ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Donations WordPress Donations plugin <= 1.3 - Unauthenticated Options Change vulnerability 2019-08-06
Travel Management WordPress Travel Management plugin <= 1.5 - Unauthenticated Options Change vulnerability 2019-08-06
Woody ad snippets WordPress Woody Ad Snippets plugin <= 2.2.4 - Unauthenticated stored Cross-Site Scripting (XSS) vulnerability 2019-08-06
Order XML File Export Import for WooCommerce WordPress Order XML File Export Import for WooCommerce plugin <= 1.2.2 - Cross-Site Scripting (XSS) vulnerability 2019-08-01
ND Shortcodes For Visual Composer WordPress ND Shortcodes For Visual Composer plugin <= 5.8 - Unauthenticated WP Options Update vulnerability 2019-07-31
Custom Simple RSS WordPress Custom Simple RSS plugin <= 2.0.6 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Simple Membership WordPress Simple Membership plugin <= 3.8.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - HTML Injection vulnerability 2019-07-29
Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29
Photo Gallery by 10Web WordPress Photo Gallery by 10Web plugin <= 1.5.30 - SQL Injection (SQLi) vulnerability 2019-07-26
Advanced Contact form 7 DB WordPress Advanced Contact form 7 DB plugin <= 1.6.1 - SQL Injection (SQLi) vulnerability 2019-07-26
Contact Form 7 Dynamic Text Extension WordPress Contact Form 7 Dynamic Text Extension plugin <= 2.0.2.1 - Reflected Cross-Site Scripting (XSS) vulnerability 2019-07-26
Blog2Social WordPress Blog2Social plugin <= 5.5.0 - SQL Injection (SQLi) vulnerability 2019-07-26
AdRotate Banner Manager WordPress AdRotate Banner Manager plugin <= 5.2 - Authenticated SQL Injection (SQLi) vulnerability 2019-07-26
WPS Cleaner WordPress WPS Cleaner plugin <= 1.4.4 - Cross-Site Request Forgery (CSRF) + media disclosure vulnerabilities 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Scripting (XSS) vulnerability 2019-07-24
WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Arbitrary File Upload vulnerability 2019-07-24
WPS Limit Login WordPress WPS Limit Login plugin <= 1.4.5 - Stored Cross-Site Scripting (XSS) and Protection Bypass vulnerabilities 2019-07-24
WPS Child Theme Generator WordPress WPS Child Themes Generator plugin <= 1.1 - Path Traversal vulnerability 2019-07-24