ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
LifterLMS WordPress LifterLMS plugin <= 3.34.5 - Unauthenticated Options Import vulnerability 2019-09-09
Advanced Access Manager WordPress Advanced Access Manager plugin <= 5.9.8.1 - Arbitrary File Access/Download vulnerability 2019-09-09
Search Exclude WordPress Search Exclude plugin <= 1.2.2 - Arbitrary Settings Change vulnerability 2019-09-08
ECPay Logistics for WooCommerce WordPress ECPay Logistics for WooCommerce plugin <= 1.2.181030 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-06
API Bearer Auth WordPress API Bearer Auth plugin <= 20181229 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-06
Spryng Payments for WooCommerce WordPress Spryng Payments for WooCommerce plugin <= 1.6.7 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-04
Portrait-Archiv.com Photostore WordPress Portrait-Archiv.com Photostore plugin <= 3.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-04
Event Tickets WordPress Event Tickets plugin <= 4.10.7.1 - CSV Injection vulnerability 2019-09-03
WooCommerce Product Feed for Google, Facebook, eBay and Many More WordPress WooCommerce Product Feed plugin <= 3.1.14 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-30
Variation Swatches for WooCommerce WordPress Variation Swatches for WooCommerce plugin <= 1.0.61 - Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-30
WP Social Feed Gallery WordPress WP Social Feed Gallery plugin <= 2.4.7 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
WP Social Feed Gallery WordPress WP Social Feed Gallery plugin <= 2.4.7 - Authorization Check vulnerability 2019-08-29
Additional Variation Images for WooCommerce WordPress Additional Variation Images for WooCommerce plugin <= 1.1.28 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-08-29
Social LikeBox & Feed WordPress Social LikeBox & Feed plugin <= 2.8.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
Social LikeBox & Feed WordPress Social LikeBox & Feed plugin <= 2.8.4 - Cross-Site Scripting (XSS) vulnerability 2019-08-29
WP DSGVO Tools (GDPR) WordPress WP DSGVO Tools (GDPR) plugin <= 2.2.18 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-29
WooCommerce Address Book WordPress WooCommerce Address Book plugin <= 1.5.6 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
HandL UTM Grabber WordPress HandL UTM Grabber plugin <= 2.6.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
NextGEN Gallery WordPress Nextgen Gallery plugin <= 3.2.8 - SQL Injection vulnerability 2019-08-27
Userpro WordPress UserPro plugin <= 4.9.33 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-27