ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WordPress SEO Plugin – Rank Math WordPress SEO by Rank Math plugin <= 1.0.26 - Cross-Site Scripting (XSS) vulnerabilities 2019-06-18
WebP Express WordPress WebP Express plugin <= 0.14.0 - Cross-Site Request Forgery (CSRF) vulnerability 2019-06-16
WP-Members WordPress WP-Members plugin <= 3.2.7 - Cross-Site Request Forgery (CSRF) vulnerability 2019-06-16
Breadcrumbs by menu WordPress Breadcrumbs by menu plugin <= 1.0.1 - Cross-Site Scripting (XSS) vulnerability 2019-06-16
Breadcrumbs by menu WordPress Breadcrumbs by menu plugin <= 1.0.1 - Cross-Site Request Forgery (CSRF) vulnerability 2019-06-16
Finale Lite WordPress Finale Lite plugin <= 2.9.0 - Arbitrary File Upload vulnerability 2019-06-16
Related YouTube Videos WordPress Related YouTube Videos plugin <= 1.9.8 - Cross-Site Request Forgery (CSRF) vulnerability 2019-06-16
Related YouTube Videos WordPress Related YouTube Videos plugin <= 1.9.8 - Cross-Site Scripting (XSS) vulnerability 2019-06-16
Affiliates Manager WordPress Affiliates Manager manager <= 2.6.5 - Cross-Site Request Forgery (CSRF) vulnerability 2019-06-16
Easy Digital Downloads WordPress Easy Digital Downloads plugin <= 2.9.15 - Stored Cross-Site Scripting (XSS) vulnerability 2019-06-16
Download Manager WordPress Download Manager plugin <= 2.9.96 - Multiple vulnerabilities 2019-06-16
WP Google Maps WordPress WP Google Maps plugin <= 7.11.27 - Cross-Site Request Forgery (CSRF) vulnerability 2019-06-16
WP Statistics WordPress WP Statistics plugin <= 12.6.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-06-12
User Submitted Posts WordPress User Submitted Posts plugin <= 20190426 - Arbitrary File Upload vulnerability 2019-06-11
Crelly Slider WordPress Crelly Slider plugin <= 1.3.4 - Arbitrary File Upload vulnerability 2019-06-11
Paid Memberships Pro WordPress Paid Memberships Pro plugin <= 2.0.5 - Authenticated Open Redirect vulnerability 2019-06-11
Hustle WordPress Hustle – Pop-Ups, Slide-ins and Email Opt-ins plugin <= 6.0.7 - Unauthenticated CSV Injection vulnerability 2019-06-11
ConvertPlus WordPress ConvertPlus plugin <= 3.4.2 - Unauthenticated Arbitrary User Role Creation vulnerability 2019-06-11
Slick Popup WordPress Slick Popup plugin <= 1.7.1 - Privilege Escalation vulnerability 2019-06-11
WP Database Backup WordPress WP Database Backup plugin <= 5.1.2 - Unauthenticated OS Command Injection vulnerability 2019-05-29