ThreatPress

WordPress Vulnerability Database

WordPress Plugin Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Adning Advertising WordPress Adning Advertising premium plugin <= 1.5.5 - Arbitrary File Upload vulnerability 2020-12-24
WP-PostRatings WordPress WP-PostRatings plugin <= 1.86 - Stored Cross-Site Scripting (XSS) vulnerability 2020-12-24
Limit Login Attempts Reloaded WordPress Limit Login Attempts Reloaded plugin <= 2.15.2 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2020-12-21
Limit Login Attempts Reloaded WordPress Limit Login Attempts Reloaded plugin <= 2.17.3 - Login Rate Limiting Bypass vulnerability 2020-12-21
Simple Social Media Share Buttons WordPress Simple Social Media Share Buttons plugin <= 3.2.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2020-12-19
Envira Photo Gallery WordPress Envira Photo Gallery plugin <= 1.8.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2020-12-19
Simple Social Media Share Buttons WordPress Simple Social Media Share Buttons plugin <= 3.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability 2020-12-18
Contact Form 7 WordPress Contact Form 7 plugin <= 5.3.1 - Unrestricted File Upload vulnerability 2020-12-17
Total Upkeep WordPress Total Upkeep plugin <= 1.14.9 - Sensitive Information Disclosure vulnerability 2020-12-15
Total Upkeep WordPress Total Upkeep plugin <= 1.14.9 - Unauthenticated Backup Archive Download vulnerability 2020-12-15
Redux WordPress Redux plugin <= 4.1.20 - Cross-Site Request Forgery (CSRF) Nonce Validation Bypass vulnerability 2020-12-15
Redux WordPress Redux Framework <= 4.1.23 - Cross-Site Request Forgery (CSRF) Nonce Validation Bypass vulnerability 2020-12-15
Directories Pro WordPress Directories Pro premium plugin <= 1.3.45 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2020-12-14
Directories Pro WordPress Directories Pro premium plugin <= 1.3.45 - Authenticated Self-Reflected Cross-Site Scripting (XSS) vulnerability 2020-12-14
Popup Builder WordPress Popup Builder plugin <= 3.69.6 - Multiple Stored Cross-Site Scripting (XSS) vulnerabilities 2020-12-14
Ultimate Category Excluder WordPress Ultimate Category Excluder plugin <= 1.1 - Cross-Site Request Forgery (CSRF) vulnerability 2020-12-11
PageLayer WordPress PageLayer plugin <= 1.3.4 - Reflected Cross_site Scripting (XSS) vulnerability 2020-12-10
DiveBook WordPress DiveBook plugin <= 1.1.4 - Improper Authorisation Check vulnerability 2020-12-09
DiveBook WordPress DiveBook plugin <= 1.1.4 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2020-12-09
DiveBook WordPress DiveBook plugin <= 1.1.4 - Unauthenticated SQL Injection (SQLi) vulnerability 2020-12-09