Report WordPress vulnerabilities, earn prizes and become an Alliance member!
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
██████████████ ███████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
██████████████ ███████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
███████ ███████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
███████ ███████████████████████████████████
Pending
Plugin
Spectra Cross Site Scripting (XSS) vulnerability
3 days ago
Plugin
Astra Pro Contributor+ Remote Code Execution (RCE) vulnerability
3 days ago
Plugin
WooCommerce Payments Cross Site Scripting (XSS) vulnerability
3 days ago
Theme
Soledad Reflected Cross Site Scripting (XSS) vulnerability
3 days ago
Theme
Soledad Unauthenticated PHP Object Injection vulnerability
3 days ago
Theme
Soledad Contributor+ SQL Injection vulnerability
3 days ago
Plugin
WappPress Unauthenticated Arbitrary File Upload vulnerability
4 days ago
Plugin
Symbiostock Lite Arbitrary File Upload vulnerability
4 days ago
Plugin
Sayfa Sayaç Unauthenticated PHP Object Injection vulnerability
4 days ago
Plugin
Sayfa Sayaç Unauthenticated SQL Injection vulnerability
4 days ago
Plugin
BCorp Shortcodes Unauthenticated PHP Object Injection vulnerability
4 days ago
Plugin
Genesis Simple Love Unauthenticated PHP Object Injection vulnerability
4 days ago
Plugin
SureTriggers Cross Site Request Forgery (CSRF) vulnerability
4 days ago
Plugin
PowerPack Pro for Elementor Reflected Cross Site Scripting (XSS) vulnerability
7 days ago
Plugin
JetElements For Elementor Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetElements For Elementor Broken Access Control vulnerability
28 November, 2023
Plugin
JetElements For Elementor Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
Widgets for Thumbtack Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Review Widgets for Szallas.hu Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Expedia Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Opentable Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Booking.com Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for SourceForge Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Hotels.com Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Amazon Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Reviews & Recommendations Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Customer Reviews Collector for WooCommerce Arbitrary File Upload vulnerability
28 November, 2023
Plugin
WP Tripadvisor Review Widgets Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Foursquare Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Capterra Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Zillow Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for AliExpress Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Wordpress Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Ebay Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Árukereső Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Yelp Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Airbnb Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
Widgets for Alibaba Reviews Arbitrary File Upload vulnerability
28 November, 2023
Plugin
JetSmartFilters Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetMenu Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetWooBuilder Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetTabs Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetTricks Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetBlog Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetBlocks For Elementor Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetProductGallery Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetThemeCore Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetReviews Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetCompareWishlist Unauthenticated Broken Access Control vulnerability
28 November, 2023
Plugin
JetEngine Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetSmartFilters Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetMenu Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetWooBuilder Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetTabs Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetTricks Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetSearch Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetBlog Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetBlocks For Elementor Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetProductGallery Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetThemeCore Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetPopup Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetReviews Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetCompareWishlist Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
JetEngine Broken Access Control vulnerability
28 November, 2023
Plugin
JetSmartFilters Broken Access Control vulnerability
28 November, 2023
Plugin
JetMenu Broken Access Control vulnerability
28 November, 2023
Plugin
JetWooBuilder Broken Access Control vulnerability
28 November, 2023
Plugin
JetTabs Broken Access Control vulnerability
28 November, 2023
Plugin
JetTricks Broken Access Control vulnerability
28 November, 2023
Plugin
JetSearch Broken Access Control vulnerability
28 November, 2023
Plugin
JetBlog Broken Access Control vulnerability
28 November, 2023
Plugin
JetBlocks For Elementor Broken Access Control vulnerability
28 November, 2023
Plugin
JetProductGallery Broken Access Control vulnerability
28 November, 2023
Plugin
JetThemeCore Broken Access Control vulnerability
28 November, 2023
Plugin
JetPopup Broken Access Control vulnerability
28 November, 2023
Plugin
JetReviews Broken Access Control vulnerability
28 November, 2023
Plugin
JetCompareWishlist Broken Access Control vulnerability
28 November, 2023
Plugin
JetElements For Elementor Unauthenticated Arbitrary Attachment Download vulnerability
28 November, 2023
Plugin
JetEngine Broken Access Control vulnerability
28 November, 2023
Plugin
JetEngine Privilege Escalation vulnerability
28 November, 2023
Plugin
JetBlocks For Elementor Reflected Cross Site Scripting (XSS) vulnerability
28 November, 2023
Plugin
Salient Core Cross Site Scripting (XSS) vulnerability
24 November, 2023
Plugin
Salient Core Reflected Cross Site Scripting (XSS) vulnerability
24 November, 2023
Plugin
Yoast SEO Cross Site Scripting (XSS) vulnerability
24 November, 2023
Theme
Enfold Reflected Cross Site Scripting (XSS) vulnerability
23 November, 2023
Plugin
Porto Theme - Functionality Broken Access Control vulnerability
23 November, 2023
Plugin
Porto Theme - Functionality Unauth. SQL Injection vulnerability
23 November, 2023
Plugin
Mollie Payments for WooCommerce Arbitrary File Upload vulnerability
23 November, 2023
Plugin
Widgets for Google Reviews Arbitrary File Upload vulnerability
22 November, 2023
Plugin
WP Githuber MD Arbitrary File Upload vulnerability
20 November, 2023
Plugin
CataBlog Arbitrary File Deletion vulnerability
20 November, 2023
Plugin
CataBlog Arbitrary File Upload vulnerability
20 November, 2023
Plugin
Shortcodes and extra features for Phlox theme Unauthenticated Local File Inclusion vulnerability
15 November, 2023
Plugin
Phlox Portfolio Unauthenticated Local File Inclusion vulnerability
15 November, 2023
Plugin
Phlox Shop Unauthenticated Local File Inclusion vulnerability
15 November, 2023
Plugin
Jetpack Contributor+ Broken Access Control vulnerability
15 November, 2023
Plugin
Jetpack Contributor+ Iframe Injection vulnerability
15 November, 2023
Plugin
Jetpack a.1 Cross Site Scripting (XSS) vulnerability
15 November, 2023
Plugin
WooCommerce Blocks Cross Site Scripting (XSS) vulnerability
15 November, 2023
Plugin
WooCommerce Contributor+ Cross Site Scripting (XSS) vulnerability
15 November, 2023
Plugin
WooCommerce Canada Post Shipping Cross Site Request Forgery (CSRF) vulnerability
14 November, 2023
Plugin
WooCommerce Bookings Cross Site Request Forgery (CSRF) vulnerability
14 November, 2023
Plugin
LayerSlider Cross Site Scripting (XSS) vulnerability
14 November, 2023
Plugin
LayerSlider Multiple Cross Site Request Forgery (CSRF) vulnerability
14 November, 2023
Plugin
Slider Revolution Author+ Arbitrary File Upload vulnerability
14 November, 2023
Theme
Thrive Theme Builder Multiple Authenticated Broken Access Control vulnerability
14 November, 2023
Theme
Thrive Theme Builder Authenticated Privilege Escalation vulnerability
14 November, 2023
Theme
Thrive Theme Builder Cross Site Request Forgery (CSRF) vulnerability
14 November, 2023
Plugin
Slider Revolution Cross Site Scripting (XSS) vulnerability
14 November, 2023
Plugin
Essential Grid Multiple Authenticated Broken Access Control vulnerability
14 November, 2023
Theme
Betheme Contributor+ Broken Access Control vulnerability
14 November, 2023
Plugin
ElementsKit Pro Broken Access Control vulnerability
13 November, 2023
Theme
Themify Ultra Multiple Broken Access Control vulnerability
10 November, 2023
Plugin
Essential Grid Reflected Cross Site Scripting (XSS) vulnerability
9 November, 2023
Plugin
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Authenticated Privilege Escalation vulnerability
9 November, 2023
Plugin
WP User Frontend Authenticated Privilege Escalation vulnerability
9 November, 2023
Plugin
WooCommerce Checkout Manager Broken Access Control vulnerability
9 November, 2023
Plugin
Qi Addons For Elementor Cross Site Scripting (XSS) vulnerability
9 November, 2023
Plugin
Qi Addons For Elementor Local File Inclusion vulnerability
9 November, 2023
Plugin
Elementor Website Builder Contributor+ Arbitrary Attachment Read vulnerability
8 November, 2023
Plugin
Elementor Website Builder Contributor+ Cross Site Scripting (XSS) vulnerability
8 November, 2023
Plugin
Master Slider Pro Reflected Cross Site Scripting (XSS) vulnerability
7 November, 2023
Plugin
Master Slider Pro PHP Object Injection vulnerability
7 November, 2023
Plugin
Master Slider Pro Authenticated (Editor+) SQL Injection vulnerability
7 November, 2023
Plugin
The Plus Addons for Elementor Pro Unauthenticated Local File Inclusion vulnerability
31 October, 2023
Plugin
WooCommerce Stripe Payment Gateway Cross Site Request Forgery (CSRF) vulnerability
19 October, 2023
Plugin
Ultimate Addons for WPBakery Page Builder Local File Inclusion vulnerability
19 October, 2023
Plugin
Ultimate Addons for WPBakery Page Builder Cross Site Scripting (XSS) vulnerability
19 October, 2023
Theme
Themify Ultra Authenticated Arbitrary File Upload vulnerability
17 October, 2023
Theme
Themify Ultra Authenticated Arbitrary Settings Change vulnerability
17 October, 2023
Theme
Themify Ultra Authenticated PHP Object Injection vulnerability
17 October, 2023
Theme
Themify Ultra Authenticated Privilege Escalation vulnerability
17 October, 2023
Core
WordPress Contributor+ Stored XSS in Navigation Links Block vulnerability
13 October, 2023
Core
WordPress Contributor+ Comment Read on Private and Password Protected Post vulnerability
13 October, 2023
Plugin
Gutenberg Contributor+ Stored XSS in Navigation Links Block vulnerability
13 October, 2023
Plugin
Nexter Extension Remote Code Execution (RCE) vulnerability
12 October, 2023
Plugin
Nexter Extension Reflected Cross Site Scripting (XSS) vulnerability
12 October, 2023
Theme
Nexter Broken Access Control vulnerability
12 October, 2023
Theme
Nexter SQL Injection vulnerability
12 October, 2023
Plugin
User Submitted Posts Unauthenticated Arbitrary File Upload vulnerability
10 October, 2023
Plugin
WordPress Popular Posts Cross Site Scripting (XSS) vulnerability
9 October, 2023
Plugin
Seriously Simple Stats SQL Injection vulnerability
3 October, 2023
Plugin
Seriously Simple Stats Reflected Cross Site Scripting (XSS) vulnerability
3 October, 2023
Plugin
Pre-Publish Checklist Publish Checklist plugin <= 1.1.1 Broken Access Control vulnerability
26 September, 2023
Plugin
Astra Bulk Edit Broken Access Control vulnerability
26 September, 2023
Plugin
Simple Membership Authenticated Account Takeover vulnerability
25 September, 2023
Plugin
Simple Membership Unauthenticated Membership Role Privilege Escalation vulnerability
25 September, 2023
Plugin
Essential Addons for Elementor Contributor+ Privilege Escalation vulnerability
15 September, 2023
Theme
Flatsome Unauthenticated PHP Object Injection vulnerability
6 September, 2023
Theme
WoodMart Reflected Cross Site Scripting (XSS) vulnerability
5 September, 2023
Plugin
Premium Starter Templates Broken Access Control vulnerability
5 September, 2023
Plugin
Premium Starter Templates Server Side Request Forgery (SSRF) vulnerability
5 September, 2023
Plugin
Starter Templates Broken Access Control vulnerability
5 September, 2023
Plugin
Starter Templates Server Side Request Forgery (SSRF) vulnerability
5 September, 2023
Plugin
GiveWP GiveWP Manager+ Privilege Escalation vulnerability
4 September, 2023
Plugin
All-in-One WP Migration Google Drive Extension inOne WP Migration Google Drive Extension plugin <= 2.79 Unauth. Access Token Manipulation vulnerability
30 August, 2023
Plugin
All-in-One WP Migration Dropbox Extension inOne WP Migration Dropbox Extension plugin <= 3.75 Unauth. Access Token Manipulation vulnerability
30 August, 2023
Plugin
All-in-One WP Migration OneDrive Extension inOne WP Migration OneDrive Extension plugin <= 1.66 Unauth. Access Token Manipulation vulnerability
30 August, 2023
Plugin
All-in-One WP Migration Box Extension inOne WP Migration Box Extension plugin <= 1.53 Unauth. Access Token Manipulation vulnerability
30 August, 2023
Plugin
Happy Elementor Addons Pro Reflected Cross Site Scripting (XSS) vulnerability
29 August, 2023
Plugin
Bridge Core Reflected Cross Site Scripting (XSS) vulnerability
29 August, 2023
Plugin
Folders Arbitrary File Upload vulnerability
28 August, 2023
Plugin
Elements kit Elementor addons Broken Access Control vulnerability
23 August, 2023
Plugin
JupiterX Core Unauth. Arbitrary File Upload vulnerability
22 August, 2023
Plugin
JupiterX Core Unauthenticated Account Takeover vulnerability
22 August, 2023
Plugin
Paid Memberships Pro CCBill Gateway Unauthenticated Broken Access Control vulnerability
17 August, 2023
Plugin
JupiterX Core Multiple Auth. Broken Access Control vulnerability
13 August, 2023