Report WordPress vulnerabilities, earn prizes and become an Alliance member!
████
███████ █████████████████████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
███████ ███████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
Plugin
Awesome Support Broken Access Control vulnerability
4 days ago
Plugin
Product Catalog Feed by PixelYourSite Cross Site Request Forgery (CSRF) vulnerability
6 days ago
Plugin
Product Enquiry for WooCommerce Cross Site Request Forgery (CSRF) vulnerability
7 days ago
Plugin
Event post Cross Site Scripting (XSS) vulnerability
29 November, 2023
Plugin
RegistrationMagic Delete Form Submission Cross Site Request Forgery (CSRF) vulnerability
27 November, 2023
Plugin
HUSKY – Products Filter for WooCommerce (formerly WOOF) Broken Access Control vulnerability
23 November, 2023
Plugin
Awesome Support Broken Access control vulnerability
23 November, 2023
Plugin
Awesome Support Cross Site Request Forgery (CSRF) vulnerability
23 November, 2023
Plugin
Decorator – WooCommerce Email Customizer Cross Site Request Forgery (CSRF) vulnerability
23 November, 2023
Plugin
Live Preview for Contact Form 7 Broken Access Control vulnerability
16 November, 2023
Plugin
Multi Step Form Cross Site Request Forgery (CSRF) vulnerability
13 November, 2023
Plugin
Product Enquiry for WooCommerce Cross Site Scripting (XSS) vulnerability
9 November, 2023
Plugin
Shortcodes Finder Reflected Cross Site Scripting (XSS) vulnerability
9 November, 2023
Plugin
WP Links Page Cross Site Request Forgery (CSRF) vulnerability
7 November, 2023
Plugin
ProfileGrid Cross Site Request Forgery (CSRF) vulnerability
7 November, 2023
Plugin
Donations Made Easy – Smart Donations Cross Site Request Forgery (CSRF) vulnerability
7 November, 2023
Plugin
Donations Made Easy – Smart Donations Cross Site Scripting (XSS) vulnerability
7 November, 2023
Plugin
Who Hit The Page – Hit Counter SQL Injection vulnerability
7 November, 2023
Plugin
Products, Order & Customers Export for WooCommerce Reflected Cross Site Scripting (XSS) vulnerability
7 November, 2023
Plugin
WooCommerce Product Table Lite Cross Site Request Forgery (CSRF) vulnerability
7 November, 2023
Plugin
Contact Forms by Cimatti Cross Site Request Forgery (CSRF) vulnerability
3 November, 2023
Plugin
DeepL Pro API translation Cross Site Request Forgery (CSRF) vulnerability
25 October, 2023
Plugin
Draw Attention Broken Access Control vulnerability
24 October, 2023
Plugin
Smart Online Order for Clover Reflected Cross Site Scripting (XSS) vulnerability
22 October, 2023
Plugin
WOLF Cross Site Request Forgery (CSRF) vulnerability
17 October, 2023
Plugin
Who Hit The Page – Hit Counter Cross Site Request Forgery (CSRF) vulnerability
16 October, 2023
Plugin
ApplyOnline – Application Form Builder and Manager Broken Access Control vulnerability
16 October, 2023
Plugin
Ultimate Taxonomy Manager Cross Site Scripting (XSS) vulnerability
13 October, 2023
Plugin
Ultimate Taxonomy Manager Cross Site Request Forgery (CSRF) vulnerability
13 October, 2023
Plugin
Newsletter & Bulk Email Sender Cross Site Scripting (XSS) vulnerability
13 October, 2023
Plugin
Proofreading Reflected Cross Site Scripting (XSS) vulnerability
12 October, 2023
Plugin
Responsive Image Gallery, Gallery Album Broken Access Control vulnerability
11 October, 2023
Plugin
Responsive Image Gallery, Gallery Album Cross Site Scripting (XSS) vulnerability
11 October, 2023
Plugin
Responsive Image Gallery, Gallery Album Multiple Cross Site Request Forgery (CSRF) vulnerability
11 October, 2023
Plugin
Feed Statistics Cross Site Request Forgery (CSRF) vulnerability
11 October, 2023
Plugin
Download canvasio3D Light Reflected Cross Site Scripting (XSS) vulnerability
3 October, 2023
Plugin
Cooked Cross Site Scripting (XSS) vulnerability
29 September, 2023
Plugin
Brands for WooCommerce Broken Access Control vulnerability
26 September, 2023
Plugin
rtMedia for WordPress, BuddyPress and bbPress Broken Access Control vulnerability
6 September, 2023
Plugin
WP Accessibility Helper (WAH) Broken Access Control vulnerability
5 September, 2023
Plugin
Restrict Cross Site Scripting (XSS) vulnerability
5 September, 2023
Plugin
Click To Tweet Broken Access Control vulnerability
5 September, 2023
Plugin
Click To Tweet Cross Site Scripting (XSS) vulnerability
5 September, 2023
Plugin
WP Bannerize Pro Reflected Cross Site Scripting (XSS) vulnerability
1 September, 2023
Plugin
Ovic Product Bundle Broken Access Control vulnerability
1 September, 2023
Plugin
Pricing Deals for WooCommerce Broken Access Control vulnerability
29 August, 2023
Plugin
Donations Made Easy – Smart Donations Cross Site Scripting (XSS) vulnerability
18 August, 2023
Plugin
Mortgage Calculator Estatik Cross Site Scripting (XSS) vulnerability
17 August, 2023
Plugin
Video Gallery & Management Cross Site Request Forgery (CSRF) vulnerability
16 August, 2023
Plugin
ImageRecycle pdf & image compression Reflected Cross Site Scripting (XSS) vulnerability
11 August, 2023
Plugin
YITH WooCommerce Waiting List Broken Access Control vulnerability
10 August, 2023
Plugin
Google Map Shortcode Cross Site Request Forgery (CSRF) vulnerability
24 July, 2023
Plugin
GTmetrix for WordPress Cross Site Request Forgery (CSRF) vulnerability
19 July, 2023
Plugin
WP Dummy Content Generator Broken Access Control vulnerability
7 July, 2023
Plugin
WP Affiliate Links Reflected Cross Site Scripting (XSS) vulnerability
15 June, 2023
Plugin
Front End Users Cross Site Request Forgery (CSRF) vulnerability
2 June, 2023
Plugin
Dynamic QR Code Generator Reflected Cross Site Scripting (XSS) vulnerability
30 May, 2023
Plugin
bbPress Toolkit Cross Site Request Forgery (CSRF) vulnerability
30 May, 2023
Plugin
bbPress Toolkit Cross Site Scripting (XSS) vulnerability
30 May, 2023
Plugin
Login Configurator Reflected Cross Site Scripting (XSS) vulnerability
30 May, 2023
Plugin
WOLF Cross Site Request Forgery (CSRF) vulnerability
29 May, 2023
Plugin
bbp style pack Reflected Cross Site Scripting (XSS) vulnerability
29 May, 2023
Plugin
Front End Users Cross Site Scripting (XSS) vulnerability
22 May, 2023
Plugin
Leyka Reflected Cross Site Scripting (XSS) vulnerability
22 May, 2023
Plugin
Custom Post Type Generator Reflected Cross Site Scripting (XSS) vulnerability
22 May, 2023
Plugin
Jazz Popups Cross Site Request Forgery (CSRF) leading to XSS vulnerability
18 May, 2023
Plugin
Jazz Popups Cross Site Scripting (XSS) vulnerability
18 May, 2023
Plugin
Donations Made Easy – Smart Donations Reflected Cross Site Scripting (XSS) vulnerability
12 May, 2023
Plugin
WCP Contact Form Broken Access Control vulnerability
10 May, 2023
Plugin
WCP Contact Form Broken Access Control vulnerability
10 May, 2023
Plugin
WP Chinese Conversion Cross Site Scripting (XSS) vulnerability
10 May, 2023
Plugin
Booking Ultra Pro Cross Site Scripting (XSS) vulnerability
9 May, 2023
Plugin
GTmetrix for WordPress Reflected Cross Site Scripting (XSS) vulnerability
9 May, 2023
Plugin
Albo Pretorio Online Reflected Cross Site Scripting (XSS) vulnerability
3 May, 2023
Plugin
Depicter Slider Broken Access Control vulnerability
28 April, 2023
Plugin
Thumbs Rating Race Condition vulnerability
28 April, 2023
Plugin
Recipe Maker For Your Food Blog from Zip Recipes Reflected Cross Site Scripting (XSS) vulnerability
24 April, 2023
Plugin
Booking calendar, Appointment Booking System SQL Injection
19 April, 2023
Plugin
ShiftController Employee Shift Scheduling Cross Site Scripting (XSS) vulnerability
6 April, 2023
Plugin
Coupon Affiliates Cross Site Scripting (XSS) vulnerability
31 March, 2023
Plugin
Contest Gallery Cross Site Scripting (XSS) vulnerability
27 March, 2023
Plugin
Contact Forms by Cimatti Reflected Cross Site Scripting (XSS) vulnerability
27 March, 2023
Plugin
Contact Forms by Cimatti Unauth. Stored Cross Site Scripting (XSS) vulnerability
27 March, 2023
Plugin
Continuous Image Carousel With Lightbox Reflected Cross Site Scripting (XSS) vulnerability
27 March, 2023
Plugin
LiteSpeed Cache CrossSite Request Forgery (CSRF) vulnerability
22 March, 2023
Plugin
Owl Carousel Broken Access Control vulnerability
22 March, 2023
Plugin
I Recommend This Cross Site Request Forgery (CSRF)
22 March, 2023
Plugin
Side Menu Lite Cross Site Request Forgery (CSRF) vulnerability
8 March, 2023
Plugin
Hero Banner Ultimate Auth. Stored Cross Site Scripting (XSS) vulnerability
22 February, 2023
Plugin
Advanced Database Cleaner Cross Site Request Forgery (CSRF)
21 February, 2023
Plugin
Locatoraid Store Locator Cross Site Request Forgery (CSRF) vulnerability
14 February, 2023
Plugin
WPGlobus Translate Options Cross Site Scripting (XSS) vulnerability
14 February, 2023
Plugin
Jobs for WordPress Auth. Stored CrossSite Scripting (XSS) vulnerability
2 February, 2023
Plugin
Robo Gallery CrossSite Request Forgery (CSRF) vulnerability
30 January, 2023
Plugin
My Calendar Cross Site Request Forgery (CSRF) vulnerability
20 January, 2023
Plugin
M Chart Auth. Stored CrossSite Scripting (XSS) vulnerability
19 January, 2023
Plugin
WP TopBar TopBar plugin <= 5.36 SQL Injection
19 January, 2023
Plugin
WP TopBar TopBar plugin <= 5.36 Cross Site Request Forgery (CSRF) vulnerability
19 January, 2023
Plugin
Camera slideshow Reflected Cross Site Scripting (XSS) vulnerability
19 January, 2023
Plugin
User Meta Manager Cross Site Request Forgery (CSRF) vulnerability
19 January, 2023
Plugin
WP Calendar Auth. Stored CrossSite Scripting (XSS) vulnerability
7 December, 2022
Plugin
GC Testimonials Auth. Stored CrossSite Scripting (XSS) vulnerability
7 December, 2022
Plugin
WHA Puzzle Auth. Stored CrossSite Scripting (XSS) vulnerability
24 November, 2022
Plugin
ARForms Form Builder Unauth. Stored CrossSite Scripting (XSS) vulnerability
23 November, 2022
Plugin
Contest Gallery Unauth. Stored CrossSite Scripting (XSS) vulnerability
23 November, 2022
Plugin
iFeature Slider Auth. Stored CrossSite Scripting (XSS) vulnerability
17 November, 2022
Plugin
Quick Restaurant Reservations CrossSite Request Forgery (CSRF) vulnerability
9 November, 2022
Plugin
Simple Video Embedder Auth. Stored CrossSite Scripting (XSS) vulnerability
9 November, 2022
Plugin
Photo Gallery – Image Gallery by Ape Auth. Broken Access Control vulnerability
31 October, 2022
Plugin
Photo Gallery – Image Gallery by Ape Auth. CrossSite Scripting (XSS) vulnerability
31 October, 2022
Plugin
Glossary Auth. Stored CrossSite Scripting (XSS) vulnerability
29 October, 2022
Plugin
Slideshow SE Auth. CrossSite Scripting (XSS) vulnerability
28 October, 2022
Plugin
Slideshow SE Auth. CrossSite Scripting (XSS) vulnerability
28 October, 2022
Plugin
BuddyForms Auth. Stored CrossSite Scripting (XSS) vulnerability
27 October, 2022
Plugin
Gallery with thumbnail slider Auth. Stored CrossSite Scripting (XSS) vulnerability
27 October, 2022
Plugin
Testimonials Auth. Stored CrossSite Scripting (XSS) vulnerability
27 October, 2022
Plugin
Quiz And Survey Master Auth. Reflected CrossSite Scripting (XSS) vulnerability
21 October, 2022
Plugin
Quiz And Survey Master Auth. Stored CrossSite Scripting (XSS) vulnerability
21 October, 2022
Plugin
WP Page Builder Multiple Auth. Stored CrossSite Scripting (XSS) vulnerabilities
21 October, 2022
Plugin
Quiz And Survey Master Insecure direct object references (IDOR) vulnerability
29 September, 2022
Plugin
Booking Ultra Pro CrossSite Request Forgery (CSRF) vulnerability
28 September, 2022
Plugin
Booking Ultra Pro Multiple CrossSite Request Forgery (CSRF) vulnerabilities
28 September, 2022
Plugin
Pop-Up Chop Chop Up Chop Chop plugin <= 2.1.7 Authenticated Stored CrossSite Scripting (XSS) vulnerability
27 September, 2022
Plugin
Awesome Filterable Portfolio Unauthenticated Stored CrossSite Scripting (XSS) vulnerability
15 September, 2022
Plugin
Awesome Filterable Portfolio Unauthenticated Plugin Settings Change vulnerability
15 September, 2022
Plugin
GS Testimonial Slider Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
15 September, 2022
Plugin
NOTICE BOARD Authenticated Stored CrossSite Scripting (XSS) vulnerability
14 September, 2022
Plugin
History Timeline Authenticated Stored CrossSite Scripting (XSS) vulnerability
2 September, 2022
Plugin
Torro Forms Authenticated Stored CrossSite Scripting (XSS) vulnerability
2 September, 2022
Plugin
Meet My Team Authenticated Stored CrossSite Scripting (XSS) vulnerability
2 September, 2022
Plugin
Blossom Recipe Maker Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
1 September, 2022
Plugin
WHA Crossword Authenticated Stored CrossSite Scripting (XSS) vulnerability
1 September, 2022
Plugin
Word Search Puzzles game Authenticated Stored CrossSite Scripting (XSS) vulnerability
1 September, 2022
Plugin
Easy Org Chart Authenticated Stored CrossSite Scripting (XSS) vulnerability
1 September, 2022
Plugin
Gallery PhotoBlocks CrossSite Request Forgery (CSRF) vulnerabilities
10 August, 2022
Plugin
Gallery PhotoBlocks Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
10 August, 2022
Plugin
amCharts: Charts and Maps Authenticated Stored CrossSite Scripting (XSS) vulnerability
9 August, 2022
Plugin
Rich Reviews CrossSite Request Forgery (CSRF) vulnerability
2 August, 2022
Plugin
WP Hotel Booking CrossSite Request Forgery (CSRF) vulnerability
2 August, 2022
Plugin
Floating Div Authenticated Stored CrossSite Scripting (XSS) vulnerability
29 July, 2022
Plugin
BxSlider WP Authenticated CrossSite Scripting (XSS) vulnerability
27 July, 2022
Plugin
Team Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
20 July, 2022
Plugin
Testimonials Authenticated Stored CrossSite Scripting (XSS) vulnerability
19 July, 2022
Plugin
XO Slider Authenticated Stored CrossSite Scripting (XSS) vulnerability
14 June, 2022
Plugin
WordPress Team Manager Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
14 June, 2022
Plugin
Popup | Custom Popup Builder Improper Access Control vulnerability leading to multiple Authenticated Stored XSS
14 June, 2022
Plugin
Easy Pricing Tables Authenticated Stored CrossSite Scripting (XSS) vulnerability
27 May, 2022
Plugin
Travel Management Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
26 May, 2022
Plugin
Image Slider by NextCode Slider Deletion via CrossSite Request Forgery (CSRF) vulnerability
26 May, 2022
Plugin
Promotion Slider Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
26 May, 2022
Plugin
Private Messages For WordPress Authenticated Stored CrossSite Scripting (XSS) vulnerability
26 May, 2022
Plugin
Hotel Booking Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
26 May, 2022
Plugin
Opal Hotel Room Booking Stored CrossSite Scripting (XSS) vulnerability
17 May, 2022
Plugin
Donations Authenticated Stored CrossSite Scripting (XSS) vulnerability
13 May, 2022
Plugin
WP Slider Plugin CrossSite Scripting (XSS) vulnerability
4 May, 2022
Plugin
WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto Unauthenticated CrossSite Scripting (XSS) vulnerability via SVG image upload
26 April, 2022
Plugin
Psychological tests & quizzes Authenticated Stored CrossSite Scripting (XSS) vulnerability
26 April, 2022
Plugin
KB Support Multiple Unauth. Stored CrossSite Scripting (XSS) vulnerabilities
15 April, 2022
Plugin
Responsive Tabs CrossSite Scripting (XSS) vulnerability
11 April, 2022
Plugin
Pricing Table Authenticated Stored CrossSite Scripting (XSS) vulnerability
5 April, 2022
Plugin
Testimonial Slider CrossSite Scripting (XSS) vulnerability
4 April, 2022
Plugin
Simple Event Planner Authenticated Stored CrossSite Scripting (XSS) vulnerability
23 March, 2022
Plugin
Yoo Slider CrossSite Request Forgery (CSRF) vulnerability leading to slider Duplicate/Delete
21 March, 2022
Plugin
Yoo Slider Stored CrossSite Scripting (XSS) vulnerability
21 March, 2022
Plugin
Spiffy Calendar Event deletion via CrossSite Request Forgery (CSRF) vulnerability
10 February, 2022
Plugin
MaxGalleria Stored CrossSite Scripting (XSS) vulnerability
2 February, 2022
Plugin
Price Table Stored CrossSite Scripting (XSS) vulnerability
27 January, 2022
Plugin
Ultimate Reviews Authenticated Stored CrossSite Scripting (XSS) vulnerability
6 January, 2022
Plugin
Contest Gallery Authenticated Stored CrossSite Scripting (XSS) vulnerability
20 December, 2021
Plugin
WP-DownloadManager DownloadManager plugin <= 1.68.6 Authenticated Reflected CrossSite Scripting (XSS) vulnerability
8 December, 2021
Plugin
Survey Maker Unauthenticated Stored CrossSite Scripting (XSS) vulnerability
3 December, 2021
Plugin
Testimonial Authenticated Stored CrossSite Scripting (XSS) vulnerability
7 November, 2021
Plugin
XCloner Backup, Restore and Migrate Authenticated SQL Injection (SQLi) vulnerability
28 May, 2021
Plugin
CMP – Coming Soon & Maintenance Authenticated Remote Code Execution (RCE) vulnerability
2 May, 2021
Plugin
CMP – Coming Soon & Maintenance Authenticated Stored CrossSite Scripting (XSS) vulnerability
2 May, 2021
Plugin
Media File Renamer CrossSite Request Forgery (CSRF) vulnerability
9 April, 2021
Plugin
Image Photo Gallery Final Tiles Grid Authenticated Stored CrossSite Scripting (XSS) vulnerability
28 May, 2020