ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WooCommerce WordPress WooCommerce plugin <=3.2.3 - Authenticated PHP Object Injection vulnerability 2018-02-23
Ninja Forms WordPress Ninja Forms plugin <=3.2.13 - Cross-Site Scripting (XSS) vulnerability 2018-02-22
Simple Contact Info Simple Contact Info plugin <= v1.1.9 - Authenticated Arbitrary File Deletion Vulnerability 2018-02-07
flickrRSS WordPress flickrRSS plugin <= 5.3.1 - Multiple Cross-Site Scripting (XSS) vulnerabilities 2018-02-07
flickrRSS WordPress flickrRSS plugin <=5.3.1 - Cross-Site Request Forgery (CSRF) vulnerability 2018-02-07
Instagram Feed WordPress Instagram Feed plugin <=1.5.1 - Cross-Site Scripting (XSS) vulnerability 2018-02-07
PropertyHive WordPress PropertyHive plugin <=1.4.14 - Cross-Site Scripting (XSS) vulnerability 2018-02-05
Splashing Images WordPress Splashing Images plugin <=2.1 - Authenticated PHP Object Injection vulnerability 2018-01-30
Splashing Images WordPress Splashing Images plugin <=2.1 - Cross-Site Scripting (XSS) vulnerability 2018-01-30
Social Media Widget by Acurax WordPress Social Media Widget by Acurax plugin <=3.2.5 - Stored Cross-Site Scripting (XSS) vulnerability 2018-01-30
Social Media Widget by Acurax WordPress Social Media Widget by Acurax plugin <=3.2.5 - Cross-Site Request Forgery (CSRF) vulnerability 2018-01-30
User Control WordPress User Control plugin <=2.1.0 - Unauthenticated SQL Injection (SQLi) vulnerability 2018-01-30
BuddyBoss Media WordPress BuddyBoss Media plugin <=3.2.3 - Stored Cross-Site Scripting (XSS) vulnerability 2018-01-22
Dark Mode WordPress Dark Mode plugin <=1.6 - Multiple stored Cross-Site Scripting (XSS) vulnerabilities 2018-01-22
Pinterest Feed WordPress Pinterest Feed plugin <=1.1.1 - Multiple Authenticated Cross-Site Scripting (XSS) vulnerabilities 2018-01-22
Pinterest Feed WordPress Pinterest Feed plugin <=1.1.1 - Cross-Site Request Forgery (CSRF) vulnerability 2018-01-22
Coming Soon WordPress Coming Soon plugin <=1.1.18 - Multiple Cross-Site Scripting (XSS) vulnerabilities 2018-01-22
Coming Soon WordPress Coming Soon plugin <=1.1.18 - Cross-Site Request Forgery (CSRF) vulnerability 2018-01-22
read-and-understood WordPress read-and-understood plugin <= 2.1 - Multiple Cross-Site Scripting (XSS) vulnerabilities 2018-01-22
read-and-understood WordPress read-and-understood plugin <=2.1 - Cross-Site Request Forgery (CSRF) vulnerability 2018-01-22