ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Order XML File Export Import for WooCommerce WordPress Order XML File Export Import for WooCommerce plugin <= 1.2.2 - Cross-Site Scripting (XSS) vulnerability 2019-08-01
ND Shortcodes For Visual Composer WordPress ND Shortcodes For Visual Composer plugin <= 5.8 - Unauthenticated WP Options Update vulnerability 2019-07-31
Custom Simple RSS WordPress Custom Simple RSS plugin <= 2.0.6 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Simple Membership WordPress Simple Membership plugin <= 3.8.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - HTML Injection vulnerability 2019-07-29
Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Photo Gallery by 10Web WordPress Photo Gallery by 10Web plugin <= 1.5.30 - SQL Injection (SQLi) vulnerability 2019-07-26
Advanced Contact form 7 DB WordPress Advanced Contact form 7 DB plugin <= 1.6.1 - SQL Injection (SQLi) vulnerability 2019-07-26
Contact Form 7 Dynamic Text Extension WordPress Contact Form 7 Dynamic Text Extension plugin <= 2.0.2.1 - Reflected Cross-Site Scripting (XSS) vulnerability 2019-07-26
Blog2Social WordPress Blog2Social plugin <= 5.5.0 - SQL Injection (SQLi) vulnerability 2019-07-26
AdRotate Banner Manager WordPress AdRotate Banner Manager plugin <= 5.2 - Authenticated SQL Injection (SQLi) vulnerability 2019-07-26
WPS Cleaner WordPress WPS Cleaner plugin <= 1.4.4 - Cross-Site Request Forgery (CSRF) + media disclosure vulnerabilities 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Scripting (XSS) vulnerability 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Arbitrary File Upload vulnerability 2019-07-24
WPS Limit Login WordPress WPS Limit Login plugin <= 1.4.5 - Stored Cross-Site Scripting (XSS) and Protection Bypass vulnerabilities 2019-07-24
WPS Child Theme Generator WordPress WPS Child Themes Generator plugin <= 1.1 - Path Traversal vulnerability 2019-07-24
WPS Hide Login WordPress WPS Hide Login plugin <= 1.5.2.2 - Multiples Security Issues 2019-07-24
Adaptive Images for WordPress WordPress Adaptive Images for WordPress plugin <= 0.6.66 - Local File Inclusion (LFI) vulnerability 2019-07-24
Adaptive Images for WordPress WordPress Adaptive Images for WordPress plugin <= 0.6.66 - Arbitrary File Deletion vulnerability 2019-07-24