ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WordPress WordPress <= 2.2.3 - Multiple SQL Injection 2007-09-14
WordPress WordPress <= 2.3.1 - SQL Injection 2007-12-11
WordPress WordPress <= 2.3.9 - SQL Injection 2008-01-09
WordPress WordPress <= 3.0.1 - SQL Injection 2010-11-16
WordPress WordPress <= 3.1.2 - SQL Injection 2011-08-10
WordPress WordPress <= 4.2.3 - SQL Injection 2015-03-05
WordPress WordPress <=1.5 - SQL injection vulnerability 2005-05-20
WordPress WordPress <=1.5 - SQL injection vulnerability 2005-05-20
WordPress WordPress <=1.5.1 - SQL injection 2005-06-01
WordPress WordPress <=4.8.1 - SQL injection (SQLi) vulnerability 2017-09-19
WordPress WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries 2017-10-31
1 Flash Gallery WordPress 1 Flash Gallery Plugin 0.2.5 - Cross-Site Scripting and SQL Injection 2011-03-08
WordPress WordPress 3.1.3 - SQL Injection Vulnerabilities 2011-07-01
404 Redirection Manager WordPress 404 Redirection Manager Plugin <= 1.0 - SQL Injection 2016-12-19
404 to 301 WordPress 404 to 301 Plugin <= 2.0.2 - Blind SQL Injection 2015-08-20
A Forms WordPress A Forms Plugin <= 1.4.0 - SQL Injection 2015-05-15
A to Z Category Listing WordPress A to Z Category Listing Plugin <= 1.3 - SQL Injection 2011-09-09
Abandoned Cart Lite WordPress Abandoned Cart Lite Plugin <= 1.8 - SQL Injection 2015-07-15
Active Directory Integration WordPress Active Directory Integration plugin <=1.1.8 - Authenticated SQL Injection (SQLi) vulnerability 2017-11-20
ActiveHelper LiveHelp WordPress ActiveHelper Plugin <= 3.2.2 - SQL Injection 2014-08-01