Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36406Across tracked plugins
Affected Plugins
87With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| wp-contact-form-iii | wp-contact-form-iii | N/A | WP Contact Form III <= 1.6.2d - Reflected Cross-Site Scripting | LOW | * - 1.6.2d | July 3, 2026 | ||
| wordpress-mu-secure-invites | wordpress-mu-secure-invites | N/A | Secure Invites <= 1.3 - Reflected Cross-Site Scripting | LOW | *-1.3 | July 3, 2026 | ||
| simple-post-series | simple-post-series | N/A | Simple Post Series <= 2.4.4 - Reflected Cross-Site Scripting | LOW | *-2.4.4 | July 3, 2026 | ||
| profilegrid-user-profiles-groups-and-communities | profilegrid-user-profiles-groups-and-communities | N/A | ProfileGrid – User Profiles, Groups and Communities <= 5.9.4.7 - Authenticated (Subscriber+) SQL Injection | LOW | *-5.9.4.7 | 5.9.4.8 | July 3, 2026 | |
| give | give |
93
|
GiveWP – Donation Plugin and Fundraising Platform <= 3.22.1 - Authenticated (Subscriber+) Sensitive Information Exposure | LOW | *-3.22.1 | 3.22.2 | July 3, 2026 | |
| fancy-box | fancy-box |
91
|
FancyBox <= 1.0.1 - Reflected Cross-Site Scripting | LOW | *-1.0.1 | July 3, 2026 | ||
| cookies-pro | cookies-pro |
91
|
Cookies Pro <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| cf7-utm-tracking | cf7-utm-tracking |
91
|
UTM tags tracking for Contact Form 7 <= 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.1 | July 3, 2026 | ||
| instant-appointment | instant-appointment |
87
|
Instant Appointment <= 1.2 - Unauthenticated Arbitrary File Upload | LOW | *-1.2 | July 3, 2026 | ||
| zhina-twitter-widget | zhina-twitter-widget | N/A | ZhinaTwitterWidget <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| zd-scribd-ipaper | zd-scribd-ipaper | N/A | ZD Scribd iPaper <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| zalo-live-chat | zalo-live-chat | N/A | Zalo Live Chat <= 1.1.0 - Reflected Cross-Site Scripting | LOW | *-1.1.0 | July 3, 2026 | ||
| wp-geshi-highlight | wp-geshi-highlight | N/A | WP-GeSHi-Highlight <= 1.4.3 Authenticated (Author+) ReDoS | LOW | *-1.4.3 | July 3, 2026 | ||
| wordpress-theme-demo-bar | wordpress-theme-demo-bar | N/A | Theme Demo Bar <= 1.6.3 - Reflected Cross-Site Scripting | LOW | *-1.6.3 | July 3, 2026 | ||
| woo-altcoin-payment-gateway | woo-altcoin-payment-gateway | N/A | Bitcoin / AltCoin Payment Gateway for WooCommerce <= 1.7.6 - Reflected Cross-Site Scripting | LOW | *-1.7.6 | July 3, 2026 | ||
| trust-payments-hosted-payment-pages-integration | trust-payments-hosted-payment-pages-integration | N/A | Trust Payments Gateway for WooCommerce <= 1.1.4 - Unauthenticated SQL Injection | LOW | *-1.1.4 | 2.0.0 | July 3, 2026 | |
| rizzi-guestbook | rizzi-guestbook | N/A | Rizzi Guestbook <= 4.0.1 - Reflected Cross-Site Scripting | LOW | *-4.0.1 | July 3, 2026 | ||
| random-quotes | random-quotes | N/A | Random Quotes <= 1.3 - Reflected Cross-Site Scripting | LOW | *-1.3 | July 3, 2026 | ||
| memberspace | memberspace |
93
|
MemberSpace <= 2.1.13 - Reflected Cross-Site Scripting | LOW | *-2.1.13 | 2.1.14 | July 3, 2026 | |
| infugrator | infugrator |
91
|
Infugrator <= 1.0.3 - Reflected Cross-Site Scripting | LOW | *-1.0.3 | July 3, 2026 | ||
| google-plus-google | google-plus-google |
91
|
Google Plus <= 1.0.2 - Reflected Cross-Site Scripting | LOW | *-1.0.2 | July 3, 2026 | ||
| gdpr-tools | gdpr-tools |
91
|
GDPR Tools <= 1.0.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-1.0.2 | July 3, 2026 | ||
| display-post-meta | display-post-meta |
91
|
Display Post Meta <= 2.4.4 -Reflected Cross-Site Scripting | LOW | *-2.4.4 | July 3, 2026 | ||
| aumenu | aumenu |
91
|
AuMenu <= 1.1.5 - Reflected Cross-Site Scripting | LOW | *-1.1.5 | July 3, 2026 | ||
| appreview | appreview |
95
|
AppReview <= 0.2.9 - Reflected Cross-Site Scripting | LOW | *-0.2.9 | July 3, 2026 | ||
| woo-rfq-for-woocommerce | woo-rfq-for-woocommerce | N/A | NP Quote Request for WooCommerce <= 1.9.179 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure | LOW | *-1.9.179 | 1.9.180 | July 3, 2026 | |
| order-import-export-for-woocommerce | order-import-export-for-woocommerce |
93
|
Order Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function | LOW | *-2.6.0 | 2.6.1 | July 3, 2026 | |
| order-import-export-for-woocommerce | order-import-export-for-woocommerce |
93
|
Order Export & Order Import for WooCommerce <= 2.6.0 - Authenticated (Admin+) PHP Object Injection via form_data Parameter | LOW | *-2.6.0 | 2.6.1 | July 3, 2026 | |
| order-import-export-for-woocommerce | order-import-export-for-woocommerce |
93
|
Order Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function | LOW | *-2.6.0 | 2.6.1 | July 3, 2026 | |
| order-import-export-for-woocommerce | order-import-export-for-woocommerce |
93
|
Order Export & Order Import for WooCommerce <= 2.6.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function | LOW | *-2.6.0 | 2.6.1 | July 3, 2026 | |
| file-away | file-away |
87
|
File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read | LOW | *-3.9.9.0.1 | July 3, 2026 | ||
| wp-event-solution | wp-event-solution | N/A | Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Authenticated (Contributor+) Local File Inclusion | LOW | *-4.0.24 | 4.0.25 | July 3, 2026 | |
| wp-event-solution | wp-event-solution | N/A | Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update | LOW | *-4.0.24 | 4.0.25 | July 3, 2026 | |
| Custom Twitter Feeds – A Tweets Widget or X Feed Widget | custom-twitter-feeds |
75
|
Custom Twitter Feeds <= 2.2.5 - Cross-Site Request Forgery to Cache Reset via ctf_clear_cache_admin Function | LOW | *-2.2.5 | 2.3.0 | July 3, 2026 | |
| zielke-design-project-gallery | zielke-design-project-gallery | N/A | Zielke Design Project Gallery <= 2.5.0 - Reflected Cross-Site Scripting | LOW | *-2.5.0 | July 3, 2026 | ||
| your-lightbox | your-lightbox | N/A | Your Lightbox <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| xpro-elementor-addons | xpro-elementor-addons | N/A | 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Site Title' widget | LOW | *-1.4.7.1 | 1.4.8 | July 3, 2026 | |
| wp-multitasking | wp-multitasking | N/A | WP MultiTasking <= 0.1.12 - Cross-Site Request Forgery to Header/Footer/Body Script Update | LOW | *-0.1.12 | July 3, 2026 | ||
| wp-multitasking | wp-multitasking | N/A | WP MultiTasking <= 0.1.12 - Cross-Site Request Forgery to Permalink Suffix Update | LOW | *-0.1.12 | July 3, 2026 | ||
| wordpressplugin-upgrade-time-out-plugin | wordpressplugin-upgrade-time-out-plugin | N/A | WordPress/Plugin Upgrade Time Out Plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| pixobe-cartography | pixobe-cartography | N/A | Pixobe Cartography <= 1.0.1 - Reflected Cross-Site Scripting | LOW | *-1.0.1 | July 3, 2026 | ||
| off-page-seo | off-page-seo |
91
|
Off Page SEO <= 3.0.3 - Reflected Cross-Site Scripting | LOW | *-3.0.3 | July 3, 2026 | ||
| narnoo-shortcodes | narnoo-shortcodes |
91
|
Narnoo Operator <= 2.0.0 - Reflected Cross-Site Scripting | LOW | *-2.0.0 | July 3, 2026 | ||
| live-tv | live-tv |
91
|
LIVE TV <= 1.2 - Reflected Cross-Site Scripting | LOW | *-1.2 | July 3, 2026 | ||
| ht-mega-for-elementor | ht-mega-for-elementor |
93
|
HT Mega – Absolute Addons For Elementor <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | LOW | *-2.8.3 | 2.8.4 | July 3, 2026 | |
| WP Ghost (Hide My WP Ghost) – Security & Firewall | hide-my-wp |
79
|
Hide My WP Ghost <= 5.4.01 - Unauthenticated Local File Inclusion | LOW | *-5.4.01 | 5.4.02 | July 3, 2026 | |
| frontend-post-submission | frontend-post-submission |
91
|
Frontend Post Submission <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| front-end-post-edit | front-end-post-edit |
91
|
custom-post-edit <= 1.0.4 - Reflected Cross-Site Scripting | LOW | *-1.0.4 | July 3, 2026 | ||
| en-masse-wp | en-masse-wp |
91
|
En Masse <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| database-audit | database-audit |
91
|
WP Database Audit <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| cxc-sawa | cxc-sawa |
91
|
Management-screen-droptiles <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| content-glass-button | content-glass-button |
91
|
CG Button <= 1.0.5.6 - Reflected Cross-Site Scripting | LOW | *-1.0.5.6 | July 3, 2026 | ||
| age-gate | age-gate |
97
|
Age Gate <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang' | LOW | *-3.5.3 | 3.5.4 | July 3, 2026 | |
| file-away | file-away |
87
|
File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated File Upload via upload Function | LOW | *-3.9.9.0.1 | July 3, 2026 | ||
| ahathat | ahathat |
92
|
AHAthat Plugin <= 1.6 - Authenticated (Administrator+) SQL Injection via id Parameter | LOW | *-1.6 | July 3, 2026 | ||
| wp-foodbakery | wp-foodbakery | N/A | FoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Missing Authorization in Multiple Functions | LOW | *-4.7 | 4.8 | July 3, 2026 | |
| wp-foodbakery | wp-foodbakery | N/A | FoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Cross-Site Request Forgery in Multiple Functions | LOW | *-4.7 | July 3, 2026 | ||
| wp-ad-management | wp-ad-management | N/A | Ads24 Lite <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| ultimate-gallery | ultimate-gallery | N/A | ULTIMATE VIDEO GALLERY <= 1.4 - Reflected Cross-Site Scripting | LOW | *-1.4 | July 3, 2026 | ||
| super-slider | super-slider | N/A | SUPER RESPONSIVE SLIDER <= 1.4 - Reflected Cross-Site Scripting | LOW | *-1.4 | July 3, 2026 | ||
| stencies | stencies | N/A | Stencies <= 0.58 - Reflected Cross-Site Scripting | LOW | *-0.58 | July 3, 2026 | ||
| snow-storm | snow-storm | N/A | Snow Storm <= 1.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.4.6 | 1.4.7 | July 3, 2026 | |
| sleekplan | sleekplan | N/A | Sleekplan <= 0.2.0 - Reflected Cross-Site Scripting | LOW | *-0.2.0 | July 3, 2026 | ||
| site-editor-google-map | site-editor-google-map | N/A | Site Editor Google Map <= 1.0.1 - Reflected Cross-Site Scripting | LOW | *-1.0.1 | July 3, 2026 | ||
| sf-booking | sf-booking | N/A | Service Finder Bookings <= 5.0 - Unauthenticated Privilege Escalation via Account Takeover | LOW | *-5.0 | 5.1 | July 3, 2026 | |
| s2member-pro | s2member-pro | N/A | s2Member Pro <= 250214 - Authenticated (Contributor+) Local File Inclusion to Remote Code Execution via Shortcode | LOW | *-250214 | 250419 | July 3, 2026 | |
| rws-enquiry | rws-enquiry | N/A | RWS Enquiry And Lead Follow-up <= 1.0 - Reflected Cross-Site Scripting | LOW | *-1.0 | July 3, 2026 | ||
| rdp-linkedin-login | rdp-linkedin-login | N/A | RDP Linkedin Login <= 1.7.0 - Reflected Cross-Site Scripting | LOW | *-1.7.0 | July 3, 2026 | ||
| rdp-ingroups | rdp-ingroups | N/A | RDP inGroups+ <= 1.0.6 - Reflected Cross-Site Scripting | LOW | *-1.0.6 | July 3, 2026 | ||
| product-puller | product-puller | N/A | Product Puller <= 1.5.1 - Reflected Cross-Site Scripting | LOW | *-1.5.1 | July 3, 2026 | ||
| ns-simple-intro-loader | ns-simple-intro-loader |
91
|
NS Simple Intro Loader <= 2.2.3 - Reflected Cross-Site Scripting | LOW | *-2.2.3 | July 3, 2026 | ||
| lifterlms | lifterlms |
93
|
LifterLMS <= 8.0.1 - Missing Authorization to Unauthenticated Post Trashing | LOW | *-8.0.1 | 8.0.2 | July 3, 2026 | |
| improve-my-city | improve-my-city |
91
|
Improve My City <= 1.6 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.6 | July 3, 2026 | ||
| global-payments-woocommerce | global-payments-woocommerce |
93
|
GlobalPayments WooCommerce <= 1.13.2 - Reflected Cross-Site Scripting | LOW | *-1.13.2 | 1.13.3 | July 3, 2026 | |
| fomo-payment-gateway-for-woocommerce | fomo-payment-gateway-for-woocommerce |
95
|
FOMO Pay Chinese Payment Solution <= 2.0.4 - Reflected Cross-Site Scripting | LOW | *-2.0.4 | July 3, 2026 | ||
| boombox-theme-extensions | boombox-theme-extensions |
93
|
BoomBox Theme Extensions <= 1.8.0 - Authenticated (Subscriber+) Privilege Escalation via Password Reset/Account Takeover in boombox_ajax_reset_password | LOW | *-1.8.0 | 1.8.1 | July 3, 2026 | |
| wp-email-delivery | wp-email-delivery | N/A | WP Email Delivery <= 1.20.11.23 - Reflected Cross-Site Scripting | LOW | *-1.20.11.23 | July 3, 2026 | ||
| wp-azure-offload | wp-azure-offload | N/A | WP Azure offload <= 2.0 - Reflected Cross-Site Scripting | LOW | *-2.0 | July 3, 2026 | ||
| wc-ja-ja-pagamentos-multicaixa-express | wc-ja-ja-pagamentos-multicaixa-express | N/A | Já-Já Pagamentos for WooCommerce <= 1.3.0 - Reflected Cross-Site Scripting | LOW | *-1.3.0 | July 3, 2026 | ||
| schedule | schedule | N/A | Schedule <= 1.0.0 - Unauthenticated SQL Injection | LOW | *-1.0.0 | July 3, 2026 | ||
| linkedin-lite | linkedin-lite |
91
|
LinkedIn Lite <= 1.0 - Unauthenticated Local File Inclusion | LOW | *-1.0 | July 3, 2026 | ||
| gs-logo-slider | gs-logo-slider |
93
|
Logo Slider <= 3.7.3 - Unauthenticated Arbitrary Shortcode Execution | LOW | *-3.7.3 | 3.7.4 | July 3, 2026 | |
| getshop-ecommerce | getshop-ecommerce |
91
|
GetShop ecommerce <= 1.3 - Unauthenticated Local File Inclusion | LOW | *-1.3 | July 3, 2026 | ||
| formality | formality |
93
|
Formality <= 1.5.7 - Unauthenticated Local File Inclusion | LOW | *-1.5.7 | 1.5.8 | July 3, 2026 | |
| custom-field-list-widget | custom-field-list-widget |
91
|
Custom Field List Widget <= 1.5.1 - Unauthenticated Local File Inclusion | LOW | *-1.5.1 | July 3, 2026 | ||
| tripetto | tripetto | N/A | Tripetto <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results Deletion | LOW | *-8.0.9 | 8.0.10 | July 3, 2026 | |
| give | give |
93
|
Give <= 3.22.0 - Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Function | LOW | *-3.22.0 | 3.22.1 | July 3, 2026 | |
| tripetto | tripetto | N/A | WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto <= 8.0.9 - Unauthenticated Stored Cross-Site Scripting | LOW | *-8.0.9 | 8.0.10 | July 3, 2026 | |
| wp01 | wp01 | N/A | WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download | LOW | *-2.6.2 | July 3, 2026 | ||
| zoorum-comments | zoorum-comments | N/A | Zoorum Comments <= 0.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.9 | July 3, 2026 | ||
| pixelstats | pixelstats | N/A | pixelstats <= 0.8.2 - Reflected Cross-Site Scripting | LOW | *-0.8.2 | July 3, 2026 | ||
| wc-affiliate | wc-affiliate | N/A | WC Affiliate – A Complete WooCommerce Affiliate Plugin <= 2.5.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-all | LOW | *-2.5.3 | 2.6 | July 3, 2026 | |
| wpschoolpress | wpschoolpress | N/A | School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User Deletion | LOW | *-2.2.16 | 2.2.17 | July 3, 2026 | |
| wpschoolpress | wpschoolpress | N/A | School Management System – WPSchoolPress <= 2.2.16 - Authenticated (Parent+) SQL Injection | LOW | *-2.2.16 | 2.2.17 | July 3, 2026 | |
| wpschoolpress | wpschoolpress | N/A | School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Privilege Escalation via Account Takeover | LOW | *-2.2.16 | 2.2.17 | July 3, 2026 | |
| wpschoolpress | wpschoolpress | N/A | School Management System – WPSchoolPress <= 2.2.17 - Authenticated (Teacher+) SQL Injection | LOW | *-2.2.17 | 2.2.18 | July 3, 2026 | |
| ulisting | ulisting | N/A | Directory Listings WordPress plugin – uListing <= 2.2.0 - Authenticated (Subscriber+) Privilege Escalation | LOW | *-2.2.0 | July 3, 2026 | ||
| ulisting | ulisting | N/A | Directory Listings WordPress plugin – uListing <= 2.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injection | LOW | *-2.2.0 | July 3, 2026 | ||
| WP Test Email | wp-test-email |
90
|
WP Test Email <= 1.1.8 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.1.8 | 1.1.9 | July 3, 2026 | |
| wp-responsive-thumbnail-slider | wp-responsive-thumbnail-slider | N/A | Thumbnail carousel slider <= 1.0.4 - Authenticated (Admin+) SQL Injection | LOW | *-1.0.4 | 1.0.5 | July 3, 2026 |
wp-contact-form-iii
wp-contact-form-iii
wordpress-mu-secure-invites
wordpress-mu-secure-invites
simple-post-series
simple-post-series
profilegrid-user-profiles-groups-and-communities
profilegrid-user-profiles-groups-and-communities
give
give
fancy-box
fancy-box
cookies-pro
cookies-pro
cf7-utm-tracking
cf7-utm-tracking
instant-appointment
instant-appointment
zhina-twitter-widget
zhina-twitter-widget
zd-scribd-ipaper
zd-scribd-ipaper
zalo-live-chat
zalo-live-chat
wp-geshi-highlight
wp-geshi-highlight
wordpress-theme-demo-bar
wordpress-theme-demo-bar
woo-altcoin-payment-gateway
woo-altcoin-payment-gateway
trust-payments-hosted-payment-pages-integration
trust-payments-hosted-payment-pages-integration
rizzi-guestbook
rizzi-guestbook
random-quotes
random-quotes
memberspace
memberspace
infugrator
infugrator
google-plus-google
google-plus-google
gdpr-tools
gdpr-tools
display-post-meta
display-post-meta
aumenu
aumenu
appreview
appreview
woo-rfq-for-woocommerce
woo-rfq-for-woocommerce
order-import-export-for-woocommerce
order-import-export-for-woocommerce
order-import-export-for-woocommerce
order-import-export-for-woocommerce
order-import-export-for-woocommerce
order-import-export-for-woocommerce
order-import-export-for-woocommerce
order-import-export-for-woocommerce
file-away
file-away
wp-event-solution
wp-event-solution
wp-event-solution
wp-event-solution
Custom Twitter Feeds – A Tweets Widget or X Feed Widget
custom-twitter-feeds
zielke-design-project-gallery
zielke-design-project-gallery
your-lightbox
your-lightbox
xpro-elementor-addons
xpro-elementor-addons
wp-multitasking
wp-multitasking
wp-multitasking
wp-multitasking
wordpressplugin-upgrade-time-out-plugin
wordpressplugin-upgrade-time-out-plugin
pixobe-cartography
pixobe-cartography
off-page-seo
off-page-seo
narnoo-shortcodes
narnoo-shortcodes
live-tv
live-tv
ht-mega-for-elementor
ht-mega-for-elementor
WP Ghost (Hide My WP Ghost) – Security & Firewall
hide-my-wp
frontend-post-submission
frontend-post-submission
front-end-post-edit
front-end-post-edit
en-masse-wp
en-masse-wp
database-audit
database-audit
cxc-sawa
cxc-sawa
content-glass-button
content-glass-button
age-gate
age-gate
file-away
file-away
ahathat
ahathat
wp-foodbakery
wp-foodbakery
wp-foodbakery
wp-foodbakery
wp-ad-management
wp-ad-management
ultimate-gallery
ultimate-gallery
super-slider
super-slider
stencies
stencies
snow-storm
snow-storm
sleekplan
sleekplan
site-editor-google-map
site-editor-google-map
sf-booking
sf-booking
s2member-pro
s2member-pro
rws-enquiry
rws-enquiry
rdp-linkedin-login
rdp-linkedin-login
rdp-ingroups
rdp-ingroups
product-puller
product-puller
ns-simple-intro-loader
ns-simple-intro-loader
lifterlms
lifterlms
improve-my-city
improve-my-city
global-payments-woocommerce
global-payments-woocommerce
fomo-payment-gateway-for-woocommerce
fomo-payment-gateway-for-woocommerce
boombox-theme-extensions
boombox-theme-extensions
wp-email-delivery
wp-email-delivery
wp-azure-offload
wp-azure-offload
wc-ja-ja-pagamentos-multicaixa-express
wc-ja-ja-pagamentos-multicaixa-express
schedule
schedule
linkedin-lite
linkedin-lite
gs-logo-slider
gs-logo-slider
getshop-ecommerce
getshop-ecommerce
formality
formality
custom-field-list-widget
custom-field-list-widget
tripetto
tripetto
give
give
tripetto
tripetto
wp01
wp01
zoorum-comments
zoorum-comments
pixelstats
pixelstats
wc-affiliate
wc-affiliate
wpschoolpress
wpschoolpress
wpschoolpress
wpschoolpress
wpschoolpress
wpschoolpress
wpschoolpress
wpschoolpress
ulisting
ulisting
ulisting
ulisting
WP Test Email
wp-test-email
wp-responsive-thumbnail-slider
wp-responsive-thumbnail-slider
Showing 11201 to 11300 of 36406 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 3, 2026 at 03:43 UTC.