WordPress Plugin Vulnerabilities Please use the search to find what you're looking for Product Title Disclosure Date NextGEN Gallery WordPress NextGEN Gallery Plugin <= 0.96 - XSS 2009-09-07 WP Syntax WordPress WP-Syntax Plugin <= 0.9.1 - Remote Command Execution 2009-08-27 Simple:Press WordPress Simple Forum Plugin - SQL Injection 2009-08-23 My Category Order WordPress My Category Order Plugin <= 2.8 - SQL Injection Vulnerability 2009-07-15 Related Sites WordPress Related Sites Plugin 2.1 - Blind SQL Injection Vulnerability 2009-06-30 DM Albums WordPress DM Albums Plugin 1.9.2 - Remote File Inclusion Vulnerability 2009-06-29 FireStats WordPress FireStats Plugin <= 1.6.1 - SQL Injection 2009-06-22 FireStats WordPress FireStats Plugin <= 1.6.1 - Remote File Inclusion 2009-06-22 Photoracer WordPress Photoracer Plugin 1.0 - SQL Injection Vulnerability 2009-06-15 Lytebox WordPress Lytebox Plugin 1.3 - Local File Inclusion 2009-05-26 E-commerce WordPress e-Commerce Plugin <= 3.4 - Unrestricted File Upload 2009-05-17 fMoblog WordPress fMoblog Plugin 2.1 - SQL Injection Vulnerability 2009-03-17 Page Flip Image Gallery WordPress Page Flip Image Gallery Plugin <= 0.2.2 - Directory Traversal 2008-12-30 RSS Feed Generator WordPress RSS Feed Generator Plugin <= 2.6.4 - XSS 2008-11-28 WP Comment Remix WordPress WP Comment Remix Plugin <= 1.4.3 - CSRF 2008-10-24 WP Comment Remix WordPress WP Comment Remix Plugin <= 1.4.3 - XSS 2008-10-24 WP Comment Remix WordPress WP Comment Remix Plugin <= 1.4.3 - SQL Injection 2008-10-24 NewsLetter WordPress Newsletter Plugin - SQL Injection #1 2008-10-20 SpamBam WordPress SpamBam Plugin - BYPASS 2008-10-20 Download Manager WordPress Download Manager Plugin <= 0.2 - Arbitrary File Upload 2008-07-30 170 171 172 ... 173 174 175