Report WordPress vulnerabilities, earn prizes and become an Alliance member!
Plugin
Homepage Product Organizer for WooCommerce Multiple Authenticated SQL Injection (SQLi) vulnerabilities
19 July, 2022
Plugin
Hermit 音乐播放器 Authenticated SQL Injection (SQLi) vulnerability
28 April, 2022
Plugin
Hermit 音乐播放器 Unauthenticated SQL Injection SQLi) vulnerability
28 April, 2022
Plugin
3xSocializer Authenticated SQL Injection (SQLi) vulnerability
25 April, 2022
Plugin
[GWA] AutoResponder Unauthenticated SQL Injection (SQLi) vulnerability
27 January, 2022
Theme
Edict Lite Arbitrary File Upload vulnerability
24 December, 2021
Theme
The100 Arbitrary File Upload vulnerability
24 December, 2021
Theme
WP Store Arbitrary File Upload vulnerability
24 December, 2021
Theme
Eight Sec Arbitrary File Upload vulnerability
24 December, 2021
Theme
EightLaw Lite Arbitrary File Upload vulnerability
24 December, 2021
Theme
Eightmedi Lite Arbitrary File Upload vulnerability
24 December, 2021
Theme
EightStore Lite Arbitrary File Upload vulnerability
24 December, 2021
Theme
Brovy Arbitrary File Upload vulnerability
24 December, 2021
Theme
WPparallax Arbitrary File Upload vulnerability
24 December, 2021
Theme
Arrival Arbitrary File Upload vulnerability
24 December, 2021
Theme
Ultra Seven Arbitrary File Upload vulnerability
24 December, 2021
Theme
Opstore Arbitrary File Upload vulnerability
24 December, 2021
Theme
AccessPress Parallax Arbitrary File Upload vulnerability
28 November, 2021
Theme
Accesspress Lite Arbitrary File Upload vulnerability
28 November, 2021
Theme
AccessPress Store Arbitrary File Upload vulnerability
28 November, 2021
Theme
Zigcy Lite Arbitrary File Upload vulnerability
28 November, 2021
Theme
Enlighten Arbitrary File Upload vulnerability
28 November, 2021
Theme
Accesspress Mag Arbitrary File Upload vulnerability
28 November, 2021
Theme
StoreVilla Arbitrary File Upload vulnerability
28 November, 2021
Theme
Punte Arbitrary File Upload vulnerability
28 November, 2021
Theme
Accesspress Basic Arbitrary File Upload vulnerability
28 November, 2021
Theme
AccessPress Root Arbitrary File Upload vulnerability
28 November, 2021
Theme
Construction Lite Arbitrary File Upload vulnerability
28 November, 2021
Theme
VMagazine Lite Arbitrary File Upload vulnerability
28 November, 2021
Theme
ParallaxSome Arbitrary File Upload vulnerability
28 November, 2021
Theme
FotoGraphy Arbitrary File Upload vulnerability
28 November, 2021
Theme
VMag Arbitrary File Upload vulnerability
28 November, 2021
Theme
Uncode Lite Arbitrary File Upload vulnerability
28 November, 2021
Theme
Bingle Arbitrary File Upload vulnerability
28 November, 2021
Theme
The Launcher Arbitrary File Upload vulnerability
28 November, 2021
Theme
ScrollMe Arbitrary File Upload vulnerability
28 November, 2021
Theme
Agency Lite Arbitrary File Upload vulnerability
28 November, 2021
Theme
Swing Lite Arbitrary File Upload vulnerability
28 November, 2021
Theme
Vmagazine News Arbitrary File Upload vulnerability
28 November, 2021
Theme
Bloger Arbitrary File Upload vulnerability
28 November, 2021
Theme
Revolve Arbitrary File Upload vulnerability
28 November, 2021
Theme
Ripple Arbitrary File Upload vulnerability
28 November, 2021
Theme
Zigcy Cosmetics Arbitrary File Upload vulnerability
28 November, 2021
Theme
The Monday Arbitrary File Upload vulnerability
28 November, 2021
Theme
Zigcy Baby Arbitrary File Upload vulnerability
28 November, 2021
Theme
Doko Arbitrary File Upload vulnerability
28 November, 2021
Theme
Sakala Arbitrary File Upload vulnerability
28 November, 2021
Plugin
PowerPress Podcasting Multiple Authenticated CrossSite Scripting (XSS) vulnerabilities
14 May, 2021
Plugin
MalCare Security Authenticated CrossSite Scripting (XSS) vulnerability
5 May, 2021
Plugin
Contact Form Submissions Authenticated Double Query SQL injection (SQLi) vulnerability
3 January, 2021
Plugin
Redux Framework CrossSite Request Forgery (CSRF) Nonce Validation Bypass vulnerability
15 December, 2020
Plugin
Redux Framework CSRF Nonce Validation Bypass vulnerability
15 December, 2020
Plugin
Profile Builder Pro Authenticated Blind SQL Injection (SQLi) vulnerability
2 December, 2020
Plugin
Profile Builder Authenticated Blind SQL Injection (SQLi) vulnerability
2 December, 2020
Plugin
Media Library Assistant Authenticated Blind SQL Injection (SQLi) vulnerability
24 November, 2020
Plugin
Contextual Related Posts CrossSite Request Forgery (CSRF) Nonce Validation Bypass vulnerability
19 November, 2020
Plugin
Advanced Booking Calendar Unauthenticated SQL Injection (SQLi) vulnerability
22 October, 2020
Plugin
HyperComments Unauthenticated Arbitrary File Deletion vulnerability
7 October, 2020
Plugin
Woo Import Export Arbitrary File Deletion vulnerability
29 April, 2018
Plugin
Google Drive for WordPress Remote Code Execution (RCE) vulnerability
18 April, 2018
Plugin
Simple Events Calendar Authenticated SQL Injection (SQLi) vulnerability
20 November, 2017
Plugin
Events Authenticated SQL Injection (SQLi) vulnerability
20 November, 2017
Plugin
Active Directory Integration Authenticated SQL Injection (SQLi) vulnerability
20 November, 2017
Plugin
JTRT Responsive Tables SQL Injection (SQLi) vulnerability
7 November, 2017
Plugin
Link Library Library plugin <=5.9.13.26 – Authenticated SQL Injection vulnerability
16 August, 2017
Plugin
Ultimate Product Catalogue SQL Injection vulnerability
27 June, 2017
Plugin
ZM Gallery Blind SQL Injection
20 December, 2016
Plugin
WP Private Messages SQL Injection
16 December, 2016
Plugin
Xtreme Locator SQL Injection
14 December, 2016
Plugin
ZX CSV Upload Authenticated SQL Injection
12 December, 2016
Plugin
WA Form Builder Unauthenticated SQL Injection
5 December, 2016
Plugin
Single Personal Message SQL Injection
5 December, 2016
Plugin
WP Vault Local File Inclusion
30 November, 2016
Plugin
Product Catalog 8 Unauthenticated SQL Injection
28 November, 2016
Plugin
Answer My Question SQL Injection
17 November, 2016
Plugin
BBS e-Franchise Franchise Plugin <= 1.1.1 SQL Injection
12 November, 2016
Plugin
Mini Cart Authenticated SQL Injection
11 November, 2016
Plugin
FireStorm Shopping Cart SQL Injection
10 November, 2016
Plugin
Sirv Authenticated SQL Injection
10 November, 2016
Plugin
WP Private Messages SQL Injection
29 June, 2013