Pricing
Solutions
WordPress security
Instantly fix and mitigate vulnerabilities
Plugin auditing
Paid auditing for WordPress vendors
Managed VDP
Start a security program for your plugins
Bug Bounty
Join the community and earn bounties
Enterprise API
At scale monitoring and vPatching for hosts
Vulnerability database
The latest WordPress security intelligence
Login
Start trial
Que Thanh Tuan - Blue Rock
Say thanks
597.4
XP
46
Reports
2
Reports, last 90 days
#19
18 Nov, 2025
Lvl 2
0
0
0
0
Website
X
GitHub
Sort by
Priority
Severity
Exploited
Search
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Passster
<= 4.2.19
Sensitive Data Exposure
60
7.5
Jul 12, 2025
ZoloBlocks
<= 2.3.11
Broken Access Control
24.38
5.3
No date
YOP Poll
<= 6.5.38
Broken Access Control
24.38
5.3
No date
Login-Logout
<= 3.8
Cross Site Scripting (XSS)
N/A
5.9
Jul 7, 2025
Passster
<= 4.2.18
Cross Site Scripting (XSS)
9.75
6.5
Jul 12, 2025
Dashboard Notepad
<= 1.42
Cross Site Request Forgery (CSRF)
2.15
4.3
Jul 12, 2025
Team
<= 5.0.6
Broken Access Control
4.3
4.3
Jul 23, 2025
WP Events Manager
<= 2.2.1
Broken Access Control
N/A
5.3
Jul 24, 2025
DethemeKit For Elementor
<= 2.1.10
Broken Access Control
N/A
4.3
Jul 25, 2025
Trustpilot Reviews
<= 2.5.925
Broken Access Control
8.6
4.3
Jul 26, 2025
Hubbub Lite
<= 1.35.2
Sensitive Data Exposure
8.6
4.3
Jul 27, 2025
3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery
<= 1.16.16
Sensitive Data Exposure
31.8
5.3
Jul 31, 2025
Permalink Manager Lite
<= 2.5.1.3
Sensitive Data Exposure
60
7.5
Aug 24, 2025
Pushe Web Push Notification
<= 0.5.0
Cross Site Scripting (XSS)
N/A
5.9
Jun 7, 2025
Search by Google
<= 1.9
Cross Site Scripting (XSS)
N/A
5.9
Jun 8, 2025
Ultimate Client Dash
<= 4.7
Cross Site Scripting (XSS)
N/A
5.9
Jun 27, 2025
Simple Link List Widget
<= 0.3.2
Cross Site Scripting (XSS)
N/A
5.9
Jun 19, 2025
Widgetize Pages Light
<= 3.0
Cross Site Scripting (XSS)
N/A
5.9
Jun 27, 2025
Elementor Element Condition
<= 1.0.5
Cross Site Scripting (XSS)
3.25
6.5
Jun 22, 2025
Authors List
<= 2.0.6.1
Cross Site Request Forgery (CSRF)
2.15
4.3
Jun 26, 2025
SEO Auto Linker
<= 1.5.3
Cross Site Scripting (XSS)
N/A
5.9
Jun 23, 2025
WP Full Stripe Free
<= 8.2.5
SQL Injection
N/A
7.6
Jun 24, 2025
License Manager for WooCommerce
<= 3.0.12
SQL Injection
N/A
7.6
Jun 13, 2025
Simple Matomo Tracking Code
<= 1.1.0
Cross Site Scripting (XSS)
N/A
5.9
Aug 13, 2025
Solace Extra
<= 1.3.2
Server Side Request Forgery (SSRF)
N/A
4.4
Jun 25, 2025
Uncanny Automator
<= 6.7.0.1
Broken Access Control
12.9
4.3
Jul 28, 2025
WP Bulk Delete
<= 1.3.6
Broken Access Control
12.9
4.3
Aug 13, 2025
Site Offline
<= 1.5.7
Broken Access Control
8.6
4.3
Jul 24, 2025
MDTF
<= 1.3.3.7
SQL Injection
74.4
9.3
Jul 19, 2025
Contact Info Widget
<= 2.6.2
Cross Site Scripting (XSS)
N/A
5.9
Jun 27, 2025
WP Emmet
<= 0.3.4
Cross Site Scripting (XSS)
N/A
5.9
Jun 26, 2025
TaxoPress
<= 3.37.2
Sensitive Data Exposure
12.9
4.3
Jul 29, 2025
Online Booking & Scheduling Calendar for WordPress by vcita
<= 4.5.3
Arbitrary File Upload
13.65
9.1
Jun 18, 2025
WP Modal Popup with Cookie Integration
<= 2.4
Cross Site Scripting (XSS)
N/A
5.9
Jun 22, 2025
Online Booking & Scheduling Calendar for WordPress by vcita
<= 4.5.3
Cross Site Scripting (XSS)
4.88
6.5
Jun 18, 2025
JetFormBuilder
<= 3.5.1.2
PHP Object Injection
N/A
7.2
Jun 23, 2025
Report vulnerabilities to earn bounties and rewards!
Read more
Include pending
Back to top