ThreatPress

WordPress Vulnerabilities Database

WordPress Plugins Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
API Bearer Auth WordPress API Bearer Auth plugin <= 20181229 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-06
Spryng Payments for WooCommerce WordPress Spryng Payments for WooCommerce plugin <= 1.6.7 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-04
Portrait-Archiv.com Photostore WordPress Portrait-Archiv.com Photostore plugin <= 3.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-09-04
Event Tickets WordPress Event Tickets plugin <= 4.10.7.1 - CSV Injection vulnerability 2019-09-03
WooCommerce Product Feed for Google, Facebook, eBay and Many More WordPress WooCommerce Product Feed plugin <= 3.1.14 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-30
Variation Swatches for WooCommerce WordPress Variation Swatches for WooCommerce plugin <= 1.0.61 - Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-30
WP Social Feed Gallery WordPress WP Social Feed Gallery plugin <= 2.4.7 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
WP Social Feed Gallery WordPress WP Social Feed Gallery plugin <= 2.4.7 - Authorization Check vulnerability 2019-08-29
Additional Variation Images for WooCommerce WordPress Additional Variation Images for WooCommerce plugin <= 1.1.28 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-08-29
Social LikeBox & Feed WordPress Social LikeBox & Feed plugin <= 2.8.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
Social LikeBox & Feed WordPress Social LikeBox & Feed plugin <= 2.8.4 - Cross-Site Scripting (XSS) vulnerability 2019-08-29
WP DSGVO Tools (GDPR) WordPress WP DSGVO Tools (GDPR) plugin <= 2.2.18 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-29
WooCommerce Address Book WordPress WooCommerce Address Book plugin <= 1.5.6 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
HandL UTM Grabber WordPress HandL UTM Grabber plugin <= 2.6.4 - Cross-Site Request Forgery (CSRF) vulnerability 2019-08-29
NextGEN Gallery WordPress Nextgen Gallery plugin <= 3.2.8 - SQL Injection vulnerability 2019-08-27
Userpro WordPress UserPro plugin <= 4.9.33 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-27
WP Private Content Plus WordPress WP Private Content Plus plugin <= 1.31 - Unauthenticated Options Change vulnerability 2019-08-27
Pie Register WordPress Pie Register plugin <= 3.1.1 - SQL Injection (SQLi) vulnerability 2019-08-27
Import Export WordPress Users WordPress Import Export WordPress Users plugin <= 1.3.1 - CSV Injection vulnerability 2019-08-26
Easy Forms for Mailchimp WordPress Easy Forms for Mailchimp plugin <= 6.5.2 - Code Injection vulnerability 2019-08-23