WordPress Plugins Vulnerabilities Please use the search to find what you're looking for Product Title Disclosure Date Donations WordPress Donations plugin <= 1.3 - Unauthenticated Options Change vulnerability 2019-08-06 Travel Management WordPress Travel Management plugin <= 1.5 - Unauthenticated Options Change vulnerability 2019-08-06 Woody ad snippets WordPress Woody Ad Snippets plugin <= 2.2.4 - Unauthenticated stored Cross-Site Scripting (XSS) vulnerability 2019-08-06 Order XML File Export Import for WooCommerce WordPress Order XML File Export Import for WooCommerce plugin <= 1.2.2 - Cross-Site Scripting (XSS) vulnerability 2019-08-01 ND Shortcodes For Visual Composer WordPress ND Shortcodes For Visual Composer plugin <= 5.8 - Unauthenticated WP Options Update vulnerability 2019-07-31 Custom Simple RSS WordPress Custom Simple RSS plugin <= 2.0.6 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29 Simple Membership WordPress Simple Membership plugin <= 3.8.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29 Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - HTML Injection vulnerability 2019-07-29 Contact Form & SMTP Plugin WordPress Contact Form & SMTP by PirateForms plugin <= 1.5.1 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-29 Photo Gallery by 10Web WordPress Photo Gallery by 10Web plugin <= 1.5.30 - SQL Injection (SQLi) vulnerability 2019-07-26 Advanced Contact form 7 DB WordPress Advanced Contact form 7 DB plugin <= 1.6.1 - SQL Injection (SQLi) vulnerability 2019-07-26 Contact Form 7 Dynamic Text Extension WordPress Contact Form 7 Dynamic Text Extension plugin <= 2.0.2.1 - Reflected Cross-Site Scripting (XSS) vulnerability 2019-07-26 Blog2Social WordPress Blog2Social plugin <= 5.5.0 - SQL Injection (SQLi) vulnerability 2019-07-26 AdRotate Banner Manager WordPress AdRotate Banner Manager plugin <= 5.2 - Authenticated SQL Injection (SQLi) vulnerability 2019-07-26 WPS Cleaner WordPress WPS Cleaner plugin <= 1.4.4 - Cross-Site Request Forgery (CSRF) + media disclosure vulnerabilities 2019-07-24 WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-24 WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Cross-Site Scripting (XSS) vulnerability 2019-07-24 WPS Bidouille WordPress WPS Bidouille plugin <= 1.12.2 - Arbitrary File Upload vulnerability 2019-07-24 WPS Limit Login WordPress WPS Limit Login plugin <= 1.4.5 - Stored Cross-Site Scripting (XSS) and Protection Bypass vulnerabilities 2019-07-24 WPS Child Theme Generator WordPress WPS Child Themes Generator plugin <= 1.1 - Path Traversal vulnerability 2019-07-24 2 3 4 5 6 ... 156 157 158