Report WordPress vulnerabilities, earn prizes and become an Alliance member!
Plugin
Asset CleanUp: Page Speed Booster Authenticated Reflected CrossSite Scripting (XSS) vulnerability
4.8
28 September, 2022
Plugin
WP Google Map Broken Access Control vulnerability
8 December, 2021
Plugin
WP Google Map Subscriber+ Map Creation/Update/Deletion vulnerability
8 December, 2021
Plugin
Age Gate Unauthenticated Stored CrossSite Scripting (XSS) vulnerability
25 October, 2021
Plugin
Backup Guard Authenticated Arbitrary File Upload vulnerability
18 February, 2021
Plugin
Theme Editor Multiple Authenticated Arbitrary File Download vulnerabilities
13 February, 2021
Plugin
WP Editor SQL injection (SQLi) vulnerability
2 February, 2021
Plugin
Modern Events Calendar Lite Authenticated Arbitrary File Upload to Remote Code Execution (RCE) vulnerability
29 January, 2021
Plugin
Modern Events Calendar Lite Authenticated SQL Injection (SQLi) vulnerability
29 January, 2021
Plugin
Modern Events Calendar Lite Authenticated Stored CrossSite Scripting (XSS) vulnerability
27 January, 2021
Plugin
301 Redirects Authenticated SQL Injection (SQLi) vulnerability
18 January, 2021
Plugin
Events Manager Authenticated Stored CrossSite Scripting (XSS) vulnerability
25 November, 2020
Plugin
Advanced Database Cleaner Authenticated SQL injection (SQLi) vulnerability
6 September, 2020
Plugin
Autoptimize Authenticated Arbitrary File Upload vulnerability
24 August, 2020
Successfully submit vulnerabilities and receive an invite to our Alliance platform.
Learn more
Close
LinkedIn
Facebook
Twitter
Join Discord
