Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36320Across tracked plugins
Affected Plugins
81With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| integration-for-billingo-gravity-forms | integration-for-billingo-gravity-forms |
93
|
Multiple Plugins from Viszt Peter - Cross-Site Request Forgery | LOW | *-1.0.3 | 1.0.4 | July 1, 2026 | |
| enable-media-replace | enable-media-replace |
93
|
Enable Media Replace <= 3.6.3 - Authenticated (Administrator+) Path Traversal | LOW | *-3.6.3 | 4.0.0 | July 1, 2026 | |
| cryptocurrency-pricing-list | cryptocurrency-pricing-list |
91
|
Cryptocurrency Pricing list and Ticker <= 1.5 - Reflected Cross-Site Scripting | LOW | *-1.5 | July 1, 2026 | ||
| awesome-support | awesome-support |
93
|
Awesome Support <= 6.0.7 - Authenticated Stored Cross-Site Scripting | LOW | *-6.0.7 | 6.0.8 | July 1, 2026 | |
| wpgateway | wpgateway | N/A | WPGateway <= 3.5 - Unauthenticated Privilege Escalation | LOW | *-3.5 | July 1, 2026 | ||
| dokan-lite | dokan-lite |
93
|
Dokan <= 3.6.3 - Authenticated (Vendor+) Stored Cross-Site Scripting | LOW | *-3.6.3 | 3.6.4 | July 1, 2026 | |
| yds-support-ticket-system | yds-support-ticket-system | N/A | YDS Support Ticket System <= 1.0 - Cross-Site Request Forgery | LOW | *-1.0 | July 1, 2026 | ||
| read-more | read-more | N/A | Read more By Adam <= 1.1.8 - Cross-Site Request Forgery | LOW | *-1.1.8 | July 1, 2026 | ||
| photospace | photospace | N/A | Photospace Gallery <= 2.3.5 - Missing Authorization to Plugin Settings Update | LOW | *-2.3.5 | July 1, 2026 | ||
| dsgvo-all-in-one-for-wp | dsgvo-all-in-one-for-wp |
93
|
DSGVO All in one for WP <= 4.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-4.2 | 4.3 | July 1, 2026 | |
| advanced-dynamic-pricing-for-woocommerce | advanced-dynamic-pricing-for-woocommerce |
97
|
Advanced Dynamic Pricing for WooCommerce <= 4.1.3 - Cross-Site Request Forgery to Plugin Settings Update | LOW | *-4.1.3 | 4.1.4 | July 1, 2026 | |
| address-email-and-phone-validation | address-email-and-phone-validation |
95
|
PCA Predict <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.0.3 | July 1, 2026 | ||
| add-actions-and-filters | add-actions-and-filters |
95
|
Add Shortcodes Actions And Filters <= 2.10 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.10 | July 1, 2026 | ||
| integracao-rd-station | integracao-rd-station |
93
|
RD Station <= 5.2.0 - Cross-Site Request Forgery to Plugin Settings Update | LOW | *-5.2.0 | 5.2.1 | July 1, 2026 | |
| opening-hours | opening-hours | N/A | We’re Open! <= 1.37 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.37 | 1.38 | July 1, 2026 | |
| corner-ad | corner-ad |
93
|
Corner Ad <= 1.0.56 - Cross-Site Request Forgery | LOW | *-1.0.56 | 1.0.57 | July 1, 2026 | |
| zephyr-project-manager | zephyr-project-manager | N/A | Zephyr Project Manager < 3.2.55 - Missing Authorization to Cross-Site Scripting | LOW | [*, 3.2.55) | 3.2.55 | July 1, 2026 | |
| wpforo | wpforo | N/A | wpForo Forum <= 2.0.5 - Cross-Site Request Forgery | LOW | *-2.0.5 | 2.0.6 | July 1, 2026 | |
| wpforo | wpforo | N/A | wpForo Forum <= 2.0.5 - Cross-Site Request Forgery | LOW | *-2.0.5 | 2.0.6 | July 1, 2026 | |
| WP Statistics – Simple, privacy-friendly Google Analytics alternative | wp-statistics |
90
|
WP Statistics <= 13.2.5 - Authenticated (Subscriber+) SQL Injection | LOW | *-13.2.5 | 13.2.6 | July 1, 2026 | |
| top-bar | top-bar | N/A | Top Bar <= 3.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-3.0.3 | 3.0.4 | July 1, 2026 | |
| mega-forms | mega-forms |
93
|
Contact Form By Mega Forms <= 1.2.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-1.2.4 | 1.2.5 | July 1, 2026 | |
| culture-object | culture-object |
93
|
Culture Object <= 4.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-4.0.1 | 4.1.1 | July 1, 2026 | |
| 3dprint | 3dprint |
95
|
3DPrint <= 3.5.6.8 - Cross-Site Request Forgery to Arbitrary File Download | LOW | *-3.5.6.9 | July 1, 2026 | ||
| WP Statistics – Simple, privacy-friendly Google Analytics alternative | wp-statistics |
90
|
WP Statistics <= 13.2.5 - Information Disclosure | LOW | 13.2.5 | 13.2.6 | July 1, 2026 | |
| Frontend File Manager Plugin | nmedia-user-file-uploader |
86
|
Frontend File Manager <= 21.2 - Authenticated (Subscriber+) Arbitrary File Upload | LOW | *-21.2 | 21.3 | July 1, 2026 | |
| Frontend File Manager Plugin | nmedia-user-file-uploader |
86
|
Frontend File Manager <= 21.2 - Missing Authorization | LOW | *-21.2 | 21.3 | July 1, 2026 | |
| export-post-info | export-post-info |
93
|
Export Post Info <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.1.0 | 1.2.0 | July 1, 2026 | |
| donation-thermometer | donation-thermometer |
93
|
Donation Thermometer <= 2.1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.1.2 | 2.1.3 | July 1, 2026 | |
| Booking Calendar | booking |
71
|
Booking Calendar <= 9.2.1 - Cross-Site Request Forgery | LOW | *-9.2.1 | 9.2.2 | July 1, 2026 | |
| wordpress-countdown-widget | wordpress-countdown-widget | N/A | WordPress Countdown Widget <= 3.1.9.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-3.1.9.1 | 3.1.9.2 | July 1, 2026 | |
| wordpress-countdown-widget | wordpress-countdown-widget | N/A | WordPress Countdown Widget <= 3.1.9.1 - Cross-Site Request Forgery to Plugin Settings Update | LOW | *-3.1.9.1 | 3.1.9.2 | July 1, 2026 | |
| Wordfence Security – Firewall, Malware Scan, and Login Security | wordfence |
70
|
Wordfence Security – Firewall & Malware Scan <= 7.6.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-7.6.0 | 7.6.1 | July 1, 2026 | |
| Frontend File Manager Plugin | nmedia-user-file-uploader |
86
|
Frontend File Manager <= 21.3 - Cross-Site Request Forgery to Plugin Settings Update | LOW | *-21.3 | 21.4 | July 1, 2026 | |
| ketchup-restaurant-reservations | ketchup-restaurant-reservations |
89
|
Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated SQL Injection | LOW | *-1.0.0 | July 1, 2026 | ||
| ketchup-restaurant-reservations | ketchup-restaurant-reservations |
89
|
Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.0.0 | July 1, 2026 | ||
| goolytics-simple-google-analytics | goolytics-simple-google-analytics |
93
|
Goolytics – Simple Google Analytics <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.1.1 | 1.1.2 | July 1, 2026 | |
| backupbuddy | backupbuddy |
93
|
BackupBuddy 8.5.8.0 - 8.7.4.1 - Arbitrary File Download | LOW | 8.5.8.0-8.7.4.1 | 8.7.5 | July 1, 2026 | |
| wp-shamsi | wp-shamsi | N/A | WP Shamsi <= 4.1.1 - Missing Authorization to Plugin Settings Update | LOW | *-4.1.1 | 4.2.0 | July 1, 2026 | |
| wp-popup-builder | wp-popup-builder | N/A | WP Popup Builder <= 1.2.9 - Missing Authorization and Cross-Site Request Forgery | LOW | *-1.2.9 | 1.3.0 | July 1, 2026 | |
| wp-popup-builder | wp-popup-builder | N/A | WP Popup Builder <= 1.2.8 - Reflected Cross-Site Scripting | LOW | *-1.2.8 | 1.2.9 | July 1, 2026 | |
| svg-support | svg-support | N/A | SVG Support <= 2.4.2 - Authenticated (Author+) Stored Cross-Site Scripting | LOW | *-2.4.2 | 2.5 | July 1, 2026 | |
| slider-hero | slider-hero | N/A | Slider Hero <= 8.4.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-8.4.3 | 8.4.4 | July 1, 2026 | |
| seo-automatic-links | seo-automatic-links | N/A | SEO Smart Links <= 3.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-3.0.1 | July 1, 2026 | ||
| scripts-organizer | scripts-organizer | N/A | Scripts Organizer < 3.0 - Unauthenticated Arbitrary File Upload | LOW | [*, 3.0) | 3.0 | July 1, 2026 | |
| Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | post-smtp |
87
|
Post SMTP <= 2.1.6 - Authenticated (Administrator+) Blind Server-Side Request Forgery | LOW | *-2.1.6 | 2.1.7 | July 1, 2026 | |
| Ninja Forms – The Contact Form Builder That Grows With You | ninja-forms |
69
|
Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.6.12 - Authenticated (Administrator+) PHP Objection Injection | LOW | *-3.6.12 | 3.6.13 | July 1, 2026 | |
| login-block-ips | login-block-ips |
89
|
Login Block IPs <= 1.0.0 - IP Spoofing to Protection Mechanism Bypass | LOW | * | July 1, 2026 | ||
| login-block-ips | login-block-ips |
89
|
Login Block IPs <= 1.0.0 - Cross-Site Request Forgery to Plugin Settings Update | LOW | *-1.0.0 | July 1, 2026 | ||
| ldap-wp-login-integration-with-active-directory | ldap-wp-login-integration-with-active-directory |
93
|
Ldap WP Login / Active Directory Integration <= 3.0.1 - Missing Authorization | LOW | [*, 3.0.2) | 3.0.2 | July 1, 2026 | |
| Download Manager | download-manager |
63
|
Download Manager <= 3.2.54 - Authenticated (Admin+) Path Traversal | LOW | [*, 3.2.55) | 3.2.55 | July 1, 2026 | |
| cm-download-manager | cm-download-manager |
93
|
CM Download Manager <= 2.8.5 - Authenticated (Administrator+) Arbitrary File Upload | LOW | *-2.8.5 | 2.8.6 | July 1, 2026 | |
| All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic | all-in-one-seo-pack |
88
|
All in One SEO <= 4.2.3.1 - Cross-Site Request Forgery | LOW | *-4.2.3.1 | 4.2.4 | July 1, 2026 | |
| wp-cerber | wp-cerber | N/A | WP Cerber Security <= 9.0 - User Enumeration Bypass | LOW | *-9.0 | 9.1 | July 1, 2026 | |
| usc-e-shop | usc-e-shop | N/A | Welcart e-Commerce 2.6.0-2.7.7 - Information Disclosure via Arbitrary File Read | LOW | 2.6.0-2.7.7 | 2.7.8 | July 1, 2026 | |
| torro-forms | torro-forms | N/A | Torro Forms <= 1.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.16 | July 1, 2026 | ||
| timeline-awesome | timeline-awesome | N/A | History Timeline <= 1.0.5 - Authenticated (Author+) Stored Cross-Site Scripting | LOW | *-1.0.5 | July 1, 2026 | ||
| pop-up-pop-up | pop-up-pop-up | N/A | Pop-up <= 1.1.5 - Privilege Escalation | LOW | *-1.1.5 | 1.1.6 | July 1, 2026 | |
| mega-addons-for-visual-composer | mega-addons-for-visual-composer |
89
|
Mega Addons For WPBakery Page Builder <= 4.2.7 - Cross-Site Request Forgery to Settings Update | LOW | *-4.2.7 | July 1, 2026 | ||
| meet-my-team | meet-my-team |
91
|
Meet My Team <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0.5 | July 1, 2026 | ||
| wha-wordsearch | wha-wordsearch | N/A | Word Search Puzzles game <= 2.0.1 - Authenticated (Author+) Stored Cross-Site Scripting | LOW | *-2.0.1 | July 1, 2026 | ||
| wha-wordsearch | wha-wordsearch | N/A | Word Search Puzzles game <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0.1 | July 1, 2026 | ||
| wha-crossword | wha-crossword | N/A | WHA Crossword <= 1.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.10 | July 1, 2026 | ||
| wha-crossword | wha-crossword | N/A | WHA Crossword <= 1.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.10 | July 1, 2026 | ||
| rate-my-post | rate-my-post | N/A | Rate my Post – WP Rating System <= 3.3.4 - Race Condition | LOW | *-3.3.4 | 3.3.5 | July 1, 2026 | |
| mp3-jplayer | mp3-jplayer |
91
|
MP3 jPlayer <= 2.7.3 - Cross-Site Request Forgery | LOW | *-2.7.3 | July 1, 2026 | ||
| getresponse-integration | getresponse-integration |
91
|
GetResponse <= 5.5.19 - Cross-Site Request Forgery | LOW | *-5.5.19 | 5.5.21 | July 1, 2026 | |
| easy-org-chart | easy-org-chart |
91
|
Easy Org Chart <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.1 | July 1, 2026 | ||
| captcha-code-authentication | captcha-code-authentication |
93
|
Captcha Code <= 2.7 - Cross-Site Request Forgery to Plugin Settings Update | LOW | *-2.7 | 2.8 | July 1, 2026 | |
| callrail-phone-call-tracking | callrail-phone-call-tracking |
93
|
CallRail Phone Call Tracking <= 0.4.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-0.4.9 | 0.4.10 | July 1, 2026 | |
| blossom-recipe-maker | blossom-recipe-maker |
93
|
Blossom Recipe Maker <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.7 | 1.0.8 | July 1, 2026 | |
| wp-shop-original | wp-shop-original | N/A | WP Shop <= 3.9.6 - Missing Authentication to Settings Change and Order Deletion | LOW | *-3.9.6 | July 1, 2026 | ||
| wp-postratings | wp-postratings | N/A | WP-PostRatings <= 1.89 - Race Condition | LOW | *-1.89 | 1.90 | July 1, 2026 | |
| wordlift | wordlift | N/A | Wordlift <= 3.37.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-3.37.1 | 3.37.2 | July 1, 2026 | |
| simple-bitcoin-faucets | simple-bitcoin-faucets | N/A | Bitcoin Satoshi Tools <= 1.7.0 - Missing Authorization to Stored Cross-Site Scripting | LOW | *-1.7.0 | July 1, 2026 | ||
| restricted-site-access | restricted-site-access | N/A | Restricted Site Access <= 7.3.1 - Access Bypass via IP Spoofing | LOW | [*, 7.3.2) | 7.3.2 | July 1, 2026 | |
| image-hover-effects-ultimate | image-hover-effects-ultimate |
91
|
Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Title & Description | LOW | *-9.7.3 | 9.8.0 | July 1, 2026 | |
| image-hover-effects-ultimate | image-hover-effects-ultimate |
91
|
Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Video Link | LOW | *-9.7.3 | 9.8.0 | July 1, 2026 | |
| image-hover-effects-ultimate | image-hover-effects-ultimate |
91
|
Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Media URL | LOW | *-9.7.3 | 9.8.0 | July 1, 2026 | |
| generate-pdf-using-contact-form-7 | generate-pdf-using-contact-form-7 |
93
|
Generate PDF using Contact Form 7 <= 3.5 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-3.5 | 3.6 | July 1, 2026 | |
| bitcoin-faucet | bitcoin-faucet |
91
|
Bitcoin / Altcoin Faucet <= 1.6.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.6.0 | July 1, 2026 | ||
| ajax-load-more | ajax-load-more |
97
|
Infinite Scroll – Ajax Load More <= 5.5.4 - Authenticated (Admin+) Arbitrary File Read via Directory Traversal | LOW | *-5.5.4 | 5.5.4.1 | July 1, 2026 | |
| add2fav | add2fav |
95
|
add2fav <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.0 | July 1, 2026 | ||
| add-user-role | add-user-role |
95
|
Add User Role <= 0.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-0.0.1 | July 1, 2026 | ||
| zephyr-project-manager | zephyr-project-manager | N/A | Zephyr Project Manager <= 3.2.42 - Reflected Cross-Site Scripting | LOW | [*, 3.2.5) | 3.2.5 | July 1, 2026 | |
| zephyr-project-manager | zephyr-project-manager | N/A | Zephyr Project Manager <= 3.2.42 - Missing Authorization to Cross-Site Scripting | LOW | *-3.2.4, 3.2.41, 3.2.42 | 3.2.5 | July 1, 2026 | |
| zephyr-project-manager | zephyr-project-manager | N/A | Zephyr Project Manager <= 3.2.42 - Unauthenticated SQL Injection | LOW | *-3.2.4, 3.2.41, 3.2.42 | 3.2.5 | July 1, 2026 | |
| WPvivid — Backup, Migration & Staging | wpvivid-backuprestore |
63
|
WPvivid Backup 0.9.76 - Authenticated (Administrator+) Arbitrary File Deletion | LOW | 0.9.76 | 0.9.77 | July 1, 2026 | |
| wp-users-exporter | wp-users-exporter | N/A | WP Users Exporter <= 1.4.2 - CSV Injection | LOW | *-1.4.2 | July 1, 2026 | ||
| visualcomposer | visualcomposer | N/A | Visual Composer Website Builder <= 45.0 - Authenticated Stored Cross-Site Scripting via 'Title' | LOW | *-45.0 | 45.0.1 | July 1, 2026 | |
| visualcomposer | visualcomposer | N/A | Visual Composer Website Builder <= 45.0 - Authenticated Stored Cross-Site Scripting via 'Text Block' | LOW | *-45.0 | 45.0.1 | July 1, 2026 | |
| ultimate-sms-notifications | ultimate-sms-notifications | N/A | Ultimate SMS Notifications for WooCommerce <= 1.4.1 - CSV Injection | LOW | *-1.4.1 | 1.4.2 | July 1, 2026 | |
| slickr-flickr | slickr-flickr | N/A | Slickr Flickr <= 2.8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.8.1 | July 1, 2026 | ||
| site-offline | site-offline | N/A | Site Offline <= 1.4.9 - Maintenance Mode Bypass | LOW | *-1.4.9 | 1.5.3 | July 1, 2026 | |
| gettext-override-translations | gettext-override-translations |
93
|
Gettext override translations <= 1.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.0.1 | 2.0.0 | July 1, 2026 | |
| cp-easy-form-builder | cp-easy-form-builder |
93
|
Form Builder CP <= 1.2.31 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.2.31 | 1.2.32 | July 1, 2026 | |
| beaver-builder-lite-version | beaver-builder-lite-version |
93
|
Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via Text Editor | LOW | *-2.5.5.2 | 2.5.5.3 | July 1, 2026 | |
| beaver-builder-lite-version | beaver-builder-lite-version |
93
|
Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via Caption - On Hover | LOW | *-2.5.5.2 | 2.5.5.3 | July 1, 2026 | |
| beaver-builder-lite-version | beaver-builder-lite-version |
93
|
Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via Image URL | LOW | *-2.5.5.2 | 2.5.5.3 | July 1, 2026 | |
| beaver-builder-lite-version | beaver-builder-lite-version |
93
|
Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via 'caption' | LOW | *-2.5.5.2 | 2.5.5.3 | July 1, 2026 |
integration-for-billingo-gravity-forms
integration-for-billingo-gravity-forms
enable-media-replace
enable-media-replace
cryptocurrency-pricing-list
cryptocurrency-pricing-list
awesome-support
awesome-support
wpgateway
wpgateway
dokan-lite
dokan-lite
yds-support-ticket-system
yds-support-ticket-system
read-more
read-more
photospace
photospace
dsgvo-all-in-one-for-wp
dsgvo-all-in-one-for-wp
advanced-dynamic-pricing-for-woocommerce
advanced-dynamic-pricing-for-woocommerce
address-email-and-phone-validation
address-email-and-phone-validation
add-actions-and-filters
add-actions-and-filters
integracao-rd-station
integracao-rd-station
opening-hours
opening-hours
corner-ad
corner-ad
zephyr-project-manager
zephyr-project-manager
wpforo
wpforo
wpforo
wpforo
WP Statistics – Simple, privacy-friendly Google Analytics alternative
wp-statistics
top-bar
top-bar
mega-forms
mega-forms
culture-object
culture-object
3dprint
3dprint
WP Statistics – Simple, privacy-friendly Google Analytics alternative
wp-statistics
Frontend File Manager Plugin
nmedia-user-file-uploader
Frontend File Manager Plugin
nmedia-user-file-uploader
export-post-info
export-post-info
donation-thermometer
donation-thermometer
Booking Calendar
booking
wordpress-countdown-widget
wordpress-countdown-widget
wordpress-countdown-widget
wordpress-countdown-widget
Wordfence Security – Firewall, Malware Scan, and Login Security
wordfence
Frontend File Manager Plugin
nmedia-user-file-uploader
ketchup-restaurant-reservations
ketchup-restaurant-reservations
ketchup-restaurant-reservations
ketchup-restaurant-reservations
goolytics-simple-google-analytics
goolytics-simple-google-analytics
backupbuddy
backupbuddy
wp-shamsi
wp-shamsi
wp-popup-builder
wp-popup-builder
wp-popup-builder
wp-popup-builder
svg-support
svg-support
slider-hero
slider-hero
seo-automatic-links
seo-automatic-links
scripts-organizer
scripts-organizer
Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App
post-smtp
Ninja Forms – The Contact Form Builder That Grows With You
ninja-forms
login-block-ips
login-block-ips
login-block-ips
login-block-ips
ldap-wp-login-integration-with-active-directory
ldap-wp-login-integration-with-active-directory
Download Manager
download-manager
cm-download-manager
cm-download-manager
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic
all-in-one-seo-pack
wp-cerber
wp-cerber
usc-e-shop
usc-e-shop
torro-forms
torro-forms
timeline-awesome
timeline-awesome
pop-up-pop-up
pop-up-pop-up
mega-addons-for-visual-composer
mega-addons-for-visual-composer
meet-my-team
meet-my-team
wha-wordsearch
wha-wordsearch
wha-wordsearch
wha-wordsearch
wha-crossword
wha-crossword
wha-crossword
wha-crossword
rate-my-post
rate-my-post
mp3-jplayer
mp3-jplayer
getresponse-integration
getresponse-integration
easy-org-chart
easy-org-chart
captcha-code-authentication
captcha-code-authentication
callrail-phone-call-tracking
callrail-phone-call-tracking
blossom-recipe-maker
blossom-recipe-maker
wp-shop-original
wp-shop-original
wp-postratings
wp-postratings
wordlift
wordlift
simple-bitcoin-faucets
simple-bitcoin-faucets
restricted-site-access
restricted-site-access
image-hover-effects-ultimate
image-hover-effects-ultimate
image-hover-effects-ultimate
image-hover-effects-ultimate
image-hover-effects-ultimate
image-hover-effects-ultimate
generate-pdf-using-contact-form-7
generate-pdf-using-contact-form-7
bitcoin-faucet
bitcoin-faucet
ajax-load-more
ajax-load-more
add2fav
add2fav
add-user-role
add-user-role
zephyr-project-manager
zephyr-project-manager
zephyr-project-manager
zephyr-project-manager
zephyr-project-manager
zephyr-project-manager
WPvivid — Backup, Migration & Staging
wpvivid-backuprestore
wp-users-exporter
wp-users-exporter
visualcomposer
visualcomposer
visualcomposer
visualcomposer
ultimate-sms-notifications
ultimate-sms-notifications
slickr-flickr
slickr-flickr
site-offline
site-offline
gettext-override-translations
gettext-override-translations
cp-easy-form-builder
cp-easy-form-builder
beaver-builder-lite-version
beaver-builder-lite-version
beaver-builder-lite-version
beaver-builder-lite-version
beaver-builder-lite-version
beaver-builder-lite-version
beaver-builder-lite-version
beaver-builder-lite-version
Showing 28201 to 28300 of 36320 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 1, 2026 at 15:27 UTC.