ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Another Classifieds WordPress Another Classifieds Plugin - SQL Injection 2014-11-10
Answer My Question WordPress Answer My Question Plugin <= 1.3 - SQL Injection 2016-11-17
Awesome Filterable Portfolio WordPress Appointment Booking Calendar Plugin <= 1.1.23 - SQL Injection 2016-01-25
Appointment Booking Calendar WordPress Appointment Booking Calendar Plugin <= 1.1.7 - SQL Injection 2015-09-22
Apptha Video Gallery WordPress Apptha Video Gallery Plugin <= 2.7 - SQL Injection 2015-02-24
Apptha Video Gallery WordPress Apptha Video Gallery Plugin <= 2.0 - SQL Injection 2013-05-07
Apptha Video Gallery WordPress Apptha Video Gallery Plugin <= 2.5 - Multiple SQL Injection 2014-11-26
Arigato Autoresponder and Newsletter WordPress Arigato Autoresponder and Newsletter plugin <= 2.5.1.8 - Authenticated Blind SQL Injection (SQLi) vulnerability 2018-12-04
Article Management WordPress Article Management Plugin <= 3.40 - SQL Injection 2007-01-30
Auctions WordPress Auctions Plugin 1.8.8 - SQL Injection 2011-09-14
Audio Gallery Playlist WordPress Audio Gallery Playlist Plugin <= 0.12 - SQL Injection 2011-08-30
Audio Player WordPress Audio Player Plugin <= 2.0 - Multiple SQL Injection 2015-03-03
Auto Affiliate Links WordPress Auto Affiliate Links Plugin <= 4.9.9.4 - Blind SQL Injection 2015-07-15
Automatic WordPress Automatic Plugin 2.0.3 - SQL Injection 2012-06-16
Awesome Filterable Portfolio WordPress Awesome Filterable Portfolio Plugin <= 1.8.6 - SQL Injection 2015-07-07
Bannerize WordPress Bannerize Plugin 2.8.7 - SQL Injection 2011-09-30
BBS e-Franchise WordPress BBS e-Franchise Plugin <= 1.1.1 - SQL Injection 2016-11-12
BigContact WordPress BigContact Plugin <= 1.4.6 - SQL Injection 2015-05-15
Blog2Social WordPress Blog2Social plugin <= 5.5.0 - SQL Injection (SQLi) vulnerability 2019-07-26
Booking Calendar Contact Form WordPress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection 2016-01-26