Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36406Across tracked plugins
Affected Plugins
93With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| posts-and-products-views | posts-and-products-views | N/A | Posts and Products Views for WooCommerce <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.1 | 2.1.1 | July 5, 2026 | |
| kredeum-nfts | kredeum-nfts |
93
|
Kredeum NFTs, the easiest way to sell your NFTs directly on your WordPress site <= 1.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.6.9 | 1.6.10 | July 5, 2026 | |
| Koalendar – Easy Appointment Scheduling & Booking Plugin | koalendar-free-booking-widget |
95
|
Koalendar – Events & Appointments Booking Calendar <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via height Parameter | LOW | *-1.0.2 | 1.0.3 | July 5, 2026 | |
| companion-portfolio | companion-portfolio |
91
|
Companion Portfolio – Responsive Portfolio Plugin <= 2.4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.4.0.1 | July 5, 2026 | ||
| ymc-states-map | ymc-states-map | N/A | States Map US <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.4.2 | July 5, 2026 | ||
| wp-job-portal | wp-job-portal | N/A | WP Job Portal <= 2.2.2 - Missing Authorization to Limited Privilege Escalation | LOW | *-2.2.2 | 2.2.3 | July 5, 2026 | |
| wp-job-portal | wp-job-portal | N/A | WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate() | LOW | *-2.2.2 | 2.2.3 | July 5, 2026 | |
| wp-job-portal | wp-job-portal | N/A | WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via getFieldsForVisibleCombobox() | LOW | *-2.2.2 | 2.2.3 | July 5, 2026 | |
| wp-job-portal | wp-job-portal | N/A | WP Job Portal <= 2.2.1 - Unauthenticated SQL Injection | LOW | *-2.2.1 | 2.2.3 | July 5, 2026 | |
| wp-job-portal | wp-job-portal | N/A | WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection | LOW | *-2.2.2 | 2.2.3 | July 5, 2026 | |
| wp-job-portal | wp-job-portal | N/A | WP Job Portal <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume Download | LOW | *-2.2.2 | 2.2.3 | July 5, 2026 | |
| wp-ad-guru | wp-ad-guru | N/A | WP Ad Guru – Banner ad, Responsive popup, Popup maker, Ad rotator & More <= 2.5.4 - Reflected Cross-Site Scripting | LOW | *-2.5.4 | July 5, 2026 | ||
| tickera-event-ticketing-system | tickera-event-ticketing-system | N/A | Tickera – WordPress Event Ticketing <= 3.5.4.8 - Unauthenticated Customer Data Exposure | LOW | *-3.5.4.8 | 3.5.4.9 | July 5, 2026 | |
| simple-locator | simple-locator | N/A | Simple Locator <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0.3 | 2.0.4 | July 5, 2026 | |
| shortcode-elementor | shortcode-elementor | N/A | Shortcodes for Elementor <= 1.0.4 - Authenticated (Contributor+) Post Disclosure | LOW | *-1.0.4 | 1.0.5 | July 5, 2026 | |
| sailthru-triggermail | sailthru-triggermail | N/A | Sailthru Triggermail <= 1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-1.1 | July 5, 2026 | ||
| post-to-pdf | post-to-pdf | N/A | Post to Pdf <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0 | 1.1 | July 5, 2026 | |
| plezi | plezi |
93
|
Plezi <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.6 | 1.0.7 | July 5, 2026 | |
| pepro-bacs-receipt-upload-for-woocommerce | pepro-bacs-receipt-upload-for-woocommerce |
93
|
PeproDev WooCommerce Receipt Uploader <= 2.6.9 - Reflected Cross-Site Scripting | LOW | *-2.6.9 | 2.7.0 | July 5, 2026 | |
| my-wp | my-wp |
93
|
My WP Customize Admin/Frontend <= 1.24.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.24.0 | 1.24.1 | July 5, 2026 | |
| ims-countdown | ims-countdown |
93
|
IMS Countdown <= 1.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.3.5 | 1.3.6 | July 5, 2026 | |
| import-eventbrite-events | import-eventbrite-events |
93
|
Import Eventbrite Events <= 1.7.4 - Reflected Cross-Site Scripting | LOW | *-1.7.4 | 1.7.5 | July 5, 2026 | |
| geodatasource-country-region-dropdown | geodatasource-country-region-dropdown |
93
|
GeoDataSource Country Region DropDown <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.1 | 1.0.2 | July 5, 2026 | |
| geocache-stat-bar-widget | geocache-stat-bar-widget |
91
|
Geocache Stat Bar Widget <= 0.911 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-0.911 | July 5, 2026 | ||
| ganohrs-toggle-shortcode | ganohrs-toggle-shortcode |
93
|
Ganohrs Toggle Shortcode <= 0.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-0.2.4 | 0.2.5 | July 5, 2026 | |
| eveeno | eveeno |
93
|
Eveeno <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.7 | 1.8 | July 5, 2026 | |
| bukza | bukza |
93
|
Bukza <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0.0 | 2.0.1 | July 5, 2026 | |
| bodi0s-easy-cache | bodi0s-easy-cache |
93
|
bodi0’s Easy Cache <= 0.8 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-0.8 | 0.9 | July 5, 2026 | |
| acf-frontend-form-element | acf-frontend-form-element |
97
|
Frontend Admin by DynamiApps <= 3.24.5 - Unauthenticated Stored Cross-Site Scripting | LOW | *-3.24.5 | 3.25.1 | July 5, 2026 | |
| acf-frontend-form-element | acf-frontend-form-element |
97
|
Frontend Admin by DynamiApps <= 3.24.5 - Unauthenticated Privilege Escalation | LOW | *-3.24.5 | 3.25.1 | July 5, 2026 | |
| ootb-openstreetmap | ootb-openstreetmap |
93
|
Out of the Block: OpenStreetMap <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via ootb_query Shortcode | LOW | *-2.8.3 | 2.8.4 | July 5, 2026 | |
| notibar | notibar |
93
|
Notibar – Notification Bar for WordPress <= 2.1.4 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via njt_nofi_text | LOW | *-2.1.4 | 2.1.5 | July 5, 2026 | |
| wp-crowdfunding | wp-crowdfunding | N/A | WP Crowdfunding <= 2.1.12 - Missing Authorization to Authenticated (Subscriber+) WooCommerce Installation | LOW | *-2.1.12 | 2.1.13 | July 5, 2026 | |
| wp-crowdfunding | wp-crowdfunding | N/A | WP Crowdfunding <= 2.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.1.15 | 2.1.16 | July 5, 2026 | |
| booking-system-trafft | booking-system-trafft |
93
|
Booking System Trafft <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.6 | 1.0.7 | July 5, 2026 | |
| simple-link-directory | simple-link-directory | N/A | Simple Link Directory <= 8.4.5 - Unauthenticated Arbitrary Shortcode Execution | LOW | *-8.4.5 | 8.4.6 | July 5, 2026 | |
| primer-mydata | primer-mydata | N/A | Primer MyData for Woocommerce <= 4.2.1 - Reflected Cross-Site Scripting | LOW | *-4.2.1 | 4.2.2 | July 5, 2026 | |
| newsmanapp | newsmanapp |
93
|
NewsmanApp <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.7.6 | 2.7.7 | July 5, 2026 | |
| ar-for-wordpress | ar-for-wordpress |
95
|
AR for WordPress <= 7.3 - Missing Authorization to Unauthenticated Limited File Upload | LOW | *-7.3 | 7.4 | July 5, 2026 | |
| youmax-channel-embeds-for-youtube-businesses | youmax-channel-embeds-for-youtube-businesses | N/A | Youtube Video Grid <= 1.9 - Cross-Site Request Forgery | LOW | *-1.9 | July 5, 2026 | ||
| xpd-reduce-image-filesize | xpd-reduce-image-filesize | N/A | XPD Reduce Image Filesize <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| wpp-customization | wpp-customization | N/A | Admin Customization <= 2.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.2 | July 5, 2026 | ||
| wpappninja | wpappninja | N/A | WPMobile.App — Android and iOS Mobile Application <= 11.52 - Unauthenticated Arbitrary Shortcode Execution | LOW | *-11.52 | 11.53 | July 5, 2026 | |
| wp-weixin-robot | wp-weixin-robot | N/A | WP微信机器人 <= 5.3.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-5.3.5 | July 5, 2026 | ||
| wp-management-controller | wp-management-controller | N/A | WP Controller <= 3.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-3.2.0 | July 5, 2026 | ||
| wp-login-with-ajax | wp-login-with-ajax | N/A | Wp Login with Ajax <= 0.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.6 | July 5, 2026 | ||
| wp-hide-that | wp-hide-that | N/A | WP-HideThat <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.2 | July 5, 2026 | ||
| wp-flipkart-importer | wp-flipkart-importer | N/A | WP Flipkart Importer <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4 | July 5, 2026 | ||
| wp-fiddle | wp-fiddle | N/A | WP Fiddle <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| wp-ban-user | wp-ban-user | N/A | WP-Ban-User <= 1.0 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| wordpress-filter | wordpress-filter | N/A | WordPress Filter <= 1.4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4.1 | July 5, 2026 | ||
| woocommerce-myparcel | woocommerce-myparcel | N/A | MyParcel <= 4.24.1 - Reflected Cross-Site Scripting | LOW | *-4.24.1 | 4.24.2 | July 5, 2026 | |
| woo-coupon-usage | woo-coupon-usage | N/A | Coupon Affiliates – Affiliate Plugin for WooCommerce <= 5.16.7.1 - Unauthenticated Arbitrary Shortcode Execution and Reflected Cross-Site Scripting | LOW | *-5.16.7.1 | 5.16.7.2 | July 5, 2026 | |
| visual-recent-posts | visual-recent-posts | N/A | Visual Recent Posts <= 1.2.3 - Reflected Cross-Site Scripting | LOW | *-1.2.3 | July 5, 2026 | ||
| ui-slider-filter-by-price | ui-slider-filter-by-price | N/A | Ui Slider Filter By Price <= 1.1 - Cross-Site Request Forgery | LOW | *-1.1 | July 5, 2026 | ||
| timetics | timetics | N/A | WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion | LOW | *-1.0.27 | 1.0.28 | July 5, 2026 | |
| themify-store-locator | themify-store-locator | N/A | Themify Store Locator <= 1.1.9 - Cross-Site Request Forgery | LOW | *-1.1.9 | 1.2.0 | July 5, 2026 | |
| termin-kalender | termin-kalender | N/A | Termin-Kalender <= 0.99.47 - Missing Authorization to Authenticated (Subscriber+) | LOW | *-0.99.47 | 1.00.04 | July 5, 2026 | |
| taggator | taggator | N/A | TagGator <= 1.54 - Reflected Cross-Site Scripting | LOW | *-1.54 | July 5, 2026 | ||
| svg-shortcode | svg-shortcode | N/A | SVG Shortcode <= 1.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload | LOW | *-1.0.1 | July 5, 2026 | ||
| sopa-blackout | sopa-blackout | N/A | SOPA Blackout <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4 | July 5, 2026 | ||
| social-media-sharing | social-media-sharing | N/A | Social Media Sharing <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1 | July 5, 2026 | ||
| simple-booking-widget | simple-booking-widget | N/A | Simple Booking Widget <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1 | July 5, 2026 | ||
| responsive-filterable-portfolio | responsive-filterable-portfolio | N/A | Responsive Filterable Portfolio <=1.0.8 - Authenticated (Admin+) SQL Injection | LOW | *-1.0.8 | 1.0.9 | July 5, 2026 | |
| rate-my-post | rate-my-post | N/A | Rate My Post – Star Rating Plugin by FeedbackWP <= 4.2.4 - Unauthenticated Voting On Scheduled Posts | LOW | *-4.2.4 | 4.2.5 | July 5, 2026 | |
| radio-player | radio-player | N/A | Radio Player <= 2.0.83 - Unauthenticated Server-Side Request Forgery | LOW | *-2.0.83 | 2.0.85 | July 5, 2026 | |
| push-monkey-desktop-push-notifications | push-monkey-desktop-push-notifications | N/A | Push Monkey Pro – Web Push Notifications and WooCommerce Abandoned Cart <= 3.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-3.9 | July 5, 2026 | ||
| property-hive-stamp-duty-calculator | property-hive-stamp-duty-calculator | N/A | Property Hive Stamp Duty Calculator <= 1.0.22 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.22 | 1.0.23 | July 5, 2026 | |
| posts-date-ranges | posts-date-ranges | N/A | Posts Date Ranges <= 2.2 - Reflected Cross-Site Scripting | LOW | *-2.2 | July 5, 2026 | ||
| pixproof | pixproof |
91
|
PixProof <= 2.0.1 - Missing Authorization | LOW | *-2.0.1 | July 5, 2026 | ||
| phzoom | phzoom |
91
|
phZoom <= 1.2.92 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.2.92 | July 5, 2026 | ||
| onlywire-multi-autosubmitter | onlywire-multi-autosubmitter |
91
|
Onlywire Multi Autosubmitter <= 1.2.4 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-1.2.4 | July 5, 2026 | ||
| myweather | myweather |
91
|
addWeather <= 2.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.5.1 | July 5, 2026 | ||
| multiple-admin-emails | multiple-admin-emails |
91
|
Multiple Admin Emails <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| mstore-api | mstore-api |
93
|
MStore API – Create Native Android & iOS Apps On The Cloud <= 4.16.4 - Authenticated (Subscriber+) HTML File Upload (Stored Cross-Site Scripting) | LOW | *-4.16.4 | 4.16.5 | July 5, 2026 | |
| minify-html-markup | minify-html-markup |
93
|
Minify HTML <= 2.1.10 - - Regular Expressions Denial of Service | LOW | *-2.1.10 | 2.1.11 | July 5, 2026 | |
| metrika | metrika |
91
|
Metrika <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.2 | July 5, 2026 | ||
| mdc-comment-toolbar | mdc-comment-toolbar |
91
|
MDC Comment Toolbar <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1 | July 5, 2026 | ||
| MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites | mainwp-child | N/A | MainWP Child <= 5.3.3 - Missing Authorization to Unauthenticated Privilege Escalation | LOW | *-5.3.3 | 5.3.4 | July 5, 2026 | |
| maintenance-and-noindex-nofollow | maintenance-and-noindex-nofollow |
91
|
LionScripts: Site Maintenance & Noindex Nofollow Plugin <= 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.1 | July 5, 2026 | ||
| list-one-category-of-posts | list-one-category-of-posts |
91
|
Category of Posts <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| like-on-vkontakte | like-on-vkontakte |
91
|
Like in Vk.com <= 0.5.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.5.2 | July 5, 2026 | ||
| leaderboard-lite | leaderboard-lite |
91
|
LeaderBoard Plugin <= 1.2.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.2.4 | July 5, 2026 | ||
| jet-footer-code | jet-footer-code |
91
|
Jet Footer Code <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4 | July 5, 2026 | ||
| jcarousel-for-wordpress | jcarousel-for-wordpress |
91
|
jCarousel <= 1.0 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| instant-appointment | instant-appointment |
87
|
Instant Appointment <= 1.2 - Unauthenticated SQL Injection | LOW | *-1.2 | July 5, 2026 | ||
| indeed-wp-superbackup | indeed-wp-superbackup |
93
|
Super Backup & Clone - Migrate for WordPress <= 2.3.3 - Unauthenticated Arbitrary File Upload | LOW | *-2.3.3 | 2.4 | July 5, 2026 | |
| increase-sociability | increase-sociability |
91
|
Increase Sociability <= 1.3.0 - Reflected Cross-Site Scripting | LOW | *-1.3.0 | July 5, 2026 | ||
| hello-in-all-languages | hello-in-all-languages |
91
|
Hello in All Languages <= 1.0.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.6 | July 5, 2026 | ||
| goanimate | goanimate |
91
|
Go Animate <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| geoportail-shortcode | geoportail-shortcode |
89
|
Geoportail Shortcode <= 2.4.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.4.4 | July 5, 2026 | ||
| gaxx-keywords | gaxx-keywords |
91
|
Gaxx Keywords <= 0.2 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-0.2 | July 5, 2026 | ||
| floating-player | floating-player |
91
|
Floating Video Player <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 5, 2026 | ||
| flaming-forms | flaming-forms |
87
|
Flaming Forms <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.1 | July 5, 2026 | ||
| evernote-sync | evernote-sync |
91
|
Evernote Sync <= 3.0.0 - Reflected Cross-Site Scripting | LOW | *-3.0.0 | July 5, 2026 | ||
| email-form-under-post | email-form-under-post |
91
|
Mandrill WP <= 1.0.5 - Cross-Site Request Forgery | LOW | *-1.0.5 | July 5, 2026 | ||
| eelv-newsletter | eelv-newsletter |
89
|
EELV Newsletter <= 4.8.2 - Cross-Site Request Forgery | LOW | *-4.8.2 | July 5, 2026 | ||
| ect-social-share | ect-social-share |
91
|
ECT Social Share <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.3 | July 5, 2026 | ||
| ect-product-carousel | ect-product-carousel |
91
|
ECT Product Carousel <= 1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.9 | July 5, 2026 | ||
| dtc-documents | dtc-documents |
91
|
DTC Documents <= 1.1.05 - Cross-Site Request Forgery | LOW | *-1.1.05 | July 5, 2026 |
posts-and-products-views
posts-and-products-views
kredeum-nfts
kredeum-nfts
Koalendar – Easy Appointment Scheduling & Booking Plugin
koalendar-free-booking-widget
companion-portfolio
companion-portfolio
ymc-states-map
ymc-states-map
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-job-portal
wp-ad-guru
wp-ad-guru
tickera-event-ticketing-system
tickera-event-ticketing-system
simple-locator
simple-locator
shortcode-elementor
shortcode-elementor
sailthru-triggermail
sailthru-triggermail
post-to-pdf
post-to-pdf
plezi
plezi
pepro-bacs-receipt-upload-for-woocommerce
pepro-bacs-receipt-upload-for-woocommerce
my-wp
my-wp
ims-countdown
ims-countdown
import-eventbrite-events
import-eventbrite-events
geodatasource-country-region-dropdown
geodatasource-country-region-dropdown
geocache-stat-bar-widget
geocache-stat-bar-widget
ganohrs-toggle-shortcode
ganohrs-toggle-shortcode
eveeno
eveeno
bukza
bukza
bodi0s-easy-cache
bodi0s-easy-cache
acf-frontend-form-element
acf-frontend-form-element
acf-frontend-form-element
acf-frontend-form-element
ootb-openstreetmap
ootb-openstreetmap
notibar
notibar
wp-crowdfunding
wp-crowdfunding
wp-crowdfunding
wp-crowdfunding
booking-system-trafft
booking-system-trafft
simple-link-directory
simple-link-directory
primer-mydata
primer-mydata
newsmanapp
newsmanapp
ar-for-wordpress
ar-for-wordpress
youmax-channel-embeds-for-youtube-businesses
youmax-channel-embeds-for-youtube-businesses
xpd-reduce-image-filesize
xpd-reduce-image-filesize
wpp-customization
wpp-customization
wpappninja
wpappninja
wp-weixin-robot
wp-weixin-robot
wp-management-controller
wp-management-controller
wp-login-with-ajax
wp-login-with-ajax
wp-hide-that
wp-hide-that
wp-flipkart-importer
wp-flipkart-importer
wp-fiddle
wp-fiddle
wp-ban-user
wp-ban-user
wordpress-filter
wordpress-filter
woocommerce-myparcel
woocommerce-myparcel
woo-coupon-usage
woo-coupon-usage
visual-recent-posts
visual-recent-posts
ui-slider-filter-by-price
ui-slider-filter-by-price
timetics
timetics
themify-store-locator
themify-store-locator
termin-kalender
termin-kalender
taggator
taggator
svg-shortcode
svg-shortcode
sopa-blackout
sopa-blackout
social-media-sharing
social-media-sharing
simple-booking-widget
simple-booking-widget
responsive-filterable-portfolio
responsive-filterable-portfolio
rate-my-post
rate-my-post
radio-player
radio-player
push-monkey-desktop-push-notifications
push-monkey-desktop-push-notifications
property-hive-stamp-duty-calculator
property-hive-stamp-duty-calculator
posts-date-ranges
posts-date-ranges
pixproof
pixproof
phzoom
phzoom
onlywire-multi-autosubmitter
onlywire-multi-autosubmitter
myweather
myweather
multiple-admin-emails
multiple-admin-emails
mstore-api
mstore-api
minify-html-markup
minify-html-markup
metrika
metrika
mdc-comment-toolbar
mdc-comment-toolbar
MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites
mainwp-child
maintenance-and-noindex-nofollow
maintenance-and-noindex-nofollow
list-one-category-of-posts
list-one-category-of-posts
like-on-vkontakte
like-on-vkontakte
leaderboard-lite
leaderboard-lite
jet-footer-code
jet-footer-code
jcarousel-for-wordpress
jcarousel-for-wordpress
instant-appointment
instant-appointment
indeed-wp-superbackup
indeed-wp-superbackup
increase-sociability
increase-sociability
hello-in-all-languages
hello-in-all-languages
goanimate
goanimate
geoportail-shortcode
geoportail-shortcode
gaxx-keywords
gaxx-keywords
floating-player
floating-player
flaming-forms
flaming-forms
evernote-sync
evernote-sync
email-form-under-post
email-form-under-post
eelv-newsletter
eelv-newsletter
ect-social-share
ect-social-share
ect-product-carousel
ect-product-carousel
dtc-documents
dtc-documents
Showing 14401 to 14500 of 36406 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 5, 2026 at 15:04 UTC.