WordPress Plugins Vulnerabilities Please use the search to find what you're looking for Product Title Disclosure Date Download Personalized WooCommerce Cart Page WordPress Personalized WooCommerce Cart Page plugin <= 2.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-10 Contest Gallery WordPress Contest Gallery plugin <= 10.4.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-10 Online Lesson Booking WordPress Online Lesson Booking plugin <= 0.8.6 - Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) vulnerabilities 2019-07-10 Attendance Manager WordPress Attendance Manager plugin <= 0.5.6 - Cross-Site Request Forgery CSRF and Cross-Site Scripting (XSS) vulnerabilities 2019-07-10 Zoho SalesIQ WordPress Zoho SalesIQ plugin <= 1.0.8 - Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) vulnerabilities 2019-07-10 WP Like Button WordPress WP Like Button plugin <= 1.6.0 - Auth Bypass vulnerability 2019-07-10 Slimstat Analytics WordPress Slimstat Analytics plugin <= 4.8.3 - Cross-Site Request Forgery (CSRF) to Stored Cross-Site Scripting (XSS) + Setting Updates vulnerabilities 2019-07-10 Rencontre WordPress Rencontre – Dating Site plugin <= 3.1.2 - SQL Injection (SQLi) and Cross-Site Scripting (XSS) vulnerabilities 2019-07-10 iLive WordPress iLive premium plugin <= 1.0.4 - Stored Cross-Site Scripting (XSS) vulnerability 2019-07-09 WooCommerce WordPress WooCommerce plugin <= 3.6.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-07 Appointment Booking Calendar WordPress Appointment Booking Calendar plugin <= 1.3.18 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-07-07 Gallery PhotoBlocks WordPress Gallery Photoblocks plugin <= 1.1.40 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-07-05 MyBookTable Bookstore WordPress MyBookTable plugin <= 3.2.2 - Multiple Cross-Site Scripting (XSS) vulnerabilities 2019-07-05 Ocean Extra WordPress Ocean Extra plugin <= 1.5.8 - Unauthenticated Settings change vulnerability 2019-07-04 Ocean Extra WordPress Ocean Extra plugin <= 1.5.8 - Unauthenticated CSS injection vulnerability 2019-07-04 Essential Real Estate WordPress Essential Real Estate plugin <= 1.7.1 - Cross-Site Scripting (XSS) vulnerability 2019-07-04 Visitors Traffic Real Time Statistics WordPress Visitors Traffic Real Time Statistics plugin <= 1.12 - Cross-Site Request Forgery (CSRF) leading to Stored XSS/SQLi vulnerabilities 2019-07-04 WP Statistics WordPress WP Statistics plugin <= 12.6.6.1 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-07-04 Simple Mail Address Encoder WordPress Simple Mail Address Encoder plugin <= 1.6.1 - Reflected Authenticated Cross-Site Scripting (XSS) vulnerability 2019-07-04 Widget Logic WordPress Widget Logic plugin <= 5.9.0 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-02 2 3 4 5 6 ... 154 155 156