Report WordPress vulnerabilities, earn prizes and become an Alliance member!
Plugin
GS Insever Portfolio Auth. Broken Access Control vulnerability
14 December, 2022
Plugin
Add Multiple Marker CrossSite Request Forgery (CSRF) vulnerability
11 November, 2022
Plugin
Add Multiple Marker Missing Access Control vulnerability
11 November, 2022
Plugin
Activity Reactions For Buddypress Broken Access Control vulnerability
11 November, 2022
Plugin
Activity Reactions For Buddypress CrossSite Request Forgery (CSRF) vulnerability
11 November, 2022
Plugin
Testimonial Slider CrossSite Request Forgery (CSRF) vulnerability
7 November, 2022
Plugin
AFS Analytics Auth. Stored CrossSite Scripting (XSS) vulnerability
31 October, 2022
Plugin
Restaurant Menu – Food Ordering System – Table Reservation Missing Authorization on AJAX Actions vulnerability
31 October, 2022
Plugin
Restaurant Menu – Food Ordering System – Table Reservation CrossSite Request Forgery (CSRF) vulnerability
31 October, 2022
Plugin
WP Bootstrap Gallery Broken Access Control vulnerability
28 October, 2022
Plugin
Zoho CRM Lead Magnet Auth. Arbitrary Options Update vulnerability
27 October, 2022
Plugin
Corona Virus (COVID-19) Banner & Live Data 19) Banner & Live Data plugin <= 1.7.0.6 CrossSite Request Forgery (CSRF) vulnerability
24 October, 2022
Plugin
2kb Amazon Affiliates Store Auth. Stored CrossSite Scripting (XSS) vulnerability
24 October, 2022
Plugin
Account Manager for WooCommerce Broken Access Control vulnerability
13 October, 2022
Plugin
Accessibility Auth. Stored CrossSite Scripting (XSS) vulnerability
12 October, 2022
Plugin
AB Press Optimizer Auth. Stored CrossSite Scripting (XSS) vulnerability
12 October, 2022
Plugin
3com – Asesor de Cookies para normativa española Auth. Stored CrossSite Scripting (XSS) vulnerability
12 October, 2022
Plugin
Optinly CrossSite Request Forgery (CSRF) vulnerability
12 October, 2022
Plugin
Optinly Broken Access Control vulnerability
12 October, 2022
Plugin
5 Anker Connect Reflected CrossSite Scripting (XSS) vulnerability
12 October, 2022
Plugin
SeoSamba for WordPress Webmasters CrossSite Request Forgery (CSRF) vulnerability
10 October, 2022
Plugin
Post Slider Broken Access Control vulnerability
6 October, 2022
Plugin
WZone – Lite Version CrossSite Request Forgery (CSRF) vulnerability
30 September, 2022
Plugin
CPO Shortcodes Authenticated Stored CrossSite Scripting (XSS) vulnerability
15 September, 2022
Plugin
PCA Predict Authenticated Stored CrossSite Scripting (XSS) vulnerability
12 September, 2022
Plugin
Read more By Adam CrossSite Request Forgery (CSRF) vulnerability
12 September, 2022
Plugin
Add Shortcodes Actions And Filters Authenticated Stored CrossSite Scripting (XSS) vulnerability
12 September, 2022
Plugin
YDS Support Ticket System CrossSite Request Forgery (CSRF) vulnerability
12 September, 2022
Plugin
Culture Object Authenticated Stored CrossSite Scripting (XSS) vulnerability
8 September, 2022
Plugin
Contact Form By Mega Forms – Drag and Drop Form Builder Authenticated Stored CrossSite Scripting (XSS) vulnerability
8 September, 2022
Plugin
WP Shop Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities
31 August, 2022
Plugin
add2fav Authenticated Stored CrossSite Scripting (XSS) vulnerability
31 August, 2022
Plugin
Add User Role Authenticated Stored CrossSite Scripting (XSS) vulnerability
30 August, 2022
Plugin
Access Code Feeder CrossSite Request Forgery (CSRF) vulnerability
25 August, 2022
Plugin
About Me Broken Access Control vulnerability
25 August, 2022
Plugin
About Rentals Missing Access Control vulnerability
25 August, 2022
Plugin
Accommodation System Missing Access Control vulnerability
25 August, 2022
Plugin
SEO Scout CrossSite Request Forgery (CSRF) vulnerability
25 August, 2022
Plugin
WC Marketplace Unauthorized AJAX Calls Vulnerability
15 August, 2022
Plugin
Notification Bar for WordPress Unauthenticated Stored CrossSite Scripting (XSS) vulnerability
12 August, 2022
Plugin
THE Leads Management System: 59sec LITE Unauthenticated plugin settings change vulnerability
12 August, 2022
Plugin
Alpine PhotoTile for Pinterest Authenticated Stored CrossSite Scripting (XSS) vulnerability
12 August, 2022
Plugin
AS – Create Pinterest Pinboard Pages Authenticated plugin settings change leading to Stored CrossSite Scripting (XSS) vulnerability
10 August, 2022
Plugin
ЮKassa для WooCommerce CrossSite Request Forgery (CSRF) leading to plugin settings update
29 July, 2022
Plugin
ЮKassa для WooCommerce Authenticated Arbitrary Settings Update vulnerability
29 July, 2022
Plugin
Content Mask Arbitrary Options Update vulnerability
3 May, 2022