ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Ultimate Member WordPress Ultimate Member plugin <= 2.0.21 - Unauthenticated Arbitrary File Upload vulnerability 2018-08-09
Gwolle Guestbook WordPress Gwolle Guestbook plugin <= 2.5.3 - Cross-Site Scripting (XSS) vulnerability 2018-08-09
Strong Testimonials WordPress Strong Testimonials plugin <= 2.31.4 - Multiple Authenticated Cross-Site Scripting (XSS) vulnerabilities 2018-08-09
Snazzy Maps WordPress Snazzy Maps plugin <= 1.1.3 - Multiple Cross-Site Scripting (XSS) vulnerabilities 2018-08-09
Multi Step Form WordPress Multi Step Form plugin <= 1.2.5 - Multiple Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerabilities 2018-08-09
Geo Mashup WordPress Geo Mashup plugin <= 1.10.3 - Unspecified Cross-Site Scripting (XSS) vulnerability 2018-07-18
All In One Favicon WordPress All In One Favicon plugin <= 4.6 - Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities 2018-07-18
iThemes Security WordPress iThemes Security plugin <= 7.0.2 - Authenticated SQL Injection (SQLi) vulnerability 2018-06-25
WordPress Comments Import & Export WordPress Comments Import & Export plugin <= 2.0.4 - CSV Injection vulnerability 2018-06-22
Open Graph for Facebook, Google+ and Twitter Card Tags WordPress Open Graph for Facebook, Google+ and Twitter Card Tags plugin <= 2.2.4 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2018-06-22
Advanced Order Export For WooCommerce WordPress Advanced Order Export For WooCommerce plugin <= 1.5.4 - CSV Injection vulnerability 2018-06-22
Ultimate Form Builder Lite WordPress Ultimate Form Builder Lite plugin <= 1.3.7 - Authenticated Cross-Site Scripting (XSS) vulnerability 2018-06-20
Ultimate Form Builder Lite WordPress Ultimate Form Builder Lite plugin <= 1.3.7 - SQL Injection (SQLi) vulnerability 2018-06-20
Pie Register WordPress Pie Register plugin <= 3.0.9 - Authenticated Blind SQL Injection (SQLi) vulnerability 2018-06-20
Tooltipy WordPress Tooltipy (tooltips for WP) plugin <= 5.0 - Cross-Site Request Forgery (CSRF) vulnerability 2018-06-20
Tooltipy WordPress Tooltipy (tooltips for WP) plugin <= 5.0 - Unauthenticated Cross-Site Scripting (XSS) vulnerability 2018-06-20
Redirection WordPress Redirection plugin <= 2.7.3 - Authenticated Local File Inclusion vulnerability 2018-06-20
wpForo Forum WordPress wpForo Forum plugin <= 1.4.11 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2018-06-20
wpForo Forum WordPress wpForo Forum plugin <= 1.4.9 - Unauthenticated SQL Injection (SQLi) vulnerability 2018-06-20
Page Visit Counter WordPress Page Visit Counter plugin <= 4.4 - Reflected Cross-Site Scripting (XSS) vulnerability 2018-06-11