Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36406

Across tracked plugins

Affected Plugins

97

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
df-draggable df-draggable
91
DF Draggable <= 1.13.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.13.2 July 5, 2026
dezdy-mcommerce dezdy-mcommerce
91
Dezdy <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
demo-user-dzs-showcase-your-admin-safely demo-user-dzs-showcase-your-admin-safely
91
Demo User DZS – Showcase your admin safely <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting LOW *-1.1.0 July 5, 2026
delele-all delele-all
91
Delete All Posts <= 1.1.1 - Missing Authorization LOW *-1.1.1 July 5, 2026
debug-tool debug-tool
86
Debug Tool <= 2.2 - Missing Authorization LOW *-2.2 July 5, 2026
debt-calculator debt-calculator
91
Debt Calculator <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0.1 July 5, 2026
dd-roles dd-roles
91
DD Roles <= 4.1 - Authenticated (Subscriber+) Privilege Escalation LOW *-4.1 July 5, 2026
database-sync database-sync
91
Database Sync <= 0.5.1 - Authenticated (Subscriber+) Sensitive Information Exposure LOW *-0.5.1 July 5, 2026
data-dash data-dash
89
Data Dash <= 1.2.3 - Reflected Cross-Site Scripting LOW *-1.2.3 July 5, 2026
daily-proverb daily-proverb
91
Daily Proverb <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.0.3 July 5, 2026
cyber-new-slider cyber-new-slider
91
Cyber Slider <= 1.1 - Reflected Cross-Site Scripting LOW *-1.1 July 5, 2026
customizable-captcha-and-contact-us-form customizable-captcha-and-contact-us-form
91
Customizable Captcha and Contact Us <= 1.0.2 - Reflected Cross-Site Scripting LOW *-1.0.2 July 5, 2026
custom-widget-creator custom-widget-creator
91
Custom Widget Creator <= 1.0.5 - Reflected Cross-Site Scripting LOW *-1.0.5 July 5, 2026
custom-widget-classes custom-widget-classes
91
Custom Widget Classes <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.1 July 5, 2026
custom-users-order custom-users-order
91
Custom Users Order <= 4.2 - Reflected Cross-Site Scripting LOW *-4.2 July 5, 2026
custom-post-type-lockdown custom-post-type-lockdown
91
Custom Post Type Lockdown <= 1.11 - Cross-Site Request Forgery to Privilege Escalation LOW *-1.11 July 5, 2026
custom-post-type-gui custom-post-type-gui
91
Custom Post <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0 July 5, 2026
custom-page-extensions custom-page-extensions
91
Custom Page Extensions <= 0.6 - Reflected Cross-Site Scripting LOW *-0.6 July 5, 2026
custom-list-table-example custom-list-table-example
91
Custom List Table Example <= 1.4.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting LOW *-1.4.1 July 5, 2026
custom-coming-soon custom-coming-soon
91
Custom Coming Soon <= 2.2 - Reflected Cross-Site Scripting LOW *-2.2 July 5, 2026
curated-search curated-search
91
Curated Search <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.2 July 5, 2026
cubepm cubepm
91
CubePM <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
css-addons css-addons
91
Custom CSS Addons <= 1.9.1 - Reflected Cross-Site Scripting LOW *-1.9.1 July 5, 2026
crudlab-facebook-like-box crudlab-facebook-like-box
91
CRUDLab Like Box <= 2.0.9 - Reflected Cross-Site Scripting LOW *-2.0.9 July 5, 2026
coronavirus-data-widgets coronavirus-data-widgets
91
Coronavirus (COVID-19) Outbreak Data Widgets <= 1.1.1 - Reflected Cross-Site Scripting LOW *-1.1.1 July 5, 2026
copyright-safeguard-footer-notice copyright-safeguard-footer-notice
91
Copyright Safeguard Footer Notice <= 3.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-3.0 July 5, 2026
copy-move-posts copy-move-posts
91
Copy Move Posts <= 1.6 - Missing Authorization LOW *-1.6 July 5, 2026
cookie-consent-autoblock cookie-consent-autoblock
91
Cookie Consent & Autoblock for GDPR/CCPA <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0.1 July 5, 2026
contexto contexto
91
Contexto <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
contentoptin contentoptin
91
ContentOptin Lite – WP Content Upgrade Plugin <= 1.1 - Reflected Cross-Site Scripting LOW *-1.1 July 5, 2026
content-security-policy-pro content-security-policy-pro
91
Content Security Policy Pro <= 1.3.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.3.5 July 5, 2026
content-planner content-planner
91
Content Planner <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
content-mirror content-mirror
91
Content Mirror <= 1.2 - Reflected Cross-Site Scripting LOW *-1.2 July 5, 2026
contact-form-7-round-robin-lead-distribution contact-form-7-round-robin-lead-distribution
89
Contact Form 7 Round Robin Lead Distribution <= 1.2.1 - Reflected Cross-Site Scripting LOW *-1.2.1 July 5, 2026
contact-form-7-round-robin-lead-distribution contact-form-7-round-robin-lead-distribution
89
Contact Form 7 Round Robin Lead Distribution <= 1.2.1 - Authenticated (Administrator+) SQL Injection LOW *-1.2.1 July 5, 2026
contact-form-7-anti-spambot contact-form-7-anti-spambot
91
Contact Form 7 Anti Spambot <= 1.0.1 - Missing Authorization LOW *-1.0.1 July 5, 2026
comparepress comparepress
91
ComparePress <= 2.0.8 - Reflected Cross-Site Scripting LOW *-2.0.8 July 5, 2026
compare-ninja-comparison-tables compare-ninja-comparison-tables
91
Compare Ninja <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.1.0 July 5, 2026
comments-with-hypercommentscom comments-with-hypercommentscom
91
HyperComments <= 0.9.6 - Reflected Cross-Site Scripting LOW *-0.9.6 July 5, 2026
comment-emailer comment-emailer
91
Comment-Emailer <= 1.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0.5 July 5, 2026
cobwebo-url cobwebo-url
91
Cobwebo URL Plugin <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
cnzz51la-for-wordpress cnzz51la-for-wordpress
91
CNZZ&51LA for WordPress <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0.1 July 5, 2026
cmc-migrate cmc-migrate
91
CMC MIGRATE <= 0.0.3 - Reflected Cross-Site Scripting LOW *-0.0.3 July 5, 2026
cloud cloud
91
WP Cloud <= 1.4.3 - Unauthenticated Arbitrary File Read LOW *-1.4.3 July 5, 2026
cj-custom-content cj-custom-content
91
CJ Custom Content <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-2.0 July 5, 2026
chesstempoviewer chesstempoviewer
91
Chess Tempo Viewer <= 0.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-0.9.5 July 5, 2026
checkout-for-paypal checkout-for-paypal
93
Checkout for PayPal <= 1.0.32 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.0.32 1.0.33 July 5, 2026
chatter chatter
89
Chatter <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0.1 July 5, 2026
charitydonation-thermometer charitydonation-thermometer
91
Charity-thermometer <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.1.2 July 5, 2026
chamber-dashboard-business-directory chamber-dashboard-business-directory
89
Chamber Dashboard Business Directory <= 3.3.10 - Missing Authorization LOW *-3.3.10 3.3.11 July 5, 2026
cf7-paystack-add-on cf7-paystack-add-on
91
Contact Form 7 – Paystack Add-on <= 1.2.3 - Reflected Cross-Site Scripting LOW *-1.2.3 July 5, 2026
cf7-cc-avenue-add-on cf7-cc-avenue-add-on
91
Contact Form 7 – CCAvenue Add-on <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
cf7-calendly-integration cf7-calendly-integration
91
Form To Online Booking <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
cc-circle-progress-bar cc-circle-progress-bar
91
CC Circle Progress Bar <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.0.0 July 5, 2026
cbxwpsimpleaccounting cbxwpsimpleaccounting
91
CBX Accounting & Bookkeeping <= 1.3.14 - Reflected Cross-Site Scripting LOW *-1.3.14 July 5, 2026
causes causes
91
Causes – Donation Plugin <= 1.0.01 - Reflected Cross-Site Scripting LOW *-1.0.01 July 5, 2026
categorycustomfields categorycustomfields
91
Category Custom Fields <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0 July 5, 2026
category-d3-tree category-d3-tree
91
Category D3 Tree <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.1 July 5, 2026
catch-duplicate-switcher catch-duplicate-switcher
93
Catch Duplicate Switcher <= 2.1 - Reflected Cross-Site Scripting LOW *-2.1 2.2 July 5, 2026
captchelfie-captcha-by-selfie captchelfie-captcha-by-selfie
91
Captchelfie – Captcha by Selfie <= 1.0.7 - Reflected Cross-Site Scripting LOW *-1.0.7 July 5, 2026
canalplan-ac canalplan-ac
91
Canalplan <= 5.31 - Reflected Cross-Site Scripting LOW *-5.31 July 5, 2026
camoo-sms camoo-sms
91
CAMOO SMS <= 3.0.1 - Reflected Cross-Site Scripting LOW *-3.0.1 July 5, 2026
call-to-action-popup call-to-action-popup
91
Call To Action <= 1.0.2 - Reflected Cross-Site Scripting LOW *-1.0.2 July 5, 2026
call-me-now call-me-now
91
Call me Now <= 1.0.5 - Cross-Site Request Forgery LOW *-1.0.5 July 5, 2026
calendi calendi
91
Calendi <= 1.1.1 - Reflected Cross-Site Scripting LOW *-1.1.1 July 5, 2026
bulk-categories-assign bulk-categories-assign
91
Bulk Categories Assign <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
browser-update-notify browser-update-notify
91
Browser-Update-Notify <= 0.2.1 - Reflected Cross-Site Scripting LOW *-0.2.1 July 5, 2026
bookalet bookalet
91
Bookalet <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.0.3 July 5, 2026
book-a-place book-a-place
91
Book a Place <= 0.7.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-0.7.1 July 5, 2026
board-election board-election
91
Board Election <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0.1 July 5, 2026
blue-wrench-videos-widget blue-wrench-videos-widget
91
Blue Wrench Video Widget <= 2.1.0 - Reflected Cross-Site Scripting LOW *-2.1.0 July 5, 2026
blu-logistics blu-logistics
91
blu Logistics <= 1.0.0 - Reflected Cross-Site Scripting LOW *-1.0.0 July 5, 2026
blrt-wp-embed blrt-wp-embed
89
Blrt WP Embed <= 1.6.9 - Reflected Cross-Site Scripting LOW *-1.6.9 July 5, 2026
blogger-image-import blogger-image-import
91
Blogger Image Import 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW 2.1 July 5, 2026
blog-summary blog-summary
91
Blog Summary <= 0.1.2 β - Authenticated (Contributor+) Stored Cross-Site Scripting LOW * - 0.1.2 β July 5, 2026
bizlibrary bizlibrary
89
BizLibrary <= 1.1 - Reflected Cross-Site Scripting LOW *-1.1 July 5, 2026
bitly-linker bitly-linker
91
Bit.ly linker <= 1.1 - Reflected Cross-Site Scripting LOW *-1.1 July 5, 2026
bible-embed bible-embed
91
Bible Embed <= 0.0.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-0.0.4 July 5, 2026
better-protected-pages better-protected-pages
91
Better Protected Pages <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0 July 5, 2026
best-css-compiler best-css-compiler
91
WOW Best CSS Compiler <= 2.0.2 - Reflected Cross-Site Scripting LOW *-2.0.2 July 5, 2026
bauernregeln bauernregeln
91
Bauernregeln <= 1.0.1 - Reflected Cross-Site Scripting LOW *-1.0.1 July 5, 2026
background-animation-blocks background-animation-blocks
91
Background animation blocks <= 2.1.5 - Unauthenticated Local File Inclusion LOW *-2.1.5 July 5, 2026
azurecurve-floating-featured-image azurecurve-floating-featured-image
91
azurecurve Floating Featured <= 2.2.0 - Reflected Cross-Site Scripting LOW *-2.2.0 July 5, 2026
awesome-twitter-feeds awesome-twitter-feeds
91
Awesome Twitter Feeds <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
awesome-timeline awesome-timeline
91
Awesome WordPress Timeline Plugin <= 1.0.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting LOW *-1.0.1 July 5, 2026
awesome-hooks awesome-hooks
91
Awesome Hooks <= 1.0.1 - Reflected Cross-Site Scripting LOW *-1.0.1 July 5, 2026
awesome-gallery-singsys awesome-gallery-singsys
91
Singsys -Awesome Gallery <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 5, 2026
aw-woocommerce-kode-pembayaran aw-woocommerce-kode-pembayaran
91
AW WooCommerce Kode Pembayaran <= 1.1.4 - Reflected Cross-Site Scripting LOW *-1.1.4 July 5, 2026
auto-ftp auto-ftp
91
Auto FTP <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.0.1 July 5, 2026
author-showcase author-showcase
91
Author Showcase <= 1.4.3 - Reflected Cross-Site Scripting LOW *-1.4.3 July 5, 2026
auphonic-importer auphonic-importer
91
Auphonic Importer <= 1.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.5.1 July 5, 2026
attach-gallery-posts attach-gallery-posts
91
Attach Gallery Posts <= 1.6 - Reflected Cross-Site Scripting LOW *-1.6 July 5, 2026
apply-with-linkedin-buttons apply-with-linkedin-buttons
95
Apply with LinkedIn buttons <= 2.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-2.3 July 5, 2026
apply-with-linkedin-buttons apply-with-linkedin-buttons
95
Apply with LinkedIn buttons <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.3 July 5, 2026
applicantpro applicantpro
97
Isolved Talent Acquisition <= 1.3.9 - Reflected Cross-Site Scripting LOW *-1.3.9 1.4.0 July 5, 2026
anonymize-links anonymize-links
95
Anonymize Links <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-1.1 July 5, 2026
annie annie
95
Annie <= 2.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-2.1.1 July 5, 2026
annie annie
95
Annie <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.1.1 July 5, 2026
amr-personalise amr-personalise
95
amr personalise <= 2.10 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-2.10 July 5, 2026
altima-lookbook-free-for-woocommerce altima-lookbook-free-for-woocommerce
95
Altima Lookbook Free for WooCommerce <= 1.1.0 - Refletced Cross-Site Scripting LOW *-1.1.0 July 5, 2026
LOW

df-draggable

df-draggable

Score: 91/100 DF Draggable <= 1.13.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.13.2 Patched: Updated: July 5, 2026
LOW

dezdy-mcommerce

dezdy-mcommerce

Score: 91/100 Dezdy <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

demo-user-dzs-showcase-your-admin-safely

demo-user-dzs-showcase-your-admin-safely

Score: 91/100 Demo User DZS – Showcase your admin safely <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting Affected: *-1.1.0 Patched: Updated: July 5, 2026
LOW

delele-all

delele-all

Score: 91/100 Delete All Posts <= 1.1.1 - Missing Authorization Affected: *-1.1.1 Patched: Updated: July 5, 2026
LOW

debug-tool

debug-tool

Score: 86/100 Debug Tool <= 2.2 - Missing Authorization Affected: *-2.2 Patched: Updated: July 5, 2026
LOW

debt-calculator

debt-calculator

Score: 91/100 Debt Calculator <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

dd-roles

dd-roles

Score: 91/100 DD Roles <= 4.1 - Authenticated (Subscriber+) Privilege Escalation Affected: *-4.1 Patched: Updated: July 5, 2026
LOW

database-sync

database-sync

Score: 91/100 Database Sync <= 0.5.1 - Authenticated (Subscriber+) Sensitive Information Exposure Affected: *-0.5.1 Patched: Updated: July 5, 2026
LOW

data-dash

data-dash

Score: 89/100 Data Dash <= 1.2.3 - Reflected Cross-Site Scripting Affected: *-1.2.3 Patched: Updated: July 5, 2026
LOW

daily-proverb

daily-proverb

Score: 91/100 Daily Proverb <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.0.3 Patched: Updated: July 5, 2026
LOW

cyber-new-slider

cyber-new-slider

Score: 91/100 Cyber Slider <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

customizable-captcha-and-contact-us-form

customizable-captcha-and-contact-us-form

Score: 91/100 Customizable Captcha and Contact Us <= 1.0.2 - Reflected Cross-Site Scripting Affected: *-1.0.2 Patched: Updated: July 5, 2026
LOW

custom-widget-creator

custom-widget-creator

Score: 91/100 Custom Widget Creator <= 1.0.5 - Reflected Cross-Site Scripting Affected: *-1.0.5 Patched: Updated: July 5, 2026
LOW

custom-widget-classes

custom-widget-classes

Score: 91/100 Custom Widget Classes <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

custom-users-order

custom-users-order

Score: 91/100 Custom Users Order <= 4.2 - Reflected Cross-Site Scripting Affected: *-4.2 Patched: Updated: July 5, 2026
LOW

custom-post-type-lockdown

custom-post-type-lockdown

Score: 91/100 Custom Post Type Lockdown <= 1.11 - Cross-Site Request Forgery to Privilege Escalation Affected: *-1.11 Patched: Updated: July 5, 2026
LOW

custom-post-type-gui

custom-post-type-gui

Score: 91/100 Custom Post <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

custom-page-extensions

custom-page-extensions

Score: 91/100 Custom Page Extensions <= 0.6 - Reflected Cross-Site Scripting Affected: *-0.6 Patched: Updated: July 5, 2026
LOW

custom-list-table-example

custom-list-table-example

Score: 91/100 Custom List Table Example <= 1.4.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting Affected: *-1.4.1 Patched: Updated: July 5, 2026
LOW

custom-coming-soon

custom-coming-soon

Score: 91/100 Custom Coming Soon <= 2.2 - Reflected Cross-Site Scripting Affected: *-2.2 Patched: Updated: July 5, 2026
LOW

curated-search

curated-search

Score: 91/100 Curated Search <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.2 Patched: Updated: July 5, 2026
LOW

cubepm

cubepm

Score: 91/100 CubePM <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

css-addons

css-addons

Score: 91/100 Custom CSS Addons <= 1.9.1 - Reflected Cross-Site Scripting Affected: *-1.9.1 Patched: Updated: July 5, 2026
LOW

crudlab-facebook-like-box

crudlab-facebook-like-box

Score: 91/100 CRUDLab Like Box <= 2.0.9 - Reflected Cross-Site Scripting Affected: *-2.0.9 Patched: Updated: July 5, 2026
LOW

coronavirus-data-widgets

coronavirus-data-widgets

Score: 91/100 Coronavirus (COVID-19) Outbreak Data Widgets <= 1.1.1 - Reflected Cross-Site Scripting Affected: *-1.1.1 Patched: Updated: July 5, 2026
LOW

copyright-safeguard-footer-notice

copyright-safeguard-footer-notice

Score: 91/100 Copyright Safeguard Footer Notice <= 3.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-3.0 Patched: Updated: July 5, 2026
LOW

copy-move-posts

copy-move-posts

Score: 91/100 Copy Move Posts <= 1.6 - Missing Authorization Affected: *-1.6 Patched: Updated: July 5, 2026
LOW

cookie-consent-autoblock

cookie-consent-autoblock

Score: 91/100 Cookie Consent & Autoblock for GDPR/CCPA <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

contexto

contexto

Score: 91/100 Contexto <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

contentoptin

contentoptin

Score: 91/100 ContentOptin Lite – WP Content Upgrade Plugin <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

content-security-policy-pro

content-security-policy-pro

Score: 91/100 Content Security Policy Pro <= 1.3.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.3.5 Patched: Updated: July 5, 2026
LOW

content-planner

content-planner

Score: 91/100 Content Planner <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

content-mirror

content-mirror

Score: 91/100 Content Mirror <= 1.2 - Reflected Cross-Site Scripting Affected: *-1.2 Patched: Updated: July 5, 2026
LOW

contact-form-7-round-robin-lead-distribution

contact-form-7-round-robin-lead-distribution

Score: 89/100 Contact Form 7 Round Robin Lead Distribution <= 1.2.1 - Reflected Cross-Site Scripting Affected: *-1.2.1 Patched: Updated: July 5, 2026
LOW

contact-form-7-round-robin-lead-distribution

contact-form-7-round-robin-lead-distribution

Score: 89/100 Contact Form 7 Round Robin Lead Distribution <= 1.2.1 - Authenticated (Administrator+) SQL Injection Affected: *-1.2.1 Patched: Updated: July 5, 2026
LOW

contact-form-7-anti-spambot

contact-form-7-anti-spambot

Score: 91/100 Contact Form 7 Anti Spambot <= 1.0.1 - Missing Authorization Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

comparepress

comparepress

Score: 91/100 ComparePress <= 2.0.8 - Reflected Cross-Site Scripting Affected: *-2.0.8 Patched: Updated: July 5, 2026
LOW

compare-ninja-comparison-tables

compare-ninja-comparison-tables

Score: 91/100 Compare Ninja <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.1.0 Patched: Updated: July 5, 2026
LOW

comments-with-hypercommentscom

comments-with-hypercommentscom

Score: 91/100 HyperComments <= 0.9.6 - Reflected Cross-Site Scripting Affected: *-0.9.6 Patched: Updated: July 5, 2026
LOW

comment-emailer

comment-emailer

Score: 91/100 Comment-Emailer <= 1.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0.5 Patched: Updated: July 5, 2026
LOW

cobwebo-url

cobwebo-url

Score: 91/100 Cobwebo URL Plugin <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

cnzz51la-for-wordpress

cnzz51la-for-wordpress

Score: 91/100 CNZZ&51LA for WordPress <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

cmc-migrate

cmc-migrate

Score: 91/100 CMC MIGRATE <= 0.0.3 - Reflected Cross-Site Scripting Affected: *-0.0.3 Patched: Updated: July 5, 2026
LOW

cloud

cloud

Score: 91/100 WP Cloud <= 1.4.3 - Unauthenticated Arbitrary File Read Affected: *-1.4.3 Patched: Updated: July 5, 2026
LOW

cj-custom-content

cj-custom-content

Score: 91/100 CJ Custom Content <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-2.0 Patched: Updated: July 5, 2026
LOW

chesstempoviewer

chesstempoviewer

Score: 91/100 Chess Tempo Viewer <= 0.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-0.9.5 Patched: Updated: July 5, 2026
LOW

checkout-for-paypal

checkout-for-paypal

Score: 93/100 Checkout for PayPal <= 1.0.32 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.0.32 Patched: 1.0.33 Updated: July 5, 2026
LOW

chatter

chatter

Score: 89/100 Chatter <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

charitydonation-thermometer

charitydonation-thermometer

Score: 91/100 Charity-thermometer <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.1.2 Patched: Updated: July 5, 2026
LOW

chamber-dashboard-business-directory

chamber-dashboard-business-directory

Score: 89/100 Chamber Dashboard Business Directory <= 3.3.10 - Missing Authorization Affected: *-3.3.10 Patched: 3.3.11 Updated: July 5, 2026
LOW

cf7-paystack-add-on

cf7-paystack-add-on

Score: 91/100 Contact Form 7 – Paystack Add-on <= 1.2.3 - Reflected Cross-Site Scripting Affected: *-1.2.3 Patched: Updated: July 5, 2026
LOW

cf7-cc-avenue-add-on

cf7-cc-avenue-add-on

Score: 91/100 Contact Form 7 – CCAvenue Add-on <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

cf7-calendly-integration

cf7-calendly-integration

Score: 91/100 Form To Online Booking <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

cc-circle-progress-bar

cc-circle-progress-bar

Score: 91/100 CC Circle Progress Bar <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.0.0 Patched: Updated: July 5, 2026
LOW

cbxwpsimpleaccounting

cbxwpsimpleaccounting

Score: 91/100 CBX Accounting & Bookkeeping <= 1.3.14 - Reflected Cross-Site Scripting Affected: *-1.3.14 Patched: Updated: July 5, 2026
LOW

causes

causes

Score: 91/100 Causes – Donation Plugin <= 1.0.01 - Reflected Cross-Site Scripting Affected: *-1.0.01 Patched: Updated: July 5, 2026
LOW

categorycustomfields

categorycustomfields

Score: 91/100 Category Custom Fields <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

category-d3-tree

category-d3-tree

Score: 91/100 Category D3 Tree <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

catch-duplicate-switcher

catch-duplicate-switcher

Score: 93/100 Catch Duplicate Switcher <= 2.1 - Reflected Cross-Site Scripting Affected: *-2.1 Patched: 2.2 Updated: July 5, 2026
LOW

captchelfie-captcha-by-selfie

captchelfie-captcha-by-selfie

Score: 91/100 Captchelfie – Captcha by Selfie <= 1.0.7 - Reflected Cross-Site Scripting Affected: *-1.0.7 Patched: Updated: July 5, 2026
LOW

canalplan-ac

canalplan-ac

Score: 91/100 Canalplan <= 5.31 - Reflected Cross-Site Scripting Affected: *-5.31 Patched: Updated: July 5, 2026
LOW

camoo-sms

camoo-sms

Score: 91/100 CAMOO SMS <= 3.0.1 - Reflected Cross-Site Scripting Affected: *-3.0.1 Patched: Updated: July 5, 2026
LOW

call-to-action-popup

call-to-action-popup

Score: 91/100 Call To Action <= 1.0.2 - Reflected Cross-Site Scripting Affected: *-1.0.2 Patched: Updated: July 5, 2026
LOW

call-me-now

call-me-now

Score: 91/100 Call me Now <= 1.0.5 - Cross-Site Request Forgery Affected: *-1.0.5 Patched: Updated: July 5, 2026
LOW

calendi

calendi

Score: 91/100 Calendi <= 1.1.1 - Reflected Cross-Site Scripting Affected: *-1.1.1 Patched: Updated: July 5, 2026
LOW

bulk-categories-assign

bulk-categories-assign

Score: 91/100 Bulk Categories Assign <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

browser-update-notify

browser-update-notify

Score: 91/100 Browser-Update-Notify <= 0.2.1 - Reflected Cross-Site Scripting Affected: *-0.2.1 Patched: Updated: July 5, 2026
LOW

bookalet

bookalet

Score: 91/100 Bookalet <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.0.3 Patched: Updated: July 5, 2026
LOW

book-a-place

book-a-place

Score: 91/100 Book a Place <= 0.7.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-0.7.1 Patched: Updated: July 5, 2026
LOW

board-election

board-election

Score: 91/100 Board Election <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

blue-wrench-videos-widget

blue-wrench-videos-widget

Score: 91/100 Blue Wrench Video Widget <= 2.1.0 - Reflected Cross-Site Scripting Affected: *-2.1.0 Patched: Updated: July 5, 2026
LOW

blu-logistics

blu-logistics

Score: 91/100 blu Logistics <= 1.0.0 - Reflected Cross-Site Scripting Affected: *-1.0.0 Patched: Updated: July 5, 2026
LOW

blrt-wp-embed

blrt-wp-embed

Score: 89/100 Blrt WP Embed <= 1.6.9 - Reflected Cross-Site Scripting Affected: *-1.6.9 Patched: Updated: July 5, 2026
LOW

blogger-image-import

blogger-image-import

Score: 91/100 Blogger Image Import 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: 2.1 Patched: Updated: July 5, 2026
LOW

blog-summary

blog-summary

Score: 91/100 Blog Summary <= 0.1.2 β - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: * - 0.1.2 β Patched: Updated: July 5, 2026
LOW

bizlibrary

bizlibrary

Score: 89/100 BizLibrary <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

bitly-linker

bitly-linker

Score: 91/100 Bit.ly linker <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

bible-embed

bible-embed

Score: 91/100 Bible Embed <= 0.0.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-0.0.4 Patched: Updated: July 5, 2026
LOW

better-protected-pages

better-protected-pages

Score: 91/100 Better Protected Pages <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

best-css-compiler

best-css-compiler

Score: 91/100 WOW Best CSS Compiler <= 2.0.2 - Reflected Cross-Site Scripting Affected: *-2.0.2 Patched: Updated: July 5, 2026
LOW

bauernregeln

bauernregeln

Score: 91/100 Bauernregeln <= 1.0.1 - Reflected Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

background-animation-blocks

background-animation-blocks

Score: 91/100 Background animation blocks <= 2.1.5 - Unauthenticated Local File Inclusion Affected: *-2.1.5 Patched: Updated: July 5, 2026
LOW

azurecurve-floating-featured-image

azurecurve-floating-featured-image

Score: 91/100 azurecurve Floating Featured <= 2.2.0 - Reflected Cross-Site Scripting Affected: *-2.2.0 Patched: Updated: July 5, 2026
LOW

awesome-twitter-feeds

awesome-twitter-feeds

Score: 91/100 Awesome Twitter Feeds <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

awesome-timeline

awesome-timeline

Score: 91/100 Awesome WordPress Timeline Plugin <= 1.0.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

awesome-hooks

awesome-hooks

Score: 91/100 Awesome Hooks <= 1.0.1 - Reflected Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

awesome-gallery-singsys

awesome-gallery-singsys

Score: 91/100 Singsys -Awesome Gallery <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 5, 2026
LOW

aw-woocommerce-kode-pembayaran

aw-woocommerce-kode-pembayaran

Score: 91/100 AW WooCommerce Kode Pembayaran <= 1.1.4 - Reflected Cross-Site Scripting Affected: *-1.1.4 Patched: Updated: July 5, 2026
LOW

auto-ftp

auto-ftp

Score: 91/100 Auto FTP <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 5, 2026
LOW

author-showcase

author-showcase

Score: 91/100 Author Showcase <= 1.4.3 - Reflected Cross-Site Scripting Affected: *-1.4.3 Patched: Updated: July 5, 2026
LOW

auphonic-importer

auphonic-importer

Score: 91/100 Auphonic Importer <= 1.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.5.1 Patched: Updated: July 5, 2026
LOW

attach-gallery-posts

attach-gallery-posts

Score: 91/100 Attach Gallery Posts <= 1.6 - Reflected Cross-Site Scripting Affected: *-1.6 Patched: Updated: July 5, 2026
LOW

apply-with-linkedin-buttons

apply-with-linkedin-buttons

Score: 95/100 Apply with LinkedIn buttons <= 2.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-2.3 Patched: Updated: July 5, 2026
LOW

apply-with-linkedin-buttons

apply-with-linkedin-buttons

Score: 95/100 Apply with LinkedIn buttons <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.3 Patched: Updated: July 5, 2026
LOW

applicantpro

applicantpro

Score: 97/100 Isolved Talent Acquisition <= 1.3.9 - Reflected Cross-Site Scripting Affected: *-1.3.9 Patched: 1.4.0 Updated: July 5, 2026
LOW

anonymize-links

anonymize-links

Score: 95/100 Anonymize Links <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

annie

annie

Score: 95/100 Annie <= 2.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-2.1.1 Patched: Updated: July 5, 2026
LOW

annie

annie

Score: 95/100 Annie <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.1.1 Patched: Updated: July 5, 2026
LOW

amr-personalise

amr-personalise

Score: 95/100 amr personalise <= 2.10 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-2.10 Patched: Updated: July 5, 2026
LOW

altima-lookbook-free-for-woocommerce

altima-lookbook-free-for-woocommerce

Score: 95/100 Altima Lookbook Free for WooCommerce <= 1.1.0 - Refletced Cross-Site Scripting Affected: *-1.1.0 Patched: Updated: July 5, 2026

Showing 13301 to 13400 of 36406 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: July 5, 2026 at 03:57 UTC.