WordPress security
Instantly fix and mitigate vulnerabilities
Plugin auditing
Paid auditing for WordPress vendors
Managed VDP
Start a security program for your plugin
Bug Bounty
Join the community and earn bounties
Enterprise API
At scale monitoring and vPatching for hosts
Vulnerability database
The latest WordPress security intelligence
Plugin
Set alert
Claim
VDP
N/A
CrossSite Scripting (XSS) vulnerability < 4.6.1
7.1
16 March, 2023
Authenticated CrossSite Request Forgery (CSRF) vulnerability leading to Remote Code Execution (RCE) <= 4.3.6
8.8
9 March, 2020
Cross Site Scripting <= 3.2.6
2 September, 2015
Multiple Vulnerabilities <= 3.1.8
5.4
30 March, 2015
SQL Injection #1 <= 3.1.8
7.5