About Alliance Leaderboard Vulnerability database WordPress security
Login

Dave Jong (Patchstack)

0
0
0
0
Dave Jong (Patchstack)
Alliance XP
697.75
Contributions
175
Contributions 175
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

Plugin

Ninja Popups <= 4.7.5 Unauth. Open Redirect vulnerability

+0 AXP

4.7

18 July, 2023

Theme

RealHomes <= 4.0.2 Broken Access Control vulnerability

+0 AXP

5.4

11 July, 2023

Theme

RealHomes <= 4.0.2 Broken Access Control vulnerability

+0 AXP

4.3

11 July, 2023

Theme

Consulting <= 6.5.6 Local File Inclusion

+14.6 AXP

7.3

5 July, 2023

Theme

WPLMS < 4.900 CrossSite Request Forgery (CSRF) vulnerability

+16.2 AXP

8.1

5 July, 2023

Plugin

Houzez CRM <= 1.3.4 SQL Injection

+29.7 AXP

9.9

28 June, 2023

Theme

The7 <= 11.7.3 CrossSite Request Forgery (CSRF)

+15.25 AXP

6.1

27 June, 2023

Theme

HashOne <= 1.3.0 Broken Access Control Vulnerability

+4.3 AXP

4.3

25 May, 2023

Theme

Viral <= 1.8.0 Broken Access Control vulnerability

+4.3 AXP

4.3

25 May, 2023

Theme

Viral News <= 1.4.5 Broken Access Control

+4.3 AXP

4.3

25 May, 2023

Theme

MetroStore <= 1.3.2 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

BuzzStore <= 1.3.6 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

SparkleStore <= 1.5.9 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

Medical Heed <= 1.1.4 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

Kingcabs <= 1.1.5 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

Craft Blog <= 1.0.7 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

Fitness Park <= 1.0.6 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

Online eStore <= 1.0.9 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

Kathmag <= 1.0.6 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

Appzend <= 1.2.1 Broken Access Control

+0 AXP

4.3

16 May, 2023

Theme

SpiderMag <= 1.1.7 Broken Access Control

+0 AXP

4.3

16 May, 2023

Plugin

Easing Slider <= 3.0.8 Plugin Settings Reset Vulnerability

+15 AXP

7.5

16 May, 2023

Theme

WoodMart <= 7.2.1 CrossSite Scripting (XSS) vulnerability

+0 AXP

5.4

11 May, 2023

Theme

WoodMart <= 7.2.1 Broken Access Control vulnerability

+0 AXP

5.4

11 May, 2023

Plugin

Woodmart Core <= 1.0.36 PHP Object Injection

+0 AXP

9.8

11 May, 2023

Plugin

Woodmart Core <= 1.0.36 Privilege Escalation

+0 AXP

9.8

11 May, 2023

Plugin

YITH WooCommerce Gift Cards Premium <= 3.23.1 Unauth. Gift Card Creation Leading to Stored XSS vulnerability

+13 AXP

6.5

10 May, 2023

Plugin

Points and Rewards for WooCommerce <= 1.5.0 Broken Access Control vulnerability

+13 AXP

6.5

5 May, 2023

Plugin

Points and Rewards for WooCommerce <= 1.5.0 Settings Change vulnerability

+5.4 AXP

5.4

5 May, 2023

Plugin

Community by PeepSo <= 6.0.9.0 Server Information Disclosure

+10.6 AXP

5.3

5 May, 2023

Theme

TheGem < 5.8.1.1 Broken Access Control vulnerability

+16.2 AXP

5.4

5 May, 2023

Theme

TheGem < 5.8.1.1 Broken Access Control vulnerability

+16.2 AXP

5.4

5 May, 2023

Theme

TheGem < 5.8.1.1 Auth. Stored CrossSite Scripting (XSS) vulnerability

+16.2 AXP

5.4

5 May, 2023

Theme

TheGem < 5.8.1.1 Auth. Stored CrossSite Scripting (XSS) Vulnerability

+16.2 AXP

5.4

5 May, 2023

Theme

Editorialmag <= 1.1.9 Authenticated Arbitrary Plugin Activation

+0 AXP

4.3

4 May, 2023

Plugin

CM Pop-Up banners <= 1.5.10 Up banners for WordPress plugin <= 1.5.10 SQL Injection vulnerability

+12.75 AXP

8.5

3 May, 2023

Theme

Educenter <= 1.5.1 Broken Access Control

+4.3 AXP

4.3

14 April, 2023

Theme

Square <= 2.0.0 Broken Access Control

+4.3 AXP

4.3

13 April, 2023

Theme

Blogger Buzz <= 1.2.1 Broken Access Control vulnerability

+0 AXP

4.3

13 April, 2023

Theme

Houzez < 2.8.3 Unauth. SQL Injection (SQLi) vulnerability

+49.2 AXP

8.2

6 April, 2023

Theme

Viral Mag <= 1.0.9 Authenticated Arbitrary Plugin Activation Vulnerability

+0 AXP

4.3

30 March, 2023

Plugin

HappyFiles Pro <= 1.8.1 Broken Access Control

+0 AXP

7.7

29 March, 2023

Plugin

HappyFiles Pro <= 1.8.1 Broken Access Control vulnerability

+0 AXP

5.4

29 March, 2023

Theme

Resoto <= 1.0.8 Broken Access Control to Arbitrary Plugin Activation

+0 AXP

4.3

22 March, 2023

Theme

Real Estate Directory <= 1.0.5 Authenticated Arbitrary Plugin Activation

+0 AXP

4.3

17 March, 2023

Theme

Chankhe <= 1.0.5 Authenticated Arbitrary Plugin Activation

+0 AXP

4.3

15 March, 2023

Theme

Mediciti Lite <= 1.3.0 Reflected Cross Site Scripting (XSS) vulnerability

+0 AXP

5.4

15 March, 2023

Theme

Brilliance <= 1.3.1 Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

5.4

13 March, 2023

Theme

Intrepidity <= 1.5.1 Cross Site Request Forgery (CSRF)

+0 AXP

8.8

13 March, 2023

Theme

Regina Lite <= 2.0.7 Reflected Cross Site Scripting (XSS)

+5.4 AXP

5.4

13 March, 2023

Plugin

Montonio for WooCommerce <= 6.0.1 Server Side Request Forgery (SSRF)

+0 AXP

8.2

8 March, 2023

Theme

Big Store <= 1.9.3 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

4.3

5 March, 2023

Plugin

Wpopal Core Features <= 1.5.8 Server Side Request Forgery (SSRF)

+16.4 AXP

8.2

3 March, 2023

Plugin

AMO for WP – Membership Management <= 4.6.6 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

WooVirtualWallet – A virtual wallet for WooCommerce <= 2.2.1 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

WooVIP – Membership plugin for WordPress and WooCommerce <= 1.4.4 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

WooSupply – Suppliers, Supply Orders and Stock Management <= 1.2.2 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

Theme Minifier <= 2.0 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

Styles <= 1.2.3 Server Side Request Forgery (SSRF)

+16.4 AXP

8.2

3 March, 2023

Plugin

WordPress Page Builder – Qards <= 1.0.5 Qards plugin <= 1.0.5 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

PHPFreeChat <= 0.2.8 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

Custom Login Admin Front-end CSS <= 1.4.1 end CSS plugin <= 1.4.1 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

CSS Adder By Agence-Press <= 1.5.0 Press plugin <= 1.5.0 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

Confirm Data <= 1.0.7 Unauth. ServerSide Request Forgery (SSRF) vulnerability

+0 AXP

8.2

3 March, 2023

Plugin

AMP Toolbox <= 2.1.1 Server Side Request Forgery (SSRF)

+0 AXP

8.2

3 March, 2023

Plugin

Admin CSS MU <= 2.6 ServerSide Request Forgery (SSRF) vulnerability

+16.4 AXP

8.2

3 March, 2023

Plugin

Types <= 3.4.17 Authenticated Arbitrary File Upload Vulnerability

+0 AXP

7.2

3 March, 2023

Theme

Total <= 2.1.19 Authenticated Arbitrary Plugin Activation

+12.9 AXP

4.3

1 March, 2023

Plugin

Wholesale Suite <= 2.1.5 Auth. Broken Access Control vulnerability

+5.4 AXP

5.4

27 February, 2023

Theme

Houzez <= 2.7.1 Privilege Escalation

+29.4 AXP

9.8

27 February, 2023

Plugin

Zendrop – Global Dropshipping <= 1.0.0 Arbitrary SQL Query Execution Vulnerability

+15 AXP

10.0

24 February, 2023

Plugin

Zendrop – Global Dropshipping <= 1.0.0 Arbitrary File Upload

+39.2 AXP

9.8

24 February, 2023

Plugin

Houzez Login Register <= 2.6.3 Privilege Escalation

+19.6 AXP

9.8

23 February, 2023

Plugin

WatchTowerHQ <= 3.6.16 Privilege Escalation

+0 AXP

9.8

14 February, 2023

Plugin

GamiPress <= 2.5.7 Unauthenticated SQL Injection vulnerability

+24.6 AXP

8.2

14 February, 2023

Plugin

GamiPress <= 2.5.6 CSRF Leading to Settings Change Vulnerability

+2.7 AXP

5.4

13 February, 2023

Plugin

GamiPress <= 2.5.6 Missing Authorization Leading to Points Manipulation Vulnerability

+5.4 AXP

5.4

13 February, 2023

Theme

ColorWay <= 4.2.3 CSRF Leading to Arbitrary Plugin Activation

+2.15 AXP

4.3

8 February, 2023

Theme

Magazine Edge <= 1.13 Authenticated Arbitrary Plugin Activation

+0 AXP

4.3

2 February, 2023

Plugin

Spectra <= 2.3.0 Contributor+ reCAPTCHA Settings Change Vulnerability

+32.4 AXP

5.4

23 January, 2023

Plugin

Spectra <= 2.3.0 Captcha Bypass Vulnerability

+31.8 AXP

5.3

23 January, 2023

Plugin

Spectra <= 2.3.0 Unauthenticated Email HTML Injection Vulnerability

+31.8 AXP

5.3

23 January, 2023

Plugin

Spectra <= 2.3.0 Unauthenticated Email Spoofing Vulnerability

+31.8 AXP

5.3

23 January, 2023

Theme

Corsa <= 1.5 Arbitrary File Upload

+0 AXP

8.8

23 January, 2023

Theme

Upfrontwp <= 1.1 Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

6.5

23 January, 2023

Plugin

MainWP Broken Links Checker Extension <= 4.0 Unauthenticated SQL Injection Vulnerability

+0 AXP

8.2

17 January, 2023

Plugin

MainWP Broken Links Checker Extension <= 4.0 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Boilerplate Extension <= 4.1 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Boilerplate Extension <= 4.1 Subscriber+ Post/Page Deletion Vulnerability

+0 AXP

7.1

17 January, 2023

Plugin

MainWP Article Uploader Extension <= 4.0.2 Subscriber+ Arbitrary File Deletion Vulnerability

+0 AXP

7.7

17 January, 2023

Plugin

MainWP Article Uploader Extension <= 4.0.2 Subscriber+ Post/Page Deletion Vulnerability

+0 AXP

7.1

17 January, 2023

Plugin

MainWP BlogVault Backup Extension <= 1.3 Subscriber+ Arbitrary Plugin Installation Vulnerability

+0 AXP

6.5

17 January, 2023

Plugin

MainWP Favorites Extension <= 4.0.10 Subscriber+ Arbitrary Plugin Installation Vulnerability

+0 AXP

6.5

17 January, 2023

Plugin

MainWP Favorites Extension <= 4.0.10 Subscriber+ Arbitrary File Deletion Vulnerability

+0 AXP

7.7

17 January, 2023

Plugin

MainWP White Label Extension <= 4.1.1 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Buddy Extension <= 4.0.1 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP WordPress SEO Extension <= 4.0.1 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP UpdraftPlus Extension <= 4.0.6 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Staging Extension <= 4.0.3 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Page Speed Extension <= 4.0.2 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP iThemes Security Extension <= 4.1.1 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Clone Extension <= 4.0.2 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Code Snippets Extension <= 4.0.2 Subscriber+ Arbitrary PHP Code Injection/Execution Vulnerability

+0 AXP

9.9

17 January, 2023

Plugin

MainWP Code Snippets Extension <= 4.0.2 Subscriber+ Stored CrossSite Scripting Vulnerability

+0 AXP

6.5

17 January, 2023

Plugin

MainWP Links Manager Extension <= 2.1 Unauthenticated PHP Object Injection Vulnerability

+0 AXP

8.1

17 January, 2023

Plugin

MainWP Code Snippets Extension <= 4.0.2 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Comments Extension <= 4.0.6 Subscriber+ Arbitrary Comment Removal/Trash/Approval/Restoration Vulnerability

+0 AXP

6.5

17 January, 2023

Plugin

MainWP File Uploader Extension <= 4.1 Subscriber+ Arbitrary File Deletion Vulnerability

+0 AXP

7.7

17 January, 2023

Plugin

MainWP Rocket Extension <= 4.0.3 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP UpdraftPlus Extension <= 4.0.6 Unauthenticated Plugin Settings Change Vulnerability

+0 AXP

6.5

17 January, 2023

Plugin

MainWP File Uploader Extension <= 4.1 Unauthenticated Arbitrary File Upload Vulnerability

+0 AXP

10.0

17 January, 2023

Plugin

MainWP Google Analytics Extension <= 4.0.4 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Google Analytics Extension <= 4.0.4 Subscriber+ SQL Injection Vulnerability

+0 AXP

7.1

17 January, 2023

Plugin

MainWP Maintenance Extension <= 4.1.1 Subscriber+ SQL Injection Vulnerability

+0 AXP

8.5

17 January, 2023

Plugin

MainWP Maintenance Extension <= 4.1.1 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Matomo Extension <= 4.0.4 CSRF Leading To Plugin Settings Change Vulnerability

+0 AXP

4.3

17 January, 2023

Plugin

MainWP Post Dripper Extension <= 4.0.4 Subscriber+ Post/Page Deletion Vulnerability

+0 AXP

7.1

17 January, 2023

Plugin

MainWP Post Plus Extension <= 4.0.3 Subscriber+ Post/Page Deletion Vulnerability

+0 AXP

7.1

17 January, 2023

Plugin

MainWP Rocket Extension <= 4.0.3 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Wordfence Extension <= 4.0.7 Subscriber+ Plugin Settings Change Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

MainWP Wordfence Extension <= 4.0.7 Subscriber+ Arbitrary Plugin Activation Vulnerability

+0 AXP

5.4

17 January, 2023

Plugin

Wp Social <= 1.9.0 Auth. Sensitive Information Disclosure vulnerability

6.5

14 December, 2022

Theme

Attorney <= 3 Unauth. Arbitrary Content Deletion vulnerability

+0 AXP

6.5

1 December, 2022

Plugin

ARMember Premium <= 5.5.1 Unauth. Privilege Escalation vulnerability

+0 AXP

9.8

1 December, 2022

Plugin

Wholesale Suite <= 2.1.5 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

6.5

28 November, 2022

Plugin

Smart Slider 3 <= 3.5.1.9 Auth. PHP Object Injection vulnerability

4.3

23 November, 2022

Plugin

Image Map Pro < 5.6.9 Multiple CrossSite Request Forgery (CSRF) vulnerabilities

+0 AXP

5.4

23 November, 2022

Plugin

Image Map Pro < 5.6.9 CrossSite Request Forgery (CSRF) leading to Stored CrossSite Scripting (XSS)

+0 AXP

6.1

23 November, 2022

Plugin

ShareThis Dashboard for Google Analytics <= 3.1.4 Broken Access Control vulnerability

+0 AXP

5.4

23 November, 2022

Plugin

YITH WooCommerce Gift Cards Premium <= 3.19.0 Unauth. Arbitrary File Upload vulnerability

9.8

22 November, 2022

Theme

Betheme <= 26.6.1 Broken Access Control vulnerability

6.3

21 November, 2022

Theme

Betheme <= 26.6.1 Broken Access Control vulnerability

4.3

21 November, 2022

Theme

Betheme <= 26.6.1 Broken Access Control vulnerability

5.4

21 November, 2022

Theme

Betheme <= 26.6.1 Broken Access Control vulnerability

5.4

21 November, 2022

Theme

Betheme <= 26.6.1 Broken Access Control vulnerability

4.3

21 November, 2022

Theme

Betheme <= 26.6.1 Auth. Stored CrossSite Scripting (XSS) vulnerability

5.4

21 November, 2022

Theme

Betheme <= 26.5.1.4 Auth. PHP Object Injection vulnerability

6.3

17 November, 2022

Plugin

Multilingual CMS <= 4.5.13 CrossSite Request Forgery (CSRF) vulnerability

4.3

9 November, 2022

Plugin

Multilingual CMS <= 4.5.13 CrossSite Request Forgery (CSRF) vulnerability

5.4

9 November, 2022

Plugin

Multilingual CMS <= 4.5.10 Broken Access Control vulnerability

4.3

9 November, 2022

Plugin

Multilingual CMS <= 4.5.10 Broken Access Control vulnerability

5.4

9 November, 2022

Plugin

WatchTowerHQ <= 3.6.15 Unauth. Arbitrary File Deletion vulnerability

9.1

1 November, 2022

Plugin

WatchTowerHQ <= 3.6.15 Unauth. Arbitrary File Download vulnerability

7.5

1 November, 2022

Theme

Soledad <= 8.2.5 Broken Access Control vulnerability

5.4

1 November, 2022

Theme

Soledad <= 8.2.5 Auth. CrossSite Scripting (XSS) vulnerability

5.4

30 October, 2022

Plugin

Api2Cart Bridge Connector <= 1.1.0 Arbitrary File Upload vulnerability

9.8

28 October, 2022

Plugin

Api2Cart Bridge Connector <= 1.1.0 Arbitrary Code Execution vulnerability

10.0

28 October, 2022

Plugin

SearchWP <= 4.2.5 Broken Authentication vulnerability

5.4

24 October, 2022

Theme

Avada <= 7.8.1 CrossSite Request Forgery (CSRF) vulnerability

8.8

20 October, 2022

Plugin

Shortcodes Ultimate <= 5.12.0 CSRF vulnerability leading to Stored XSS

6.1

13 October, 2022

Plugin

ALD - AliExpress Dropshipping and Fulfillment for WooCommerce <= 1.1.0 Sensitive Data Exposure vulnerability

+0 AXP

7.5

12 October, 2022

Plugin

Shortcodes Ultimate <= 5.12.0 CrossSite Request Forgery (CSRF) vulnerability

5.4

2 October, 2022

Plugin

Beaver Builder <= 2.5.4.3 Broken Access Control vulnerability

5.4

20 July, 2022

Plugin

Breeze <= 2.0.2 Plugin Settings Change leading to CrossSite Scripting (XSS) vulnerability

6.5

2 May, 2022

Plugin

Responsive Menu <= 4.1.7 Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability

8.3

16 March, 2022

Plugin

Rearrange Woocommerce Products <= 4.0.2 SQL Injection (SQLi) vulnerability

6.6

15 March, 2022

Plugin

Perfect Brands for WooCommerce <= 2.0.4 Set Featured Brand vulnerability

4.3

28 January, 2022

Plugin

Perfect Brands for WooCommerce <= 2.0.4 Server Information Exposure vulnerability

4.3

28 January, 2022

Plugin

Hide My WP <= 6.2.3 Unauthenticated SQL injection (SQLi) vulnerability

8.6

24 November, 2021

Plugin

Hide My WP <= 6.2.3 Unauthenticated Plugin Deactivation vulnerability

6.5

24 November, 2021

Plugin

WP Reset <= 5.98 Authenticated Database Reset vulnerability

8.8

10 November, 2021

Plugin

WP Reset <= 5.98 CrossSite Request Forgery (CSRF) vulnerability leading to Database Reset

8.8

10 November, 2021

Plugin

Popup Builder <= 3.71 Authenticated Local File Inclusion (LFI) vulnerability

+0 AXP

8.8

28 January, 2021

Plugin

Popup Builder <= 3.71 Authenticated Deleting/Importing Subscribers vulnerability

+0 AXP

6.3

28 January, 2021

Plugin

Popup Builder <= 3.71 Authenticated Newsletter Send With Custom Content And Sender vulnerability

+0 AXP

5.3

28 January, 2021

Plugin

ThemeGrill Demo Importer <= 1.6.2 Bypass and Database Wipe vulnerability

9.1

8 December, 2020

Plugin

Discount Rules for WooCommerce <= 2.0.2 Multiple (XSS, SQLi) Vulnerabilities

+0 AXP

8.5

20 August, 2020

Plugin

MailerLite – Signup forms <= 1.4.3 Unauthenticated SQL Injection (SQLi) vulnerability

9.3

25 May, 2020

Plugin

MailerLite – Signup forms <= 1.4.4 Multiple CrossSite Request Forgery (CSRF) vulnerabilities

5.4

25 May, 2020

Plugin

WPvivid Backup and Migration <= 0.9.35 Missing Authorization vulnerability leading to Database Leak

6.5

28 February, 2020

Plugin

wpCentral <= 1.4.7 Privilege escalation vulnerability

+0 AXP

8.8

24 January, 2020

Plugin

InfiniteWP Client <= 1.9.4.4 Authentication Bypass vulnerability

+0 AXP

9.8

8 January, 2020

Plugin

Backup and Staging by WP Time Capsule <= 1.21.15 Authentication Bypass vulnerability

+0 AXP

9.8

8 January, 2020

Plugin

Theme Editor <= 2.1 Multiple vulnerabilities

30 September, 2019

Plugin

File Manager <= 4.8 Multiple Vulnerabilities

10 July, 2019

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close