ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Blog Designer WordPress Blog Designer plugin <= 1.8.10 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-05-02
Print My Blog WordPress Print My Blog plugin <= 1.6.5 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability 2019-04-27
WooCommerce Checkout Manager WordPress WooCommerce Checkout Manager plugin 4.2.6 (latest) - Arbitrary File Upload vulnerability 2019-04-26
Social Warfare WordPress Social Warfare plugin <= 3.5.2 - Unauthenticated Remote Code Execution (RCE) vulnerability 2019-04-24
WP Statistics WordPress WP Statistics plugin <= 12.6.3 - Cross-Site Scripting (XSS) vulnerability 2019-04-24
Form Builder WordPress Contact Form Builder plugin <= 1.0.68 - Cross-Site Request Forgery (CSRF) leading to Local File Inclusion (LFI) vulnerability 2019-04-24
WordPress Download Manager WordPress Download Manager plugin <= 2.9.93 - Authenticated Cross-Site Scripting (XSS) vulnerability 2019-04-23
YellowPencil Visual CSS Style Editor WordPress YellowPencil Visual CSS Style Editor plugin <= 7.2.0 - Unauthenticated arbitrary Options update vulnerability 2019-04-12
Advanced Contact form 7 DB WordPress Advanced Contact form 7 DB plugin <= 1.6.0 - Authenticated SQL Injection (SQLi) vulnerability 2019-04-12
Contact Form by WD WordPress Contact Form by WD plugin <= 1.13.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-04-10
Form Maker WordPress Form Maker by 10Web plugin <= 1.13.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-04-10
Yuzo Related Posts WordPress Yuzo Related Posts plugin <=5.12.91 - Broken authentication 2019-04-10
Duplicate Page WordPress Duplicate Page plugin <= 3.3 - Authenticated SQL Injection (SQLi) vulnerability 2019-04-08
Ultimate Member WordPress Ultimate Member plugin <= 2.0.39 - Cross-Site Request Forgery (CSRF) vulnerability 2019-04-04
Pipdig Power Pack WordPress Pipdig Power Pack plugin <= 4.7.3 - Vendor Backdoors & Suspicious Code 2019-04-02
WP Google Maps WordPress WP Google Maps plugin <= 7.11.17 - Unauthenticated SQL Injection (SQLi) vulnerability 2019-04-02
article2pdf WordPress article2pdf plugin <=0.27 - Multiple vulnerabilities 2019-03-28
Font Organizer WordPress Font Organizer plugin <=2.1.1 - Cross-Site Scripting (XSS) vulnerability 2019-03-22
Social Warfare WordPress Social Warfare plugin <= 3.5.2 - Unauthenticated Arbitrary Settings Update vulnerability 2019-03-22
NextScripts WordPress NextScripts plugin <= 4.2.7 - Cross-Site Scripting (XSS) vulnerability 2019-03-22