ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
FireStats WordPress FireStats Plugin <= 1.6.1 - Remote File Inclusion 2009-06-22
Photoracer WordPress Photoracer Plugin 1.0 - SQL Injection Vulnerability 2009-06-15
Lytebox WordPress Lytebox Plugin 1.3 - Local File Inclusion 2009-05-26
E-commerce WordPress e-Commerce Plugin <= 3.4 - Unrestricted File Upload 2009-05-17
fMoblog WordPress fMoblog Plugin 2.1 - SQL Injection Vulnerability 2009-03-17
Page Flip Image Gallery WordPress Page Flip Image Gallery Plugin <= 0.2.2 - Directory Traversal 2008-12-30
RSS Feed Generator WordPress RSS Feed Generator Plugin <= 2.6.4 - XSS 2008-11-28
WP Comment Remix WordPress WP Comment Remix Plugin <= 1.4.3 - CSRF 2008-10-24
WP Comment Remix WordPress WP Comment Remix Plugin <= 1.4.3 - XSS 2008-10-24
WP Comment Remix WordPress WP Comment Remix Plugin <= 1.4.3 - SQL Injection 2008-10-24
NewsLetter WordPress Newsletter Plugin - SQL Injection #1 2008-10-20
SpamBam WordPress SpamBam Plugin - BYPASS 2008-10-20
Download Manager WordPress Download Manager Plugin <= 0.2 - Arbitrary File Upload 2008-07-30
File Upload WordPress File Upload Plugin - SQL Injection 2008-05-29
Download Monitor WordPress Download Monitor Plugin <= 2.0.6 - SQL Injection 2008-04-30
Spreadsheet WordPress Spreadsheet Plugin <= 0.6 - SQL Injection 2008-04-27
WP Download WordPress WP Download Plugin <= 1.2 - SQL Injecion 2008-04-02
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Multiple XSS vulnerabilities 2008-02-28
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Eval Injection 2008-02-28
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Remote File Inclusion 2008-02-28