ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Sliced Invoices WordPress Sliced Invoices plugin <= 3.8.2 - Multiple vulnerabilities 2019-10-18
EU Cookie Law (GDPR) WordPress EU Cookie Law plugin <= 3.0.6 - Stored Cross-Site Scripting (XSS) vulnerability 2019-10-17
Zoho CRM Lead Magnet WordPress Zoho CRM Lead Magnet plugin <=1.6.9.1 - Authenticated Cross-Site Scripting (XSS) vulnerability 2019-10-17
iThemes Sync WordPress iThemes Sync plugin <= 2.0.17 - Insufficient Secure Key Validation vulnerability 2019-10-10
Theme Editor WordPress Theme Editor plugin <= 2.1 - Multiple vulnerabilities 2019-09-30
visualizer WordPress Visualizer plugin <= 3.3.0 - Server-Side Request Forgery (SSRF) 2019-09-28
Give WordPress GiveWp plugin <= 2.5.4 - Authentication Bypass 2019-09-26
DELUCKS SEO WordPress DELUCKS SEO plugin <= 2.1.7 - Unauthenticated Options Update vulnerability 2019-09-25
Rich Reviews WordPress Rich Reviews plugin <= 1.7.4 - Unauthenticated Plugin Options Update vulnerability 2019-09-25
Ultimate FAQ WordPress Ultimate FAQ plugin <= 1.8.24 - Unauthenticated Options Import/Export vulnerability 2019-09-23
Motors – Car Dealer & Classified Ads WordPress Motors – Car Dealer & Classified Ads plugin <= 1.4.0 - Multiple security issues 2019-09-23
Advanced AJAX Product Filters WordPress Advanced AJAX Product Filters plugin <= 1.3.6.1 - Unauthenticated Plugin Settings Update vulnerability 2019-09-19
Woody ad snippets WordPress Woody Ad Snippets plugin <= 2.2.7 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-15
SlickQuiz WordPress SlickQuiz plugin <= 1.3.7.1 - Authenticated SQL Injection (SQLi) vulnerability 2019-09-11
SlickQuiz WordPress SlickQuiz plugin <= 1.3.7.1 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-09-11
Checklist WordPress Checklist plugin <= 1.1.5 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-11
Human Presence WordPress Human Presence plugin <= 2.0.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-11
Qwizcards WordPress Qwizcards plugin <= 3.36 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-10
Photo Gallery by 10Web WordPress Photo Gallery by 10Web plugin <= 1.5.34 - SQL Injection (SQLi) vulnerability 2019-09-09
Photo Gallery by 10Web WordPress Photo Gallery by 10Web plugin <= 1.5.34 - Cross-Site Scripting (XSS) vulnerability 2019-09-09