ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Caldera Forms WordPress Caldera Forms plugin <=1.5.9.1 - Cross-Site Scripting (XSS) vulnerability 2018-04-18
Google Drive for WordPress Google Drive for WordPress plugin <=2.2 - Remote Code Execution (RCE) vulnerability 2018-04-18
WP Image Zoom WordPress WP Image Zoom plugin <=1.23 - Cross-Site Request Forgery (CSRF) vulnerability 2018-04-12
WP Background Takeover WordPress Background Takeover plugin <=4.1.4 - Directory Traversal vulnerability 2018-04-09
Relevanssi WordPress Relevanssi plugin <=4.0.4 - Cross-Site Scripting (XSS) vulnerability 2018-04-09
Contact Form 7 to Database Extension WordPress Contact Form 7 to Database Extension plugin 2.10.32 - CSV Injection vulnerability 2018-04-09
WordPress File Upload WordPress File Upload plugin <=4.3.3 - Cross-Site Scripting (XSS) vulnerability 2018-04-09
WP Live Chat Support WordPress WP Live Chat Support plugin <=8.0.05 - Unauthenticated Stored XSS vulnerability 2018-04-09
WP Security Audit Log WordPress WP Security Audit Log plugin <=3.1.1 - Sensitive Information Disclosure 2018-04-05
My Calendar WordPress My Calendar plugin <=2.5.16 - Authenticated Cross-Site Scripting (XSS) vulnerability 2018-04-05
WordPress File Upload WordPress File Upload plugin <=4.3.2 - Security Issue in plugin shortcodes 2018-04-03
Activity Log WordPress Activity Log plugin <=2.4.0 - Multiple Cross-Site Scripting (XSS) vulnerabilities 2018-03-28
Duplicator WordPress Duplicator plugin <=1.2.32 - Cross-Site Scripting (XSS) vulnerability 2018-03-28
Events Manager WordPress Events Manager plugin <=5.8.1.1 - Unauthenticated Stored XSS vulnerability 2018-03-28
Site Editor WordPress Site Editor plugin <=1.1.1 - Local File Inclusion (LFI) vulnerability 2018-03-19
WP Support Plus Responsive Ticket System WordPress WP Support Plus Responsive Ticket System plugin <=9.0.2 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities 2018-03-15
WP Job Manager WordPress WP Job Manager plugin <=1.29.2 - Unauthenticated Object Injection vulnerability 2018-03-15
Super Socializer WordPress Super Socializer plugin <=7.10.6 - Authentication Bypass vulnerability 2018-03-15
Import any XML or CSV File to WordPress WordPress Import any XML or CSV File to WordPress plugin <=3.4.6 - Cross-Site Scripting (XSS) vulnerability 2018-03-13
WP Retina 2x WordPress WP Retina 2x plugin <=5.2.0 - Cross-Site Scripting (XSS) vulnerability 2018-03-13