Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36319Across tracked plugins
Affected Plugins
89With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| mainwp-article-uploader-extension | mainwp-article-uploader-extension |
93
|
MainWP (Various Extensions) - Authenticated (Subscriber+) Arbitrary File Deletion | LOW | *-4.0.2 | 4.0.3 | June 30, 2026 | |
| mainwp-article-uploader-extension | mainwp-article-uploader-extension |
93
|
MainWP (Various extensions) - Cross-Site Request Forgery | LOW | *-4.0.2 | 4.0.3 | June 30, 2026 | |
| mainwp-article-uploader-extension | mainwp-article-uploader-extension |
93
|
MainWP (Various extensions) - Missing Authorization to Arbitrary Page/Post Deletion | LOW | 4.0.2 | 4.0.3 | June 30, 2026 | |
| location-weather | location-weather |
93
|
Location Weather <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes | LOW | *-1.3.3 | 1.3.4 | June 30, 2026 | |
| custom-404-pro | custom-404-pro |
91
|
Custom 404 Pro <= 3.7.1 - Cross-Site Request Forgery | LOW | *-3.7.1 | 3.7.2 | June 30, 2026 | |
| boilerplate-extension | boilerplate-extension |
93
|
MainWP (Various extensions) - Cross-Site Request Forgery | LOW | *-4.1 | 4.1.1 | June 30, 2026 | |
| boilerplate-extension | boilerplate-extension |
93
|
MainWP (Various extensions) - Missing Authorization to Arbitrary Page/Post Deletion | LOW | *-4.1 | 4.1.1 | June 30, 2026 | |
| better-font-awesome | better-font-awesome |
93
|
Better Font Awesome <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes | LOW | *-2.0.3 | 2.0.4 | June 30, 2026 | |
| yamaps | yamaps | N/A | YaMaps <= 0.6.25 - Authenticaterd (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-0.6.25 | 0.6.26 | June 30, 2026 | |
| wp-stats-manager | wp-stats-manager | N/A | WP Visitor Statistics (Real Time Traffic) <= 6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-6.4 | 6.5 | June 30, 2026 | |
| wp-fullcalendar | wp-fullcalendar | N/A | WP FullCalendar <= 1.4.1 - Missing Authorization to Information Disclosure | LOW | *-1.4.1 | 1.5 | June 30, 2026 | |
| wp-commentnavi | wp-commentnavi | N/A | WP-CommentNavi <= 1.12.1 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.12.1 | 1.12.2 | June 30, 2026 | |
| wordpress-easy-paypal-payment-or-donation-accept-plugin | wordpress-easy-paypal-payment-or-donation-accept-plugin | N/A | Easy Accept Payments for PayPal <= 4.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-4.9.9 | 4.9.10 | June 30, 2026 | |
| widgetshortcode | widgetshortcode | N/A | WidgetShortcode <= 0.3.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-0.3.5 | June 30, 2026 | ||
| widgets-on-pages | widgets-on-pages | N/A | Widgets on Pages <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.6.0 | 1.7.0 | June 30, 2026 | |
| widget-shortcode | widget-shortcode | N/A | Widget Shortcode <= 0.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-0.3.5 | June 30, 2026 | ||
| utubevideo-gallery | utubevideo-gallery | N/A | uTubeVideo Gallery <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-2.0.7 | 2.0.8 | June 30, 2026 | |
| templatesnext-toolkit | templatesnext-toolkit | N/A | TemplatesNext ToolKit <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-3.2.7 | 3.2.8 | June 30, 2026 | |
| templatesnext-toolkit | templatesnext-toolkit | N/A | TemplatesNext ToolKit <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.2.7 | 3.2.8 | June 30, 2026 | |
| teachpress | teachpress | N/A | teachPress <= 8.1.8 - Unauthenticated Stored Cross-Site Scripting | LOW | *-8.1.8 | 8.1.9 | June 30, 2026 | |
| simple-urls | simple-urls | N/A | Simple URLs <= 114 - Authenticated (Subscriber+) SQL Injection | LOW | *-114 | 115 | June 30, 2026 | |
| simple-urls | simple-urls | N/A | Simple URLs <= 114 - Reflected Cross-Site Scripting | LOW | *-114 | 115 | June 30, 2026 | |
| rich-table-of-content | rich-table-of-content | N/A | Rich Table of Contents <= 1.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-1.3.8 | 1.3.9 | June 30, 2026 | |
| responsive-gallery-grid | responsive-gallery-grid | N/A | Responsive Gallery Grid <= 2.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-2.3.8 | 2.3.9 | June 30, 2026 | |
| OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) | oopspam-anti-spam | N/A | OOPSpam Anti-Spam <= 1.1.35 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.1.35 | 1.1.36 | June 30, 2026 | |
| meks-flexible-shortcodes | meks-flexible-shortcodes |
93
|
Meks Flexible Shortcodes <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-1.3.4 | 1.3.5 | June 30, 2026 | |
| mainwp-wordfence-extension | mainwp-wordfence-extension |
93
|
MainWP Wordfence Extension <= 4.0.7 - Missing Authorization to Plugin Settings Change | LOW | *-4.0.7 | 4.0.8 | June 30, 2026 | |
| mainwp-wordfence-extension | mainwp-wordfence-extension |
93
|
MainWP Wordfence Extension <= 4.0.7 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0.7 | 4.0.8 | June 30, 2026 | |
| mainwp-updraftplus-extension | mainwp-updraftplus-extension |
93
|
MainWP UpdraftPlus Extension <= 4.0.6 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0.6 | 4.0.7 | June 30, 2026 | |
| mainwp-staging-extension | mainwp-staging-extension |
93
|
MainWP Staging Extension <= 4.0.3 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0.3 | 4.0.4 | June 30, 2026 | |
| mainwp-seo-extension | mainwp-seo-extension |
93
|
MainWP WordPress SEO Extension <= 4.0.1 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0.1 | 4.0.3 | June 30, 2026 | |
| mainwp-rocket-extension | mainwp-rocket-extension |
93
|
MainWP Rocket Extension <= 4.0.3 - Missing Authorization to Plugin Settings Change | LOW | *-4.0.3 | 4.0.4 | June 30, 2026 | |
| mainwp-post-plus-extension | mainwp-post-plus-extension |
93
|
MainWP Post Plus Extension <= 4.0.3 - Missing Authorization to Arbitrary Page/Post Deletion | LOW | *-4.0.3 | 4.1.1 | June 30, 2026 | |
| mainwp-post-dripper-extension | mainwp-post-dripper-extension |
93
|
MainWP Post Dripper Extension <= 4.0.4 - Missing Authorization to Arbitrary Page/Post Deletion | LOW | 4.0.4 | 4.0.5 | June 30, 2026 | |
| mainwp-piwik-extension | mainwp-piwik-extension |
93
|
MainWP Matomo Extension <= 4.0.4 - Cross-Site Request Forgery | LOW | *-4.0.4 | 4.0.5 | June 30, 2026 | |
| mainwp-page-speed-extension | mainwp-page-speed-extension |
93
|
MainWP Page Speed Extension <= 4.0.2 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0.2 | 4.0.3 | June 30, 2026 | |
| mainwp-maintenance-extension | mainwp-maintenance-extension |
93
|
MainWP Maintenance Extension <= 4.1.1 - Missing Authorization to Plugin Settings Change | LOW | *-4.1.1 | 4.1.2 | June 30, 2026 | |
| mainwp-ithemes-security-extension | mainwp-ithemes-security-extension |
93
|
MainWP iThemes Security Extension <= 4.1.1 - Missing Authorization to Arbitrary Plugin Activation | LOW | 4.1.1. | 4.0.3 | June 30, 2026 | |
| mainwp-google-analytics-extension | mainwp-google-analytics-extension |
93
|
MainWP Google Analytics Extension <= 4.0.4 - Authenticated (Subscriber+) SQL Injection | LOW | *-4.0.4 | 4.0.5 | June 30, 2026 | |
| mainwp-google-analytics-extension | mainwp-google-analytics-extension |
93
|
MainWP Google Analytics Extension <= 4.0.4 - Missing Authorization to Plugin Settings Change | LOW | *-4.0.4 | 4.0.5 | June 30, 2026 | |
| mainwp-file-uploader-extension | mainwp-file-uploader-extension |
93
|
MainWP File Uploader Extension <= 4.1 - Authenticated (Subscriber+) Arbitrary File Deletion | LOW | *-4.1 | 4.1.1 | June 30, 2026 | |
| mainwp-code-snippets-extension | mainwp-code-snippets-extension |
93
|
MainWP Code Snippets Extension <= 4.0.2 - Missing Authorization to Plugin Settings Change | LOW | *-4.0.2 | 4.0.3 | June 30, 2026 | |
| mainwp-clone-extension | mainwp-clone-extension |
93
|
MainWP Clone Extension <= 4.0.2 - Missing Authorization to Plugin Settings Change | LOW | *-4.0.2 | 4.0.3 | June 30, 2026 | |
| mainwp-buddy-extension | mainwp-buddy-extension |
93
|
MainWP Buddy Extension <= 4.0.1 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0.1 | 4.0.2 | June 30, 2026 | |
| mainwp-broken-links-checker-extension | mainwp-broken-links-checker-extension |
87
|
MainWP Broken Link Checker <= 4.0 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0 | June 30, 2026 | ||
| mainwp-branding-extension | mainwp-branding-extension |
93
|
MainWP White Label Extension <= 4.1.1 - Missing Authorization to Plugin Settings Change | LOW | *-4.1.1 | 4.1.2 | June 30, 2026 | |
| kraken-image-optimizer | kraken-image-optimizer |
93
|
Kraken.io Image Optimizer <= 2.6.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Options Update | LOW | *-2.6.7 | 2.6.8 | June 30, 2026 | |
| judgeme-product-reviews-woocommerce | judgeme-product-reviews-woocommerce |
93
|
Judge.me Product Reviews for WooCommerce <= 1.3.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-1.3.20 | 1.3.21 | June 30, 2026 | |
| enable-media-replace | enable-media-replace |
93
|
Enable Media Replace <= 4.0.1 - Authenticated (Author+) Arbitrary File Upload | LOW | *-4.0.1 | 4.0.2 | June 30, 2026 | |
| customer-area | customer-area |
89
|
WP Customer Area <= 8.1.3 - Cross-Site Request Forgery | LOW | *-8.1.3 | 8.1.4 | June 30, 2026 | |
| boilerplate-extension | boilerplate-extension |
93
|
MainWP Boilerplate Extension <= 4.1 - Missing Authorization to Plugin Settings Change | LOW | *-4.1 | 4.1.1 | June 30, 2026 | |
| stream | stream | N/A | Stream <= 3.9.1 - Missing Authorization to Sensitive Information Disclosure | LOW | *-3.9.1 | 3.9.2 | June 30, 2026 | |
| simple-tooltips | simple-tooltips | N/A | Simple Tooltips <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-2.1.3 | 2.1.4 | June 30, 2026 | |
| pdf-generator-for-wp | pdf-generator-for-wp | N/A | PDF Generator for Wordpress <= 1.1.1 - Reflected Cross-Site Scripting | LOW | *-1.1.1 | 1.1.2 | June 30, 2026 | |
| mainwp-rocket-extension | mainwp-rocket-extension |
93
|
MainWP Rocket Extension <= 4.0.3 - Missing Authorization to Arbitrary Plugin Activation | LOW | *-4.0.3 | 4.0.4 | June 30, 2026 | |
| wp-private-content-plus | wp-private-content-plus | N/A | WP Private Content Plus <= 3.4 - Authenticated(Admin+) Stored Cross-Site Scripting | LOW | *-3.4 | 3.5 | June 30, 2026 | |
| yourchannel | yourchannel | N/A | YourChannel <= 1.2.1 - Missing Authorization Checks leading to Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-1.2.1 | 1.2.2 | June 30, 2026 | |
| yourchannel | yourchannel | N/A | YourChannel <= 1.2.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'yrc_lang[Videos]' | LOW | *-1.2.1 | 1.2.2 | June 30, 2026 | |
| wp-super-popup | wp-super-popup | N/A | WP Super Popup <= 1.1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.1.2 | June 30, 2026 | ||
| wp-olivecart | wp-olivecart | N/A | WP-OliveCart <= 1.1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.1.3 | June 30, 2026 | ||
| wp-booklet | wp-booklet | N/A | WP Booklet <= 2.1.8 - Authenticated (Subscriber+) Remote Code Execution | LOW | *-2.1.8 | June 30, 2026 | ||
| wp-better-emails | wp-better-emails | N/A | WP Better Emails <= 0.4 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-0.4 | June 30, 2026 | ||
| universal-star-rating | universal-star-rating | N/A | Universal Star Rating <= 2.1.0 - Cross-Site Request Forgery | LOW | *-2.1.0 | June 30, 2026 | ||
| superior-faq | superior-faq | N/A | Superior FAQ <= 1.0.2 - Cross Site Request Forgery | LOW | *-1.0.2 | June 30, 2026 | ||
| stylist | stylist | N/A | Extra Block Design, Style, CSS for ANY Gutenberg Blocks <= 0.2.6 - Cross-Site Request Forgery | LOW | *-0.2.6 | 0.2.7 | June 30, 2026 | |
| Security Optimizer – The All-In-One Protection Plugin | sg-security |
83
|
SiteGround Security <= 1.3.0 - Authenticated (Administrator+) SQL Injection | LOW | *-1.3.0 | 1.3.1 | June 30, 2026 | |
| no-api-amazon-affiliate | no-api-amazon-affiliate | N/A | No API Amazon Affiliate <= 4.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-4.2.2 | 4.4.0 | June 30, 2026 | |
| mediamatic | mediamatic |
87
|
Mediamatic – Media Library Folders <= 2.8.1 - Cross-Site Request Forgery | LOW | *-2.8.1 | June 30, 2026 | ||
| materialis-companion | materialis-companion |
93
|
Materialis Companion <= 1.3.39 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.3.39 | 1.3.40 | June 30, 2026 | |
| map-multi-marker | map-multi-marker |
91
|
Map Multi Marker <= 3.2.1 - Reflected Cross-Site Scripting | LOW | *-3.2.1 | June 30, 2026 | ||
| magicform | magicform |
89
|
MagicForm <= 0.1 - Cross-Site Scripting | LOW | *-0.1 | June 30, 2026 | ||
| launchpad-by-obox | launchpad-by-obox |
89
|
Launchpad – Coming Soon & Maintenance Mode Plugin <= 1.0.13 - Authenticated (Administrator+) Cross-Site Scripting | LOW | *-1.0.13 | June 30, 2026 | ||
| ipblocklist | ipblocklist |
91
|
ipBlockList <= 1.0 - Cross Site Request Forgery | LOW | *-1.0 | June 30, 2026 | ||
| hover-image | hover-image |
91
|
Hover Image <= 1.4.1 - Cross-Site Request Forgery | LOW | *-1.4.1 | June 30, 2026 | ||
| happyforms | happyforms |
93
|
Happyforms <= 1.21.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Blocks | LOW | *-1.21.1 | 1.22.0 | June 30, 2026 | |
| MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) | google-analytics-for-wordpress |
72
|
MonsterInsights <= 8.12.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-8.12.0 | 8.12.1 | June 30, 2026 | |
| google-analytics-dashboard-for-wp | google-analytics-dashboard-for-wp |
93
|
ExactMetrics <= 7.12.0 - Authenticated (Contributor+) Cross-Site Scripting | LOW | *-7.12.0 | 7.12.1 | June 30, 2026 | |
| Freesoul Deactivate Plugins – Disable plugins on individual WordPress pages | freesoul-deactivate-plugins |
79
|
Freesoul Deactivate Plugins <= 1.9.4.0 - Information Disclosure | LOW | *-1.9.4.0 | 1.9.4.1 | June 30, 2026 | |
| eexamhall | eexamhall |
91
|
eExamhall <= 4.0 - Cross Site Request Forgery | LOW | *-4.0 | June 30, 2026 | ||
| dnui-delete-not-used-image-wordpress | dnui-delete-not-used-image-wordpress |
91
|
DNUI <= 2.8.1 - Cross-Site Request Forgery leading to Unused Image Deletion and Database Image Access | LOW | *-2.8.1 | June 30, 2026 | ||
| dashicons-cpt | dashicons-cpt |
91
|
Dashicons + Custom Post Types <= 1.0.2 - Missing Authorization | LOW | *-1.0.2 | June 30, 2026 | ||
| custom-404-pro | custom-404-pro |
91
|
Custom 404 Pro <= 3.7.0 - Authenticated (Administrator+) SQL Injection | LOW | *-3.7.0 | 3.7.1 | June 30, 2026 | |
| crayon-syntax-highlighter | crayon-syntax-highlighter |
89
|
Crayon Syntax Highlighter <= 2.8.4 - Cross-Site Request Forgery | LOW | *-2.8.4 | June 30, 2026 | ||
| alfred-click-collect | alfred-click-collect |
95
|
alfred24 Click & Collect <= 1.1.7 - Authenticated (Administrator+) Stored Cross Site Scripting | LOW | *-1.1.7 | June 30, 2026 | ||
| acf-image-crop-add-on | acf-image-crop-add-on |
95
|
Advanced Custom Fields: Image Crop Add-on <= 1.4.12 - Improper Authorization | LOW | *-1.4.12 | June 30, 2026 | ||
| wpvr | wpvr | N/A | WP VR <= 8.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-8.2.6 | 8.2.7 | June 30, 2026 | |
| wp-blog-and-widgets | wp-blog-and-widgets | N/A | WP Blog and Widget <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-2.3 | 2.3.1 | June 30, 2026 | |
| tutor | tutor | N/A | Tutor LMS <= 2.0.9 - Reflected Cross-Site Scripting | LOW | *-2.0.9 | 2.0.10 | June 30, 2026 | |
| survey-maker | survey-maker | N/A | Survey Maker < 3.1.2 - Authenticated (Subscriber+) SQL Injection | LOW | *-3.1.1 | 3.1.2 | June 30, 2026 | |
| simple-membership-wp-user-import | simple-membership-wp-user-import | N/A | Simple Membership WP user Import <= 1.7 - Authenticated (Admin+) SQL Injection | LOW | *-1.7 | 1.8 | June 30, 2026 | |
| rafflepress | rafflepress | N/A | Giveaways and Contests by RafflePress <= 1.11.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-1.11.2 | 1.11.3 | June 30, 2026 | |
| quick-event-manager | quick-event-manager | N/A | Quick Event Manager <= 9.7.4 - Reflected Cross-Site Scripting | LOW | [*, 9.7.5) | 9.7.5 | June 30, 2026 | |
| paid-memberships-pro | paid-memberships-pro | N/A | Paid Memberships Pro < 2.9.8 - Unauthenticated SQL Injection | LOW | *-2.9.7 | 2.9.8 | June 30, 2026 | |
| login-with-phone-number | login-with-phone-number |
93
|
Login with phone number <= 1.4.2 - Reflected Cross-Site Scripting | LOW | [*, 1.4.2) | 1.4.2 | June 30, 2026 | |
| leaflet-maps-marker | leaflet-maps-marker |
93
|
Leaflet Maps Marker < 3.12.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-3.12.6 | 3.12.7 | June 30, 2026 | |
| jquery-t-countdown-widget | jquery-t-countdown-widget |
91
|
jQuery T(-) Countdown Widget <= 2.3.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortocde | LOW | *-2.3.23 | 2.3.24 | June 30, 2026 | |
| html5-audio-player | html5-audio-player |
93
|
Html5 Audio Player <= 2.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-2.1.11 | 2.1.12 | June 30, 2026 | |
| gamipress-button | gamipress-button |
93
|
GamiPress – Button <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-1.0.4 | 1.0.5 | June 30, 2026 | |
| gamipress | gamipress |
93
|
GamiPress <= 2.5.0 - Cross-Site Request Forgery | LOW | *-2.5.0 | 2.5.1 | June 30, 2026 | |
| Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | easy-digital-downloads |
78
|
Easy Digital Downloads < 3.1.0.4 - SQL Injection | LOW | *-3.1.0.3 | 3.1.0.4 | June 30, 2026 |
mainwp-article-uploader-extension
mainwp-article-uploader-extension
mainwp-article-uploader-extension
mainwp-article-uploader-extension
mainwp-article-uploader-extension
mainwp-article-uploader-extension
location-weather
location-weather
custom-404-pro
custom-404-pro
boilerplate-extension
boilerplate-extension
boilerplate-extension
boilerplate-extension
better-font-awesome
better-font-awesome
yamaps
yamaps
wp-stats-manager
wp-stats-manager
wp-fullcalendar
wp-fullcalendar
wp-commentnavi
wp-commentnavi
wordpress-easy-paypal-payment-or-donation-accept-plugin
wordpress-easy-paypal-payment-or-donation-accept-plugin
widgetshortcode
widgetshortcode
widgets-on-pages
widgets-on-pages
widget-shortcode
widget-shortcode
utubevideo-gallery
utubevideo-gallery
templatesnext-toolkit
templatesnext-toolkit
templatesnext-toolkit
templatesnext-toolkit
teachpress
teachpress
simple-urls
simple-urls
simple-urls
simple-urls
rich-table-of-content
rich-table-of-content
responsive-gallery-grid
responsive-gallery-grid
OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA)
oopspam-anti-spam
meks-flexible-shortcodes
meks-flexible-shortcodes
mainwp-wordfence-extension
mainwp-wordfence-extension
mainwp-wordfence-extension
mainwp-wordfence-extension
mainwp-updraftplus-extension
mainwp-updraftplus-extension
mainwp-staging-extension
mainwp-staging-extension
mainwp-seo-extension
mainwp-seo-extension
mainwp-rocket-extension
mainwp-rocket-extension
mainwp-post-plus-extension
mainwp-post-plus-extension
mainwp-post-dripper-extension
mainwp-post-dripper-extension
mainwp-piwik-extension
mainwp-piwik-extension
mainwp-page-speed-extension
mainwp-page-speed-extension
mainwp-maintenance-extension
mainwp-maintenance-extension
mainwp-ithemes-security-extension
mainwp-ithemes-security-extension
mainwp-google-analytics-extension
mainwp-google-analytics-extension
mainwp-google-analytics-extension
mainwp-google-analytics-extension
mainwp-file-uploader-extension
mainwp-file-uploader-extension
mainwp-code-snippets-extension
mainwp-code-snippets-extension
mainwp-clone-extension
mainwp-clone-extension
mainwp-buddy-extension
mainwp-buddy-extension
mainwp-broken-links-checker-extension
mainwp-broken-links-checker-extension
mainwp-branding-extension
mainwp-branding-extension
kraken-image-optimizer
kraken-image-optimizer
judgeme-product-reviews-woocommerce
judgeme-product-reviews-woocommerce
enable-media-replace
enable-media-replace
customer-area
customer-area
boilerplate-extension
boilerplate-extension
stream
stream
simple-tooltips
simple-tooltips
pdf-generator-for-wp
pdf-generator-for-wp
mainwp-rocket-extension
mainwp-rocket-extension
wp-private-content-plus
wp-private-content-plus
yourchannel
yourchannel
yourchannel
yourchannel
wp-super-popup
wp-super-popup
wp-olivecart
wp-olivecart
wp-booklet
wp-booklet
wp-better-emails
wp-better-emails
universal-star-rating
universal-star-rating
superior-faq
superior-faq
stylist
stylist
Security Optimizer – The All-In-One Protection Plugin
sg-security
no-api-amazon-affiliate
no-api-amazon-affiliate
mediamatic
mediamatic
materialis-companion
materialis-companion
map-multi-marker
map-multi-marker
magicform
magicform
launchpad-by-obox
launchpad-by-obox
ipblocklist
ipblocklist
hover-image
hover-image
happyforms
happyforms
MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy)
google-analytics-for-wordpress
google-analytics-dashboard-for-wp
google-analytics-dashboard-for-wp
Freesoul Deactivate Plugins – Disable plugins on individual WordPress pages
freesoul-deactivate-plugins
eexamhall
eexamhall
dnui-delete-not-used-image-wordpress
dnui-delete-not-used-image-wordpress
dashicons-cpt
dashicons-cpt
custom-404-pro
custom-404-pro
crayon-syntax-highlighter
crayon-syntax-highlighter
alfred-click-collect
alfred-click-collect
acf-image-crop-add-on
acf-image-crop-add-on
wpvr
wpvr
wp-blog-and-widgets
wp-blog-and-widgets
tutor
tutor
survey-maker
survey-maker
simple-membership-wp-user-import
simple-membership-wp-user-import
rafflepress
rafflepress
quick-event-manager
quick-event-manager
paid-memberships-pro
paid-memberships-pro
login-with-phone-number
login-with-phone-number
leaflet-maps-marker
leaflet-maps-marker
jquery-t-countdown-widget
jquery-t-countdown-widget
html5-audio-player
html5-audio-player
gamipress-button
gamipress-button
gamipress
gamipress
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy
easy-digital-downloads
Showing 26901 to 27000 of 36319 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: June 30, 2026 at 23:43 UTC.