ThreatPress

WordPress Vulnerability Database

WordPress Plugin Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
Ultimate Member WordPress Ultimate Member plugin <= 2.1.11 - Unauthenticated/Authenticated Privilege Escalation 2020-11-09
WooCommerce Blocks WordPress WooCommerce Blocks plugin <= 3.7.0 - Guest Account Creation vulnerability 2020-11-06
WooCommerce WordPress WooCommerce plugin <= 4.6.1 - Guest Account Creation vulnerability 2020-11-06
Abandoned Cart Lite WordPress Abandoned Cart Lite for WooCommerce plugin <= 5.8.2 - Unauthenticated SQL Injection (SQLi) vulnerability 2020-11-05
Welcart e-Commerce WordPress Welcart e-Commerce plugin <= 1.9.35 - Authenticated PHP Object Injection vulnerability 2020-11-05
Augmented Reality WordPress Augmented Reality plugin <= 1.2.0 - Unauthenticated PHP File Upload leading to Remote Code Execution (RCE) vulnerability 2020-11-05
GDPR CCPA Compliance Support WordPress GDPR CCPA Compliance Support plugin <= 2.3 - Insecure Deserialization / Unauthenticated PHP Object Injection vulnerability 2020-11-03
SW Ajax WooCommerce Search WordPress SW Ajax WooCommerce Search plugin <= 1.2.6 - Unauthenticated Reflected Cross-Site Scripting (XSS) / Cross-Frame Scripting (XFS) vulnerabilities 2020-10-30
Advanced Booking Calendar WordPress Advanced Booking Calendar plugin <= 1.6.1 - Unauthenticated SQL Injection (SQLi) vulnerability 2020-10-22
CM Download Manager WordPress CM Download Manager plugin <= 2.7.0 - Authenticated Cross-Site Scripting (XSS) vulnerability 2020-10-22
Loginizer WordPress Loginizer plugin <= 1.6.3 - Unauthenticated SQL Injection (SQLi) vulnerability 2020-10-21
Helios Solutions Brand Logo Slider WordPress Helios Solutions Brand Logo Slider plugin <= 2.1 - Authenticated Arbitrary File Upload vulnerability 2020-10-21
Super Logos Showcase WordPress Super Logos Showcase premium plugin <= 2.2 - Unauthenticated Arbitrary File Upload vulnerability 2020-10-21
Super Interactive Maps WordPress Super Interactive Maps premium plugin <= 1.9 - Unauthenticated Arbitrary File Upload vulnerability 2020-10-21
Super Store Finder WordPress Super Store Finder premium plugin <= 6.1 - Unauthenticated Arbitrary File Upload vulnerability 2020-10-21
Simple Download Monitor WordPress Simple Download Monitor plugin <= 3.8.8 - SQL Injection (SQLi) vulnerability 2020-10-21
Simple Download Monitor WordPress Simple Download Monitor plugin <= 3.8.8 - Unauthenticated Cross-Site Scripting (XSS) vulnerability 2020-10-21
WP-Lister for eBay WordPress WP-Lister for eBay plugin <= 2.0.20 - Unauthenticated Path Traversal vulnerability 2020-10-20
WP-Lister for Amazon WordPress WP-Lister for Amazon plugin <= 0.9.6.35 - Unauthenticated Path Traversal vulnerability 2020-10-20
TI WooCommerce Wishlist WordPress TI WooCommerce Wishlist plugin <= 1.21.11 - Authenticated WP Options Change vulnerability 2020-10-16