Mika

Plugin

Webflow Pages <= 1.0.8 Broken Access Control vulnerability

Plugin

Smart External Link Click Monitor [Link Log] <= 5.0.2 Reflected Cross Site Scripting (XSS) vulnerability

Plugin

Smart External Link Click Monitor [Link Log] <= 5.0.2 Cross Site Scripting (XSS) vulnerability

Plugin

Integrate Google Drive <= 1.3.4 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Advanced Database Cleaner <= 3.1.2 SQL Injection vulnerability

Plugin

AppMySite <= 3.10.0 Sensitive Data Exposure vulnerability

Plugin

Coming soon and Maintenance mode <= 3.7.3 IP Filtering Bypass vulnerability

Plugin

Importify (Dropshipping WooCommerce) <= 1.0.4 Sensitive Data Exposure vulnerability

Plugin

MSync <= 1.0.0 SQL Injection vulnerability

Plugin

Abandoned Cart Lite for WooCommerce <= 5.16.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WordPress Brute Force Protection – Stop Brute Force Attacks <= 2.2.5 SQL Injection vulnerability

Plugin

Antispam Bee <= 2.11.3 Country IP Restriction Bypass vulnerability

Plugin

Restricted Site Access <= 7.4.1 IP Restriction Bypass vulnerability

Plugin

License Manager for WooCommerce <= 2.2.10 SQL Injection vulnerability

Plugin

ChatBot <= 4.7.8 SQL Injection vulnerability

Plugin

Maspik – Spam blacklist <= 0.9.2 Cross Site Scripting (XSS) vulnerability

Plugin

Maspik – Spam blacklist <= 0.10.3 IP Filtering Bypass vulnerability

Plugin

SearchIQ <= 4.4 Broken Access Control vulnerability

Plugin

EWWW Image Optimizer <= 7.2.0 Sensitive Data Exposure vulnerability

Plugin

WP Maintenance <= 6.1.3 IP Filtering Bypass vulnerability

Plugin

CodeBard's Patron Button and Widgets for Patreon <= 2.1.9 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Japanized For WooCommerce <= 2.6.4 Multiple Broken Access Control vulnerability

Plugin

Podlove Web Player <= 5.7.1 Broken Access Control vulnerability

Plugin

Plainview Protect Passwords <= 1.4 Reflected Cross Site Scripting (XSS) vulnerability

Plugin

Plainview Protect Passwords <= 1.4 Cross Site Request Forgery (CSRF) vulnerability

Plugin

ANAC XML Viewer <= 1.7 Cross Site Scripting (XSS) vulnerability

Plugin

Email Marketing for WooCommerce by Omnisend <= 1.13.8 Sensitive Data Exposure vulnerability

Plugin

CoCart – Headless ecommerce <= 3.9.0 Broken Access Control vulnerability

Plugin

Download Top 25 Social Icons <= 3.1 Cross Site Scripting (XSS) vulnerability

Plugin

WP Travel <= 7.7.0 Broken Access Control vulnerability

Plugin

Finale Lite <= 2.16.0 Arbitrary Content Deletion vulnerability

Plugin

TK Google Fonts GDPR Compliant <= 2.2.11 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Feather Login Page <= 1.1.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WCP OpenWeather <= 2.5.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Product Recommendation Quiz for eCommerce <= 2.1.2 Broken Access Control vulnerability

Plugin

KD Coming Soon <= 1.7 PHP Object Injection vulnerability

Plugin

FeedFocal <= 1.2.1 Broken Access Control vulnerability

Plugin

DoLogin Security <= 3.7.1 Multiple Broken Access Control vulnerability

Plugin

AtomChat <= 1.1.4 Broken Access Control vulnerability

Plugin

Convertful – Your Ultimate On-Site Conversion Tool <= 2.5 Site Conversion Tool plugin <= 2.5 Broken Access Control vulnerability

Plugin

Motors – Car Dealer & Classified Ads <= 1.4.6 Reflected Cross Site Scripting (XSS) vulnerability

Plugin

Motors – Car Dealer & Classified Ads <= 1.4.6 Server Side Request Forgery (SSRF) vulnerability

Plugin

Appointment Calendar <= 2.9.6 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Headline Analyzer <= 1.3.1 Broken Access Control vulnerability

Plugin

Novo-Map : your WP posts on custom google maps <= 1.1.2 Map : your WP posts on custom google maps plugin <= 1.1.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

RumbleTalk Live Group Chat <= 6.2.2 Broken Access Control vulnerability

Plugin

Post Gallery <= 2.3.12 Cross Site Request Forgery (CSRF) vulnerability

Plugin

PDF Block <= 1.1.0 Cross Site Scripting (XSS) vulnerability

Plugin

Lazy Load for Videos <= 2.18.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

PixFields <= 0.7.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Comments Ratings <= 1.1.7 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Video Playlist For YouTube <= 6.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Remote Content Shortcode <= 1.5 Local File Inclusion vulnerability

Plugin

HTML5 Maps <= 1.7.1.4 Cross Site Request Forgery (CSRF) vulnerability

Plugin

QR Twitter Widget <= 0.2.3 Cross Site Scripting (XSS) vulnerability

Plugin

Simple URLs <= 120 Cross Site Request Forgery (CSRF) vulnerability

Plugin

SendPulse Free Web Push <= 1.3.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Stout Google Calendar <= 1.2.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Pinpoint Booking System <= 2.9.9.4.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Simple SEO <= 2.0.25 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Hitsteps Web Analytics <= 5.86 Cross Site Request Forgery (CSRF) vulnerability

Plugin

IRivYou <= 2.2.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WhitePage <= 1.1.5 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Mailrelay <= 2.1.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

GoodBarber <= 1.0.23 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Urvanov Syntax Highlighter <= 2.8.33 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Permalinks Customizer <= 2.8.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Blog Manager Light <= 1.20 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Interactive World Map <= 3.2.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Gumroad <= 3.1.0 Cross Site Scripting (XSS) vulnerability

Plugin

Short URL <= 1.6.8 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP Bing Map Pro < 5.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Category Meta <= 1.2.8 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WooCommerce Login Redirect <= 2.2.4 Cross Site Request Forgery (CSRF) vulnerability

Plugin

ShortCodes UI <= 1.9.8 Cross Site Request Forgery (CSRF) vulnerability

Plugin

ChatBot <= 4.7.8 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Events Rich Snippets for Google <= 1.8 CSRF Leading to Privilege Escalation vulnerability

Plugin

Travel Map < 1.0.1 Cross Site Scripting (XSS) vulnerability

Plugin

WP iCal Availability <= 1.0.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

BitPay Checkout for WooCommerce <= 4.1.0 Broken Access Control vulnerability

Plugin

AWP Classifieds <= 4.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Easy WP Cleaner <= 1.9 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Realbig <= 1.0.4 Cross Site Request Forgery (CSRF) vulnerability

Theme

Attorney <= 3 Reflected Cross Site Scripting (XSS) vulnerability

Plugin

Woocommerce Support System <= 1.2.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Woocommerce Support System <= 1.2.1 SQL Injection vulnerability

Plugin

SIS Handball <= 1.0.45 Cross Site Request Forgery (CSRF) vulnerability

Plugin

PowerPress Podcasting <= 11.0.6 Server Side Request Forgery (SSRF) vulnerability

Plugin

Sitekit <= 1.3 Cross Site Scripting (XSS) vulnerability

Plugin

Secure Admin IP <= 2.0 IP Spoofing vulnerability

Plugin

Cookies and Content Security Policy <= 2.15 Sensitive Data Exposure vulnerability

Plugin

WP-PostRatings <= 1.91 PostRatings plugin <= 1.91 Rating limit Bypass vulnerability

Plugin

WooCommerce Enhanced Ecommerce Analytics Integration with Conversion Tracking <= 3.7.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Make Paths Relative <= 1.3.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

flowpaper <= 1.9.9 Cross Site Scripting (XSS) vulnerability

Plugin

SendPress Newsletters <= 1.23.11.6 Broken Access Control vulnerability

Plugin

Post Grid <= 2.2.50 Sensitive Data Exposure vulnerability

Plugin

WooCommerce Product Attachment <= 2.1.8 Cross Site Request Forgery (CSRF) vulnerability

Theme

Business Pro <= 1.10.4 Reflected Cross Site Scripting (XSS) vulnerability

Plugin

Saphali Woocommerce Lite <= 1.8.13 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Optimize Database after Deleting Revisions <= 5.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Simple Wp Sitemap <= 1.2.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Update Theme and Plugins from Zip File <= 2.0.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

HTTP Auth <= 0.3.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Woocommerce Category Banner Management <= 2.4.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Fraud Prevention For Woocommerce <= 2.1.5 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Subscribe to Category <= 2.7.4 SQL Injection vulnerability

Plugin

WP-CopyProtect [Protect your blog posts] <= 3.1.0 CopyProtect [Protect your blog posts] plugin <= 3.1.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

kk Star Ratings <= 5.4.3 Rate Manipulation due to IP Spoofing Vulnerability

Plugin

WooCommerce Product Stock Alert <= 2.0.1 Sensitive Data Exposure vulnerability

Plugin

WooCommerce Product Stock Alert <= 2.0.1 Broken Access Control vulnerability

Plugin

Checkout with Zelle on Woocommerce <= 3.1 Broken Access Control vulnerability

Plugin

WPAdmin AWS CDN <= 2.0.13 Cross Site Request Forgery (CSRF)

Plugin

Download IP2Location Country Blocker <= 2.29.1 IP Bypass Vulnerability vulnerability

Plugin

Social Media Icons Widget <= 1.6 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Post to CSV by BestWebSoft <= 1.4.0 CSV Injection

Plugin

Gutenverse <= 1.8.5 Broken Access Control vulnerability

Plugin

Recipe Maker For Your Food Blog from Zip Recipes <= 8.0.7 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP PDF Generator <= 1.2.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Password Protected <= 2.6.2 Cross Site Scripting (XSS) vulnerability

Plugin

Uncanny Toolkit for LearnDash <= 3.6.4.3 Open Redirection vulnerability

Plugin

Uncanny Toolkit for LearnDash <= 3.6.4.3 Broken Access Control vulnerability

Plugin

WP Inventory Manager <= 2.1.0.13 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP Report Post <= 2.1.2 SQL Injection vulnerability

Plugin

WP Report Post <= 2.1.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

LH Password Changer <= 1.55 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Download Monitor <= 4.8.1 Server Side Request Forgery (SSRF) vulnerability

Plugin

Recently Viewed Products <= 1.0.0 PHP Object Injection vulnerability

Plugin

Flickr Justified Gallery <= 3.5 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP Tiles <= 1.1.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

SIS Handball <= 1.0.45 SQL Injection vulnerability

Plugin

Stop Referrer Spam <= 1.3.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WooCommerce Predictive Search <= 5.8.0 Broken Access Control vulnerability

Plugin

Simple Page Ordering <= 2.5.0 Broken Access Control vulnerability

Plugin

WP Custom Cursors < 3.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Hyphenator <= 5.1.5 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Post State Tags <= 2.0.6 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP All Backup <= 2.4.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Column-Matic <= 1.3.3 Matic plugin <= 1.3.3 Cross Site Scripting (XSS) vulnerability

Plugin

Google Site Verification plugin using Meta Tag <= 1.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Cryptocurrency Donation Box – Bitcoin & Crypto Donations <= 2.2.7 SQL Injection vulnerability

Plugin

Library Viewer <= 2.0.6 Cross Site Scripting (XSS) vulnerability

Plugin

Library Viewer <= 2.0.6 Open Redirection vulnerability

Plugin

Emails & Newsletters with Jackmail <= 1.2.22 CSV Injection

Plugin

Simple Giveaways <= 2.46.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Tippy <= 6.2.1 Cross Site Scripting (XSS) vulnerability

Plugin

Video XML Sitemap Generator <= 1.0.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Inactive User Deleter <= 1.59 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Chronosly Events Calendar <= 2.6.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Album Gallery – WordPress Gallery <= 1.4.9 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Kaya QR Code Generator <= 1.5.2 Cross Site Scripting (XSS) vulnerability

Plugin

PowerPress Podcasting <= 10.0.1 Cross Site Scripting (XSS) vulnerability

Plugin

WP Reroute Email <= 1.4.6 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP Reroute Email <= 1.4.6 Auth. SQL Injection (SQLi) vulnerability

Plugin

Database Collation Fix <= 1.2.7 Cross Site Request Forgery (CSRF) vulnerability

Plugin

ReviewX <= 1.6.7 CSV Injection

Plugin

PixTypes <= 1.4.14 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Cryptocurrency All-in-One <= 3.0.19 inOne plugin <= 3.0.19 Cross Site Scripting (XSS) vulnerability

Plugin

tencentcloud-cos <= 1.0.7 cos plugin <= 1.0.7 Broken Access Control vulnerability

Plugin

IFrame Shortcode <= 1.0.5 Cross Site Scripting (XSS) vulnerability

Plugin

PHP Compatibility Checker <= 1.5.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Transbank Webpay REST <= 1.6.6 Auth. SQL Injection (SQLi) vulnerability

Plugin

Comment Reply Notification <= 1.4 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Wp Ultimate Review <= 2.0.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

IP Blocker Lite <= 11.1.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

CBX Currency Converter <= 3.0.3 Cross Site Request Forgery (CSRF)

Plugin

Export Users Data Distinct <= 1.3 CSV Injection

Plugin

amr users <= 4.59.4 CSV Injection vulnerability

Plugin

Weather Station <= 3.8.12 Cross Site Request Forgery (CSRF) vulnerability

Plugin

BigContact <= 1.5.8 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Google XML Sitemap for Mobile <= 1.6.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Read More Without Refresh <= 3.1 Cross Site Scripting (XSS) vulnerability

Plugin

Simple Mobile URL Redirect <= 1.7.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Force First and Last Name as Display Name <= 1.2 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Website Monetization by MageNet <= 1.0.29.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Customify <= 2.10.4 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Google XML Sitemap for Videos <= 2.6.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Stock Ticker <= 3.23.0 Broken Access Control vulnerability

Plugin

Site Reviews <= 6.5.1 Cross Site Scripting (XSS) vulnerability

Plugin

Mass Delete Unused Tags <= 2.0.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Auto Prune Posts <= 1.8.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Clone <= 2.3.7 Broken Access Control vulnerability

Plugin

Affiliate Super Assistent <= 1.5.1 Cross Site Request Forgery (CSRF) vulnerability

Plugin

DecaLog <= 3.7.0 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP Translitera <= p1.2.5 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Resize at Upload Plus <= 1.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

About Me 3000 widget <= 2.2.6 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Total Poll Lite <= 4.8.6 Broken Access Control vulnerability

Plugin

Simple CSV/XLS Exporter <= 1.5.8 Authenticated CSV Injection Vulnerability

Plugin

Simple Vimeo Shortcode <= 2.9.1 Cross Site Scripting (XSS) vulnerability

Plugin

DeepL Pro API translation <= 2.1.4 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Smart YouTube PRO <= 4.3 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP Social Bookmarking Light <= 2.0.7 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Maspik – Spam blacklist <= 0.7.8 Cross Site Request Forgery (CSRF) vulnerability

Plugin

Sheets To WP Table Live Sync <= 2.12.15 Cross Site Request Forgery (CSRF) vulnerability

Plugin

WP Google Tag Manager <= 1.1 Cross Site Request Forgery (CSRF) vulnera