Report WordPress vulnerabilities, earn prizes and become an Alliance member!
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
██████████████ ███████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
██████████████ ███████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
███████ ███████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
██████████████ ███████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
Plugin
Webflow Pages Broken Access Control vulnerability
5 days ago
Plugin
Smart External Link Click Monitor [Link Log] Reflected Cross Site Scripting (XSS) vulnerability
5 days ago
Plugin
Smart External Link Click Monitor [Link Log] Cross Site Scripting (XSS) vulnerability
5 days ago
Plugin
Integrate Google Drive Cross Site Request Forgery (CSRF) vulnerability
5 days ago
Plugin
Advanced Database Cleaner SQL Injection vulnerability
6 days ago
Plugin
AppMySite Sensitive Data Exposure vulnerability
6 days ago
Plugin
Coming soon and Maintenance mode IP Filtering Bypass vulnerability
1 December, 2023
Plugin
Importify (Dropshipping WooCommerce) Sensitive Data Exposure vulnerability
1 December, 2023
Plugin
MSync SQL Injection vulnerability
29 November, 2023
Plugin
Abandoned Cart Lite for WooCommerce Cross Site Request Forgery (CSRF) vulnerability
28 November, 2023
Plugin
WordPress Brute Force Protection – Stop Brute Force Attacks SQL Injection vulnerability
28 November, 2023
Plugin
Antispam Bee Country IP Restriction Bypass vulnerability
27 November, 2023
Plugin
Restricted Site Access IP Restriction Bypass vulnerability
27 November, 2023
Plugin
License Manager for WooCommerce SQL Injection vulnerability
23 November, 2023
Plugin
ChatBot SQL Injection vulnerability
23 November, 2023
Plugin
Maspik – Spam blacklist Cross Site Scripting (XSS) vulnerability
21 November, 2023
Plugin
Maspik – Spam blacklist IP Filtering Bypass vulnerability
21 November, 2023
Plugin
SearchIQ Broken Access Control vulnerability
16 November, 2023
Plugin
EWWW Image Optimizer Sensitive Data Exposure vulnerability
14 November, 2023
Plugin
WP Maintenance IP Filtering Bypass vulnerability
14 November, 2023
Plugin
CodeBard's Patron Button and Widgets for Patreon Cross Site Request Forgery (CSRF) vulnerability
14 November, 2023
Plugin
Japanized For WooCommerce Multiple Broken Access Control vulnerability
9 November, 2023
Plugin
Podlove Web Player Broken Access Control vulnerability
9 November, 2023
Plugin
Plainview Protect Passwords Reflected Cross Site Scripting (XSS) vulnerability
8 November, 2023
Plugin
Plainview Protect Passwords Cross Site Request Forgery (CSRF) vulnerability
8 November, 2023
Plugin
ANAC XML Viewer Cross Site Scripting (XSS) vulnerability
7 November, 2023
Plugin
Email Marketing for WooCommerce by Omnisend Sensitive Data Exposure vulnerability
7 November, 2023
Plugin
CoCart – Headless ecommerce Broken Access Control vulnerability
7 November, 2023
Plugin
Download Top 25 Social Icons Cross Site Scripting (XSS) vulnerability
3 November, 2023
Plugin
WP Travel Broken Access Control vulnerability
3 November, 2023
Plugin
Finale Lite Arbitrary Content Deletion vulnerability
31 October, 2023
Plugin
TK Google Fonts GDPR Compliant Cross Site Request Forgery (CSRF) vulnerability
27 October, 2023
Plugin
Feather Login Page Cross Site Request Forgery (CSRF) vulnerability
26 October, 2023
Plugin
WCP OpenWeather Cross Site Request Forgery (CSRF) vulnerability
25 October, 2023
Plugin
Product Recommendation Quiz for eCommerce Broken Access Control vulnerability
25 October, 2023
Plugin
KD Coming Soon PHP Object Injection vulnerability
24 October, 2023
Plugin
FeedFocal Broken Access Control vulnerability
24 October, 2023
Plugin
DoLogin Security Multiple Broken Access Control vulnerability
24 October, 2023
Plugin
AtomChat Broken Access Control vulnerability
24 October, 2023
Plugin
Convertful – Your Ultimate On-Site Conversion Tool Site Conversion Tool plugin <= 2.5 Broken Access Control vulnerability
24 October, 2023
Plugin
Motors – Car Dealer & Classified Ads Reflected Cross Site Scripting (XSS) vulnerability
19 October, 2023
Plugin
Motors – Car Dealer & Classified Ads Server Side Request Forgery (SSRF) vulnerability
19 October, 2023
Plugin
Appointment Calendar Cross Site Request Forgery (CSRF) vulnerability
18 October, 2023
Plugin
Headline Analyzer Broken Access Control vulnerability
18 October, 2023
Plugin
Novo-Map : your WP posts on custom google maps Map : your WP posts on custom google maps plugin <= 1.1.2 Cross Site Request Forgery (CSRF) vulnerability
18 October, 2023
Plugin
RumbleTalk Live Group Chat Broken Access Control vulnerability
13 October, 2023
Plugin
Post Gallery Cross Site Request Forgery (CSRF) vulnerability
12 October, 2023
Plugin
PDF Block Cross Site Scripting (XSS) vulnerability
12 October, 2023
Plugin
Lazy Load for Videos Cross Site Request Forgery (CSRF) vulnerability
12 October, 2023
Plugin
PixFields Cross Site Request Forgery (CSRF) vulnerability
12 October, 2023
Plugin
Comments Ratings Cross Site Request Forgery (CSRF) vulnerability
12 October, 2023
Plugin
Video Playlist For YouTube Cross Site Request Forgery (CSRF) vulnerability
12 October, 2023
Plugin
Remote Content Shortcode Local File Inclusion vulnerability
12 October, 2023
Plugin
HTML5 Maps Cross Site Request Forgery (CSRF) vulnerability
12 October, 2023
Plugin
QR Twitter Widget Cross Site Scripting (XSS) vulnerability
11 October, 2023
Plugin
Simple URLs Cross Site Request Forgery (CSRF) vulnerability
11 October, 2023
Plugin
SendPulse Free Web Push Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Stout Google Calendar Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Pinpoint Booking System Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Simple SEO Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Hitsteps Web Analytics Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
IRivYou Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
WhitePage Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Mailrelay Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
GoodBarber Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Urvanov Syntax Highlighter Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Permalinks Customizer Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Blog Manager Light Cross Site Request Forgery (CSRF) vulnerability
6 October, 2023
Plugin
Interactive World Map Cross Site Request Forgery (CSRF) vulnerability
3 October, 2023
Plugin
Gumroad Cross Site Scripting (XSS) vulnerability
3 October, 2023
Plugin
Short URL Cross Site Request Forgery (CSRF) vulnerability
3 October, 2023
Plugin
WP Bing Map Pro Cross Site Request Forgery (CSRF) vulnerability
3 October, 2023
Plugin
Category Meta Cross Site Request Forgery (CSRF) vulnerability
3 October, 2023
Plugin
WooCommerce Login Redirect Cross Site Request Forgery (CSRF) vulnerability
3 October, 2023
Plugin
ShortCodes UI Cross Site Request Forgery (CSRF) vulnerability
3 October, 2023
Plugin
ChatBot Cross Site Request Forgery (CSRF) vulnerability
2 October, 2023
Plugin
Events Rich Snippets for Google CSRF Leading to Privilege Escalation vulnerability
29 September, 2023
Plugin
Travel Map Cross Site Scripting (XSS) vulnerability
5 September, 2023
Plugin
WP iCal Availability Cross Site Request Forgery (CSRF) vulnerability
5 September, 2023
Plugin
BitPay Checkout for WooCommerce Broken Access Control vulnerability
5 September, 2023
Plugin
AWP Classifieds Cross Site Request Forgery (CSRF) vulnerability
5 September, 2023
Plugin
Easy WP Cleaner Cross Site Request Forgery (CSRF) vulnerability
5 September, 2023
Plugin
Realbig Cross Site Request Forgery (CSRF) vulnerability
4 September, 2023
Theme
Attorney Reflected Cross Site Scripting (XSS) vulnerability
4 September, 2023
Plugin
Woocommerce Support System Cross Site Request Forgery (CSRF) vulnerability
4 September, 2023
Plugin
Woocommerce Support System SQL Injection vulnerability
4 September, 2023
Plugin
SIS Handball Cross Site Request Forgery (CSRF) vulnerability
4 September, 2023
Plugin
PowerPress Podcasting Server Side Request Forgery (SSRF) vulnerability
29 August, 2023
Plugin
Sitekit Cross Site Scripting (XSS) vulnerability
28 August, 2023
Plugin
Secure Admin IP IP Spoofing vulnerability
24 August, 2023
Plugin
Cookies and Content Security Policy Sensitive Data Exposure vulnerability
18 August, 2023
Plugin
WP-PostRatings PostRatings plugin <= 1.91 Rating limit Bypass vulnerability
16 August, 2023
Plugin
WooCommerce Enhanced Ecommerce Analytics Integration with Conversion Tracking Cross Site Request Forgery (CSRF) vulnerability
16 August, 2023
Plugin
Make Paths Relative Cross Site Request Forgery (CSRF) vulnerability
14 August, 2023
Plugin
flowpaper Cross Site Scripting (XSS) vulnerability
11 August, 2023
Plugin
SendPress Newsletters Broken Access Control vulnerability
11 August, 2023
Plugin
Post Grid Sensitive Data Exposure vulnerability
11 August, 2023
Plugin
WooCommerce Product Attachment Cross Site Request Forgery (CSRF) vulnerability
11 August, 2023
Theme
Business Pro Reflected Cross Site Scripting (XSS) vulnerability
10 August, 2023
Plugin
Saphali Woocommerce Lite Cross Site Request Forgery (CSRF) vulnerability
26 July, 2023
Plugin
Optimize Database after Deleting Revisions Cross Site Request Forgery (CSRF) vulnerability
26 July, 2023
Plugin
Simple Wp Sitemap Cross Site Request Forgery (CSRF) vulnerability
26 July, 2023
Plugin
Update Theme and Plugins from Zip File Cross Site Request Forgery (CSRF) vulnerability
26 July, 2023
Plugin
HTTP Auth Cross Site Request Forgery (CSRF) vulnerability
26 July, 2023
Plugin
Woocommerce Category Banner Management Cross Site Request Forgery (CSRF) vulnerability
26 July, 2023
Plugin
Fraud Prevention For Woocommerce Cross Site Request Forgery (CSRF) vulnerability
26 July, 2023
Plugin
Subscribe to Category SQL Injection vulnerability
20 July, 2023
Plugin
WP-CopyProtect [Protect your blog posts] CopyProtect [Protect your blog posts] plugin <= 3.1.0 Cross Site Request Forgery (CSRF) vulnerability
19 July, 2023
Plugin
kk Star Ratings Rate Manipulation due to IP Spoofing Vulnerability
17 July, 2023
Plugin
WooCommerce Product Stock Alert Sensitive Data Exposure vulnerability
12 July, 2023
Plugin
WooCommerce Product Stock Alert Broken Access Control vulnerability
12 July, 2023
Plugin
Checkout with Zelle on Woocommerce Broken Access Control vulnerability
12 July, 2023
Plugin
WPAdmin AWS CDN Cross Site Request Forgery (CSRF)
11 July, 2023
Plugin
Download IP2Location Country Blocker IP Bypass Vulnerability vulnerability
10 July, 2023
Plugin
Social Media Icons Widget Cross Site Request Forgery (CSRF) vulnerability
10 July, 2023
Plugin
Post to CSV by BestWebSoft CSV Injection
27 June, 2023
Plugin
Gutenverse Broken Access Control vulnerability
19 June, 2023
Plugin
Recipe Maker For Your Food Blog from Zip Recipes Cross Site Request Forgery (CSRF) vulnerability
15 June, 2023
Plugin
WP PDF Generator Cross Site Request Forgery (CSRF) vulnerability
13 June, 2023
Plugin
Password Protected Cross Site Scripting (XSS) vulnerability
13 June, 2023
Plugin
Uncanny Toolkit for LearnDash Open Redirection vulnerability
2 June, 2023
Plugin
Uncanny Toolkit for LearnDash Broken Access Control vulnerability
2 June, 2023
Plugin
WP Inventory Manager Cross Site Request Forgery (CSRF) vulnerability
2 June, 2023
Plugin
WP Report Post SQL Injection vulnerability
30 May, 2023
Plugin
WP Report Post Cross Site Request Forgery (CSRF) vulnerability
30 May, 2023
Plugin
LH Password Changer Cross Site Request Forgery (CSRF) vulnerability
30 May, 2023
Plugin
Download Monitor Server Side Request Forgery (SSRF) vulnerability
30 May, 2023
Plugin
Recently Viewed Products PHP Object Injection vulnerability
25 May, 2023
Plugin
Flickr Justified Gallery Cross Site Request Forgery (CSRF) vulnerability
24 May, 2023
Plugin
WP Tiles Cross Site Request Forgery (CSRF) vulnerability
24 May, 2023
Plugin
SIS Handball SQL Injection vulnerability
23 May, 2023
Plugin
Stop Referrer Spam Cross Site Request Forgery (CSRF) vulnerability
18 May, 2023
Plugin
WooCommerce Predictive Search Broken Access Control vulnerability
18 May, 2023
Plugin
Simple Page Ordering Broken Access Control vulnerability
18 May, 2023
Plugin
WP Custom Cursors Cross Site Request Forgery (CSRF) vulnerability
15 May, 2023
Plugin
Hyphenator Cross Site Request Forgery (CSRF) vulnerability
12 May, 2023
Plugin
Post State Tags Cross Site Request Forgery (CSRF) vulnerability
12 May, 2023
Plugin
WP All Backup Cross Site Request Forgery (CSRF) vulnerability
12 May, 2023
Plugin
Column-Matic Matic plugin <= 1.3.3 Cross Site Scripting (XSS) vulnerability
12 May, 2023
Plugin
Google Site Verification plugin using Meta Tag Cross Site Request Forgery (CSRF) vulnerability
9 May, 2023
Plugin
Cryptocurrency Donation Box – Bitcoin & Crypto Donations SQL Injection vulnerability
4 May, 2023
Plugin
Library Viewer Cross Site Scripting (XSS) vulnerability
3 May, 2023
Plugin
Library Viewer Open Redirection vulnerability
3 May, 2023
Plugin
Emails & Newsletters with Jackmail CSV Injection
28 April, 2023
Plugin
Simple Giveaways Cross Site Request Forgery (CSRF) vulnerability
24 April, 2023
Plugin
Tippy Cross Site Scripting (XSS) vulnerability
24 April, 2023
Plugin
Video XML Sitemap Generator Cross Site Request Forgery (CSRF) vulnerability
24 April, 2023
Plugin
Inactive User Deleter Cross Site Request Forgery (CSRF) vulnerability
24 April, 2023
Plugin
Chronosly Events Calendar Cross Site Request Forgery (CSRF) vulnerability
24 April, 2023
Plugin
Album Gallery – WordPress Gallery Cross Site Request Forgery (CSRF) vulnerability
19 April, 2023
Plugin
Kaya QR Code Generator Cross Site Scripting (XSS) vulnerability
18 April, 2023
Plugin
PowerPress Podcasting Cross Site Scripting (XSS) vulnerability
17 April, 2023
Plugin
WP Reroute Email Cross Site Request Forgery (CSRF) vulnerability
14 April, 2023
Plugin
WP Reroute Email Auth. SQL Injection (SQLi) vulnerability
14 April, 2023
Plugin
Database Collation Fix Cross Site Request Forgery (CSRF) vulnerability
14 April, 2023
Plugin
ReviewX CSV Injection
13 April, 2023
Plugin
PixTypes Cross Site Request Forgery (CSRF) vulnerability
7 April, 2023
Plugin
Cryptocurrency All-in-One inOne plugin <= 3.0.19 Cross Site Scripting (XSS) vulnerability
6 April, 2023
Plugin
tencentcloud-cos cos plugin <= 1.0.7 Broken Access Control vulnerability
6 April, 2023
Plugin
IFrame Shortcode Cross Site Scripting (XSS) vulnerability
6 April, 2023
Plugin
PHP Compatibility Checker Cross Site Request Forgery (CSRF) vulnerability
6 April, 2023
Plugin
Transbank Webpay REST Auth. SQL Injection (SQLi) vulnerability
6 April, 2023
Plugin
Comment Reply Notification Cross Site Request Forgery (CSRF) vulnerability
4 April, 2023
Plugin
Wp Ultimate Review Cross Site Request Forgery (CSRF) vulnerability
29 March, 2023
Plugin
IP Blocker Lite Cross Site Request Forgery (CSRF) vulnerability
28 March, 2023
Plugin
CBX Currency Converter Cross Site Request Forgery (CSRF)
22 March, 2023
Plugin
Export Users Data Distinct CSV Injection
22 March, 2023
Plugin
amr users CSV Injection vulnerability
22 March, 2023
Plugin
Weather Station Cross Site Request Forgery (CSRF) vulnerability
21 March, 2023
Plugin
BigContact Cross Site Request Forgery (CSRF) vulnerability
21 March, 2023
Plugin
Google XML Sitemap for Mobile Cross Site Request Forgery (CSRF) vulnerability
20 March, 2023
Plugin
Read More Without Refresh Cross Site Scripting (XSS) vulnerability
20 March, 2023
Plugin
Simple Mobile URL Redirect Cross Site Request Forgery (CSRF) vulnerability
20 March, 2023
Plugin
Force First and Last Name as Display Name Cross Site Request Forgery (CSRF) vulnerability
16 March, 2023
Plugin
Website Monetization by MageNet Cross Site Request Forgery (CSRF) vulnerability
16 March, 2023
Plugin
Customify Cross Site Request Forgery (CSRF) vulnerability
14 March, 2023
Plugin
Google XML Sitemap for Videos Cross Site Request Forgery (CSRF) vulnerability
14 March, 2023
Plugin
Stock Ticker Broken Access Control vulnerability
13 March, 2023
Plugin
Site Reviews Cross Site Scripting (XSS) vulnerability
13 March, 2023
Plugin
Mass Delete Unused Tags Cross Site Request Forgery (CSRF) vulnerability
13 March, 2023
Plugin
Auto Prune Posts Cross Site Request Forgery (CSRF) vulnerability
13 March, 2023
Plugin
Clone Broken Access Control vulnerability
8 March, 2023
Plugin
Affiliate Super Assistent Cross Site Request Forgery (CSRF) vulnerability
8 March, 2023
Plugin
DecaLog Cross Site Request Forgery (CSRF) vulnerability
5 March, 2023
Plugin
WP Translitera Cross Site Request Forgery (CSRF) vulnerability
3 March, 2023
Plugin
Resize at Upload Plus Cross Site Request Forgery (CSRF) vulnerability
3 March, 2023
Plugin
About Me 3000 widget Cross Site Request Forgery (CSRF) vulnerability
3 March, 2023
Plugin
Total Poll Lite Broken Access Control vulnerability
3 March, 2023
Plugin
Simple CSV/XLS Exporter Authenticated CSV Injection Vulnerability
2 March, 2023
Plugin
Simple Vimeo Shortcode Cross Site Scripting (XSS) vulnerability
2 March, 2023
Plugin
DeepL Pro API translation Cross Site Request Forgery (CSRF) vulnerability
2 March, 2023
Plugin
Smart YouTube PRO Cross Site Request Forgery (CSRF) vulnerability
28 February, 2023
Plugin
WP Social Bookmarking Light Cross Site Request Forgery (CSRF) vulnerability
28 February, 2023
Plugin
Maspik – Spam blacklist Cross Site Request Forgery (CSRF) vulnerability
27 February, 2023
Plugin
Sheets To WP Table Live Sync Cross Site Request Forgery (CSRF) vulnerability
27 February, 2023
Plugin
WP Google Tag Manager Cross Site Request Forgery (CSRF) vulnera