Report WordPress vulnerabilities, earn prizes and become an Alliance member!
Plugin
Yet Another Stars Rating XSS & Arbitrary Shortcode Execution Vulnerability
3 March, 2023
Plugin
Ezoic Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability
17 November, 2022
Plugin
Ezoic Auth. Stored CrossSite Scripting (XSS) vulnerability
17 November, 2022
Plugin
Plausible Analytics Authenticated Stored CrossSite Scripting (XSS) vulnerability
7 April, 2022
Plugin
Patreon WordPress Stored CrossSite Scripting (XSS) vulnerability
21 February, 2022
Plugin
SEUR Oficial Arbitrary File Download vulnerability
10 January, 2022
Plugin
SEUR Oficial Stored CrossSite Scripting (XSS) vulnerability
20 December, 2021
Theme
Crisp CrossSite Request Forgery (CSRF) vulnerability leading to Stored CrossSite Scripting (XSS)
16 December, 2021
Plugin
Fathom Analytics Authenticated Stored CrossSite Scripting (XSS) vulnerability
8 December, 2021
Plugin
CAOS | Host Google Analytics Locally Arbitrary Folder Deletion via Path Traversal vulnerability
1 December, 2021
Plugin
OMGF | Host Google Fonts Locally Arbitrary Folder Deletion via Path Traversal vulnerability
1 December, 2021
Plugin
CorreosExpress Sensitive Information Disclosure vulnerability
29 November, 2021
Plugin
HTML5 Responsive FAQ Stored CrossSite Scripting (XSS) vulnerability
23 November, 2021