About Alliance Leaderboard Vulnerability database WordPress security
Login
Alliance XP
1746.84
Total reports
274
Reports, last 90 days
87
December 2023
1st
Contributions 274
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ █████████████████████████████████████████████████

+4 AXP

4.3

Pending

████

██████████████ █████ ███████████████████████████████████

+10 AXP

5.3

Pending

████

██████████████ █████ ████████████████████████████████████████████████████████

+7 AXP

3.7

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+53 AXP

5.3

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+10 AXP

5.3

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+21 AXP

5.3

Pending

████

██████████████ █████ ███████████████████████████████████

+13 AXP

6.5

Pending

████

█████████████████████ █████ ███████████████████████████████████

+2 AXP

4.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+8 AXP

4.3

Pending

████

██████████████ █████ ████████████████████████████████████████████████████████

+2 AXP

5.4

Pending

████

█████████████████████ █████ ███████████████████████████████████

+2 AXP

5.4

Pending

████

█████████████████████ █████ ███████████████████████████████████

+10 AXP

5.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+0 AXP

4.3

Pending

████

███████ █████ ███████████████████████████████████

+0 AXP

7.6

Pending

████

██████████████ █████ ██████████████████████████████████████████

+7 AXP

3.7

Pending

████

██████████████ █████ ███████████████████████████████████

+10 AXP

5.3

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+0 AXP

7.5

Pending

Plugin

Webflow Pages <= 1.0.8 Broken Access Control vulnerability

+10.6 AXP

5.3

5 days ago

Plugin

Smart External Link Click Monitor [Link Log] <= 5.0.2 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

5 days ago

Plugin

Smart External Link Click Monitor [Link Log] <= 5.0.2 Cross Site Scripting (XSS) vulnerability

+0 AXP

5.9

5 days ago

Plugin

Integrate Google Drive <= 1.3.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 days ago

Plugin

Advanced Database Cleaner <= 3.1.2 SQL Injection vulnerability

+0 AXP

7.6

6 days ago

Plugin

AppMySite <= 3.10.0 Sensitive Data Exposure vulnerability

+10.6 AXP

5.3

6 days ago

Plugin

Coming soon and Maintenance mode <= 3.7.3 IP Filtering Bypass vulnerability

+7.4 AXP

3.7

1 December, 2023

Plugin

Importify (Dropshipping WooCommerce) <= 1.0.4 Sensitive Data Exposure vulnerability

+10.6 AXP

5.3

1 December, 2023

Plugin

MSync <= 1.0.0 SQL Injection vulnerability

+0 AXP

7.6

29 November, 2023

Plugin

Abandoned Cart Lite for WooCommerce <= 5.16.1 Cross Site Request Forgery (CSRF) vulnerability

+10.8 AXP

5.4

28 November, 2023

Plugin

WordPress Brute Force Protection – Stop Brute Force Attacks <= 2.2.5 SQL Injection vulnerability

+0 AXP

7.6

28 November, 2023

Plugin

Antispam Bee <= 2.11.3 Country IP Restriction Bypass vulnerability

+63.6 AXP

5.3

27 November, 2023

Plugin

Restricted Site Access <= 7.4.1 IP Restriction Bypass vulnerability

+10.6 AXP

5.3

27 November, 2023

Plugin

License Manager for WooCommerce <= 2.2.10 SQL Injection vulnerability

+0 AXP

7.6

23 November, 2023

Plugin

ChatBot <= 4.7.8 SQL Injection vulnerability

+0 AXP

7.6

23 November, 2023

Plugin

Maspik – Spam blacklist <= 0.9.2 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

21 November, 2023

Plugin

Maspik – Spam blacklist <= 0.10.3 IP Filtering Bypass vulnerability

+10.6 AXP

5.3

21 November, 2023

Plugin

SearchIQ <= 4.4 Broken Access Control vulnerability

+10.6 AXP

5.3

16 November, 2023

Plugin

EWWW Image Optimizer <= 7.2.0 Sensitive Data Exposure vulnerability

+74.2 AXP

5.3

14 November, 2023

Plugin

WP Maintenance <= 6.1.3 IP Filtering Bypass vulnerability

+14.8 AXP

3.7

14 November, 2023

Plugin

CodeBard's Patron Button and Widgets for Patreon <= 2.1.9 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

14 November, 2023

Plugin

Japanized For WooCommerce <= 2.6.4 Multiple Broken Access Control vulnerability

+17.2 AXP

8.6

9 November, 2023

Plugin

Podlove Web Player <= 5.7.1 Broken Access Control vulnerability

+10.6 AXP

5.3

9 November, 2023

Plugin

Plainview Protect Passwords <= 1.4 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

8 November, 2023

Plugin

Plainview Protect Passwords <= 1.4 Cross Site Request Forgery (CSRF) vulnerability

+3.25 AXP

6.5

8 November, 2023

Plugin

ANAC XML Viewer <= 1.7 Cross Site Scripting (XSS) vulnerability

+0 AXP

5.9

7 November, 2023

Plugin

Email Marketing for WooCommerce by Omnisend <= 1.13.8 Sensitive Data Exposure vulnerability

+10.6 AXP

5.3

7 November, 2023

Plugin

CoCart – Headless ecommerce <= 3.9.0 Broken Access Control vulnerability

+10.6 AXP

5.3

7 November, 2023

Plugin

Download Top 25 Social Icons <= 3.1 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

3 November, 2023

Plugin

WP Travel <= 7.7.0 Broken Access Control vulnerability

+15 AXP

7.5

3 November, 2023

Plugin

Finale Lite <= 2.16.0 Arbitrary Content Deletion vulnerability

+13 AXP

6.5

31 October, 2023

Plugin

TK Google Fonts GDPR Compliant <= 2.2.11 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

27 October, 2023

Plugin

Feather Login Page <= 1.1.3 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

26 October, 2023

Plugin

WCP OpenWeather <= 2.5.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

25 October, 2023

Plugin

Product Recommendation Quiz for eCommerce <= 2.1.2 Broken Access Control vulnerability

+13 AXP

6.5

25 October, 2023

Plugin

KD Coming Soon <= 1.7 PHP Object Injection vulnerability

+0 AXP

5.4

24 October, 2023

Plugin

FeedFocal <= 1.2.1 Broken Access Control vulnerability

+13 AXP

6.5

24 October, 2023

Plugin

DoLogin Security <= 3.7.1 Multiple Broken Access Control vulnerability

+10.6 AXP

5.3

24 October, 2023

Plugin

AtomChat <= 1.1.4 Broken Access Control vulnerability

+10.6 AXP

5.3

24 October, 2023

Plugin

Convertful – Your Ultimate On-Site Conversion Tool <= 2.5 Site Conversion Tool plugin <= 2.5 Broken Access Control vulnerability

+10.6 AXP

5.3

24 October, 2023

Plugin

Motors – Car Dealer & Classified Ads <= 1.4.6 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

19 October, 2023

Plugin

Motors – Car Dealer & Classified Ads <= 1.4.6 Server Side Request Forgery (SSRF) vulnerability

+0 AXP

4.1

19 October, 2023

Plugin

Appointment Calendar <= 2.9.6 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

18 October, 2023

Plugin

Headline Analyzer <= 1.3.1 Broken Access Control vulnerability

+13 AXP

6.5

18 October, 2023

Plugin

Novo-Map : your WP posts on custom google maps <= 1.1.2 Map : your WP posts on custom google maps plugin <= 1.1.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

18 October, 2023

Plugin

RumbleTalk Live Group Chat <= 6.2.2 Broken Access Control vulnerability

+5.4 AXP

5.4

13 October, 2023

Plugin

Post Gallery <= 2.3.12 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

12 October, 2023

Plugin

PDF Block <= 1.1.0 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

12 October, 2023

Plugin

Lazy Load for Videos <= 2.18.2 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

12 October, 2023

Plugin

PixFields <= 0.7.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

12 October, 2023

Plugin

Comments Ratings <= 1.1.7 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

12 October, 2023

Plugin

Video Playlist For YouTube <= 6.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

12 October, 2023

Plugin

Remote Content Shortcode <= 1.5 Local File Inclusion vulnerability

+9.75 AXP

6.5

12 October, 2023

Plugin

HTML5 Maps <= 1.7.1.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

12 October, 2023

Plugin

QR Twitter Widget <= 0.2.3 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

11 October, 2023

Plugin

Simple URLs <= 120 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

11 October, 2023

Plugin

SendPulse Free Web Push <= 1.3.1 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

Stout Google Calendar <= 1.2.3 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

Pinpoint Booking System <= 2.9.9.4.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

Simple SEO <= 2.0.25 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

6 October, 2023

Plugin

Hitsteps Web Analytics <= 5.86 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

IRivYou <= 2.2.1 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

WhitePage <= 1.1.5 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

6 October, 2023

Plugin

Mailrelay <= 2.1.1 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

GoodBarber <= 1.0.23 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

Urvanov Syntax Highlighter <= 2.8.33 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

Permalinks Customizer <= 2.8.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

6 October, 2023

Plugin

Blog Manager Light <= 1.20 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

6 October, 2023

Plugin

Interactive World Map <= 3.2.0 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

3 October, 2023

Plugin

Gumroad <= 3.1.0 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

3 October, 2023

Plugin

Short URL <= 1.6.8 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

3 October, 2023

Plugin

WP Bing Map Pro < 5.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

3 October, 2023

Plugin

Category Meta <= 1.2.8 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

3 October, 2023

Plugin

WooCommerce Login Redirect <= 2.2.4 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

3 October, 2023

Plugin

ShortCodes UI <= 1.9.8 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

3 October, 2023

Plugin

ChatBot <= 4.7.8 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

2 October, 2023

Plugin

Events Rich Snippets for Google <= 1.8 CSRF Leading to Privilege Escalation vulnerability

+0 AXP

7.1

29 September, 2023

Plugin

Travel Map < 1.0.1 Cross Site Scripting (XSS) vulnerability

+11.6 AXP

5.8

5 September, 2023

Plugin

WP iCal Availability <= 1.0.3 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 September, 2023

Plugin

BitPay Checkout for WooCommerce <= 4.1.0 Broken Access Control vulnerability

+10.6 AXP

5.3

5 September, 2023

Plugin

AWP Classifieds <= 4.3 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

5 September, 2023

Plugin

Easy WP Cleaner <= 1.9 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

5 September, 2023

Plugin

Realbig <= 1.0.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

4 September, 2023

Theme

Attorney <= 3 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

4 September, 2023

Plugin

Woocommerce Support System <= 1.2.1 Cross Site Request Forgery (CSRF) vulnerability

+0 AXP

6.5

4 September, 2023

Plugin

Woocommerce Support System <= 1.2.1 SQL Injection vulnerability

+0 AXP

7.6

4 September, 2023

Plugin

SIS Handball <= 1.0.45 Cross Site Request Forgery (CSRF) vulnerability

+0 AXP

4.3

4 September, 2023

Plugin

PowerPress Podcasting <= 11.0.6 Server Side Request Forgery (SSRF) vulnerability

+9.6 AXP

6.4

29 August, 2023

Plugin

Sitekit <= 1.3 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

28 August, 2023

Plugin

Secure Admin IP <= 2.0 IP Spoofing vulnerability

+10.6 AXP

5.3

24 August, 2023

Plugin

Cookies and Content Security Policy <= 2.15 Sensitive Data Exposure vulnerability

+10.6 AXP

5.3

18 August, 2023

Plugin

WP-PostRatings <= 1.91 PostRatings plugin <= 1.91 Rating limit Bypass vulnerability

+31.8 AXP

5.3

16 August, 2023

Plugin

WooCommerce Enhanced Ecommerce Analytics Integration with Conversion Tracking <= 3.7.1 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

16 August, 2023

Plugin

Make Paths Relative <= 1.3.0 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

14 August, 2023

Plugin

flowpaper <= 1.9.9 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

11 August, 2023

Plugin

SendPress Newsletters <= 1.23.11.6 Broken Access Control vulnerability

+10.6 AXP

5.3

11 August, 2023

Plugin

Post Grid <= 2.2.50 Sensitive Data Exposure vulnerability

+45 AXP

7.5

11 August, 2023

Plugin

WooCommerce Product Attachment <= 2.1.8 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

11 August, 2023

Theme

Business Pro <= 1.10.4 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

10 August, 2023

Plugin

Saphali Woocommerce Lite <= 1.8.13 Cross Site Request Forgery (CSRF) vulnerability

+6.3 AXP

6.3

26 July, 2023

Plugin

Optimize Database after Deleting Revisions <= 5.1 Cross Site Request Forgery (CSRF) vulnerability

+8.6 AXP

4.3

26 July, 2023

Plugin

Simple Wp Sitemap <= 1.2.1 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

26 July, 2023

Plugin

Update Theme and Plugins from Zip File <= 2.0.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

26 July, 2023

Plugin

HTTP Auth <= 0.3.2 Cross Site Request Forgery (CSRF) vulnerability

+3.15 AXP

6.3

26 July, 2023

Plugin

Woocommerce Category Banner Management <= 2.4.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

26 July, 2023

Plugin

Fraud Prevention For Woocommerce <= 2.1.5 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

26 July, 2023

Plugin

Subscribe to Category <= 2.7.4 SQL Injection vulnerability

+27.9 AXP

9.3

20 July, 2023

Plugin

WP-CopyProtect [Protect your blog posts] <= 3.1.0 CopyProtect [Protect your blog posts] plugin <= 3.1.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

19 July, 2023

Plugin

kk Star Ratings <= 5.4.3 Rate Manipulation due to IP Spoofing Vulnerability

+31.8 AXP

5.3

17 July, 2023

Plugin

WooCommerce Product Stock Alert <= 2.0.1 Sensitive Data Exposure vulnerability

+10.6 AXP

5.3

12 July, 2023

Plugin

WooCommerce Product Stock Alert <= 2.0.1 Broken Access Control vulnerability

+13 AXP

6.5

12 July, 2023

Plugin

Checkout with Zelle on Woocommerce <= 3.1 Broken Access Control vulnerability

+10.6 AXP

5.3

12 July, 2023

Plugin

WPAdmin AWS CDN <= 2.0.13 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

11 July, 2023

Plugin

Download IP2Location Country Blocker <= 2.29.1 IP Bypass Vulnerability vulnerability

+10.6 AXP

5.3

10 July, 2023

Plugin

Social Media Icons Widget <= 1.6 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

10 July, 2023

Plugin

Post to CSV by BestWebSoft <= 1.4.0 CSV Injection

+4.7 AXP

4.7

27 June, 2023

Plugin

Gutenverse <= 1.8.5 Broken Access Control vulnerability

+12.19 AXP

5.3

19 June, 2023

Plugin

Recipe Maker For Your Food Blog from Zip Recipes <= 8.0.7 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

15 June, 2023

Plugin

WP PDF Generator <= 1.2.2 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

13 June, 2023

Plugin

Password Protected <= 2.6.2 Cross Site Scripting (XSS) vulnerability

+0 AXP

5.9

13 June, 2023

Plugin

Uncanny Toolkit for LearnDash <= 3.6.4.3 Open Redirection vulnerability

+18.8 AXP

4.7

2 June, 2023

Plugin

Uncanny Toolkit for LearnDash <= 3.6.4.3 Broken Access Control vulnerability

+26 AXP

6.5

2 June, 2023

Plugin

WP Inventory Manager <= 2.1.0.13 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

2 June, 2023

Plugin

WP Report Post <= 2.1.2 SQL Injection vulnerability

+5.7 AXP

7.6

30 May, 2023

Plugin

WP Report Post <= 2.1.2 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

30 May, 2023

Plugin

LH Password Changer <= 1.55 Cross Site Request Forgery (CSRF) vulnerability

+0 AXP

5.4

30 May, 2023

Plugin

Download Monitor <= 4.8.1 Server Side Request Forgery (SSRF) vulnerability

+0 AXP

4.1

30 May, 2023

Plugin

Recently Viewed Products <= 1.0.0 PHP Object Injection vulnerability

+16.6 AXP

8.3

25 May, 2023

Plugin

Flickr Justified Gallery <= 3.5 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

24 May, 2023

Plugin

WP Tiles <= 1.1.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

24 May, 2023

Plugin

SIS Handball <= 1.0.45 SQL Injection vulnerability

+0 AXP

7.6

23 May, 2023

Plugin

Stop Referrer Spam <= 1.3.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

18 May, 2023

Plugin

WooCommerce Predictive Search <= 5.8.0 Broken Access Control vulnerability

+10.6 AXP

5.3

18 May, 2023

Plugin

Simple Page Ordering <= 2.5.0 Broken Access Control vulnerability

+53 AXP

5.3

18 May, 2023

Plugin

WP Custom Cursors < 3.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

15 May, 2023

Plugin

Hyphenator <= 5.1.5 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

12 May, 2023

Plugin

Post State Tags <= 2.0.6 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

12 May, 2023

Plugin

WP All Backup <= 2.4.3 Cross Site Request Forgery (CSRF) vulnerability

+3.15 AXP

6.3

12 May, 2023

Plugin

Column-Matic <= 1.3.3 Matic plugin <= 1.3.3 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

12 May, 2023

Plugin

Google Site Verification plugin using Meta Tag <= 1.2 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

9 May, 2023

Plugin

Cryptocurrency Donation Box – Bitcoin & Crypto Donations <= 2.2.7 SQL Injection vulnerability

+0 AXP

5.5

4 May, 2023

Plugin

Library Viewer <= 2.0.6 Cross Site Scripting (XSS) vulnerability

+0 AXP

6.5

3 May, 2023

Plugin

Library Viewer <= 2.0.6 Open Redirection vulnerability

+0 AXP

4.7

3 May, 2023

Plugin

Emails & Newsletters with Jackmail <= 1.2.22 CSV Injection

+5.8 AXP

5.8

28 April, 2023

Plugin

Simple Giveaways <= 2.46.0 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

24 April, 2023

Plugin

Tippy <= 6.2.1 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

24 April, 2023

Plugin

Video XML Sitemap Generator <= 1.0.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

24 April, 2023

Plugin

Inactive User Deleter <= 1.59 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

24 April, 2023

Plugin

Chronosly Events Calendar <= 2.6.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

24 April, 2023

Plugin

Album Gallery – WordPress Gallery <= 1.4.9 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

19 April, 2023

Plugin

Kaya QR Code Generator <= 1.5.2 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

18 April, 2023

Plugin

PowerPress Podcasting <= 10.0.1 Cross Site Scripting (XSS) vulnerability

+12.38 AXP

5.5

17 April, 2023

Plugin

WP Reroute Email <= 1.4.6 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

14 April, 2023

Plugin

WP Reroute Email <= 1.4.6 Auth. SQL Injection (SQLi) vulnerability

+0 AXP

5.5

14 April, 2023

Plugin

Database Collation Fix <= 1.2.7 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

14 April, 2023

Plugin

ReviewX <= 1.6.7 CSV Injection

+6.1 AXP

6.1

13 April, 2023

Plugin

PixTypes <= 1.4.14 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

7 April, 2023

Plugin

Cryptocurrency All-in-One <= 3.0.19 inOne plugin <= 3.0.19 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

6 April, 2023

Plugin

tencentcloud-cos <= 1.0.7 cos plugin <= 1.0.7 Broken Access Control vulnerability

+5.4 AXP

5.4

6 April, 2023

Plugin

IFrame Shortcode <= 1.0.5 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

6 April, 2023

Plugin

PHP Compatibility Checker <= 1.5.2 Cross Site Request Forgery (CSRF) vulnerability

+27 AXP

5.4

6 April, 2023

Plugin

Transbank Webpay REST <= 1.6.6 Auth. SQL Injection (SQLi) vulnerability

+0 AXP

5.5

6 April, 2023

Plugin

Comment Reply Notification <= 1.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

4 April, 2023

Plugin

Wp Ultimate Review <= 2.0.3 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

29 March, 2023

Plugin

IP Blocker Lite <= 11.1.1 Cross Site Request Forgery (CSRF) vulnerability

+5.4 AXP

5.4

28 March, 2023

Plugin

CBX Currency Converter <= 3.0.3 Cross Site Request Forgery (CSRF)

+2.7 AXP

5.4

22 March, 2023

Plugin

Export Users Data Distinct <= 1.3 CSV Injection

+0 AXP

5.8

22 March, 2023

Plugin

amr users <= 4.59.4 CSV Injection vulnerability

+5.8 AXP

5.8

22 March, 2023

Plugin

Weather Station <= 3.8.12 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

21 March, 2023

Plugin

BigContact <= 1.5.8 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

21 March, 2023

Plugin

Google XML Sitemap for Mobile <= 1.6.1 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

20 March, 2023

Plugin

Read More Without Refresh <= 3.1 Cross Site Scripting (XSS) vulnerability

+0 AXP

5.9

20 March, 2023

Plugin

Simple Mobile URL Redirect <= 1.7.2 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

20 March, 2023

Plugin

Force First and Last Name as Display Name <= 1.2 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

16 March, 2023

Plugin

Website Monetization by MageNet <= 1.0.29.1 Cross Site Request Forgery (CSRF) vulnerability

+10.8 AXP

5.4

16 March, 2023

Plugin

Customify <= 2.10.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

14 March, 2023

Plugin

Google XML Sitemap for Videos <= 2.6.1 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

14 March, 2023

Plugin

Stock Ticker <= 3.23.0 Broken Access Control vulnerability

+10.6 AXP

5.3

13 March, 2023

Plugin

Site Reviews <= 6.5.1 Cross Site Scripting (XSS) vulnerability

+14.63 AXP

6.5

13 March, 2023

Plugin

Mass Delete Unused Tags <= 2.0.0 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

13 March, 2023

Plugin

Auto Prune Posts <= 1.8.0 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

13 March, 2023

Plugin

Clone <= 2.3.7 Broken Access Control vulnerability

+17.2 AXP

4.3

8 March, 2023

Plugin

Affiliate Super Assistent <= 1.5.1 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

8 March, 2023

Plugin

DecaLog <= 3.7.0 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 March, 2023

Plugin

WP Translitera <= p1.2.5 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

3 March, 2023

Plugin

Resize at Upload Plus <= 1.3 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

3 March, 2023

Plugin

About Me 3000 widget <= 2.2.6 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

3 March, 2023

Plugin

Total Poll Lite <= 4.8.6 Broken Access Control vulnerability

+6.3 AXP

6.3

3 March, 2023

Plugin

Simple CSV/XLS Exporter <= 1.5.8 Authenticated CSV Injection Vulnerability

+5.8 AXP

5.8

2 March, 2023

Plugin

Simple Vimeo Shortcode <= 2.9.1 Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

2 March, 2023

Plugin

DeepL Pro API translation <= 2.1.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

2 March, 2023

Plugin

Smart YouTube PRO <= 4.3 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

28 February, 2023

Plugin

WP Social Bookmarking Light <= 2.0.7 Cross Site Request Forgery (CSRF) vulnerability

+6.45 AXP

4.3

28 February, 2023

Plugin

Maspik – Spam blacklist <= 0.7.8 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

27 February, 2023

Plugin

Sheets To WP Table Live Sync <= 2.12.15 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

27 February, 2023

Plugin

WP Google Tag Manager <= 1.1 Cross Site Request Forgery (CSRF) vulnera