API Monitor free

State Of WordPress Security In 2021

Read the whitepaper

Vulnerability API

Integrate vulnerability alerts inside of your product with our detailed vulnerability API.

How we do it

We collect data across the web, commits, databases and manage a bounty platform for ethical hackers.

Why open-source

WordPress powers over 40% of all sites, including the White House, Mercedes-Benz… and BeyoncĂ©.

Vulnerability API

Integrate vulnerability alerts inside of your product with our detailed vulnerability API.

How we do it

We collect data across the web, commits, databases and manage a bounty platform for ethical hackers.

Why open-source

WordPress powers over 40% of all sites, including the White House, Mercedes-Benz… and BeyoncĂ©.

Plugin

Post Slider

<= 1.6.7

Broken Access Control vulnerability

5.4

1 day ago

Plugin

Customizer Export/Import

<= 0.9.4

Authenticated PHP Objection Injection vulnerability

6.6

1 day ago

Plugin

WP Word Count

<= 3.2.3

Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

1 day ago

Plugin

LearnPress

<= 4.1.7.1

Unauthenticated PHP Object Injection vulnerability

8.1

2 days ago

Plugin

Sabai Discuss

<= 1.4.13

Reflected CrossSite Scripting (XSS) vulnerability

6.1

2 days ago

Plugin

Create Block Theme

<= 1.2.1

Unauthenticated Arbitrary File Upload vulnerability

9.8

2 days ago

Plugin

WP-Polls

<= 2.76.0

Polls plugin <= 2.76.0 Race Condition vulnerability

4.3

2 days ago

Plugin

WP Humans.txt

<= 1.0.6

Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

2 days ago

Plugin

Retain Live Chat

<= 0.1

Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

2 days ago

Plugin

Post to CSV by BestWebSoft

<= 1.3.9

Authenticated CSV Injection vulnerability

4.1

3 days ago

Plugin

WP ALL Export Pro

<= 1.7.8

Authenticated SQL Injection (SQLi) vulnerability

8.5

4 days ago

Plugin

WP ALL Export Pro

<= 1.7.8

Authenticated Code Injection vulnerability

8.5

4 days ago

Plugin

Kadence WooCommerce Email Designer

<= 1.5.6

Authenticated PHP Objection Injection vulnerability

6.6

4 days ago

Plugin

Form Maker by 10Web

<= 1.15.5

Authenticated SQL Injection (SQLi) vulnerability

8.2

4 days ago

Plugin

Spam protection, AntiSpam, FireWall by CleanTalk

<= 5.185

Authenticated SQL Injection (SQLi) vulnerability

8.2

4 days ago

Plugin

WP Super Cache

<= 1.8

Cache Poisoning vulnerability

6.5

4 days ago

Plugin

Blog2Social

<= 6.9.9

Authenticated ServerSide Request Forgery (SSRF) vulnerability

7.4

4 days ago

Plugin

Blog2Social

<= 6.9.9

Authenticated SQL Injection (SQLi) vulnerability

9.1

4 days ago

Plugin

Shortcodes Ultimate

<= 5.12.0

CrossSite Request Forgery (CSRF) vulnerability

5.4

5 days ago

Plugin

CRM Perks Forms

<= 1.1.0

Reflected CrossSite Scripting (XSS) vulnerability

6.1

7 days ago

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close