Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36319Across tracked plugins
Affected Plugins
95With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| noakes-menu-manager | noakes-menu-manager | N/A | Nav Menu Manager <= 3.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.2.5 | 3.2.6 | July 1, 2026 | |
| nino-social-connect | nino-social-connect | N/A | Nino Social Connect <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.0 | July 1, 2026 | ||
| nimbata-call-tracking | nimbata-call-tracking | N/A | Nimbata Call Tracking <= 1.7.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.7.2 | July 1, 2026 | ||
| newsboard | newsboard | N/A | NewsBoard Post and RSS Scroller <= 1.2.12 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.2.12 | July 1, 2026 | ||
| nepali-date-utilities | nepali-date-utilities | N/A | Nepali Date Utilities <= 1.0.13 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.13 | July 1, 2026 | ||
| neon-product-designer-for-woocommerce | neon-product-designer-for-woocommerce | N/A | Neon Product Designer <= 2.1.1 - Unauthenticated SQL Injection | LOW | *-2.1.1 | July 1, 2026 | ||
| myworks-woo-sync-for-quickbooks-online | myworks-woo-sync-for-quickbooks-online |
93
|
MyWorks WooCommerce Sync for QuickBooks Online <= 2.9.1 - Reflected Cross-Site Scripting | LOW | *-2.9.1 | 2.9.2 | July 1, 2026 | |
| multiple-location-google-map | multiple-location-google-map |
91
|
Multiple Location Google Map <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1 | July 1, 2026 | ||
| motors-car-dealership-classified-listings | motors-car-dealership-classified-listings |
93
|
Motors <= 1.4.71 - Unauthenticated Local File Inclusion | LOW | *-1.4.71 | 1.4.72 | July 1, 2026 | |
| more-mime-type-filters | more-mime-type-filters |
91
|
More Mime Type Filters <= 0.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.3 | July 1, 2026 | ||
| mobile-smart | mobile-smart |
91
|
Mobile Smart <= v1.3.16 - Reflected Cross-Site Scripting | LOW | * - v1.3.16 | July 1, 2026 | ||
| mmx-make-me-christmas | mmx-make-me-christmas |
91
|
MMX – Make Me Christmas <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.0 | July 1, 2026 | ||
| mergado-marketing-pack | mergado-marketing-pack |
89
|
Mergado Pack <= 4.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-4.1.1 | July 1, 2026 | ||
| material-dashboard | material-dashboard |
93
|
Material Dashboard <= 1.4.5 - Authenticated (Subscriber+) Local File Inclusion | LOW | *-1.4.5 | 1.4.6 | July 1, 2026 | |
| mapsvg-lite-interactive-vector-maps | mapsvg-lite-interactive-vector-maps |
93
|
MapSVG Lite <= 8.6.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-8.6.6 | 8.6.7 | July 1, 2026 | |
| mapsvg-lite-interactive-vector-maps | mapsvg-lite-interactive-vector-maps |
93
|
MapSVG Lite <= 8.6.4 - Missing Authorization | LOW | *-8.6.4 | 8.6.5 | July 1, 2026 | |
| mailhawk | mailhawk |
93
|
WordPress SMTP Service, Email Delivery Solved! — MailHawk <= 1.3.1 - Unauthenticated Local File Inclusion | LOW | *-1.3.1 | 1.3.2 | July 1, 2026 | |
| magazine-lister-for-yumpu | magazine-lister-for-yumpu |
91
|
ePaper Lister for Yumpu <= 1.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4.0 | July 1, 2026 | ||
| logo-showcase-ultimate | logo-showcase-ultimate |
93
|
Logo Showcase Ultimate <= 1.4.4 - Authenticated (Contributor+) Local File Inclusion | LOW | *-1.4.4 | 1.4.5 | July 1, 2026 | |
| lock-your-updates | lock-your-updates |
91
|
Lock Your Updates <= 1.1 - Reflected Cross-Site Scripting | LOW | *-1.1 | July 1, 2026 | ||
| link-shield | link-shield |
89
|
Link Shield <= 0.5.4 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-0.5.4 | July 1, 2026 | ||
| language-field | language-field |
91
|
Language Field <= 0.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.9 | July 1, 2026 | ||
| keycaptcha | keycaptcha |
91
|
KeyCAPTCHA <= 2.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.5.1 | July 1, 2026 | ||
| js-jobs | js-jobs |
81
|
JS Job Manager <= 2.0.2 - Unauthenticated Local File Inclusion | LOW | *-2.0.2 | July 1, 2026 | ||
| job-board-manager | job-board-manager |
83
|
Job Board Manager <= 2.1.60 - Authenticated (Contributor+) PHP Object Injection | LOW | *-2.1.60 | July 1, 2026 | ||
| ip2location-world-clock | ip2location-world-clock |
93
|
IP2Location World Clock <= 1.1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1.9 | 1.1.10 | July 1, 2026 | |
| interactive-us-map | interactive-us-map |
91
|
Interactive US Map <= 2.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.7 | July 1, 2026 | ||
| interactive-geo-maps | interactive-geo-maps |
93
|
Interactive Geo Maps <= 1.6.24 - Reflected Cross-Site Scripting | LOW | *-1.6.24 | 1.6.25 | July 1, 2026 | |
| insert-html-here | insert-html-here |
91
|
Insert HTML Here <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 1, 2026 | ||
| indieblocks | indieblocks |
93
|
IndieBlocks <= 0.13.1 - Unauthenticated Server-Side Request Forgery | LOW | *-0.13.1 | 0.13.2 | July 1, 2026 | |
| idonate | idonate |
89
|
IDonate <= 2.1.9 - Unauthenticated Local File Inclusion | LOW | *-2.1.9 | July 1, 2026 | ||
| html5-video-player-with-playlist | html5-video-player-with-playlist |
89
|
HTML5 Video Player with Playlist <= 2.50 - Reflected Cross-Site Scripting | LOW | *-2.50 | July 1, 2026 | ||
| fraudlabs-pro-for-woocommerce | fraudlabs-pro-for-woocommerce |
93
|
FraudLabs Pro for WooCommerce <= 2.22.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.22.8 | 2.22.9 | July 1, 2026 | |
| foliopress-wysiwyg | foliopress-wysiwyg |
93
|
Foliopress WYSIWYG <= 2.6.18 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.6.18 | 2.6.19 | July 1, 2026 | |
| flexytalk-widget | flexytalk-widget |
91
|
FrescoChat Live Chat <= 3.2.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-3.2.6 | July 1, 2026 | ||
| flexi | flexi |
89
|
Flexi – Guest Submit <= 4.28 - Unauthenticated Local File Inclusion | LOW | *-4.28 | July 1, 2026 | ||
| flags-widget | flags-widget |
91
|
Flags Widget <= 1.0.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.7 | July 1, 2026 | ||
| firsth3tagadsense | firsth3tagadsense |
91
|
Sandwich Adsense <= 4.0.2 - Missing Authorization | LOW | *-4.0.2 | July 1, 2026 | ||
| fat-coming-soon | fat-coming-soon |
91
|
FAT Cooming Soon <= 1.1 - Unauthenticated Local File Inclusion | LOW | *-1.1 | July 1, 2026 | ||
| eventon-lite | eventon-lite |
93
|
EventON <= 2.4 - Unauthenticated Local File Inclusion | LOW | *-2.4 | 2.4.1 | July 1, 2026 | |
| essential-breadcrumbs | essential-breadcrumbs |
89
|
Essential Breadcrumbs <= 1.1.1 - Cross-Site Request Forgery to Privilege Escalation | LOW | *-1.1.1 | July 1, 2026 | ||
| error-log-viewer-wp | error-log-viewer-wp |
91
|
Error Log Viewer <= 1.0.5 - Authenticated (Subscriber+) SQL Injection | LOW | *-1.0.5 | July 1, 2026 | ||
| Epeken All Kurir for Woocommerce | epeken-all-kurir |
67
|
Epeken All Kurir <= 1.4.6.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4.6.2 | July 1, 2026 | ||
| EasyFonts – Host Google Fonts Locally, GDPR Compliant, Faster Loading | easyfonts |
98
|
Easyfonts <= 1.1.2 - Cross-Site Request Forgery | LOW | *-1.1.2 | 1.1.3 | July 1, 2026 | |
| easy-post-duplicator | easy-post-duplicator |
89
|
Easy Post Duplicator <= 1.0.1 - Reflected Cross-Site Scripting | LOW | *-1.0.1 | July 1, 2026 | ||
| easy-post-duplicator | easy-post-duplicator |
89
|
Easy Post Duplicator <= 1.0.1 - Authenticated (Subscriber+) SQL Injection | LOW | *-1.0.1 | July 1, 2026 | ||
| easy-custom-css | easy-custom-css |
91
|
Easy Custom CSS <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 1, 2026 | ||
| duplicate-title-checker | duplicate-title-checker |
91
|
Duplicate Title Checker <= 1.2 - Authenticated (Subscriber+) SQL Injection | LOW | *-1.2 | July 1, 2026 | ||
| doppler-form | doppler-form |
93
|
Doppler Forms <= 2.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.5.1 | 2.6.0 | July 1, 2026 | |
| debounce-io-email-validator | debounce-io-email-validator |
93
|
DeBounce Email Validator <= 5.8.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-5.8.1 | 5.8.2 | July 1, 2026 | |
| database-toolset | database-toolset |
87
|
Database Toolset <= 1.8.4 - Unauthenticated Arbitrary File Deletion | LOW | *-1.8.4 | July 1, 2026 | ||
| czater | czater |
91
|
Czater.pl – live chat i telefon <= 1.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.5 | July 1, 2026 | ||
| customize-login-page | customize-login-page |
91
|
Customize Login Page <= 1.1 - Cross-Site Request Forgery | LOW | *-1.1 | July 1, 2026 | ||
| custom-smilies | custom-smilies |
91
|
Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.2 | July 1, 2026 | ||
| custom-posts-order | custom-posts-order |
93
|
Custom Posts Order <= 4.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-4.4 | 4.5 | July 1, 2026 | |
| connector-civicrm-mcrestface | connector-civicrm-mcrestface |
93
|
Connector to CiviCRM with CiviMcRestFace <= 1.0.8 - Reflected Cross-Site Scripting | LOW | *-1.0.8 | 1.0.9 | July 1, 2026 | |
| connect-daily-web-calendar | connect-daily-web-calendar |
91
|
WordPress Events Calendar Plugin – connectDaily <= 1.5.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.5.4 | 1.5.5 | July 1, 2026 | |
| comment-validation-reloaded | comment-validation-reloaded |
91
|
Comment Validation Reloaded <= 0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.5 | July 1, 2026 | ||
| codescar-radio-widget | codescar-radio-widget |
91
|
Codescar Radio Widget <= 0.4.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.4.2 | July 1, 2026 | ||
| click-pledge-connect | click-pledge-connect |
93
|
Click & Pledge Connect Plugin <= 2.24080000-WP6.6.1 - Unauthenticated SQL Injection | LOW | * - 2.24080000-WP6.6.1 | 2.24120000-WP6.7.1 | July 1, 2026 | |
| chillpay-payment-gateway | chillpay-payment-gateway |
93
|
ChillPay WooCommerce <= 2.5.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.5.3 | 2.6.0 | July 1, 2026 | |
| chat2 | chat2 |
93
|
Chat2 <= 4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-4.0 | 4.1 | July 1, 2026 | |
| cg-scroll-to-top | cg-scroll-to-top |
91
|
CG Scroll To Top <= 3.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-3.5 | July 1, 2026 | ||
| cf7-manual-spam-blocker | cf7-manual-spam-blocker |
91
|
WordPress Spam Blocker <= 2.0.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.0.4 | July 1, 2026 | ||
| canonical-attachments | canonical-attachments |
91
|
Canonical Attachments <= 1.7 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.7 | July 1, 2026 | ||
| Calculated Fields Form | calculated-fields-form |
70
|
Calculated Fields Form <= 5.2.61 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-5.2.61 | 5.2.62 | July 1, 2026 | |
| calais-auto-tagger | calais-auto-tagger |
91
|
WP Calais Auto Tagger <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.0 | July 1, 2026 | ||
| build-app-online | build-app-online |
85
|
Build App Online <= 1.0.23 - Unauthenticated Local File Inclusion | LOW | *-1.0.23 | July 1, 2026 | ||
| buddypress-humanity | buddypress-humanity |
91
|
Buddypress Humanity <= 1.2 - Cross-Site Request Forgery to Privilege Escalation | LOW | *-1.2 | July 1, 2026 | ||
| brizy-pro | brizy-pro |
93
|
Brizy Pro <= 2.8.0 - Missing Authorization | LOW | *-2.8.0 | 2.8.1 | July 1, 2026 | |
| brizy-pro | brizy-pro |
93
|
Brizy Pro <= 2.8.0 - Cross-Site Request Forgery | LOW | *-2.8.0 | 2.8.1 | July 1, 2026 | |
| bp-social-connect | bp-social-connect |
91
|
BP Social Connect <= 1.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.6.2 | July 1, 2026 | ||
| automatic-ban-ip | automatic-ban-ip |
91
|
Automatic Ban IP <= 1.0.7 - Reflected Cross-Site Scripting | LOW | *-1.0.7 | July 1, 2026 | ||
| aria-font | aria-font |
95
|
Aria Font <= 1.4 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.4 | July 1, 2026 | ||
| anytrack-affiliate-link-manager | anytrack-affiliate-link-manager |
95
|
AnyTrack Affiliate Link Manager <= 1.0.4 - Missing Authorization | LOW | *-1.0.4 | 1.5.5 | July 1, 2026 | |
| anant-addons-for-elementor | anant-addons-for-elementor |
95
|
Anant Addons for Elementor <= 1.1.8 - Cross-Site Request Forgery to Arbitrary Plugin Installation | LOW | *-1.1.8 | 1.1.9 | July 1, 2026 | |
| all-push-notification | all-push-notification |
92
|
All push notification for WP <= 1.5.3 - Cross-Site Request Forgery to SQL Injection | LOW | *-1.5.3 | July 1, 2026 | ||
| ald-login-page | ald-login-page |
97
|
ALD Login Page <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1 | 1.3 | July 1, 2026 | |
| age-gate | age-gate |
97
|
Age Gate <= 3.5.4 - Missing Authorization | LOW | *-3.5.4 | 3.6.0 | July 1, 2026 | |
| af-tell-a-friend | af-tell-a-friend |
95
|
AF Tell a Friend <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4 | July 1, 2026 | ||
| advanced-tag-list | advanced-tag-list |
95
|
Advanced Tag Lists <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.2 | July 1, 2026 | ||
| admin-menu-post-list | admin-menu-post-list |
95
|
Admin Menu Post List <= 2.0.7 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.0.7 | July 1, 2026 | ||
| accordions | accordions |
97
|
Accordion <= 2.3.11 - Authenticated (Contributor+) PHP Object Injection | LOW | *-2.3.11 | 2.3.12 | July 1, 2026 | |
| aba-payway-woocommerce-payment-gateway | aba-payway-woocommerce-payment-gateway |
97
|
ABA PayWay Payment Gateway for WooCommerce <= 2.1.4 - Reflected Cross-Site Scripting | LOW | *-2.1.4 | 2.1.5 | July 1, 2026 | |
| wedevs-project-manager | wedevs-project-manager | N/A | WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts <= 2.6.22 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Upload | LOW | *-2.6.22 | 2.6.23 | July 1, 2026 | |
| wp-user-profiles | wp-user-profiles | N/A | WP User Profiles <= 2.6.2 - Authenticated (Subscriber+) Privilege Escalation | LOW | *-2.6.2 | July 1, 2026 | ||
| wp-remote-thumbnail | wp-remote-thumbnail | N/A | WP Remote Thumbnail <= 1.3.2 - Authenticated (Contributor+) Arbitrary File Upload | LOW | *-1.3.2 | July 1, 2026 | ||
| sync-wc-google | sync-wc-google | N/A | Bulk Product Sync <= 8.6 - Unauthenticated SQL Injection | LOW | *-8.6 | 9.0 | July 1, 2026 | |
| site-notify | site-notify | N/A | Site Notify <= 1.0 - Missing Authorization | LOW | *-1.0 | July 1, 2026 | ||
| processing-projects | processing-projects | N/A | Processing Projects <= 1.0.2 - Authenticated (Shop Manager+) Arbitrary File Upload | LOW | *-1.0.2 | July 1, 2026 | ||
| Event Booking Manager for WooCommerce | mage-eventpress |
82
|
WpEvently <= 4.3.6 - Authenticated (Contributor+) PHP Object Injection | LOW | *-4.3.6 | 4.3.7 | July 1, 2026 | |
| insert-or-embed-articulate-content-into-wordpress | insert-or-embed-articulate-content-into-wordpress |
93
|
Insert or Embed Articulate Content into WordPress <= 4.3000000025 - Authenticated (Editor+) Arbitrary File Upload | LOW | *-4.3000000025 | 4.3000000026 | July 1, 2026 | |
| Hive Support | AI-Powered Help Desk, Live Chat and Chatbot | hive-support |
68
|
Hive Support <= 1.2.11 - Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-1.2.11 | 1.2.12 | July 1, 2026 | |
| Calculated Fields Form | calculated-fields-form |
70
|
Calculated Fields Form <= 5.2.61 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-5.2.61 | 5.2.62 | July 1, 2026 | |
| accept-sagepay-payments-using-contact-form-7 | accept-sagepay-payments-using-contact-form-7 |
97
|
Accept SagePay Payments Using Contact Form 7 <= 2.0 - Unauthenticated Information Exposure | LOW | *-2.0 | 2.1 | July 1, 2026 | |
| motors-car-dealership-classified-listings | motors-car-dealership-classified-listings |
93
|
Motors – Car Dealership & Classified Listings Plugin <= 1.4.64 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation | LOW | *-1.4.64 | 1.4.65 | July 1, 2026 | |
| wpfront-user-role-editor | wpfront-user-role-editor | N/A | WPFront User Role Editor <= 4.2.1 - Cross-Site Request Forgery to Privilege Escalation via whitelist_options Function | LOW | *-4.2.1 | 4.2.2 | July 1, 2026 | |
| green-money-payment-gateway | green-money-payment-gateway |
93
|
GreenPay(tm) by Green.Money 3.0.0 - 3.0.9 - Unauthenticated Information Exposure | LOW | 3.0.0-3.0.9 | 3.0.10 | July 1, 2026 | |
| melhor-envio-cotacao | melhor-envio-cotacao |
93
|
Melhor Envio <= 2.15.11 - Unauthenticated Sensitive Information Exposure via Hardcoded Hash | LOW | *-2.15.11 | 2.15.12 | July 1, 2026 | |
| simple-wp-events | simple-wp-events | N/A | Simple WP Events <= 1.8.17 - Unauthenticated Arbitrary File Deletion | LOW | *-1.8.17 | 1.9.0 | July 1, 2026 |
noakes-menu-manager
noakes-menu-manager
nino-social-connect
nino-social-connect
nimbata-call-tracking
nimbata-call-tracking
newsboard
newsboard
nepali-date-utilities
nepali-date-utilities
neon-product-designer-for-woocommerce
neon-product-designer-for-woocommerce
myworks-woo-sync-for-quickbooks-online
myworks-woo-sync-for-quickbooks-online
multiple-location-google-map
multiple-location-google-map
motors-car-dealership-classified-listings
motors-car-dealership-classified-listings
more-mime-type-filters
more-mime-type-filters
mobile-smart
mobile-smart
mmx-make-me-christmas
mmx-make-me-christmas
mergado-marketing-pack
mergado-marketing-pack
material-dashboard
material-dashboard
mapsvg-lite-interactive-vector-maps
mapsvg-lite-interactive-vector-maps
mapsvg-lite-interactive-vector-maps
mapsvg-lite-interactive-vector-maps
mailhawk
mailhawk
magazine-lister-for-yumpu
magazine-lister-for-yumpu
logo-showcase-ultimate
logo-showcase-ultimate
lock-your-updates
lock-your-updates
link-shield
link-shield
language-field
language-field
keycaptcha
keycaptcha
js-jobs
js-jobs
job-board-manager
job-board-manager
ip2location-world-clock
ip2location-world-clock
interactive-us-map
interactive-us-map
interactive-geo-maps
interactive-geo-maps
insert-html-here
insert-html-here
indieblocks
indieblocks
idonate
idonate
html5-video-player-with-playlist
html5-video-player-with-playlist
fraudlabs-pro-for-woocommerce
fraudlabs-pro-for-woocommerce
foliopress-wysiwyg
foliopress-wysiwyg
flexytalk-widget
flexytalk-widget
flexi
flexi
flags-widget
flags-widget
firsth3tagadsense
firsth3tagadsense
fat-coming-soon
fat-coming-soon
eventon-lite
eventon-lite
essential-breadcrumbs
essential-breadcrumbs
error-log-viewer-wp
error-log-viewer-wp
Epeken All Kurir for Woocommerce
epeken-all-kurir
EasyFonts – Host Google Fonts Locally, GDPR Compliant, Faster Loading
easyfonts
easy-post-duplicator
easy-post-duplicator
easy-post-duplicator
easy-post-duplicator
easy-custom-css
easy-custom-css
duplicate-title-checker
duplicate-title-checker
doppler-form
doppler-form
debounce-io-email-validator
debounce-io-email-validator
database-toolset
database-toolset
czater
czater
customize-login-page
customize-login-page
custom-smilies
custom-smilies
custom-posts-order
custom-posts-order
connector-civicrm-mcrestface
connector-civicrm-mcrestface
connect-daily-web-calendar
connect-daily-web-calendar
comment-validation-reloaded
comment-validation-reloaded
codescar-radio-widget
codescar-radio-widget
click-pledge-connect
click-pledge-connect
chillpay-payment-gateway
chillpay-payment-gateway
chat2
chat2
cg-scroll-to-top
cg-scroll-to-top
cf7-manual-spam-blocker
cf7-manual-spam-blocker
canonical-attachments
canonical-attachments
Calculated Fields Form
calculated-fields-form
calais-auto-tagger
calais-auto-tagger
build-app-online
build-app-online
buddypress-humanity
buddypress-humanity
brizy-pro
brizy-pro
brizy-pro
brizy-pro
bp-social-connect
bp-social-connect
automatic-ban-ip
automatic-ban-ip
aria-font
aria-font
anytrack-affiliate-link-manager
anytrack-affiliate-link-manager
anant-addons-for-elementor
anant-addons-for-elementor
all-push-notification
all-push-notification
ald-login-page
ald-login-page
age-gate
age-gate
af-tell-a-friend
af-tell-a-friend
advanced-tag-list
advanced-tag-list
admin-menu-post-list
admin-menu-post-list
accordions
accordions
aba-payway-woocommerce-payment-gateway
aba-payway-woocommerce-payment-gateway
wedevs-project-manager
wedevs-project-manager
wp-user-profiles
wp-user-profiles
wp-remote-thumbnail
wp-remote-thumbnail
sync-wc-google
sync-wc-google
site-notify
site-notify
processing-projects
processing-projects
Event Booking Manager for WooCommerce
mage-eventpress
insert-or-embed-articulate-content-into-wordpress
insert-or-embed-articulate-content-into-wordpress
Hive Support | AI-Powered Help Desk, Live Chat and Chatbot
hive-support
Calculated Fields Form
calculated-fields-form
accept-sagepay-payments-using-contact-form-7
accept-sagepay-payments-using-contact-form-7
motors-car-dealership-classified-listings
motors-car-dealership-classified-listings
wpfront-user-role-editor
wpfront-user-role-editor
green-money-payment-gateway
green-money-payment-gateway
melhor-envio-cotacao
melhor-envio-cotacao
simple-wp-events
simple-wp-events
Showing 10001 to 10100 of 36319 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 1, 2026 at 11:29 UTC.