ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Form Maker WordPress Form Maker by 10Web plugin <= 1.13.2 - Authenticated SQL Injection (SQLi) vulnerability 2019-05-25
WP Slimstat WordPress Slimstat plugin <= 4.8 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-05-22
WP Booking System WordPress WP Booking System <= 1.5.1.1 - CSRF vulnerability to Authenticated SQL Injection vulnerability 2019-05-22
Live Chat with Facebook Messenger WordPress Live Chat with Facebook Messenger plugin <= 1.4.6 - Stored Cross-Site Scripting (XSS) vulnerability 2019-05-22
WPGraphQL WordPress WPGraphQL plugin <= 0.2.3 - Multiple Vulnerabilities 2019-05-22
Newsletter Manager WordPress Newsletter Manager plugin <= 1.4 - Unauthenticated Open Redirect vulnerability 2019-05-21
FV Flowplayer Video Player WordPress FV Flowplayer Video Player plugin <= 7.3.14.727 - CSV Export vulnerability 2019-05-21
FV Flowplayer Video Player WordPress FV Flowplayer Video Player plugin <= 7.3.14.727 - SQL Injection (SQLi) vulnerability 2019-05-21
FV Flowplayer Video Player WordPress FV Flowplayer Video Player plugin <= 7.3.13.727 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-05-21
WP Live Chat Support WordPress WP Live Chat Support plugin <= 8.0.26 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-05-21
Register IPs WordPress Register IPs plugin <= 1.8.0 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-05-16
Ultimate Member WordPress Ultimate Member plugin <= 2.0.45 - Multiple vulnerabilities 2019-05-16
W3 Total Cache WordPress W3 Total Cache plugin <= 0.9.7.3 - Cross-Site Scripting (XSS) vulnerability 2019-05-07
All-in-One Event Calendar WordPress All-in-One Event Calendar plugin <= 2.5.38 - Cross-Site Scripting (XSS) vulnerability 2019-05-06
My Calendar WordPress My Calendar plugin <= 3.1.9 - Unauthenticated Cross-Site Scripting (XSS) vulnerability 2019-05-06
Blog Designer WordPress Blog Designer plugin <= 1.8.10 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-05-02
Print My Blog WordPress Print My Blog plugin <= 1.6.5 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability 2019-04-27
WooCommerce Checkout Manager WordPress WooCommerce Checkout Manager plugin 4.2.6 (latest) - Arbitrary File Upload vulnerability 2019-04-26
Social Warfare WordPress Social Warfare plugin <= 3.5.2 - Unauthenticated Remote Code Execution (RCE) vulnerability 2019-04-24
WP Statistics WordPress WP Statistics plugin <= 12.6.3 - Cross-Site Scripting (XSS) vulnerability 2019-04-24