WordPress Vulnerability Database

Vulnerability Database

WordPress Vulnerability Database

Hand curated, verified and enriched WordPress vulnerability information

This month's Patchstack Red Team findings:

36

Last month's Patchstack Red Team findings:

117

Software

Vulnerability

Type

Version

Published

Ninja Forms

Medium Severity

6.5

WordPress Ninja Forms Contact Form plugin <= 3.5.7 - Unprotected REST-API to Sensitive Information Disclosure vulnerability

Medium Severity

6.5

Plugin

<= 3.5.7

2021-09-22

Ninja Forms

Medium Severity

6.5

WordPress Ninja Forms Contact Form plugin <= 3.5.7 - Unprotected REST-API to Email Injection vulnerability

Medium Severity

6.5

Plugin

<= 3.5.7

2021-09-22

WooCommerce

Low Severity

3.7

WordPress WooCommerce plugin <= 5.6.0 - Analytics Report Leaks vulnerability

Low Severity

3.7

Plugin

<= 5.6.0

2021-09-22

WooCommerce Admin

Low Severity

3.7

WordPress WooCommerce Admin plugin <= 2.6.3 - Analytics Report Leaks vulnerability

Low Severity

3.7

Plugin

<= 2.6.3

2021-09-22

Telefication

Medium Severity

5.8

WordPress Telefication vulnerability <= 1.8.0 - Open Relay and Server-Side Request Forgery vulnerability

Medium Severity

5.8

Plugin

<= 1.8.0

2021-09-21

Getwid – Gutenberg Blocks

Medium Severity

4.3

WordPress Getwid – Gutenberg Blocks plugin <= 1.7.4 - Authenticated Information Disclosure vulnerability

Medium Severity

4.3

Plugin

<= 1.7.4

2021-09-21

Getwid – Gutenberg Blocks

Medium Severity

6.5

WordPress Getwid – Gutenberg Blocks plugin <= 1.7.4 - Cross-Site Request Forgery (CSRF) / Settings Change vulnerability

Medium Severity

6.5

Plugin

<= 1.7.4

2021-09-21

OptinMonster

Medium Severity

6.1

WordPress OptinMonster plugin <= 2.6.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Medium Severity

6.1

Plugin

<= 2.6.0

2021-09-20

Product Filter for WooCommerce

High Severity

8.8

WordPress Product Filter for WooCommerce plugin <= 8.1.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 8.1.1

2021-09-20

Improved Product Options for WooCommerce

High Severity

8.8

WordPress Improved Product Options for WooCommerce plugin <= 5.1.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 5.1.1

2021-09-20

Improved Sale Badges for WooCommerce

High Severity

8.8

WordPress Improved Sale Badges for WooCommerce plugin <= 4.3.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 4.3.1

2021-09-20

Share, Print and PDF Products for WooCommerce

High Severity

8.8

WordPress Share, Print and PDF Products for WooCommerce plugin <= 2.7.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 2.7.1

2021-09-20

Product Loops for WooCommerce

High Severity

8.8

WordPress Product Loops for WooCommerce plugin <= 1.6.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 1.6.1

2021-09-20

XforWooCommerce

High Severity

8.8

WordPress XforWooCommerce plugin <=1.6.4 - Multiple vulnerabilities

High Severity

8.8

Plugin

<=1.6.4

2021-09-20

Package Quantity Discount

High Severity

8.8

WordPress Package Quantity Discount plugin <= 1.1.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 1.1.1

2021-09-20

Price Commander for WooCommerce

High Severity

8.8

WordPress Price Commander for WooCommerce plugin <= 1.2.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 1.2.1

2021-09-20

Comment and Review Spam Control for WooCommerce

High Severity

8.8

WordPress Comment and Review Spam Control for WooCommerce plugin <= 1.4.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 1.4.1

2021-09-20

Add Product Tabs for WooCommerce

High Severity

8.8

WordPress Add Product Tabs for WooCommerce plugin <= 1.4.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 1.4.1

2021-09-20

Autopilot SEO for WooCommerce

High Severity

8.8

WordPress Autopilot SEO for WooCommerce plugin <=1.5.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<=1.5.1

2021-09-20

Floating Cart

High Severity

8.8

WordPress Floating Cart plugin <= 1.2.1 - Multiple vulnerabilities

High Severity

8.8

Plugin

<= 1.2.1

2021-09-20

Newer entries Older entries

Vulnerability Database