ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Open Graph for Facebook, Google+ and Twitter Card Tags WordPress Open Graph for Facebook, Google+ and Twitter Card Tags plugin <= 2.2.4 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2018-06-22
Advanced Order Export For WooCommerce WordPress Advanced Order Export For WooCommerce plugin <= 1.5.4 - CSV Injection vulnerability 2018-06-22
Ultimate Form Builder Lite WordPress Ultimate Form Builder Lite plugin <= 1.3.7 - Authenticated Cross-Site Scripting (XSS) vulnerability 2018-06-20
Ultimate Form Builder Lite WordPress Ultimate Form Builder Lite plugin <= 1.3.7 - SQL Injection (SQLi) vulnerability 2018-06-20
Pie Register WordPress Pie Register plugin <= 3.0.9 - Authenticated Blind SQL Injection (SQLi) vulnerability 2018-06-20
Tooltipy WordPress Tooltipy (tooltips for WP) plugin <= 5.0 - Cross-Site Request Forgery (CSRF) vulnerability 2018-06-20
Tooltipy WordPress Tooltipy (tooltips for WP) plugin <= 5.0 - Unauthenticated Cross-Site Scripting (XSS) vulnerability 2018-06-20
Redirection WordPress Redirection plugin <= 2.7.3 - Authenticated Local File Inclusion vulnerability 2018-06-20
wpForo Forum WordPress wpForo Forum plugin <= 1.4.11 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2018-06-20
wpForo Forum WordPress wpForo Forum plugin <= 1.4.9 - Unauthenticated SQL Injection (SQLi) vulnerability 2018-06-20
Page Visit Counter WordPress Page Visit Counter plugin <= 4.4 - Reflected Cross-Site Scripting (XSS) vulnerability 2018-06-11
WooCommerce Quick Reports WordPress WooCommerce Quick Reports plugin <= 1.0.7 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2018-06-11
Woocommerce Blocker Lite – Prevent fake orders and Blacklist fraud customers WordPress Woocommerce Blocker Lite plugin <= 1.6.5 - Cross-Site Request Forgery (CSRF) vulnerability 2018-06-11
Woocommerce Notifier Lite- Send automated web push desktop notifications WordPress Woocommerce Notifier Lite plugin <= 1.5.1 - Cross-Site Request Forgery (CSRF) vulnerability 2018-06-11
Woocommerce Notifier Lite- Send automated web push desktop notifications WordPress Woocommerce Notifier Lite plugin <= 1.5.1 - Stored Cross-Site Scripting (XSS) vulnerability 2018-06-11
WP Events Calendar WordPress WP Events Calendar plugin <= 1.0 - SQL Injection (SQLi) vulnerability 2018-06-05
WP Booking Calendar WordPress WP Booking Calendar plugin <= 3.0.0 - SQL Injection (SQLi) vulnerability 2018-06-05
WP Booking Calendar WordPress WP Booking Calendar plugin <= 3.0.0 - Cross-Site Scripting (XSS) vulnerability 2018-06-05
ProfileGrid WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 2.8.5 - Authenticated Code Execution vulnerability 2018-06-05
WP ULike WordPress WP ULike plugin <= 3.1 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2018-06-05