ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Easy Property Listings WordPress Easy Property Listings plugin <= 3.3.5 - Cross-Site Scripting (XSS) vulnerability 2019-08-19
WP SVG Icons WordPress WP SVG Icons plugin <= 3.2.2 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-16
Email Subscribers & Newsletters WordPress Email Subscribers & Newsletters plugin <= 4.1.6 - Cross-Site Scripting (XSS) vulnerability 2019-08-14
WP Fastest Cache WordPress WP Fastest Cache plugin <= 0.8.9.5 - Directory Traversal vulnerability 2019-08-14
Ultimate Member WordPress Ultimate Member plugin <= 2.0.53 - Cross-Site Scripting (XSS) vulnerability 2019-08-14
Simple 301 Redirects – Addon – Bulk Uploader WordPress Simple 301 Redirects Addon Bulk Uploader plugin <= 1.2.4 - Unauthenticated option changes and other security issues 2019-08-12
CformsII WordPress CformsII plugin <= 15.0.1 - Unauthenticated HTML Injection & Cross-Site Request Forgery (CSRF) vulnerabilities 2019-08-12
Give WordPress Give plugin <= 2.5.0 - SQL Injection (SQLi) vulnerability 2019-08-12
PPOM for WooCommerce WordPress PPOM for WooCommerce plugin <= 18.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-08-12
Restaurant Reservations WordPress Restaurant Reservations plugin <= 1.3 - Unauthenticated Options Change vulnerability 2019-08-12
Login or Logout Menu Item WordPress Login or Logout Menu Item plugin <= 1.1.1 - Unauthenticated Options Change vulnerability 2019-08-08
JoomSport WordPress JoomSport plugin <= 3.3 - SQL Injection (SQLi) vulnerability 2019-08-08
Learning Courses WordPress Learning Courses plugin <= 4.7 - Unauthenticated Options Change vulnerability 2019-08-06
Popup Builder WordPress Popup Builder plugin <= 3.44 - SQL Injection (SQLi) vulnerability 2019-08-06
Booking WordPress Booking plugin <= 2.4 - Unauthenticated Options Change vulnerability 2019-08-06
Donations WordPress Donations plugin <= 1.3 - Unauthenticated Options Change vulnerability 2019-08-06
Travel Management WordPress Travel Management plugin <= 1.5 - Unauthenticated Options Change vulnerability 2019-08-06
Woody ad snippets WordPress Woody Ad Snippets plugin <= 2.2.4 - Unauthenticated stored Cross-Site Scripting (XSS) vulnerability 2019-08-06
Order XML File Export Import for WooCommerce WordPress Order XML File Export Import for WooCommerce plugin <= 1.2.2 - Cross-Site Scripting (XSS) vulnerability 2019-08-01
ND Shortcodes For Visual Composer WordPress ND Shortcodes For Visual Composer plugin <= 5.8 - Unauthenticated WP Options Update vulnerability 2019-07-31