Report WordPress vulnerabilities, earn prizes and become an Alliance member!
████
██████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
███████ ███████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
██████████████ █████████████████████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
███████ ████████████████████████████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ █████████████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
█████████████████████ ██████████████████████████████████████████
Pending
████
██████████████ ████████████████████████████████████████████████████████
Pending
████
███████ █████████████████████████████████████████████████
Pending
████
██████████████ ██████████████████████████████████████████
Pending
████
█████████████████████ ████████████████████████████████████████████████████████
Pending
████
█████████████████████ ███████████████████████████████████
Pending
████
███████ ██████████████████████████████████████████
Pending
Plugin
FooGallery Reflected Cross Site Scripting (XSS) vulnerability
4 days ago
Plugin
FooGallery Cross Site Request Forgery (CSRF) vulnerability
4 days ago
Plugin
PeproDev CF7 Database Unauthenticated Cross Site Scripting (XSS) vulnerability
5 September, 2023
Plugin
Social Media & Share Icons Reflected Cross Site Scripting (XSS) vulnerability
29 August, 2023
Plugin
Oxygen Builder Cross Site Request Forgery (CSRF)
20 July, 2023
Plugin
WPJobBoard Unauth. Blind SQL Injection (SQLi) vulnerability
27 June, 2023
Theme
Balkon Reflected Cross Site Scripting (XSS) vulnerability
23 June, 2023
Theme
WoodMart Cross Site Request Forgery (CSRF) vulnerability
9 May, 2023
Theme
TheRoof Reflected Cross Site Scripting (XSS) vulnerability
6 April, 2023
Theme
Outdoor Reflected Cross Site Scripting (XSS) vulnerability
4 April, 2023
Plugin
Slide Anything iFrame Injection to CrossSite Scripting (XSS) vulnerability
16 March, 2023
Theme
Real Estate 7 Unauthenticated Arbitrary Email Sending vulnerability
13 March, 2023
Theme
Real Estate 7 CrossSite Request Forgery vulnerability
2 March, 2023
Theme
Real Estate 7 Reflected CrossSite Scripting via ct_additional_features vulnerability
2 March, 2023
Theme
Real Estate 7 Cross Site Scripting (XSS)
20 February, 2023
Theme
WoodMart Unauth Arbitrary Shortcodes Injection
16 February, 2023
Theme
Monolit Theme Cross Site Scripting (XSS) vulnerability
6 February, 2023
Plugin
JS Help Desk – Best Help Desk & Support Plugin Broken Access Control
27 January, 2023
Plugin
JS Help Desk – Best Help Desk & Support Plugin Arbitrary File Upload Vulnerability
27 January, 2023
Plugin
JS Help Desk – Best Help Desk & Support Plugin Unauthenticated Settings Change Vulnerability
27 January, 2023
Plugin
JS Help Desk – Best Help Desk & Support Plugin Multiple Cross Site Request Forgery (CSRF) Vulnerabilities
27 January, 2023
Plugin
JS Help Desk – Best Help Desk & Support Plugin Unauthenticated SQL Injection Vulnerability
27 January, 2023
Plugin
Smart Slider 3 Auth. Stored CrossSite Scripting (XSS) vulnerability
23 November, 2022
Plugin
Creative Mail Multiple CrossSite Request Forgery (CSRF) vulnerabilities
28 October, 2022
Plugin
SEO Redirection Multiple CrossSite Scripting (CSRF) vulnerabilities
25 October, 2022
Plugin
Image Hover Effects Ultimate Auth. WordPress Options Change vulnerability
25 October, 2022
Plugin
Quiz And Survey Master Multiple Insecure direct object references (IDOR) vulnerabilities
21 October, 2022
Plugin
Quiz And Survey Master Multiple Auth. Stored CrossSite Scripting (XSS) vulnerabilities
21 October, 2022
Plugin
Quiz And Survey Master Auth. SQL Injection (SQLi) vulnerability
21 October, 2022
Plugin
Accordions Authenticated WordPress Options Change vulnerability
29 September, 2022
Plugin
Analytics Cat Authenticated Stored CrossSite Scripting (XSS) vulnerability
29 September, 2022
Plugin
Accordions Multiple Auth. Stored CrossSite Scripting (XSS) vulnerabilities
29 September, 2022
Plugin
Tabs Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
22 September, 2022
Plugin
Awesome Support Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
14 September, 2022
Plugin
WHA Crossword Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
1 September, 2022
Plugin
Word Search Puzzles game Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
1 September, 2022
Plugin
Event Calendar – Calendar Authenticated Reflected CrossSite Scripting (XSS) vulnerability
25 August, 2022
Plugin
SP Project & Document Manager Reflected CrossSite Scripting (XSS) vulnerability
10 August, 2022
Plugin
WPIDE – File Manager & Code Editor Authenticated Arbitrary File Edit/Upload vulnerability
9 August, 2022
Plugin
Download Manager Multiple CrossSite Request Forgery (CSRF) vulnerabilities
2 August, 2022
Plugin
Download Manager Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
2 August, 2022
Plugin
Affiliate For WooCommerce Authenticated IDOR vulnerability leading to PayPal email change
1 August, 2022
Plugin
Tabs Authenticated WordPress Options Change vulnerability
25 July, 2022
Plugin
Flipbox Authenticated WordPress Options Change vulnerability
25 July, 2022
Plugin
Shortcode Addons Authenticated WordPress Options Change vulnerability
25 July, 2022
Plugin
Team Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
20 July, 2022
Plugin
Accordions Unauthenticated WordPress Options Change vulnerability
30 June, 2022
Plugin
Shortcode Addons Unauthenticated Arbitrary Option Update vulnerability
30 June, 2022
Plugin
WP Maintenance Authenticated Stored CrossSite Scripting (XSS) vulnerability
28 June, 2022
Plugin
Popup Builder CrossSite Request Forgery (CSRF) vulnerability leading to Popup Status Change
17 June, 2022
Plugin
Social Share Buttons by Supsystic Multiple Broken Access Control vulnerabilities
9 June, 2022
Plugin
Social Share Buttons by Supsystic Multiple Authenticated SQL Injection (SQLi) vulnerabilities
9 June, 2022
Plugin
Image Slider by NextCode Multiple CrossSite Request Forgery (CSRF) vulnerabilities
26 May, 2022
Plugin
Image Slider by NextCode Authenticated Persistent CrossSite Scripting (XSS) vulnerability
26 May, 2022
Plugin
Private Messages For WordPress Sending Messages via CrossSite Request Forgery (CSRF) vulnerability
26 May, 2022
Plugin
Code Snippets Reflected CrossSite Scripting (XSS) vulnerability
18 May, 2022
Plugin
Code Snippets Extended CrossSite Request Forgery (CSRF) vulnerability
17 May, 2022
Plugin
Code Snippets Extended CrossSite Request Forgery (CSRF) vulnerability leading to Persistent CrossSite Scripting (XSS)
17 May, 2022
Plugin
Quick Restaurant Reservations Authenticated Reflected CrossSite Scripting (XSS) vulnerability
12 May, 2022
Plugin
PNG to JPG CrossSite Request Forgery (CSRF) leading to Persistent CrossSite Scripting (XSS) vulnerability
6 May, 2022
Plugin
Remove CPT base CrossSite Request Forgery (CSRF) vulnerability leading to CPT base deletion
6 May, 2022
Plugin
wpDataTables Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
6 May, 2022
Plugin
Subscribe To Comments Reloaded Multiple CrossSite Request Forgery (CSRF) vulnerabilities
29 April, 2022
Plugin
Countdown & Clock Pro Features Lock Bypass vulnerability
28 April, 2022
Plugin
Countdown & Clock Reflected CrossSite Scripting (XSS) vulnerability
28 April, 2022
Plugin
Countdown & Clock Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
28 April, 2022
Plugin
Hermit 音乐播放器 Multiple CrossSite Request Forgery (CSRF) vulnerabilities
28 April, 2022
Plugin
Hermit 音乐播放器 CrossSite Request Forgery (CSRF) leading to Stored CrossSite Scripting (XSS) vulnerability
28 April, 2022
Plugin
Psychological tests & quizzes Authenticated Stored CrossSite Scripting (XSS) vulnerability
26 April, 2022
Plugin
Night Mode Authenticated Persistent CrossSite Scripting (XSS) vulnerability
25 April, 2022
Plugin
Rara One Click Demo Import CrossSite Request Forgery (CSRF) leads to Arbitrary File Upload vulnerability
21 April, 2022
Plugin
Advanced Contact form 7 DB Persistent CrossSite Scripting (XSS) vulnerability
21 April, 2022
Plugin
Simple Ajax Chat Sensitive Information Disclosure vulnerability
15 April, 2022
Plugin
Simple Ajax Chat Multiple CrossSite Request Forgery (CSRF) vulnerability
15 April, 2022
Plugin
eRoom – Zoom Meetings & Webinar CrossSite Request Forgery (CSRF) vulnerability leading to Sync with Zoom Meetings
11 April, 2022
Plugin
eRoom – Zoom Meetings & Webinar CrossSite Request Forgery (CSRF) vulnerability leading to Cache Deletion
11 April, 2022
Plugin
Yoo Slider CrossSite Request Forgery (CSRF) vulnerability leading to Slider Creation / Modification
11 April, 2022
Plugin
Yoo Slider CrossSite Request Forgery (CSRF) vulnerability leading to Template Import
11 April, 2022
Plugin
FV Flowplayer Video Player Authenticated Persistent CrossSite Scripting (XSS) vulnerability
4 April, 2022
Plugin
Simple Event Planner Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
23 March, 2022
Plugin
Simple Event Planner Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
23 March, 2022
Plugin
Contact Form X Reflected CrossSite Scripting (XSS) vulnerability
25 February, 2022
Plugin
WP Google Map Plugin CrossSite Request Forgery (CSRF) vulnerability
22 February, 2022
Plugin
Spiffy Calendar Authenticated Reflected CrossSite Scripting (XSS) vulnerability
10 February, 2022
Plugin
Spiffy Calendar Admin+ Persistent CrossSite Scripting (XSS) vulnerability
10 February, 2022
Plugin
Spiffy Calendar Multiple Authenticated Reflected CrossSite Scripting (XSS) vulnerabilities
10 February, 2022
Plugin
Spiffy Calendar IDOR vulnerability
10 February, 2022
Theme
AccessPress Parallax Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Accesspress Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
AccessPress Store Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Zigcy Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Enlighten Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Accesspress Mag Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
StoreVilla Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Punte Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Accesspress Basic Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
AccessPress Root Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Construction Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
VMagazine Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
ParallaxSome Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
FotoGraphy Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
VMag Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Uncode Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Bingle Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
The Launcher Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
ScrollMe Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Agency Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Swing Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Vmagazine News Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Bloger Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Revolve Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Ripple Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Zigcy Cosmetics Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
The Monday Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Zigcy Baby Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Doko Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Sakala Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Edict Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
The100 Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
WP Store Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Eight Sec Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
EightLaw Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Eightmedi Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
EightStore Lite Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Brovy Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
WPparallax Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Arrival Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Ultra Seven Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Theme
Opstore Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
28 January, 2022
Plugin
[GWA] AutoResponder Authenticated SQL Injection (SQLi) vulnerability at &orderby
27 January, 2022
Plugin
[GWA] AutoResponder CrossSite Request Forgery (CSRF) leading to Persistent CrossSite Scripting (XSS) at &Subject
27 January, 2022
Plugin
[GWA] AutoResponder Multiple CrossSite Request Forgery (CSRF) vulnerabilities
27 January, 2022
Plugin
[GWA] AutoResponder CrossSite Request Forgery (CSRF) leading to Multiple Persistent CrossSite Scripting (XSS)
27 January, 2022
Plugin
Access Demo Importer CrossSite Request Forgery (CSRF) vulnerability leading to Arbitrary Plugin Activation
24 January, 2022
Plugin
Access Demo Importer CrossSite Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)
24 January, 2022
Theme
AccessPress Parallax CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Accesspress Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
AccessPress Store CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Zigcy Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Enlighten CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Accesspress Mag CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
StoreVilla CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Punte CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Accesspress Basic CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
AccessPress Root CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Construction Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
VMagazine Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
ParallaxSome CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
FotoGraphy CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
VMag CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Uncode Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Bingle CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
The Launcher CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
ScrollMe CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Agency Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Swing Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Vmagazine News CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Bloger CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Revolve CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Ripple CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Zigcy Cosmetics CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
The Monday CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi (Patchstack) in
24 January, 2022
Theme
Zigcy Baby CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Doko CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Sakala CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Edict Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
The100 CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
WP Store CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Eight Sec CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
EightLaw Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Eightmedi Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
EightStore Lite CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Brovy CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
WPparallax CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Arrival CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Ultra Seven CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Theme
Opstore CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24 January, 2022
Plugin
BP Better Messages CrossSite Request Forgery (CSRF) vulnerability
18 January, 2022
Plugin
WP-DownloadManager DownloadManager plugin <= 1.68.6 Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
12 January, 2022
Plugin
PHP Everywhere Remote Code Execution (RCE) vulnerability
11 January, 2022
Plugin
WP-DownloadManager DownloadManager plugin <= 1.68.5 Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
10 January, 2022
Plugin
tarteaucitron.js – Cookies legislation & GDPR Multiple Stored Authenticated CrossSite Scripting (XSS) vulnerabilities
17 December, 2021
Plugin
Accelerated Mobile Pages Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
15 December, 2021
Plugin
Awesome Support Multiple Authenticated Reflected CrossSite Scripting (XSS) vulnerabilities
26 November, 2021
Plugin
Backup Migration Authenticated Persistent CrossSite Scripting (XSS) vulnerability
17 November, 2021
Plugin
Contact Form Entries Unauthenticated Persistent CrossSite Scripting (XSS) vulnerability
14 November, 2021
Plugin
Contact Form Entries Authenticated Persistent CrossSite Scripting (XSS) vulnerability
14 November, 2021
Plugin
Contact Form Entries Multiple Authenticated Reflected CrossSite Scripting (XSS) vulnerabilities
14 November, 2021
Plugin
Contact Form 7 Database Addon – CFDB7 Unauthenticated Stored CrossSite Scripting (XSS) vulnerability
12 November, 2021
Plugin
Contact Form 7 Database Addon – CFDB7 CrossSite Request Forgery (CSRF) vulnerability
12 November, 2021
Plugin
Email Tracker CrossSite Request Forgery (CSRF) vulnerabilities leading to single or bulk email entries deletion
1 November, 2021
Plugin
Download Monitor Authenticated Persistent CrossSite Scripting (XSS) vulnerability
29 October, 2021
Plugin
Download Monitor Authenticated Arbitrary File Download vulnerability
29 October, 2021
Plugin
YITH Maintenance Mode Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities
23 September, 2021
Plugin
uListing Authenticated Insecure Direct Object References (IDOR) vulnerability
27 July, 2021
Plugin
uListing Authenticated Reflected CrossSite Scripting (XSS) vulnerability
27 July, 2021
Plugin
uListing Multiple CrossSite Request Forgery (CSRF) vulnerabilities
27 July, 2021
Plugin
uListing Modify User Roles via CrossSite Request Forgery (CSRF) vulnerability
27 July, 2021
Plugin
uListing Settings Update via CrossSite Request Forgery (CSRF) vulnerability
27 July, 2021
Plugin
uListing Unauthenticated Privilege Escalation vulnerability
27 July, 2021
Plugin
uListing Unauthenticated SQL Injection (SQLi) vulnerability
26 July, 2021
Plugin
iQ Block Country Authenticated Persistent CrossSite Scripting (XSS) vulnerability
18 July, 2021
Plugin
WordPress Popular Posts Authenticated Persistent CrossSite Scripting (XSS) vulnerability
4 July, 2021
Plugin
WP DoNotTrack Authenticated Stored CrossSite Scripting (XSS) vulnerability
29 June, 2021
Plugin
Async JavaScript Authenticated Stored CrossSite Scripting (XSS) vulnerability
29 June, 2021
Plugin
WP Reset Authenticated Stored CrossSite Scripting (XSS) vulnerability
16 June, 2021
Plugin
WP Google Maps Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
15 June, 2021
Plugin
WP Google Maps Pro Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities
15 June, 2021
Theme
Kupon Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021
Theme
Doo Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021
Theme
Careerfy Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021
Theme
Muza Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021
Theme
Strong Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021
Theme
Wisem Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021
Theme
Medican Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021
Theme
Loocall Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability
9 June, 2021