ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Category Specific RSS feed Subscription WordPress Category Specific RSS feed Subscription plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-18
Coming Soon WordPress Coming Soon Page & Maintenance Mode plugin <= 1.8.0 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-07-17
Appointment Hour Booking WordPress Appointment Hour Booking plugin <= 1.1.45 - Stored Cross-Site Scripting (XSS) vulnerability 2019-07-16
Ad Inserter WordPress Ad Inserter plugin <= 2.4.21 - Authenticated Remote Code Execution (RCE) vulnerability 2019-07-15
Custom Body Class WordPress WP Custom Body Class plugin <= 0.7.0 - Cross-Site Request Forgery (CSRF) > Stored Cross-Site Scripting (XSS) + Settings Update vulnerabilities 2019-07-15
Ad Inserter WordPress Ad Inserter plugin <= 2.4.19 - Authenticated Path Traversal vulnerability 2019-07-13
Hybrid Composer WordPress Hybrid Composer plugin <= 1.4.6 - Unauthenticated Options Update vulnerability 2019-07-13
FV Flowplayer Video Player WordPress FV Flowplayer Video Player plugin <= 7.3.18.727 - SQL Injection (SQLi) vulnerability 2019-07-13
School Management WordPress School Management plugin < 57.0 - Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) vulnerabilities 2019-07-13
Ultimate Member WordPress Ultimate Member plugin <= 2.0.51 - Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) vulnerabilities 2019-07-13
One Click SSL WordPress One Click SSL plugin <= 1.4.6 - Multiple Security Issues 2019-07-13
Newsletters WordPress Newsletter Lite plugin <= 4.6.16 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-07-11
Yoast SEO WordPress Yoast SEO plugin 1.2.0-11.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-07-10
Gallery PhotoBlocks WordPress Gallery Photoblocks plugin <= 1.1.42 - Authenticated Cross-Site Scripting (XSS) vulnerability 2019-07-10
WP Google Maps WordPress WP Google Maps plugin <= 7.11.34 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-10
File Manager WordPress File Manager plugin <= 4.8 - Multiple Vulnerabilities 2019-07-10
LiveChat WordPress LiveChat plugin <= 3.7.2 - Stored Cross-Site Scripting (XSS) and unauthenticated Option Update/Reset vulnerabilities 2019-07-10
Icegram WordPress Icegram plugin <= 1.10.28.2 - Cross-Site Request Forgery (CSRF) to Stored XSS vulnerabilities 2019-07-10
Custom CSS Pro WordPress Custom CSS Pro plugin <= 1.0.3 - Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) vulnerabilities 2019-07-10
HTML5 Maps WordPress HTML5 Maps plugin <= 1.6.5.6 - Cross-Site Request Forgery CSRF and Cross-Site Scripting (XSS) vulnerabilities 2019-07-10