ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WPS Hide Login WordPress WPS Hide Login plugin <= 1.5.2.2 - Multiples Security Issues 2019-07-24
Adaptive Images for WordPress WordPress Adaptive Images for WordPress plugin <= 0.6.66 - Local File Inclusion (LFI) vulnerability 2019-07-24
Adaptive Images for WordPress WordPress Adaptive Images for WordPress plugin <= 0.6.66 - Arbitrary File Deletion vulnerability 2019-07-24
Everest Forms WordPress Everest Forms plugin <= 1.4.9 - SQL Injection (SQLi) vulnerability 2019-07-19
All-in-One WP Migration WordPress All-in-One WP Migration plugin <= 6.97 - Cross-Site Scripting (XSS) vulnerability (admin backend) 2019-07-18
Category Specific RSS feed Subscription WordPress Category Specific RSS feed Subscription plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-18
Coming Soon WordPress Coming Soon Page & Maintenance Mode plugin <= 1.8.0 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-07-17
Appointment Hour Booking WordPress Appointment Hour Booking plugin <= 1.1.45 - Stored Cross-Site Scripting (XSS) vulnerability 2019-07-16
Ad Inserter WordPress Ad Inserter plugin <= 2.4.21 - Authenticated Remote Code Execution (RCE) vulnerability 2019-07-15
Custom Body Class WordPress WP Custom Body Class plugin <= 0.7.0 - Cross-Site Request Forgery (CSRF) > Stored Cross-Site Scripting (XSS) + Settings Update vulnerabilities 2019-07-15
Ad Inserter WordPress Ad Inserter plugin <= 2.4.19 - Authenticated Path Traversal vulnerability 2019-07-13
Hybrid Composer WordPress Hybrid Composer plugin <= 1.4.6 - Unauthenticated Options Update vulnerability 2019-07-13
FV Flowplayer Video Player WordPress FV Flowplayer Video Player plugin <= 7.3.18.727 - SQL Injection (SQLi) vulnerability 2019-07-13
School Management WordPress School Management plugin < 57.0 - Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) vulnerabilities 2019-07-13
Ultimate Member WordPress Ultimate Member plugin <= 2.0.51 - Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) vulnerabilities 2019-07-13
One Click SSL WordPress One Click SSL plugin <= 1.4.6 - Multiple Security Issues 2019-07-13
Newsletters WordPress Newsletter Lite plugin <= 4.6.16 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-07-11
Yoast SEO WordPress Yoast SEO plugin 1.2.0-11.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-07-10
Gallery PhotoBlocks WordPress Gallery Photoblocks plugin <= 1.1.42 - Authenticated Cross-Site Scripting (XSS) vulnerability 2019-07-10
WP Google Maps WordPress WP Google Maps plugin <= 7.11.34 - Cross-Site Request Forgery (CSRF) vulnerability 2019-07-10