ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Media File Manager WordPress Media File Manager plugin <= 1.4.2 - Directory Traversal vulnerability 2018-11-13
Media File Manager WordPress Media File Manager plugin <= 1.4.2 - Reflected Cross-Site Scripting (XSS) vulnerability 2018-11-13
WP GDPR Compliance WordPress WP GDPR Compliance plugin <= 1.4.2 - Privilege Escalation vulnerability 2018-11-13
Flow-Flow Social Stream WordPress Flow-Flow Social Stream plugin <= 3.0.71 - Unauthenticated Cross-Site Scripting (XSS) vulnerability 2018-11-13
Calendar WordPress Calendar plugin <= 1.3.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2018-11-13
Accelerated Mobile Pages WordPress Accelerated Mobile Pages plugin <= 0.9.97.19 - Multiple Unauthenticated Vulnerabilities 2018-11-13
WooCommerce WordPress WooCommerce plugin <= 3.4.5 - Authenticated File Deletion to Privilege Escalation vulnerability 2018-11-07
ARForms WordPress ARForms plugin <= 3.5.1 - Unauthenticated Arbitrary File Deletion vulnerability 2018-10-29
Pie Register WordPress Pie Register plugin <= 3.0.17 - Unauthenticated Cross-Site Scripting (XSS) vulnerability 2018-10-29
WooCommerce WordPress WooCommerce plugin <= 3.4.5 - Authenticated Object Injection vulnerability 2018-10-29
PDF & Print WordPress PDF & Print plugin <= 2.0.2 - Unauthenticated Cross-Site-Scripting (XSS) vulnerability 2018-10-03
Breadcrumb NavXT WordPress Breadcrumb NavXT plugin <= 6.1.0 - Username Disclosure via REST API 2018-10-03
Wechat Broadcast WordPress Wechat Broadcast plugin <= 1.2.0 - Local/Remote File Inclusion vulnerability 2018-10-03
FV Flowplayer Video Player WordPress FV Flowplayer Video Player plugin <= 7.2.0.727 - Authenticated Cross-Site Scripting (XSS) vulnerability 2018-10-03
Localize My Post WordPress Localize My Post plugin 1.0 - Unauthenticated Local File Inclusion (LFI) vulnerability 2018-10-03
Contact Form 7 WordPress Contact Form 7 plugin <= 5.0.3 - Privilege Escalation vulnerability 2018-09-13
FV Flowplayer Video Player WordPress FV Flowplayer Video Player plugin <=6.6.4 - Cross-Site Scripting (XSS) vulnerability 2018-09-09
Userpro WordPress UserPro premium plugin <= 4.9.23 - Cross-Site Scripting (XSS) vulnerability 2018-09-09
File Manager WordPress File Manager plugin <= 2.9 - Authenticated Cross-Site Scripting (XSS) vulnerability 2018-09-09
Duplicator WordPress Duplicator plugin <= 1.2.40 - Arbitrary Code Execution vulnerability 2018-09-05