WordPress Plugins Vulnerabilities Please use the search to find what you're looking for Product Title Disclosure Date Blog Designer WordPress Blog Designer plugin <= 1.8.10 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-05-02 Print My Blog WordPress Print My Blog plugin <= 1.6.5 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability 2019-04-27 WooCommerce Checkout Manager WordPress WooCommerce Checkout Manager plugin 4.2.6 (latest) - Arbitrary File Upload vulnerability 2019-04-26 Social Warfare WordPress Social Warfare plugin <= 3.5.2 - Unauthenticated Remote Code Execution (RCE) vulnerability 2019-04-24 WP Statistics WordPress WP Statistics plugin <= 12.6.3 - Cross-Site Scripting (XSS) vulnerability 2019-04-24 Form Builder WordPress Contact Form Builder plugin <= 1.0.68 - Cross-Site Request Forgery (CSRF) leading to Local File Inclusion (LFI) vulnerability 2019-04-24 WordPress Download Manager WordPress Download Manager plugin <= 2.9.93 - Authenticated Cross-Site Scripting (XSS) vulnerability 2019-04-23 YellowPencil Visual CSS Style Editor WordPress YellowPencil Visual CSS Style Editor plugin <= 7.2.0 - Unauthenticated arbitrary Options update vulnerability 2019-04-12 Advanced Contact form 7 DB WordPress Advanced Contact form 7 DB plugin <= 1.6.0 - Authenticated SQL Injection (SQLi) vulnerability 2019-04-12 Contact Form by WD WordPress Contact Form by WD plugin <= 1.13.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-04-10 Form Maker WordPress Form Maker by 10Web plugin <= 1.13.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-04-10 Yuzo Related Posts WordPress Yuzo Related Posts plugin <=5.12.91 - Broken authentication 2019-04-10 Duplicate Page WordPress Duplicate Page plugin <= 3.3 - Authenticated SQL Injection (SQLi) vulnerability 2019-04-08 Ultimate Member WordPress Ultimate Member plugin <= 2.0.39 - Cross-Site Request Forgery (CSRF) vulnerability 2019-04-04 Pipdig Power Pack WordPress Pipdig Power Pack plugin <= 4.7.3 - Vendor Backdoors & Suspicious Code 2019-04-02 WP Google Maps WordPress WP Google Maps plugin <= 7.11.17 - Unauthenticated SQL Injection (SQLi) vulnerability 2019-04-02 article2pdf WordPress article2pdf plugin <=0.27 - Multiple vulnerabilities 2019-03-28 Font Organizer WordPress Font Organizer plugin <=2.1.1 - Cross-Site Scripting (XSS) vulnerability 2019-03-22 Social Warfare WordPress Social Warfare plugin <= 3.5.2 - Unauthenticated Arbitrary Settings Update vulnerability 2019-03-22 NextScripts WordPress NextScripts plugin <= 4.2.7 - Cross-Site Scripting (XSS) vulnerability 2019-03-22 2 3 4 5 6 ... 149 150 151