ThreatPress

WordPress Vulnerabilities Database

Daily updated database of WordPress plugins, themes and WordPress core vulnerabilities. Our R&D team monitors a large number of sources to add new vulnerabilities to the database on daily basis.

Vulnerabilities

Please use the search to find what you're looking for

Product Title Disclosure Date
WordPress WordPress <= 2.2.2 - BYPASS 2008-05-12
WordPress WordPress <= 2.5 - XSS 2008-05-02
Download Monitor WordPress Download Monitor Plugin <= 2.0.6 - SQL Injection 2008-04-30
Spreadsheet WordPress Spreadsheet Plugin <= 0.6 - SQL Injection 2008-04-27
WordPress WordPress <= 2.5 - Cookie Integrity Protection Vulnerability 2008-04-23
WP Download WordPress WP Download Plugin <= 1.2 - SQL Injecion 2008-04-02
WordPress WordPress <= 2.3.2 - Multiple XSS vulnerabilities 2008-03-12
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Multiple XSS vulnerabilities 2008-02-28
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Eval Injection 2008-02-28
Sniplets WordPress Sniplets Plugin <= 1.2.2 - Remote File Inclusion 2008-02-28
WP Photo Album WordPress WP Photo Album Plugin <= 1.0 - Multiple SQL Injection 2008-02-25
WP People WordPress WP People Plugin <= 1.6.1 - SQL Injection 2008-02-20
Search Unleashed WordPress Search Unleashed Plugin <= 0.2.10 - XSS 2008-02-20
Footnotes WordPress Footnotes Plugin <= 2.2 - Multiple XSS vulnerabilities 2008-02-11
NewsLetter WordPress Newsletter Plugin - SQL Injection #2 2008-02-11
Wordspew WordPress Wordspew Plugin <= 3.7.1 - SQL Injection 2008-02-11
WordPress WordPress <= 2.3.2 - Unauthorized Access Vulnerability 2008-02-07
DMSGuestbook WordPress DMSGuestbook Plugin <= 1.8.0 - Multiple XSS vulnerabilities 2008-02-05
DMSGuestbook WordPress DMSGuestbook Plugin <= 1.7.0 - Multiple XSS 2008-02-05
DMSGuestbook WordPress DMSGuestbook Plugin <= 1.7.0 - SQL Injection 2008-02-05