Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36319

Across tracked plugins

Affected Plugins

96

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
Royal Addons for Elementor – Addons and Templates Kit for Elementor royal-elementor-addons N/A Royal Elementor Addons <=1.3.55 - Missing Authorization to Subscriber+ Arbitrary Post Creation LOW *-1.3.55 1.3.56 July 1, 2026
404-to-start 404-to-start
95
404 to Start <= 1.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-1.6.1 July 1, 2026
zero-bs-accounting zero-bs-accounting N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.0.6 2.0.0 July 1, 2026
wpvr wpvr N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-8.2.5 8.2.6 July 1, 2026
wpfunnels wpfunnels N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW 2.6.4 2.6.5 July 1, 2026
User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration wp-user-frontend N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-3.6.0 3.6.1 July 1, 2026
wp-user-avatar wp-user-avatar N/A ProfilePress <= 4.3.2 - Authenticated (Admin+) PHP Object Injection LOW *-4.3.2 4.4.0 July 1, 2026
wp-table-reloaded wp-table-reloaded N/A WP-Table Reloaded <= 1.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.9.4 July 1, 2026
wp-social wp-social N/A Wp Social <= 1.9.0 - Authenticated (Subscriber+) Information Disclosure LOW *-1.9.0 2.0 July 1, 2026
EasyMedia – Increase Media Upload File Size | Role-Based Upload Limit | Increase Execution Time wp-maximum-upload-file-size
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.0.9 1.1.0 July 1, 2026
WP Mail Logging wp-mail-logging
87
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.10.5 1.11.0 July 1, 2026
wp-edit-password-protected wp-edit-password-protected N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.2.3 1.2.4 July 1, 2026
wp-dark-mode wp-dark-mode N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-3.0.4 3.0.5 July 1, 2026
worth-the-read worth-the-read N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.14 1.14.1 July 1, 2026
woostify-sites-library woostify-sites-library N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.4.3 1.4.4 July 1, 2026
woocommerce-conversion-tracking woocommerce-conversion-tracking N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.0.10 2.0.11 July 1, 2026
woo-reviews-by-wiremo woo-reviews-by-wiremo N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.4.96 1.4.97 July 1, 2026
Product Gallery Slider, Additional Variation Images for WooCommerce woo-product-gallery-slider N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.2.6 2.2.7 July 1, 2026
woo-product-carousel-slider-and-grid-ultimate woo-product-carousel-slider-and-grid-ultimate N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.9.3 1.9.4 July 1, 2026
woo-category-slider-by-pluginever woo-category-slider-by-pluginever N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-4.1.5 4.1.6 July 1, 2026
wepos wepos N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.2.5 1.2.6 July 1, 2026
wemail wemail N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.14.1 1.14.2 July 1, 2026
wedocs wedocs N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW 1.6-1.7.5 1.7.6 July 1, 2026
wedevs-project-manager wedevs-project-manager N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.6.12 2.6.13 July 1, 2026
webinar-and-video-conference-with-jitsi-meet webinar-and-video-conference-with-jitsi-meet N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.2.5 2.0.0 July 1, 2026
webappick-pdf-invoice-for-woocommerce webappick-pdf-invoice-for-woocommerce N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-3.4.8 3.4.9 July 1, 2026
Product Category Showcase for WooCommerce wc-category-showcase N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.1.9 2.0.0 July 1, 2026
w4-post-list w4-post-list N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.4.2 2.4.3 July 1, 2026
visibility-logic-elementor visibility-logic-elementor N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.3.3 2.3.4 July 1, 2026
update-alt-attribute update-alt-attribute N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.4.3 July 1, 2026
Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages unlimited-elementor-inner-sections-by-boomdevs N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.0.1 1.0.2 July 1, 2026
texty texty N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.1.1 1.1.2 July 1, 2026
swifty-page-manager swifty-page-manager N/A Swifty Page Manager <= 3.0.1 - Cross-Site Request Forgery LOW *-3.0.1 July 1, 2026
swifty-page-manager swifty-page-manager N/A Swifty Page Manager <= 3.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-3.0.1 July 1, 2026
subscribe2 subscribe2 N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-10.37 10.38 July 1, 2026
stylish-cost-calculator stylish-cost-calculator N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-7.3.6 7.3.7 July 1, 2026
stax-buddy-builder stax-buddy-builder N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.7.1 1.7.2 July 1, 2026
stax-addons-for-elementor stax-addons-for-elementor N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.4.3 1.4.4 July 1, 2026
sheets-to-wp-table-live-sync sheets-to-wp-table-live-sync N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.12.14 2.12.15 July 1, 2026
pt-elementor-addons-lite pt-elementor-addons-lite N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.2 July 1, 2026
post-grid-carousel-ultimate post-grid-carousel-ultimate N/A Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.6.3 1.6.4 July 1, 2026
permalink-manager permalink-manager N/A Permalink Manager Lite <= 2.2.20.3 - Authenticated Stored Cross-Site Scripting LOW *-2.2.20.3 2.3.0 July 1, 2026
Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider ml-slider
88
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-3.28.0 3.28.1 July 1, 2026
mega-addons-for-visual-composer mega-addons-for-visual-composer
89
Mega Addons For WPBakery Page Builder <= 4.3.0 - Authenticated (Subscriber+) Settings Update LOW *-4.3.0 July 1, 2026
mediamatic mediamatic
87
Mediamatic – Media Library Folders <= 2.8.1 - Cross-Site Request Forgery LOW *-2.8.1 July 1, 2026
mediamatic mediamatic
87
Mediamatic – Media Library Folders <= 2.8.1 - Missing Authorization LOW *-2.8.1 July 1, 2026
magical-posts-display magical-posts-display
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.2.15 1.2.16 July 1, 2026
legal-pages legal-pages
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.4.1 1.4.2 July 1, 2026
happy-elementor-addons happy-elementor-addons
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-3.8.2 3.8.3 July 1, 2026
gs-testimonial gs-testimonial
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.9.7 1.9.8 July 1, 2026
gs-pinterest-portfolio gs-pinterest-portfolio
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.6.2 1.6.3 July 1, 2026
gs-instagram-portfolio gs-instagram-portfolio
89
GS Insever Portfolio <= 1.4.4 - Cross-Site Request Forgery LOW *-1.4.4 July 1, 2026
gallery-box gallery-box
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.7.30 1.7.31 July 1, 2026
fuse-social-floating-sidebar fuse-social-floating-sidebar
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-5.4.6 5.4.7 July 1, 2026
exclusive-team-for-elementor exclusive-team-for-elementor
89
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.2.4 July 1, 2026
exclusive-addons-for-elementor exclusive-addons-for-elementor
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.6.1 2.6.2 July 1, 2026
easy-video-reviews easy-video-reviews
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.4.2 1.5.0 July 1, 2026
easy-sticky-sidebar easy-sticky-sidebar
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.5.8 1.5.9 July 1, 2026
directorist directorist
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-7.7.1 7.7.2 July 1, 2026
dashboard-welcome-for-elementor dashboard-welcome-for-elementor
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.0.6 1.0.7 July 1, 2026
darklup-lite-wp-dark-mode darklup-lite-wp-dark-mode
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.1.1 2.1.2 July 1, 2026
dark-mode dark-mode
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-4.1.2 4.1.3 July 1, 2026
click-to-top click-to-top
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.2.19 1.2.20 July 1, 2026
cart-lift cart-lift
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-3.1.3 3.1.4 July 1, 2026
boostify-header-footer-builder boostify-header-footer-builder
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-1.2.8 1.2.9 July 1, 2026
bangladeshi-payment-gateways bangladeshi-payment-gateways
93
Appsero <= 1.2.0 - Cross-Site Request Forgery LOW *-2.0.6 2.0.7 July 1, 2026
wpqa wpqa N/A WPQA - Builder forms Addon For WordPress (<= 5.9.2), Himer (<= 1.9.3) and Discy (<= 5.5.3) - Authenticated (Subscriber+) Insecure Direct Object Reference LOW *-5.9.2 5.9.3 July 1, 2026
wp-custom-admin-interface wp-custom-admin-interface N/A WP Custom Admin Interface <= 7.28 - Authenticated (Administrator+) PHP Object Injection LOW *-7.28 7.29 July 1, 2026
wish-wait-list-for-woocommerce wish-wait-list-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
terms-and-conditions-popup-for-woocommerce terms-and-conditions-popup-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
splash-popup-for-woocommerce splash-popup-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
sequential-order-numbers-for-woocommerce sequential-order-numbers-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
sales-report-for-woocommerce sales-report-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
responsive-add-ons responsive-add-ons N/A Responsive Starter Templates – Elementor & WordPress Templates <= 2.6.8 - Authenticated (Admin+) Stored Cross-Site Scripting LOW *-2.6.8 2.6.9 July 1, 2026
responsive-add-ons responsive-add-ons N/A Responsive Starter Templates – Elementor & WordPress Templates <= 2.6.8 - Authenticated (Admin+) Stored Cross-Site Scripting LOW *-2.6.8 2.6.9 July 1, 2026
products-compare-for-woocommerce products-compare-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.7 3.5.7.8 July 1, 2026
product-watermark-for-woocommerce product-watermark-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-1.3.5.6 1.3.5.7 July 1, 2026
Product Tabs Manager for WooCommerce product-tabs-manager-for-woocommerce
83
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-1.1.5.7 1.1.5.8 July 1, 2026
product-preview-for-woocommerce product-preview-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
product-of-the-day-for-woocommerce product-of-the-day-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
pagination-styler-for-woocommerce pagination-styler-for-woocommerce N/A BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
minmax-quantity-for-woocommerce minmax-quantity-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-1.3.2.6 1.3.2.7 July 1, 2026
load-more-products-for-woocommerce load-more-products-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-1.1.9.7 1.1.9.8 July 1, 2026
gridlist-view-for-woocommerce gridlist-view-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-1.1.3.6 1.1.3.7 July 1, 2026
force-sell-for-woocommerce force-sell-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
currency-exchange-for-woocommerce currency-exchange-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.7 3.5.7.8 July 1, 2026
cryptocurrency-widgets-pack cryptocurrency-widgets-pack
91
Cryptocurrency Widgets Pack <= 1.8.1 - Unauthenticated SQL Injection LOW *-1.8.1 2.0 July 1, 2026
cart-products-suggestions-for-woocommerce cart-products-suggestions-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
cart-notices-for-woocommerce cart-notices-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.5.7.6 3.5.7.7 July 1, 2026
brands-for-woocommerce brands-for-woocommerce
93
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-3.7.0.5 3.7.0.6 July 1, 2026
advanced-product-labels-for-woocommerce advanced-product-labels-for-woocommerce
97
BeRocket Plugins <= (Various Versions) - Missing Authorization LOW *-1.2.4 1.2.4.1 July 1, 2026
SlimStat Analytics wp-slimstat N/A Slimstat Analytics <= 4.9.2 - Reflected Cross-Site Scripting via REQUEST_URI LOW *-4.9.2 4.9.3 July 1, 2026
wp-cerber wp-cerber N/A WP Cerber Security <= 9.3.2 - User Enumeration Bypass via REST API LOW *-9.3.2 9.3.3 July 1, 2026
wp-autosearch wp-autosearch N/A WP AutoComplete Search <= 1.0.4 - Unauthenticated SQL Injection LOW *-1.0.4 July 1, 2026
wholesale-market-for-woocommerce wholesale-market-for-woocommerce N/A Wholesale Market for WooCommerce < 2.0.0 - Authenticated (Administrator+) Arbitrary Log File Download LOW [*, 2.0.0) 2.0.0 July 1, 2026
wholesale-market wholesale-market N/A Wholesale Market <= 2.2.0 - Information Disclosure via Unauthenticated Arbitrary File Download LOW *-2.2.0 2.2.1 July 1, 2026
web-invoice web-invoice N/A Web Invoice <= 2.1.3 - Authenticated SQL Injection LOW *-2.1.3 July 1, 2026
web-invoice web-invoice N/A Web Invoice <= 2.1.3 - Authenticated SQL Injection LOW *-2.1.3 July 1, 2026
universal-star-rating universal-star-rating N/A Universal Star Rating <= 1.10.4 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-1.10.4 2.0.0 July 1, 2026
sunshine-photo-cart sunshine-photo-cart N/A Sunshine Photo Cart <= 2.9.14 - Reflected Cross-Site Scripting LOW *-2.9.14 2.9.15 July 1, 2026
LOW

404-to-start

404-to-start

Score: 95/100 404 to Start <= 1.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-1.6.1 Patched: Updated: July 1, 2026
LOW

zero-bs-accounting

zero-bs-accounting

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.0.6 Patched: 2.0.0 Updated: July 1, 2026
LOW

wpvr

wpvr

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-8.2.5 Patched: 8.2.6 Updated: July 1, 2026
LOW

wpfunnels

wpfunnels

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: 2.6.4 Patched: 2.6.5 Updated: July 1, 2026
LOW

wp-user-avatar

wp-user-avatar

Score: N/A ProfilePress <= 4.3.2 - Authenticated (Admin+) PHP Object Injection Affected: *-4.3.2 Patched: 4.4.0 Updated: July 1, 2026
LOW

wp-table-reloaded

wp-table-reloaded

Score: N/A WP-Table Reloaded <= 1.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.9.4 Patched: Updated: July 1, 2026
LOW

wp-social

wp-social

Score: N/A Wp Social <= 1.9.0 - Authenticated (Subscriber+) Information Disclosure Affected: *-1.9.0 Patched: 2.0 Updated: July 1, 2026
LOW

WP Mail Logging

wp-mail-logging

Score: 87/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.10.5 Patched: 1.11.0 Updated: July 1, 2026
LOW

wp-edit-password-protected

wp-edit-password-protected

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.2.3 Patched: 1.2.4 Updated: July 1, 2026
LOW

wp-dark-mode

wp-dark-mode

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-3.0.4 Patched: 3.0.5 Updated: July 1, 2026
LOW

worth-the-read

worth-the-read

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.14 Patched: 1.14.1 Updated: July 1, 2026
LOW

woostify-sites-library

woostify-sites-library

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.4.3 Patched: 1.4.4 Updated: July 1, 2026
LOW

woocommerce-conversion-tracking

woocommerce-conversion-tracking

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.0.10 Patched: 2.0.11 Updated: July 1, 2026
LOW

woo-reviews-by-wiremo

woo-reviews-by-wiremo

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.4.96 Patched: 1.4.97 Updated: July 1, 2026
LOW

woo-category-slider-by-pluginever

woo-category-slider-by-pluginever

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-4.1.5 Patched: 4.1.6 Updated: July 1, 2026
LOW

wepos

wepos

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.2.5 Patched: 1.2.6 Updated: July 1, 2026
LOW

wemail

wemail

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.14.1 Patched: 1.14.2 Updated: July 1, 2026
LOW

wedocs

wedocs

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: 1.6-1.7.5 Patched: 1.7.6 Updated: July 1, 2026
LOW

wedevs-project-manager

wedevs-project-manager

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.6.12 Patched: 2.6.13 Updated: July 1, 2026
LOW

webappick-pdf-invoice-for-woocommerce

webappick-pdf-invoice-for-woocommerce

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-3.4.8 Patched: 3.4.9 Updated: July 1, 2026
LOW

w4-post-list

w4-post-list

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.4.2 Patched: 2.4.3 Updated: July 1, 2026
LOW

visibility-logic-elementor

visibility-logic-elementor

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.3.3 Patched: 2.3.4 Updated: July 1, 2026
LOW

update-alt-attribute

update-alt-attribute

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.4.3 Patched: Updated: July 1, 2026
LOW

texty

texty

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.1.1 Patched: 1.1.2 Updated: July 1, 2026
LOW

swifty-page-manager

swifty-page-manager

Score: N/A Swifty Page Manager <= 3.0.1 - Cross-Site Request Forgery Affected: *-3.0.1 Patched: Updated: July 1, 2026
LOW

swifty-page-manager

swifty-page-manager

Score: N/A Swifty Page Manager <= 3.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-3.0.1 Patched: Updated: July 1, 2026
LOW

subscribe2

subscribe2

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-10.37 Patched: 10.38 Updated: July 1, 2026
LOW

stylish-cost-calculator

stylish-cost-calculator

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-7.3.6 Patched: 7.3.7 Updated: July 1, 2026
LOW

stax-buddy-builder

stax-buddy-builder

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.7.1 Patched: 1.7.2 Updated: July 1, 2026
LOW

stax-addons-for-elementor

stax-addons-for-elementor

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.4.3 Patched: 1.4.4 Updated: July 1, 2026
LOW

sheets-to-wp-table-live-sync

sheets-to-wp-table-live-sync

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.12.14 Patched: 2.12.15 Updated: July 1, 2026
LOW

pt-elementor-addons-lite

pt-elementor-addons-lite

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.2 Patched: Updated: July 1, 2026
LOW

post-grid-carousel-ultimate

post-grid-carousel-ultimate

Score: N/A Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.6.3 Patched: 1.6.4 Updated: July 1, 2026
LOW

permalink-manager

permalink-manager

Score: N/A Permalink Manager Lite <= 2.2.20.3 - Authenticated Stored Cross-Site Scripting Affected: *-2.2.20.3 Patched: 2.3.0 Updated: July 1, 2026
LOW

mega-addons-for-visual-composer

mega-addons-for-visual-composer

Score: 89/100 Mega Addons For WPBakery Page Builder <= 4.3.0 - Authenticated (Subscriber+) Settings Update Affected: *-4.3.0 Patched: Updated: July 1, 2026
LOW

mediamatic

mediamatic

Score: 87/100 Mediamatic – Media Library Folders <= 2.8.1 - Cross-Site Request Forgery Affected: *-2.8.1 Patched: Updated: July 1, 2026
LOW

mediamatic

mediamatic

Score: 87/100 Mediamatic – Media Library Folders <= 2.8.1 - Missing Authorization Affected: *-2.8.1 Patched: Updated: July 1, 2026
LOW

magical-posts-display

magical-posts-display

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.2.15 Patched: 1.2.16 Updated: July 1, 2026
LOW

legal-pages

legal-pages

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.4.1 Patched: 1.4.2 Updated: July 1, 2026
LOW

happy-elementor-addons

happy-elementor-addons

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-3.8.2 Patched: 3.8.3 Updated: July 1, 2026
LOW

gs-testimonial

gs-testimonial

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.9.7 Patched: 1.9.8 Updated: July 1, 2026
LOW

gs-pinterest-portfolio

gs-pinterest-portfolio

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.6.2 Patched: 1.6.3 Updated: July 1, 2026
LOW

gs-instagram-portfolio

gs-instagram-portfolio

Score: 89/100 GS Insever Portfolio <= 1.4.4 - Cross-Site Request Forgery Affected: *-1.4.4 Patched: Updated: July 1, 2026
LOW

gallery-box

gallery-box

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.7.30 Patched: 1.7.31 Updated: July 1, 2026
LOW

fuse-social-floating-sidebar

fuse-social-floating-sidebar

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-5.4.6 Patched: 5.4.7 Updated: July 1, 2026
LOW

exclusive-team-for-elementor

exclusive-team-for-elementor

Score: 89/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.2.4 Patched: Updated: July 1, 2026
LOW

exclusive-addons-for-elementor

exclusive-addons-for-elementor

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.6.1 Patched: 2.6.2 Updated: July 1, 2026
LOW

easy-video-reviews

easy-video-reviews

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.4.2 Patched: 1.5.0 Updated: July 1, 2026
LOW

easy-sticky-sidebar

easy-sticky-sidebar

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.5.8 Patched: 1.5.9 Updated: July 1, 2026
LOW

directorist

directorist

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-7.7.1 Patched: 7.7.2 Updated: July 1, 2026
LOW

dashboard-welcome-for-elementor

dashboard-welcome-for-elementor

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.0.6 Patched: 1.0.7 Updated: July 1, 2026
LOW

darklup-lite-wp-dark-mode

darklup-lite-wp-dark-mode

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.1.1 Patched: 2.1.2 Updated: July 1, 2026
LOW

dark-mode

dark-mode

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-4.1.2 Patched: 4.1.3 Updated: July 1, 2026
LOW

click-to-top

click-to-top

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.2.19 Patched: 1.2.20 Updated: July 1, 2026
LOW

cart-lift

cart-lift

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-3.1.3 Patched: 3.1.4 Updated: July 1, 2026
LOW

boostify-header-footer-builder

boostify-header-footer-builder

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-1.2.8 Patched: 1.2.9 Updated: July 1, 2026
LOW

bangladeshi-payment-gateways

bangladeshi-payment-gateways

Score: 93/100 Appsero <= 1.2.0 - Cross-Site Request Forgery Affected: *-2.0.6 Patched: 2.0.7 Updated: July 1, 2026
LOW

wpqa

wpqa

Score: N/A WPQA - Builder forms Addon For WordPress (<= 5.9.2), Himer (<= 1.9.3) and Discy (<= 5.5.3) - Authenticated (Subscriber+) Insecure Direct Object Reference Affected: *-5.9.2 Patched: 5.9.3 Updated: July 1, 2026
LOW

wp-custom-admin-interface

wp-custom-admin-interface

Score: N/A WP Custom Admin Interface <= 7.28 - Authenticated (Administrator+) PHP Object Injection Affected: *-7.28 Patched: 7.29 Updated: July 1, 2026
LOW

wish-wait-list-for-woocommerce

wish-wait-list-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

terms-and-conditions-popup-for-woocommerce

terms-and-conditions-popup-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

splash-popup-for-woocommerce

splash-popup-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

sequential-order-numbers-for-woocommerce

sequential-order-numbers-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

sales-report-for-woocommerce

sales-report-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

responsive-add-ons

responsive-add-ons

Score: N/A Responsive Starter Templates – Elementor & WordPress Templates <= 2.6.8 - Authenticated (Admin+) Stored Cross-Site Scripting Affected: *-2.6.8 Patched: 2.6.9 Updated: July 1, 2026
LOW

responsive-add-ons

responsive-add-ons

Score: N/A Responsive Starter Templates – Elementor & WordPress Templates <= 2.6.8 - Authenticated (Admin+) Stored Cross-Site Scripting Affected: *-2.6.8 Patched: 2.6.9 Updated: July 1, 2026
LOW

products-compare-for-woocommerce

products-compare-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.7 Patched: 3.5.7.8 Updated: July 1, 2026
LOW

product-watermark-for-woocommerce

product-watermark-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-1.3.5.6 Patched: 1.3.5.7 Updated: July 1, 2026
LOW

Product Tabs Manager for WooCommerce

product-tabs-manager-for-woocommerce

Score: 83/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-1.1.5.7 Patched: 1.1.5.8 Updated: July 1, 2026
LOW

product-preview-for-woocommerce

product-preview-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

product-of-the-day-for-woocommerce

product-of-the-day-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

pagination-styler-for-woocommerce

pagination-styler-for-woocommerce

Score: N/A BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

minmax-quantity-for-woocommerce

minmax-quantity-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-1.3.2.6 Patched: 1.3.2.7 Updated: July 1, 2026
LOW

load-more-products-for-woocommerce

load-more-products-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-1.1.9.7 Patched: 1.1.9.8 Updated: July 1, 2026
LOW

gridlist-view-for-woocommerce

gridlist-view-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-1.1.3.6 Patched: 1.1.3.7 Updated: July 1, 2026
LOW

force-sell-for-woocommerce

force-sell-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

currency-exchange-for-woocommerce

currency-exchange-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.7 Patched: 3.5.7.8 Updated: July 1, 2026
LOW

cryptocurrency-widgets-pack

cryptocurrency-widgets-pack

Score: 91/100 Cryptocurrency Widgets Pack <= 1.8.1 - Unauthenticated SQL Injection Affected: *-1.8.1 Patched: 2.0 Updated: July 1, 2026
LOW

cart-products-suggestions-for-woocommerce

cart-products-suggestions-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

cart-notices-for-woocommerce

cart-notices-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.5.7.6 Patched: 3.5.7.7 Updated: July 1, 2026
LOW

brands-for-woocommerce

brands-for-woocommerce

Score: 93/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-3.7.0.5 Patched: 3.7.0.6 Updated: July 1, 2026
LOW

advanced-product-labels-for-woocommerce

advanced-product-labels-for-woocommerce

Score: 97/100 BeRocket Plugins <= (Various Versions) - Missing Authorization Affected: *-1.2.4 Patched: 1.2.4.1 Updated: July 1, 2026
LOW

SlimStat Analytics

wp-slimstat

Score: N/A Slimstat Analytics <= 4.9.2 - Reflected Cross-Site Scripting via REQUEST_URI Affected: *-4.9.2 Patched: 4.9.3 Updated: July 1, 2026
LOW

wp-cerber

wp-cerber

Score: N/A WP Cerber Security <= 9.3.2 - User Enumeration Bypass via REST API Affected: *-9.3.2 Patched: 9.3.3 Updated: July 1, 2026
LOW

wp-autosearch

wp-autosearch

Score: N/A WP AutoComplete Search <= 1.0.4 - Unauthenticated SQL Injection Affected: *-1.0.4 Patched: Updated: July 1, 2026
LOW

wholesale-market-for-woocommerce

wholesale-market-for-woocommerce

Score: N/A Wholesale Market for WooCommerce < 2.0.0 - Authenticated (Administrator+) Arbitrary Log File Download Affected: [*, 2.0.0) Patched: 2.0.0 Updated: July 1, 2026
LOW

wholesale-market

wholesale-market

Score: N/A Wholesale Market <= 2.2.0 - Information Disclosure via Unauthenticated Arbitrary File Download Affected: *-2.2.0 Patched: 2.2.1 Updated: July 1, 2026
LOW

web-invoice

web-invoice

Score: N/A Web Invoice <= 2.1.3 - Authenticated SQL Injection Affected: *-2.1.3 Patched: Updated: July 1, 2026
LOW

web-invoice

web-invoice

Score: N/A Web Invoice <= 2.1.3 - Authenticated SQL Injection Affected: *-2.1.3 Patched: Updated: July 1, 2026
LOW

universal-star-rating

universal-star-rating

Score: N/A Universal Star Rating <= 1.10.4 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-1.10.4 Patched: 2.0.0 Updated: July 1, 2026
LOW

sunshine-photo-cart

sunshine-photo-cart

Score: N/A Sunshine Photo Cart <= 2.9.14 - Reflected Cross-Site Scripting Affected: *-2.9.14 Patched: 2.9.15 Updated: July 1, 2026

Showing 27301 to 27400 of 36319 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: July 1, 2026 at 04:53 UTC.