ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Custom Simple RSS WordPress Custom Simple RSS plugin <= 2.0.6 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Simple Membership WordPress Simple Membership plugin <= 3.8.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - HTML Injection vulnerability 2019-07-29
Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Photo Gallery by 10Web WordPress Photo Gallery by 10Web plugin <= 1.5.30 - SQL Injection (SQLi) vulnerability 2019-07-26
Advanced Contact form 7 DB WordPress Advanced Contact form 7 DB plugin <= 1.6.1 - SQL Injection (SQLi) vulnerability 2019-07-26
Contact Form 7 Dynamic Text Extension WordPress Contact Form 7 Dynamic Text Extension plugin <= 2.0.2.1 - Reflected Cross-Site Scripting (XSS) vulnerability 2019-07-26
Blog2Social WordPress Blog2Social plugin <= 5.5.0 - SQL Injection (SQLi) vulnerability 2019-07-26
AdRotate Banner Manager WordPress AdRotate Banner Manager plugin <= 5.2 - Authenticated SQL Injection (SQLi) vulnerability 2019-07-26
WPS Cleaner WordPress WPS Cleaner plugin <= 1.4.4 - Cross-Site Request Forgery (CSRF) + media disclosure vulnerabilities 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Scripting (XSS) vulnerability 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Arbitrary File Upload vulnerability 2019-07-24
WPS Limit Login WordPress WPS Limit Login plugin <= 1.4.5 - Stored Cross-Site Scripting (XSS) and Protection Bypass vulnerabilities 2019-07-24
WPS Child Theme Generator WordPress WPS Child Themes Generator plugin <= 1.1 - Path Traversal vulnerability 2019-07-24
WPS Hide Login WordPress WPS Hide Login plugin <= 1.5.2.2 - Multiples Security Issues 2019-07-24
Adaptive Images for WordPress WordPress Adaptive Images for WordPress plugin <= 0.6.66 - Local File Inclusion (LFI) vulnerability 2019-07-24
Adaptive Images for WordPress WordPress Adaptive Images for WordPress plugin <= 0.6.66 - Arbitrary File Deletion vulnerability 2019-07-24
Everest Forms WordPress Everest Forms plugin <= 1.4.9 - SQL Injection (SQLi) vulnerability 2019-07-19
All-in-One WP Migration WordPress All-in-One WP Migration plugin <= 6.97 - Cross-Site Scripting (XSS) vulnerability (admin backend) 2019-07-18