Report WordPress vulnerabilities, earn prizes and become an Alliance member!
Plugin
Ni WooCommerce Sales Report Broken Access Control vulnerability
25 October, 2023
Plugin
FLOWFACT WP Connector Reflected Cross Site Scripting (XSS) vulnerability
25 October, 2023
Plugin
Taggbox Broken Access Control vulnerability
19 October, 2023
Plugin
Ashe Extra Broken Access Control vulnerability
16 October, 2023
Plugin
Taggbox Cross Site Request Forgery (CSRF) vulnerability
12 October, 2023
Plugin
WP Ultimate Exporter Sensitive Data Exposure vulnerability
3 October, 2023
Plugin
Surfer Broken Access Control vulnerability
1 September, 2023
Plugin
Password Reset with Code for WordPress REST API Privilege Escalation Due To Weak Pin Generation Vulnerability
14 August, 2023
Plugin
Kangu para WooCommerce Reflected Cross Site Scripting (XSS) vulnerability
11 August, 2023
Plugin
Easy!Appointments Arbitrary File Deletion vulnerability
10 August, 2023
Plugin
LWS Affiliation Local File Inclusion vulnerability
24 July, 2023
Plugin
Greeklish-permalink permalink plugin <= 3.3 Unauth. Post Slug Update vulnerability
21 June, 2023
Plugin
CRM and Lead Management by vcita Auth. Stored CrossSite Scripting (XSS) vulnerability
5 June, 2023
Plugin
Online Booking & Scheduling Calendar for WordPress by vcita Unauth. Stored CrossSite Scripting (XSS) vulnerability
5 June, 2023
Plugin
Online Booking & Scheduling Calendar for WordPress by vcita Missing Authorization to Account Logout vulnerability
5 June, 2023
Plugin
Contact Form Builder by vcita CrossSite Request Forgery to Stored CrossSite Scripting vulnerability
5 June, 2023
Plugin
Contact Form and Calls To Action by vcita Auth. Stored CrossSite Scripting (XSS) vulnerability
5 June, 2023
Plugin
Online Booking & Scheduling Calendar for WordPress by vcita Missing Authorization on RESTAPI vulnerability
5 June, 2023
Plugin
Online Booking & Scheduling Calendar for WordPress by vcita Missing Authorization to Arbitrary File Upload vulnerability
5 June, 2023
Plugin
Contact Form and Calls To Action by vcita CrossSite Request Forgery to Stored CrossSite Scripting vulnerability
5 June, 2023
Plugin
Contact Form Builder by vcita Auth. Stored CrossSite Scripting (XSS) vulnerability
5 June, 2023
Plugin
CRM and Lead Management by vcita CrossSite Request Forgery to Stored CrossSite Scripting vulnerability
5 June, 2023
Plugin
reCAPTCHA for all Broken Access Control vulnerability
15 May, 2023
Plugin
SALERT Broken Access Control vulnerability
9 May, 2023
Plugin
SALERT Cross Site Scripting (XSS) vulnerability
9 May, 2023