ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WP Feed WordPress WP Feed Plugin 2015.0426 - SQL Injection 2015-05-20
WP Filebase Download Manager WordPress WP Filebase Download Manager Plugin <= 0.2.9 - SQL Injection 2011-09-09
WP Forum Server WordPress WP Forum Server Plugin <= 1.7.3 - SQL Injection 2014-01-16
WP Forum Server WordPress WP Forum Server Plugin <= 1.7.4 - SQL Injection 2008-01-22
WP Forum Server WordPress WP Forum Server Plugin <= 2.3 - Multiple SQL Injection 2009-10-15
WP Google Maps WordPress WP Google Maps plugin <= 7.11.17 - Unauthenticated SQL Injection (SQLi) vulnerability 2019-04-02
WP Google Review Slider WordPress WP Google Review Slider <= 6.1 - Authenticated SQL Injection (SQLi) vulnerability 2019-11-01
WP Image Zoom WordPress Wp Image Zoom Plugin - SQL Injection 2015-05-15
WP Image Zoom WordPress Wp Image Zoom Theme - SQL Injection 2012-11-26
WP Like Post WordPress WP Like Post plugin <=1.5.2 - Authenticated SQL Injection (SQLi) vulnerability 2017-09-18
WP Limit Login Attempts WordPress WP Limit Login Attempts Plugin <= 2.0.0 - Multiple SQL Injection 2015-09-06
WP People WordPress WP People Plugin <= 1.6.1 - SQL Injection 2008-02-20
WP Photo Album WordPress WP Photo Album Plugin <= 1.0 - Multiple SQL Injection 2008-02-25
WP Predict WordPress WP Predict Plugin 1.0 - Blind SQL Injection 2012-07-10
WP Private Messages WordPress WP Private Messages Plugin - SQL Injection 2013-06-29
WP PRO Advertising System WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection 2016-06-06
WP Realty WordPress WP Realty Plugin - SQL Injection 2013-10-08
RSS Poster WordPress WP RSS Poster Plugin - SQL Injection 2014-05-28
WP Statistics WordPress WP Statistics Plugin <= 9.4 - SQL Injection 2015-11-22
WP Statistics WordPress WP Statistics plugin <=12.0.7 - Authenticated SQL Injection vulnerability 2017-07-01