Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36319

Across tracked plugins

Affected Plugins

94

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
rd-wc-order-modifier rd-wc-order-modifier N/A RD Order Modifier for WooCommerce <= 1.0.5 - Cross-Site Request Forgery LOW *-1.0.5 1.0.6 July 1, 2026
page-scroll-to-id page-scroll-to-id N/A Page scroll to id <= 1.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.7.5 1.7.6 July 1, 2026
meteor-slides meteor-slides
89
Meteor Slides <= 1.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.5.6 1.5.7 July 1, 2026
insert-pages insert-pages
93
Insert Pages <= 3.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode LOW *-3.7.4 3.7.5 July 1, 2026
images-optimize-and-upload-cf7 images-optimize-and-upload-cf7
93
Images Optimize and Upload CF7 <= 2.1.4 - Missing Authorization to Arbitrary File Deletion LOW *-2.1.4 2.2.1 July 1, 2026
gotmls gotmls
93
Anti-Malware Security and Brute-Force Firewall <= 4.21.85 - Authenticated (Admin+) PHP Object Injection LOW *-4.21.85 4.21.86 July 1, 2026
fontsy fontsy
91
Fontsy <= 1.8.6 - Unauthenticated SQL Injection LOW *-1.8.6 July 1, 2026
codelights-shortcodes-and-widgets codelights-shortcodes-and-widgets
89
Sidebar Widgets by CodeLights <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode LOW *-1.4 July 1, 2026
Click to Chat – HoliThemes click-to-chat-for-whatsapp
90
Click to Chat <= 3.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode LOW *-3.18 3.18.1 July 1, 2026
wp-pipes wp-pipes N/A WP Pipes <= 1.33 - Authenticated (Admin+) SQL Injection LOW 1.0, 1.1, 1.10, 1.11, 1.12, 1.13 1.4.0 July 1, 2026
woocommerce-currency-switcher woocommerce-currency-switcher N/A WOOCS <= 1.3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode LOW *-1.3.9.2 1.3.9.3 July 1, 2026
woocommerce-currency-switcher woocommerce-currency-switcher N/A WOOCS <= 1.3.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode LOW *-1.3.9.3 1.3.9.4 July 1, 2026
post-status-notifier-lite post-status-notifier-lite N/A Post Status Notifier Lite <= 1.10.0 - Reflected Cross-Site Scripting LOW *-1.10.0 1.10.1 July 1, 2026
metricool metricool
93
Metricool <= 1.17 - Authenticated (Administrator+) Stored Stored Cross-Site Scripting LOW *-1.17 1.18 July 1, 2026
mesmerize-companion mesmerize-companion
93
Mesmerize Companion <= 1.6.133 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode LOW *-1.6.133 1.6.135 July 1, 2026
mautic-integration-for-woocommerce mautic-integration-for-woocommerce
93
Mautic Integration for WooCommerce < 1.0.3 - Cross-Site Request Forgery leading to Arbitrary Options Update LOW [*, 1.0.3) 1.0.3 July 1, 2026
learnpress learnpress
93
LearnPress <= 4.1.7.3.2 - Authenticated (Subscriber+) SQL Injection LOW *-4.1.7.3.2 4.2.0 July 1, 2026
ibtana-visual-editor ibtana-visual-editor
91
Ibtana – WordPress Website Builder <= 1.1.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode LOW *-1.1.8.7 1.1.8.8 July 1, 2026
GeoDirectory – WP Business Directory Plugin and Classified Listings Directory geodirectory
66
GeoDirectory <= 2.2.19 - CSV Injection LOW *-2.2.19 2.2.20 July 1, 2026
Download Manager download-manager
63
Download Manager <= 3.2.61 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-3.2.61 3.2.62 July 1, 2026
Smash Balloon Social Post Feed – Simple Social Feeds for WordPress custom-facebook-feed
66
Smash Balloon Social Post Feed <= 4.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-4.1.5 4.1.6 July 1, 2026
activecampaign-for-woocommerce activecampaign-for-woocommerce
97
ActiveCampaign for WooCommerce <= 1.9.7 - Cross-Site Request Forgery LOW *-1.9.7 1.9.8 July 1, 2026
zero-bs-crm zero-bs-crm N/A Jetpack CRM <= 5.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-5.4.4 5.5 July 1, 2026
wptouch wptouch N/A WPtouch <= 4.3.44 - Authenticated (Administrator+) PHP Object Injection LOW *-4.3.44 4.3.45 July 1, 2026
wptouch wptouch N/A WPtouch <= 4.3.44 - Authenticated (Administrator+) Arbitrary File Upload LOW *-4.3.44 4.3.45 July 1, 2026
SlimStat Analytics wp-slimstat N/A Slimstat Analytics <= 4.9.2 - Unauthenticated Stored Cross-Site Scripting LOW *-4.9.2 4.9.3 July 1, 2026
wp-recipe-maker wp-recipe-maker N/A WP Recipe Maker <= 8.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode LOW *-8.6.0 8.6.1 July 1, 2026
ipages-flipbook ipages-flipbook
93
iPages Flipbook <= 1.4.6 - Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode LOW *-1.4.6 1.4.7 July 1, 2026
connect-daily-web-calendar connect-daily-web-calendar
91
connectDaily <= 1.4.4 - Reflected Cross-Site Scripting LOW *-1.4.4 1.4.5 July 1, 2026
codelights-shortcodes-and-widgets codelights-shortcodes-and-widgets
89
Sidebar Widgets by CodeLights <= 1.4 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-1.4 July 1, 2026
multi-step-form multi-step-form
93
Multi Step Form <= 1.7.7 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-1.7.7 1.7.8 July 1, 2026
bg-biblie-references bg-biblie-references
91
Bg Bible References <= 3.8.14 - Reflected Cross-Site Scripting LOW *-3.8.14 July 1, 2026
wpvr wpvr N/A Appsero <= 1.2.1 - Missing Authorization LOW *-8.2.5 8.2.6 July 1, 2026
wpfunnels wpfunnels N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.6.4 2.6.5 July 1, 2026
User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration wp-user-frontend N/A Appsero <= 1.2.1 - Missing Authorization LOW *-3.6.0 3.6.1 July 1, 2026
EasyMedia – Increase Media Upload File Size | Role-Based Upload Limit | Increase Execution Time wp-maximum-upload-file-size
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.0.9 1.1.0 July 1, 2026
WP Mail Logging wp-mail-logging
87
Appsero <= 1.2.1 - Missing Authorization LOW 1.10.5 1.11.0 July 1, 2026
wp-edit-password-protected wp-edit-password-protected N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.2.3 1.2.4 July 1, 2026
wp-dark-mode wp-dark-mode N/A Appsero <= 1.2.1 - Missing Authorization LOW *-3.0.4 3.0.5 July 1, 2026
worth-the-read worth-the-read N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.14 1.14.1 July 1, 2026
woostify-sites-library woostify-sites-library N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.4.3 1.4.4 July 1, 2026
woocommerce-conversion-tracking woocommerce-conversion-tracking N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.0.10 2.0.11 July 1, 2026
woo-reviews-by-wiremo woo-reviews-by-wiremo N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.4.96 1.4.97 July 1, 2026
Product Gallery Slider, Additional Variation Images for WooCommerce woo-product-gallery-slider N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.2.6 2.2.7 July 1, 2026
woo-product-carousel-slider-and-grid-ultimate woo-product-carousel-slider-and-grid-ultimate N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.9.3 1.9.4 July 1, 2026
woo-category-slider-by-pluginever woo-category-slider-by-pluginever N/A Appsero <= 1.2.1 - Missing Authorization LOW *-4.1.5 4.1.6 July 1, 2026
wepos wepos N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.2.5 1.2.6 July 1, 2026
wemail wemail N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.14.1 1.14.2 July 1, 2026
wedocs wedocs N/A Appsero <= 1.2.1 - Missing Authorization LOW 1.6-1.7.5 1.7.6 July 1, 2026
wedevs-project-manager wedevs-project-manager N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.6.12 2.6.13 July 1, 2026
webinar-and-video-conference-with-jitsi-meet webinar-and-video-conference-with-jitsi-meet N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.2.5 2.0.0 July 1, 2026
webappick-pdf-invoice-for-woocommerce webappick-pdf-invoice-for-woocommerce N/A Appsero <= 1.2.1 - Missing Authorization LOW *-3.4.8 3.4.9 July 1, 2026
Product Category Showcase for WooCommerce wc-category-showcase N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.1.9 2.0.0 July 1, 2026
w4-post-list w4-post-list N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.4.2 2.4.3 July 1, 2026
vision vision N/A Vision Interactive <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.5.3 1.5.4 July 1, 2026
visibility-logic-elementor visibility-logic-elementor N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.3.3 2.3.4 July 1, 2026
update-alt-attribute update-alt-attribute N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.4.3 July 1, 2026
Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages unlimited-elementor-inner-sections-by-boomdevs N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.0.1 1.0.2 July 1, 2026
texty texty N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.1.1 1.1.2 July 1, 2026
table-of-contents-plus table-of-contents-plus N/A Table of Contents Plus <= 2106 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-2106 2212 July 1, 2026
subscribe2 subscribe2 N/A Appsero <= 1.2.1 - Missing Authorization LOW *-10.37 10.38 July 1, 2026
stylish-cost-calculator stylish-cost-calculator N/A Appsero <= 1.2.1 - Missing Authorization LOW *-7.3.6 7.3.7 July 1, 2026
stax-buddy-builder stax-buddy-builder N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.7.1 1.7.2 July 1, 2026
stax-addons-for-elementor stax-addons-for-elementor N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.4.3 1.4.4 July 1, 2026
spiffy-calendar spiffy-calendar N/A Spiffy Calendar <= 4.9.1 - Authenticated (Contributor+) SQL Injection LOW *-4.9.1 4.9.2 July 1, 2026
sheets-to-wp-table-live-sync sheets-to-wp-table-live-sync N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.12.14 2.12.15 July 1, 2026
quiz-master-next quiz-master-next N/A Quiz And Survey Master <= 8.0.7 - Cross-Site Request Forgery LOW *-8.0.7 8.0.8 July 1, 2026
pt-elementor-addons-lite pt-elementor-addons-lite N/A Appsero <= 1.2.1 - Missing Authorization LOW *-2.2 July 1, 2026
post-grid-carousel-ultimate post-grid-carousel-ultimate N/A Appsero <= 1.2.1 - Missing Authorization LOW *-1.6.3 1.6.4 July 1, 2026
Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider ml-slider
88
Appsero <= 1.2.1 - Missing Authorization LOW *-3.28.0 3.28.1 July 1, 2026
magical-posts-display magical-posts-display
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.2.15 1.2.16 July 1, 2026
logo-slider-wp logo-slider-wp
89
Logo Slider <= 3.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-3.5.3 3.6.0 July 1, 2026
legal-pages legal-pages
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.4.1 1.4.2 July 1, 2026
ipanorama-360-virtual-tour-builder-lite ipanorama-360-virtual-tour-builder-lite
93
iPanorama 360 WordPress Virtual Tour Builder <= 1.6.29 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.6.29 1.6.30 July 1, 2026
imagelinks-interactive-image-builder-lite imagelinks-interactive-image-builder-lite
93
ImageLinks Interactive Image Builder for WordPress <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.5.3 1.5.4 July 1, 2026
happy-elementor-addons happy-elementor-addons
93
Appsero <= 1.2.1 - Missing Authorization LOW *-3.8.2 3.8.3 July 1, 2026
gs-testimonial gs-testimonial
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.9.7 1.9.8 July 1, 2026
gs-pinterest-portfolio gs-pinterest-portfolio
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.6.2 1.6.3 July 1, 2026
gallery-box gallery-box
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.7.30 1.7.31 July 1, 2026
fuse-social-floating-sidebar fuse-social-floating-sidebar
93
Appsero <= 1.2.1 - Missing Authorization LOW *-5.4.6 5.4.7 July 1, 2026
formidable formidable
93
Formidable Form Builder <= 5.5.4 - Cross-Site Request Forgery LOW *-5.5.4 5.5.5 July 1, 2026
formidable formidable
93
Formidable Forms <= 5.5.4 - Authenticated (Admin+) Server-Side Request Forgery LOW *-5.5.4 5.5.5 July 1, 2026
exclusive-team-for-elementor exclusive-team-for-elementor
89
Appsero <= 1.2.1 - Missing Authorization LOW *-1.2.4 July 1, 2026
exclusive-addons-for-elementor exclusive-addons-for-elementor
93
Appsero <= 1.2.1 - Missing Authorization LOW *-2.6.1 2.6.2 July 1, 2026
easy-video-reviews easy-video-reviews
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.4.2 1.5.0 July 1, 2026
easy-sticky-sidebar easy-sticky-sidebar
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.5.8 1.5.9 July 1, 2026
directorist directorist
93
Appsero <= 1.2.1 - Missing Authorization LOW *-7.7.1 7.7.2 July 1, 2026
dashboard-welcome-for-elementor dashboard-welcome-for-elementor
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.0.6 1.0.7 July 1, 2026
darklup-lite-wp-dark-mode darklup-lite-wp-dark-mode
93
Appsero <= 1.2.1 - Missing Authorization LOW *-2.1.1 2.1.2 July 1, 2026
dark-mode dark-mode
93
Appsero <= 1.2.1 - Missing Authorization LOW *-4.1.2 4.1.3 July 1, 2026
click-to-top click-to-top
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.2.19 1.2.20 July 1, 2026
cart-lift cart-lift
93
Appsero <= 1.2.1 - Missing Authorization LOW *-3.1.3 3.1.4 July 1, 2026
boostify-header-footer-builder boostify-header-footer-builder
93
Appsero <= 1.2.1 - Missing Authorization LOW *-1.2.8 1.2.9 July 1, 2026
bangladeshi-payment-gateways bangladeshi-payment-gateways
93
Appsero <= 1.2.1 - Missing Authorization LOW *-2.0.6 2.0.7 July 1, 2026
activecampaign-for-woocommerce activecampaign-for-woocommerce
97
ActiveCampaign for WooCommerce <= 1.9.6 - Missing Authorization to Error Log Deletion LOW *-1.9.6 1.9.7 July 1, 2026
wp-csv-to-database wp-csv-to-database N/A WP CSV to Database <= 2.6 - Cross-Site Request Forgery LOW *-2.6 July 1, 2026
wp-csv wp-csv N/A WP CSV <= 1.8.0.0 - Reflected Cross-Site Scripting LOW *-1.8.0.0 July 1, 2026
tlp-portfolio tlp-portfolio N/A Portfolio – WordPress Portfolio Plugin <= 2.8.8 - Cross-Site Request Forgery in rtport_spare_me LOW *-2.8.8 2.8.9 July 1, 2026
Royal Addons for Elementor – Addons and Templates Kit for Elementor royal-elementor-addons N/A Royal Elementor Addons <= 1.3.55 - Cross-Site Request Forgery LOW *-1.3.55 1.3.56 July 1, 2026
Royal Addons for Elementor – Addons and Templates Kit for Elementor royal-elementor-addons N/A Royal Elementor Addons <=1.3.55 - Authenticated (Subscriber+) Arbitrary Post Deletion LOW *-1.3.55 1.3.56 July 1, 2026
LOW

rd-wc-order-modifier

rd-wc-order-modifier

Score: N/A RD Order Modifier for WooCommerce <= 1.0.5 - Cross-Site Request Forgery Affected: *-1.0.5 Patched: 1.0.6 Updated: July 1, 2026
LOW

page-scroll-to-id

page-scroll-to-id

Score: N/A Page scroll to id <= 1.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.7.5 Patched: 1.7.6 Updated: July 1, 2026
LOW

meteor-slides

meteor-slides

Score: 89/100 Meteor Slides <= 1.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.5.6 Patched: 1.5.7 Updated: July 1, 2026
LOW

insert-pages

insert-pages

Score: 93/100 Insert Pages <= 3.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Affected: *-3.7.4 Patched: 3.7.5 Updated: July 1, 2026
LOW

images-optimize-and-upload-cf7

images-optimize-and-upload-cf7

Score: 93/100 Images Optimize and Upload CF7 <= 2.1.4 - Missing Authorization to Arbitrary File Deletion Affected: *-2.1.4 Patched: 2.2.1 Updated: July 1, 2026
LOW

gotmls

gotmls

Score: 93/100 Anti-Malware Security and Brute-Force Firewall <= 4.21.85 - Authenticated (Admin+) PHP Object Injection Affected: *-4.21.85 Patched: 4.21.86 Updated: July 1, 2026
LOW

fontsy

fontsy

Score: 91/100 Fontsy <= 1.8.6 - Unauthenticated SQL Injection Affected: *-1.8.6 Patched: Updated: July 1, 2026
LOW

codelights-shortcodes-and-widgets

codelights-shortcodes-and-widgets

Score: 89/100 Sidebar Widgets by CodeLights <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Affected: *-1.4 Patched: Updated: July 1, 2026
LOW

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

Score: 90/100 Click to Chat <= 3.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Affected: *-3.18 Patched: 3.18.1 Updated: July 1, 2026
LOW

wp-pipes

wp-pipes

Score: N/A WP Pipes <= 1.33 - Authenticated (Admin+) SQL Injection Affected: 1.0, 1.1, 1.10, 1.11, 1.12, 1.13 Patched: 1.4.0 Updated: July 1, 2026
LOW

woocommerce-currency-switcher

woocommerce-currency-switcher

Score: N/A WOOCS <= 1.3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode Affected: *-1.3.9.2 Patched: 1.3.9.3 Updated: July 1, 2026
LOW

woocommerce-currency-switcher

woocommerce-currency-switcher

Score: N/A WOOCS <= 1.3.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode Affected: *-1.3.9.3 Patched: 1.3.9.4 Updated: July 1, 2026
LOW

post-status-notifier-lite

post-status-notifier-lite

Score: N/A Post Status Notifier Lite <= 1.10.0 - Reflected Cross-Site Scripting Affected: *-1.10.0 Patched: 1.10.1 Updated: July 1, 2026
LOW

metricool

metricool

Score: 93/100 Metricool <= 1.17 - Authenticated (Administrator+) Stored Stored Cross-Site Scripting Affected: *-1.17 Patched: 1.18 Updated: July 1, 2026
LOW

mesmerize-companion

mesmerize-companion

Score: 93/100 Mesmerize Companion <= 1.6.133 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Affected: *-1.6.133 Patched: 1.6.135 Updated: July 1, 2026
LOW

mautic-integration-for-woocommerce

mautic-integration-for-woocommerce

Score: 93/100 Mautic Integration for WooCommerce < 1.0.3 - Cross-Site Request Forgery leading to Arbitrary Options Update Affected: [*, 1.0.3) Patched: 1.0.3 Updated: July 1, 2026
LOW

learnpress

learnpress

Score: 93/100 LearnPress <= 4.1.7.3.2 - Authenticated (Subscriber+) SQL Injection Affected: *-4.1.7.3.2 Patched: 4.2.0 Updated: July 1, 2026
LOW

ibtana-visual-editor

ibtana-visual-editor

Score: 91/100 Ibtana – WordPress Website Builder <= 1.1.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Affected: *-1.1.8.7 Patched: 1.1.8.8 Updated: July 1, 2026
LOW

Download Manager

download-manager

Score: 63/100 Download Manager <= 3.2.61 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-3.2.61 Patched: 3.2.62 Updated: July 1, 2026
LOW

activecampaign-for-woocommerce

activecampaign-for-woocommerce

Score: 97/100 ActiveCampaign for WooCommerce <= 1.9.7 - Cross-Site Request Forgery Affected: *-1.9.7 Patched: 1.9.8 Updated: July 1, 2026
LOW

zero-bs-crm

zero-bs-crm

Score: N/A Jetpack CRM <= 5.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-5.4.4 Patched: 5.5 Updated: July 1, 2026
LOW

wptouch

wptouch

Score: N/A WPtouch <= 4.3.44 - Authenticated (Administrator+) PHP Object Injection Affected: *-4.3.44 Patched: 4.3.45 Updated: July 1, 2026
LOW

wptouch

wptouch

Score: N/A WPtouch <= 4.3.44 - Authenticated (Administrator+) Arbitrary File Upload Affected: *-4.3.44 Patched: 4.3.45 Updated: July 1, 2026
LOW

SlimStat Analytics

wp-slimstat

Score: N/A Slimstat Analytics <= 4.9.2 - Unauthenticated Stored Cross-Site Scripting Affected: *-4.9.2 Patched: 4.9.3 Updated: July 1, 2026
LOW

wp-recipe-maker

wp-recipe-maker

Score: N/A WP Recipe Maker <= 8.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Affected: *-8.6.0 Patched: 8.6.1 Updated: July 1, 2026
LOW

ipages-flipbook

ipages-flipbook

Score: 93/100 iPages Flipbook <= 1.4.6 - Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected: *-1.4.6 Patched: 1.4.7 Updated: July 1, 2026
LOW

connect-daily-web-calendar

connect-daily-web-calendar

Score: 91/100 connectDaily <= 1.4.4 - Reflected Cross-Site Scripting Affected: *-1.4.4 Patched: 1.4.5 Updated: July 1, 2026
LOW

codelights-shortcodes-and-widgets

codelights-shortcodes-and-widgets

Score: 89/100 Sidebar Widgets by CodeLights <= 1.4 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-1.4 Patched: Updated: July 1, 2026
LOW

multi-step-form

multi-step-form

Score: 93/100 Multi Step Form <= 1.7.7 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-1.7.7 Patched: 1.7.8 Updated: July 1, 2026
LOW

bg-biblie-references

bg-biblie-references

Score: 91/100 Bg Bible References <= 3.8.14 - Reflected Cross-Site Scripting Affected: *-3.8.14 Patched: Updated: July 1, 2026
LOW

wpvr

wpvr

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-8.2.5 Patched: 8.2.6 Updated: July 1, 2026
LOW

wpfunnels

wpfunnels

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.6.4 Patched: 2.6.5 Updated: July 1, 2026
LOW

WP Mail Logging

wp-mail-logging

Score: 87/100 Appsero <= 1.2.1 - Missing Authorization Affected: 1.10.5 Patched: 1.11.0 Updated: July 1, 2026
LOW

wp-edit-password-protected

wp-edit-password-protected

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.2.3 Patched: 1.2.4 Updated: July 1, 2026
LOW

wp-dark-mode

wp-dark-mode

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-3.0.4 Patched: 3.0.5 Updated: July 1, 2026
LOW

worth-the-read

worth-the-read

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.14 Patched: 1.14.1 Updated: July 1, 2026
LOW

woostify-sites-library

woostify-sites-library

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.4.3 Patched: 1.4.4 Updated: July 1, 2026
LOW

woocommerce-conversion-tracking

woocommerce-conversion-tracking

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.0.10 Patched: 2.0.11 Updated: July 1, 2026
LOW

woo-reviews-by-wiremo

woo-reviews-by-wiremo

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.4.96 Patched: 1.4.97 Updated: July 1, 2026
LOW

woo-category-slider-by-pluginever

woo-category-slider-by-pluginever

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-4.1.5 Patched: 4.1.6 Updated: July 1, 2026
LOW

wepos

wepos

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.2.5 Patched: 1.2.6 Updated: July 1, 2026
LOW

wemail

wemail

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.14.1 Patched: 1.14.2 Updated: July 1, 2026
LOW

wedocs

wedocs

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: 1.6-1.7.5 Patched: 1.7.6 Updated: July 1, 2026
LOW

wedevs-project-manager

wedevs-project-manager

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.6.12 Patched: 2.6.13 Updated: July 1, 2026
LOW

webappick-pdf-invoice-for-woocommerce

webappick-pdf-invoice-for-woocommerce

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-3.4.8 Patched: 3.4.9 Updated: July 1, 2026
LOW

w4-post-list

w4-post-list

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.4.2 Patched: 2.4.3 Updated: July 1, 2026
LOW

vision

vision

Score: N/A Vision Interactive <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.5.3 Patched: 1.5.4 Updated: July 1, 2026
LOW

visibility-logic-elementor

visibility-logic-elementor

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.3.3 Patched: 2.3.4 Updated: July 1, 2026
LOW

update-alt-attribute

update-alt-attribute

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.4.3 Patched: Updated: July 1, 2026
LOW

texty

texty

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.1.1 Patched: 1.1.2 Updated: July 1, 2026
LOW

table-of-contents-plus

table-of-contents-plus

Score: N/A Table of Contents Plus <= 2106 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-2106 Patched: 2212 Updated: July 1, 2026
LOW

subscribe2

subscribe2

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-10.37 Patched: 10.38 Updated: July 1, 2026
LOW

stylish-cost-calculator

stylish-cost-calculator

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-7.3.6 Patched: 7.3.7 Updated: July 1, 2026
LOW

stax-buddy-builder

stax-buddy-builder

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.7.1 Patched: 1.7.2 Updated: July 1, 2026
LOW

stax-addons-for-elementor

stax-addons-for-elementor

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.4.3 Patched: 1.4.4 Updated: July 1, 2026
LOW

spiffy-calendar

spiffy-calendar

Score: N/A Spiffy Calendar <= 4.9.1 - Authenticated (Contributor+) SQL Injection Affected: *-4.9.1 Patched: 4.9.2 Updated: July 1, 2026
LOW

sheets-to-wp-table-live-sync

sheets-to-wp-table-live-sync

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.12.14 Patched: 2.12.15 Updated: July 1, 2026
LOW

quiz-master-next

quiz-master-next

Score: N/A Quiz And Survey Master <= 8.0.7 - Cross-Site Request Forgery Affected: *-8.0.7 Patched: 8.0.8 Updated: July 1, 2026
LOW

pt-elementor-addons-lite

pt-elementor-addons-lite

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-2.2 Patched: Updated: July 1, 2026
LOW

post-grid-carousel-ultimate

post-grid-carousel-ultimate

Score: N/A Appsero <= 1.2.1 - Missing Authorization Affected: *-1.6.3 Patched: 1.6.4 Updated: July 1, 2026
LOW

magical-posts-display

magical-posts-display

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.2.15 Patched: 1.2.16 Updated: July 1, 2026
LOW

logo-slider-wp

logo-slider-wp

Score: 89/100 Logo Slider <= 3.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-3.5.3 Patched: 3.6.0 Updated: July 1, 2026
LOW

legal-pages

legal-pages

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.4.1 Patched: 1.4.2 Updated: July 1, 2026
LOW

ipanorama-360-virtual-tour-builder-lite

ipanorama-360-virtual-tour-builder-lite

Score: 93/100 iPanorama 360 WordPress Virtual Tour Builder <= 1.6.29 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.6.29 Patched: 1.6.30 Updated: July 1, 2026
LOW

imagelinks-interactive-image-builder-lite

imagelinks-interactive-image-builder-lite

Score: 93/100 ImageLinks Interactive Image Builder for WordPress <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.5.3 Patched: 1.5.4 Updated: July 1, 2026
LOW

happy-elementor-addons

happy-elementor-addons

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-3.8.2 Patched: 3.8.3 Updated: July 1, 2026
LOW

gs-testimonial

gs-testimonial

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.9.7 Patched: 1.9.8 Updated: July 1, 2026
LOW

gs-pinterest-portfolio

gs-pinterest-portfolio

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.6.2 Patched: 1.6.3 Updated: July 1, 2026
LOW

gallery-box

gallery-box

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.7.30 Patched: 1.7.31 Updated: July 1, 2026
LOW

fuse-social-floating-sidebar

fuse-social-floating-sidebar

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-5.4.6 Patched: 5.4.7 Updated: July 1, 2026
LOW

formidable

formidable

Score: 93/100 Formidable Form Builder <= 5.5.4 - Cross-Site Request Forgery Affected: *-5.5.4 Patched: 5.5.5 Updated: July 1, 2026
LOW

formidable

formidable

Score: 93/100 Formidable Forms <= 5.5.4 - Authenticated (Admin+) Server-Side Request Forgery Affected: *-5.5.4 Patched: 5.5.5 Updated: July 1, 2026
LOW

exclusive-team-for-elementor

exclusive-team-for-elementor

Score: 89/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.2.4 Patched: Updated: July 1, 2026
LOW

exclusive-addons-for-elementor

exclusive-addons-for-elementor

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-2.6.1 Patched: 2.6.2 Updated: July 1, 2026
LOW

easy-video-reviews

easy-video-reviews

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.4.2 Patched: 1.5.0 Updated: July 1, 2026
LOW

easy-sticky-sidebar

easy-sticky-sidebar

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.5.8 Patched: 1.5.9 Updated: July 1, 2026
LOW

directorist

directorist

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-7.7.1 Patched: 7.7.2 Updated: July 1, 2026
LOW

dashboard-welcome-for-elementor

dashboard-welcome-for-elementor

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.0.6 Patched: 1.0.7 Updated: July 1, 2026
LOW

darklup-lite-wp-dark-mode

darklup-lite-wp-dark-mode

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-2.1.1 Patched: 2.1.2 Updated: July 1, 2026
LOW

dark-mode

dark-mode

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-4.1.2 Patched: 4.1.3 Updated: July 1, 2026
LOW

click-to-top

click-to-top

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.2.19 Patched: 1.2.20 Updated: July 1, 2026
LOW

cart-lift

cart-lift

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-3.1.3 Patched: 3.1.4 Updated: July 1, 2026
LOW

boostify-header-footer-builder

boostify-header-footer-builder

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-1.2.8 Patched: 1.2.9 Updated: July 1, 2026
LOW

bangladeshi-payment-gateways

bangladeshi-payment-gateways

Score: 93/100 Appsero <= 1.2.1 - Missing Authorization Affected: *-2.0.6 Patched: 2.0.7 Updated: July 1, 2026
LOW

activecampaign-for-woocommerce

activecampaign-for-woocommerce

Score: 97/100 ActiveCampaign for WooCommerce <= 1.9.6 - Missing Authorization to Error Log Deletion Affected: *-1.9.6 Patched: 1.9.7 Updated: July 1, 2026
LOW

wp-csv-to-database

wp-csv-to-database

Score: N/A WP CSV to Database <= 2.6 - Cross-Site Request Forgery Affected: *-2.6 Patched: Updated: July 1, 2026
LOW

wp-csv

wp-csv

Score: N/A WP CSV <= 1.8.0.0 - Reflected Cross-Site Scripting Affected: *-1.8.0.0 Patched: Updated: July 1, 2026
LOW

tlp-portfolio

tlp-portfolio

Score: N/A Portfolio – WordPress Portfolio Plugin <= 2.8.8 - Cross-Site Request Forgery in rtport_spare_me Affected: *-2.8.8 Patched: 2.8.9 Updated: July 1, 2026

Showing 27201 to 27300 of 36319 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: July 1, 2026 at 03:28 UTC.