ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Pootle button WordPress Pootle button plugin <=1.1.1 - Authenticated Cross-Site Scripting (XSS) vulnerability 2017-10-13
Invite Anyone WordPress Invite Anyone plugin <=1.3.18 - Unauthenticated PHP Object Injection vulnerability 2017-10-13
Simple Login Log WordPress Simple Login Log plugin <=1.1.0 - Authenticated SQL Injection vulnerability 2017-10-11
My WP Translate WordPress My WP Translate plugin <=1.0.3 - Authenticated Option Deletion Vulnerability 2017-10-11
Smush Image Compression and Optimization WordPress Smush Image Compression and Optimization plugin <=2.7.5 - File Traversal vulnerability 2017-10-09
TwitterCart WordPress TwitterCart plugin <= 2.0 - Tweet Sending Vulnerability 2017-10-09
WooCommerce PDF Invoices & Packing Slips WordPress WooCommerce PDF Invoices & Packing Slips plugin <=2.0.12 - Cross-Site Scripting (XSS) vulnerability 2017-10-05
Content Timeline WordPress Content Timeline plugin <=4.4.2 - Multiple Blind SQL Injection vulnerabilities 2017-10-03
Appointments WordPress Appointments plugin <=2.2.1 - Unauthenticated PHP Object Injection vulnerability 2017-10-03
Flickr Gallery WordPress Flickr Gallery plugin <=1.5.2 - Unauthenticated PHP Object Injection vulnerability 2017-10-03
RegistrationMagic-Custom Registration Forms WordPress RegistrationMagic-Custom Registration Forms plugin <= 3.7.9.2 - Unauthenticated PHP Object Injection vulnerability 2017-10-03
Student Result or Employee Database WordPress Student Result or Employee Database plugin <=1.6.3 - Authorization Bypass vulnerability 2017-09-28
BackWPup WordPress BackWPup plugin <=3.4.1 - Unrestricted Backup File Download 2017-09-28
2kb Amazon Affiliates Store WordPress 2kb Amazon Affiliates Store plugin <=2.1.0 - Authenticated Cross-Site Scripting (XSS) vulnerability 2017-09-28
MarketPress – WordPress eCommerce WordPress MarketPress plugin <=3.2.6 - PHP Object Injection vulnerability 2017-09-28
Content Audit WordPress Content Audit plugin <=1.9.1 - Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities 2017-09-28
VaultPress WordPress VaultPress plugin <=1.9 - Unauthenticated RCE vulnerability 2017-09-25
Responsive Image Gallery, Gallery Album WordPress Responsive Image Gallery, Gallery Album plugin <=1.2.0 - Authenticated SQL Injection vulnerability 2017-09-25
Shoppable Images Lite WordPress Shoppable Images Lite plugin <=1.0.0 - Cross-Site Request Forgery (CSRF)/PHP Object Injection Vulnerabilities 2017-09-25
Share Drafts Publicly WordPress Share Drafts Publicly Plugin <= 1.1.4 - Authenticated Information Disclosure Vulnerability 2017-09-19