Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36406Across tracked plugins
Affected Plugins
90With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| radius-blocks | radius-blocks | N/A | Radius Blocks <= 2.1.2 - Cross-Site Request Forgery | LOW | *-2.1.2 | 2.2.0 | July 3, 2026 | |
| print-invoices-packing-slip-labels-for-woocommerce | print-invoices-packing-slip-labels-for-woocommerce | N/A | WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.7.1 - Authenticated (Shop Manager+) Stored Cross-Site Scripting | LOW | *-4.7.1 | 4.7.2 | July 3, 2026 | |
| post-duplicator | post-duplicator | N/A | Post Duplicator <= 2.35 - Missing Authorization | LOW | *-2.35 | 2.36 | July 3, 2026 | |
| Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder | popup-maker | N/A | Popup Maker <= 1.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.20.2 | 1.20.3 | July 3, 2026 | |
| popup-box | popup-box | N/A | Popup Box <= 3.2.4 - Cross-Site Request Forgery | LOW | *-3.2.4 | 3.2.5 | July 3, 2026 | |
| Plethora Plugins Tabs + Accordions | plethora-tabs-accordions |
98
|
Plethora Plugins Tabs + Accordions <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.5 | 1.2.1 | July 3, 2026 | |
| people-lists | people-lists | N/A | People Lists <= 1.3.10 - Missing Authorization | LOW | *-1.3.10 | 2.0.0 | July 3, 2026 | |
| pdf-for-woocommerce | pdf-for-woocommerce | N/A | PDF Invoices for WooCommerce + Drag and Drop Template Builder <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-4.6.0 | 4.7.0 | July 3, 2026 | |
| paytium | paytium | N/A | Paytium <= 4.4.11 - Unauthenticated Full Path Disclosure | LOW | *-4.4.11 | 4.4.12 | July 3, 2026 | |
| patreon-connect | patreon-connect | N/A | Patreon WordPress <= 1.9.1 - Missing Authorization | LOW | *-1.9.1 | 1.9.2 | July 3, 2026 | |
| pagelayer | pagelayer |
93
|
PageLayer <= 1.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.9.4 | 1.9.5 | July 3, 2026 | |
| orbisius-simple-notice | orbisius-simple-notice |
93
|
Orbisius Simple Notice <= 1.1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.1.3 | 1.1.4 | July 3, 2026 | |
| ninja-gdpr-compliance | ninja-gdpr-compliance |
93
|
GDPR CCPA Compliance Support <= 2.7.1 - Missing Authorization | LOW | *-2.7.1 | 2.7.2 | July 3, 2026 | |
| mwp-herd-effect | mwp-herd-effect |
93
|
Herd Effects <= 6.2.1 - Cross-Site Request Forgery to Settings Update | LOW | *-6.2.1 | 6.2.2 | July 3, 2026 | |
| modal-window | modal-window |
93
|
Modal Window <= 6.1.4 - Cross-Site Request Forgery to Settings Ipdate | LOW | *-6.1.4 | 6.1.5 | July 3, 2026 | |
| magic-the-gathering-card-tooltips | magic-the-gathering-card-tooltips |
93
|
Magic the Gathering Card Tooltips <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.4.0 | 3.5.0 | July 3, 2026 | |
| machform-shortcode | machform-shortcode |
93
|
MachForm Shortcode <= 1.4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4.1 | 1.5.0 | July 3, 2026 | |
| local-sync | local-sync |
93
|
WP Duplicate – WordPress Migration Plugin <= 1.1.6 - Missing Authorization | LOW | *-1.1.6 | 1.1.7 | July 3, 2026 | |
| listamester | listamester |
93
|
Listamester <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.3.4 | 2.3.5 | July 3, 2026 | |
| linet-erp-woocommerce-integration | linet-erp-woocommerce-integration |
93
|
Linet ERP-Woocommerce Integration <= 3.5.7 - Cross-Site Request Forgery | LOW | *-3.5.7 | 3.5.8 | July 3, 2026 | |
| learnpress | learnpress |
93
|
LearnPress <= 4.2.7.1 - Authenticated (Subscriber+) Open Redirect | LOW | *-4.2.7.1 | 4.2.7.2 | July 3, 2026 | |
| ketchup-shortcodes-pack | ketchup-shortcodes-pack |
93
|
Ketchup Shortcodes <= 0.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-0.1.2 | 0.2.1 | July 3, 2026 | |
| kbucket | kbucket |
93
|
KBucket <= 4.1.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-4.1.6 | 4.2.2 | July 3, 2026 | |
| kb-support | kb-support |
91
|
KB Support <= 1.6.7 - Unauthenticated Open Redirect | LOW | *-1.6.7 | 1.6.8 | July 3, 2026 | |
| Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | kadence-blocks |
91
|
Gutenberg Blocks by Kadence Blocks <= 3.3.1 - Missing Authorization | LOW | *-3.3.1 | 3.3.2 | July 3, 2026 | |
| jsm-show-post-meta | jsm-show-post-meta |
93
|
JSM Show Post Metadata <= 4.6.0 - Missing Authorization | LOW | *-4.6.0 | 4.6.1 | July 3, 2026 | |
| job-board-manager | job-board-manager |
83
|
Job Board Manager <= 2.1.59 - Cross-Site Request Forgery | LOW | *-2.1.59 | 2.1.60 | July 3, 2026 | |
| jc-importer | jc-importer |
93
|
Import WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | LOW | *-2.14.5 | 2.14.6 | July 3, 2026 | |
| ip2location-country-blocker | ip2location-country-blocker |
93
|
Download IP2Location Country Blocker <= 2.38.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.38.3 | 2.38.4 | July 3, 2026 | |
| icegram | icegram |
93
|
Icegram <= 3.1.31 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.1.31 | 3.1.32 | July 3, 2026 | |
| Hyve Lite – AI Chatbot, ChatGPT-Powered Conversational Support | hyve-lite |
98
|
AI Chatbot for WordPress – Hyve Lite <= 1.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.2.2 | 1.2.3 | July 3, 2026 | |
| ht-contactform | ht-contactform |
93
|
HT Conctact Form 7 <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.2.1 | 1.2.2 | July 3, 2026 | |
| helloasso | helloasso |
93
|
HelloAsso <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.11 | 1.1.12 | July 3, 2026 | |
| google-analytics-dashboard-for-wp | google-analytics-dashboard-for-wp |
93
|
ExactMetrics <= 8.1.0 - Missing Authorization | LOW | *-8.1.0 | 8.2.0 | July 3, 2026 | |
| gmap-embed | gmap-embed |
93
|
Maps Plugin using Google Maps for WordPress – WP Google Map <= 1.9.3 - Maps Plugin using Google Maps for WordPress – WP Google Map <= 1.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting via Markers | LOW | *-1.9.3 | 1.9.4 | July 3, 2026 | |
| gmap-embed | gmap-embed |
93
|
Maps Plugin using Google Maps for WordPress – WP Google Map <= 1.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.9.3 | 1.9.4 | July 3, 2026 | |
| fulltext-search | fulltext-search |
93
|
WP Fast Total Search <= 1.78.258 - Missing Authorization | LOW | *-1.78.258 | 1.79.262 | July 3, 2026 | |
| fulltext-search | fulltext-search |
93
|
WP Fast Total Search <= 1.78.258 - Cross-Site Request Forgery | LOW | *-1.78.258 | 1.79.262 | July 3, 2026 | |
| Forminator Forms – Contact Form, Payment Form & Custom Form Builder | forminator |
92
|
Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.38.2 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.38.2 | 1.38.3 | July 3, 2026 | |
| FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider | fluent-smtp |
85
|
FluentSMTP <= 2.2.80 - Cross-Site Request Forgery | LOW | *-2.2.80 | 2.2.81 | July 3, 2026 | |
| faq-builder-ays | faq-builder-ays |
93
|
FAQ Builder AYS <= 1.7.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.7.3 | 1.7.4 | July 3, 2026 | |
| extensions-for-cf7 | extensions-for-cf7 |
93
|
Extensions For CF7 <= 3.2.0 - Authenticated (Admin+) Sever-Side Request Forgery | LOW | *-3.2.0 | 3.2.1 | July 3, 2026 | |
| event-post | event-post |
91
|
Event post <= 5.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-5.9.7 | 5.9.8 | July 3, 2026 | |
| essential-real-estate | essential-real-estate |
87
|
Essential Real Estate <= 5.1.8 - Cross-Site Request Forgery | LOW | *-5.1.8 | 5.1.9 | July 3, 2026 | |
| email-subscribe | email-subscribe |
93
|
Email Subscription Popup <= 1.2.23 - Authenticated (Administrator+) SQL Injection | LOW | *-1.2.23 | 1.2.24 | July 3, 2026 | |
| elementinvader-addons-for-elementor | elementinvader-addons-for-elementor |
93
|
ElementInvader Addons for Elementor <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.3.3 | 1.3.4 | July 3, 2026 | |
| elementinvader-addons-for-elementor | elementinvader-addons-for-elementor |
93
|
ElementInvader Addons for Elementor <= 1.3.1 - Missing Authorization | LOW | *-1.3.1 | 1.3.2 | July 3, 2026 | |
| elementinvader-addons-for-elementor | elementinvader-addons-for-elementor |
93
|
ElementInvader Addons for Elementor <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.3.0 | 1.3.1 | July 3, 2026 | |
| easy-youtube-gallery | easy-youtube-gallery |
93
|
Easy YouTube Gallery <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.4 | 1.0.5 | July 3, 2026 | |
| dc-woocommerce-multi-vendor | dc-woocommerce-multi-vendor |
93
|
WC Marketplace <= 4.2.13 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-4.2.13 | 4.2.14 | July 3, 2026 | |
| create-with-code | create-with-code |
93
|
Create with Code <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.4 | 1.5 | July 3, 2026 | |
| cp-easy-form-builder | cp-easy-form-builder |
93
|
Form Builder CP <= 1.2.41 - Authenticated (Contributor+) SQL Injection | LOW | *-1.2.41 | 1.2.42 | July 3, 2026 | |
| counter-box | counter-box |
93
|
Counter Box <= 2.0.5 - Cross-Site Request Forgery | LOW | *-2.0.5 | 2.0.6 | July 3, 2026 | |
| contact-form-to-email | contact-form-to-email |
93
|
Contact Form Email <= 1.3.52 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.3.52 | 1.3.53 | July 3, 2026 | |
| coblocks | coblocks |
93
|
CoBlocks <= 3.1.13 - Missing Authorization | LOW | *-3.1.13 | 3.1.14 | July 3, 2026 | |
| chained-quiz | chained-quiz |
93
|
Chained Quiz <= 1.3.2.9 - Authenticated (Admin+) Server-Side Request Forgery | LOW | *-1.3.2.9 | 1.3.3 | July 3, 2026 | |
| call-now-button | call-now-button |
93
|
Call Now Button <= 1.4.13 - Cross-Site Request Forgery | LOW | *-1.4.13 | 1.4.14 | July 3, 2026 | |
| caching-compatible-cookie-optin-and-javascript | caching-compatible-cookie-optin-and-javascript |
93
|
Caching Compatible Cookie Opt-In and JavaScript <= 0.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-0.0.10 | 0.0.11 | July 3, 2026 | |
| button-generation | button-generation |
93
|
Button Generator – easily Button Builder <= 3.1.1 - Cross-Site Request Forgery | LOW | *-3.1.1 | 3.1.2 | July 3, 2026 | |
| build-private-store-for-woocommerce | build-private-store-for-woocommerce |
93
|
Build Private Store For Woocommerce <= 1.0 - Missing Authorization | LOW | *-1.0 | 1.1 | July 3, 2026 | |
| bug-library | bug-library |
93
|
Bug Library <= 2.1.4 - Authenticated (Contributor+) SQL Injection | LOW | *-2.1.4 | 2.1.5 | July 3, 2026 | |
| bubble-menu | bubble-menu |
93
|
Bubble Menu – circle floating menu <= 4.0.2 - Cross-Site Request Forgery | LOW | *-4.0.2 | 4.0.3 | July 3, 2026 | |
| bridge-core | bridge-core |
93
|
Bridge Core <= 3.3 - Missing Authorization | LOW | *-3.3 | 3.3.1 | July 3, 2026 | |
| boom-fest | boom-fest |
93
|
Boom Fest <= 2.2.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update | LOW | *-2.2.1 | 2.2.2 | July 3, 2026 | |
| bookingpress-appointment-booking | bookingpress-appointment-booking |
93
|
BookingPress <= 1.1.25 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.25 | 1.1.26 | July 3, 2026 | |
| booking-calendar-contact-form | booking-calendar-contact-form |
93
|
Booking Calendar Contact Form <= 1.2.55 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.2.55 | 1.2.56 | July 3, 2026 | |
| blur-text | blur-text |
93
|
Blur Text <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.0 | 2.0.0 | July 3, 2026 | |
| auction-nudge | auction-nudge |
93
|
Auction Nudge – Your eBay on Your Site <= 7.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-7.2.0 | 7.2.1 | July 3, 2026 | |
| attire-blocks | attire-blocks |
93
|
Attire Blocks <= 1.9.6 - Cross-Site Request Forgery | LOW | *-1.9.6 | 1.9.7 | July 3, 2026 | |
| atarim-visual-collaboration | atarim-visual-collaboration |
93
|
Atarim <= 4.0.8 - Unauthenticated Stored Cross-Site Scripting | LOW | *-4.0.8 | 4.0.9 | July 3, 2026 | |
| astra-sites | astra-sites |
93
|
Starter Templates <= 4.4.9 - Cross-Site Request Forgery | LOW | *-4.4.9 | 4.4.10 | July 3, 2026 | |
| All Embed – Multi-Source Embed Widgets for Elementor | all-embed-addons-for-elementor |
91
|
All Embed – Elementor Addons <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.3 | 1.1.4 | July 3, 2026 | |
| ajax-filter-posts | ajax-filter-posts |
95
|
Post Grid Master <= 3.4.12 - Authenticated (Contributor+) Local File Inclusion | LOW | *-3.4.12 | 3.4.13 | July 3, 2026 | |
| advanced-notifications | advanced-notifications |
97
|
Advanced Notifications <= 1.2.7 - Missing Authorization | LOW | *-1.2.7 | 1.2.8 | July 3, 2026 | |
| admin-site-enhancements-pro | admin-site-enhancements-pro |
97
|
Admin and Site Enhancements (ASE) Pro <= 7.6.1.1 - Missing Authorization | LOW | *-7.6.1.1 | 7.6.3 | July 3, 2026 | |
| admin-site-enhancements | admin-site-enhancements |
97
|
Admin and Site Enhancements (ASE) <= 7.6.2 - Missing Authorization | LOW | *-7.6.2 | 7.6.3 | July 3, 2026 | |
| abc-notation | abc-notation |
93
|
ABC Notation <= 6.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-6.1.3 | July 3, 2026 | ||
| a4-barcode-generator | a4-barcode-generator |
97
|
Print Barcode Labels for your WooCommerce products/orders <= 3.4.10 - Missing Authorization | LOW | *-3.4.10 | 3.4.11 | July 3, 2026 | |
| 12-step-meeting-list | 12-step-meeting-list |
97
|
12 Step Meeting List <= 3.16.5 - Unauthenticated Sensitive Information Exposure | LOW | *-3.16.5 | 3.16.6 | July 3, 2026 | |
| 12-step-meeting-list | 12-step-meeting-list |
97
|
12 Step Meeting List <= 3.16.5 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion | LOW | *-3.16.5 | 3.16.6 | July 3, 2026 | |
| post-grid-carousel-ultimate | post-grid-carousel-ultimate | N/A | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion via post_type_ajax_handler() | LOW | *-1.6.10 | 1.7 | July 3, 2026 | |
| affiliate-toolkit-starter | affiliate-toolkit-starter |
95
|
affiliate-toolkit – WP Affiliate Plugin with Amazon <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.7.0 | 3.7.1 | July 3, 2026 | |
| bmlt-meeting-map | bmlt-meeting-map |
91
|
BMLT Meeting Map <= 2.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.6.1 | July 3, 2026 | ||
| automate-hub-free-by-sperse-io | automate-hub-free-by-sperse-io |
89
|
Automate Hub Free by Sperse.IO <= 1.7.0 - Cross-Site Request Forgery to Activation Status Update | LOW | *-1.7.0 | July 3, 2026 | ||
| wp-user-avatar | wp-user-avatar | N/A | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.19 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-4.15.19 | 4.15.20 | July 3, 2026 | |
| wp-user-avatar | wp-user-avatar | N/A | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.19 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-4.15.19 | 4.15.20 | July 3, 2026 | |
| wp-user-avatar | wp-user-avatar | N/A | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.19 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-4.15.19 | 4.15.20 | July 3, 2026 | |
| wp-ulike | wp-ulike | N/A | WP ULike <= 4.7.5 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-4.7.5 | 4.7.6 | July 3, 2026 | |
| wp-google-street-view | wp-google-street-view | N/A | WP Google Street View (with 360° virtual tour) & Google maps + Local SEO <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.3 | 1.1.4 | July 3, 2026 | |
| simple-gallery-with-filter | simple-gallery-with-filter | N/A | Simple Gallery with Filter <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0 | 2.1 | July 3, 2026 | |
| simple-downloads-list | simple-downloads-list | N/A | Simple Downloads List <= 1.4.2 - Authenticated (Contributor+) SQL Injection | LOW | *-1.4.2 | 1.4.3 | July 3, 2026 | |
| sastra-essential-addons-for-elementor | sastra-essential-addons-for-elementor | N/A | Sastra Essential Addons for Elementor – Free Elementor Addons, Widgets and Templates <= 1.0.14 - Missing Authorization to Spexo Theme Install | LOW | *-1.0.14 | 1.0.15 | July 3, 2026 | |
| rometheme-for-elementor | rometheme-for-elementor | N/A | RomethemeKit For Elementor <= 1.5.2 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates | LOW | *-1.5.2 | 1.5.3 | July 3, 2026 | |
| Responsive Addons for Elementor – Free Elementor Addons, Kits and Elementor Templates | responsive-addons-for-elementor | N/A | Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates <= 1.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.6.4 | 1.6.5 | July 3, 2026 | |
| precious-metals-chart-and-widgets | precious-metals-chart-and-widgets | N/A | Precious Metals Charts and Widgets for WordPress <= 1.2.8 - Authenticated (Contributor+) Stored Cross-site Scripting | LOW | *-1.2.8 | 1.2.9 | July 3, 2026 | |
| post-grid-carousel-ultimate | post-grid-carousel-ultimate | N/A | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion | LOW | *-1.6.10 | 1.7 | July 3, 2026 | |
| listamester | listamester |
93
|
Listamester <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.3.4 | 2.3.5 | July 3, 2026 | |
| cp-easy-form-builder | cp-easy-form-builder |
93
|
Form Builder CP <= 1.2.41 - Authenticated (Contributor+) SQL Injection | LOW | *-1.2.41 | 1.2.42 | July 3, 2026 | |
| chalet-montagne-com-tools | chalet-montagne-com-tools |
91
|
Chalet-Montagne.com Tools <= 2.7.8 - Reflected Cross-Site Scripting | LOW | *-2.7.8 | July 3, 2026 | ||
| bp-activity-plus-reloaded | bp-activity-plus-reloaded |
89
|
Activity Plus Reloaded for BuddyPress <= 1.1.1 - Authenticated (Subscriber+) Blind Server-Side Request Forgery | LOW | *-1.1.1 | 1.1.2 | July 3, 2026 |
radius-blocks
radius-blocks
print-invoices-packing-slip-labels-for-woocommerce
print-invoices-packing-slip-labels-for-woocommerce
post-duplicator
post-duplicator
Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder
popup-maker
popup-box
popup-box
Plethora Plugins Tabs + Accordions
plethora-tabs-accordions
people-lists
people-lists
pdf-for-woocommerce
pdf-for-woocommerce
paytium
paytium
patreon-connect
patreon-connect
pagelayer
pagelayer
orbisius-simple-notice
orbisius-simple-notice
ninja-gdpr-compliance
ninja-gdpr-compliance
mwp-herd-effect
mwp-herd-effect
modal-window
modal-window
magic-the-gathering-card-tooltips
magic-the-gathering-card-tooltips
machform-shortcode
machform-shortcode
local-sync
local-sync
listamester
listamester
linet-erp-woocommerce-integration
linet-erp-woocommerce-integration
learnpress
learnpress
ketchup-shortcodes-pack
ketchup-shortcodes-pack
kbucket
kbucket
kb-support
kb-support
Kadence Blocks — Page Builder Toolkit for Gutenberg Editor
kadence-blocks
jsm-show-post-meta
jsm-show-post-meta
job-board-manager
job-board-manager
jc-importer
jc-importer
ip2location-country-blocker
ip2location-country-blocker
icegram
icegram
Hyve Lite – AI Chatbot, ChatGPT-Powered Conversational Support
hyve-lite
ht-contactform
ht-contactform
helloasso
helloasso
google-analytics-dashboard-for-wp
google-analytics-dashboard-for-wp
gmap-embed
gmap-embed
gmap-embed
gmap-embed
fulltext-search
fulltext-search
fulltext-search
fulltext-search
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
forminator
FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider
fluent-smtp
faq-builder-ays
faq-builder-ays
extensions-for-cf7
extensions-for-cf7
event-post
event-post
essential-real-estate
essential-real-estate
email-subscribe
email-subscribe
elementinvader-addons-for-elementor
elementinvader-addons-for-elementor
elementinvader-addons-for-elementor
elementinvader-addons-for-elementor
elementinvader-addons-for-elementor
elementinvader-addons-for-elementor
easy-youtube-gallery
easy-youtube-gallery
dc-woocommerce-multi-vendor
dc-woocommerce-multi-vendor
create-with-code
create-with-code
cp-easy-form-builder
cp-easy-form-builder
counter-box
counter-box
contact-form-to-email
contact-form-to-email
coblocks
coblocks
chained-quiz
chained-quiz
call-now-button
call-now-button
caching-compatible-cookie-optin-and-javascript
caching-compatible-cookie-optin-and-javascript
button-generation
button-generation
build-private-store-for-woocommerce
build-private-store-for-woocommerce
bug-library
bug-library
bubble-menu
bubble-menu
bridge-core
bridge-core
boom-fest
boom-fest
bookingpress-appointment-booking
bookingpress-appointment-booking
booking-calendar-contact-form
booking-calendar-contact-form
blur-text
blur-text
auction-nudge
auction-nudge
attire-blocks
attire-blocks
atarim-visual-collaboration
atarim-visual-collaboration
astra-sites
astra-sites
All Embed – Multi-Source Embed Widgets for Elementor
all-embed-addons-for-elementor
ajax-filter-posts
ajax-filter-posts
advanced-notifications
advanced-notifications
admin-site-enhancements-pro
admin-site-enhancements-pro
admin-site-enhancements
admin-site-enhancements
abc-notation
abc-notation
a4-barcode-generator
a4-barcode-generator
12-step-meeting-list
12-step-meeting-list
12-step-meeting-list
12-step-meeting-list
post-grid-carousel-ultimate
post-grid-carousel-ultimate
affiliate-toolkit-starter
affiliate-toolkit-starter
bmlt-meeting-map
bmlt-meeting-map
automate-hub-free-by-sperse-io
automate-hub-free-by-sperse-io
wp-user-avatar
wp-user-avatar
wp-user-avatar
wp-user-avatar
wp-user-avatar
wp-user-avatar
wp-ulike
wp-ulike
wp-google-street-view
wp-google-street-view
simple-gallery-with-filter
simple-gallery-with-filter
simple-downloads-list
simple-downloads-list
sastra-essential-addons-for-elementor
sastra-essential-addons-for-elementor
rometheme-for-elementor
rometheme-for-elementor
Responsive Addons for Elementor – Free Elementor Addons, Kits and Elementor Templates
responsive-addons-for-elementor
precious-metals-chart-and-widgets
precious-metals-chart-and-widgets
post-grid-carousel-ultimate
post-grid-carousel-ultimate
listamester
listamester
cp-easy-form-builder
cp-easy-form-builder
chalet-montagne-com-tools
chalet-montagne-com-tools
bp-activity-plus-reloaded
bp-activity-plus-reloaded
Showing 12701 to 12800 of 36406 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 3, 2026 at 19:38 UTC.