theme 2.x - SQL Injection Vulnerability 2009-12-18
Image Manager WordPress Image Manager Plugins - Shell Upload 2009-12-05
Google Analytics WordPress Google Analytics Plugin 3.2.4 - 404 Error Page Cross-Site Scripting Vulnerability 2009-12-04