Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36328Across tracked plugins
Affected Plugins
80With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| auto-more-tag | auto-more-tag |
91
|
Auto More Tag <= 4.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-4.0.0 | July 1, 2026 | ||
| yaysmtp | yaysmtp | N/A | YaySMTP – Simple WP SMTP Mail <= 2.2.1 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-2.2.1 | 2.2.2 | July 1, 2026 | |
| wp-marketing-automations | wp-marketing-automations | N/A | Abandoned Cart Recovery for WooCommerce by Autonami <= 2.1.1 - Missing Authorization | LOW | *-2.1.1 | 2.1.2 | July 1, 2026 | |
| Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | ultimate-member | N/A | Ultimate Member <= 2.4.0 - Subscriber+ Stored Cross-Site Scripting | LOW | 2.4.0 | 2.4.1 | July 1, 2026 | |
| retro-winamp-block | retro-winamp-block | N/A | Terser < 4.8.1 and 5.0.0-5.14.1 - Regular Expression Denial of Service | LOW | *-1.1.0 | 1.2.0 | July 1, 2026 | |
| publisher-media-kit | publisher-media-kit | N/A | Terser < 4.8.1 and 5.0.0-5.14.1 - Regular Expression Denial of Service | LOW | *-1.2.1 | 1.3.0 | July 1, 2026 | |
| name-directory | name-directory |
93
|
Name Directory <= 1.25.4 - Unauthorized Settings Update | LOW | *-1.25.4 | 1.25.5 | July 1, 2026 | |
| maps-block-apple | maps-block-apple |
93
|
Terser < 4.8.1 and 5.0.0-5.14.1 - Regular Expression Denial of Service | LOW | *-1.0.3 | 1.1.0 | July 1, 2026 | |
| autoshare-for-twitter | autoshare-for-twitter |
93
|
Terser < 4.8.1 and 5.0.0-5.14.1 - Regular Expression Denial of Service | LOW | *-1.1.2 | 1.2.0 | July 1, 2026 | |
| advanced-post-manager | advanced-post-manager |
97
|
Advanced Post Manager <= 4.5.1 - PHP Object Injection | LOW | *-4.5.1 | 4.5.2 | July 1, 2026 | |
| wp-comment-fields | wp-comment-fields | N/A | WordPress Comments Fields <= 4.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-4.0 | 4.1 | July 1, 2026 | |
| Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | ultimate-member | N/A | Ultimate Member <= 2.4.1 - Username Enumeration | LOW | *-2.4.1 | 2.4.2 | July 1, 2026 | |
| sophi | sophi | N/A | terser (JS Package) < 5.14.2 - Denial of Service | LOW | *-1.2.0 | 1.2.1 | July 1, 2026 | |
| simple-podcasting | simple-podcasting | N/A | terser (JS Package) < 5.14.2 - Denial of Service | LOW | [*, 1.2.4) | 1.2.4 | July 1, 2026 | |
| simple-local-avatars | simple-local-avatars | N/A | terser (JS Package) < 5.14.2 - Denial of Service | LOW | *-2.5.0 | 2.6.0 | July 1, 2026 | |
| retro-winamp-block | retro-winamp-block | N/A | terser (JS Package) < 5.14.2 - Denial of Service | LOW | *-1.1.0 | 1.2.0 | July 1, 2026 | |
| elasticpress | elasticpress |
93
|
terser (JS Package) < 5.14.2 - Denial of Service | LOW | *-4.2.2 | 4.3.0 | July 1, 2026 | |
| advanced-custom-fields | advanced-custom-fields |
97
|
Advanced Custom Fields <= 5.12.2 - File Upload | LOW | *-5.12.2 | 5.12.3 | July 1, 2026 | |
| youzify | youzify | N/A | Youzify <= 1.1.9 - SQL Injection | LOW | *-1.1.9 | 1.2.0 | July 1, 2026 | |
| Melapress File Monitor | website-file-changes-monitor |
97
|
Website File Changes Monitor <= 1.8.2 - Authenticated (Admin+) SQL Injection | LOW | *-1.8.2 | 1.8.3 | July 1, 2026 | |
| give | give |
93
|
GiveWP <= 2.20.2 - Authenticated Arbitrary File Read | LOW | *-2.20.2 | 2.21.0 | July 1, 2026 | |
| give | give |
93
|
GiveWP <= 2.20.2 - Authenticated Arbitrary File Creation | LOW | *-2.20.2 | 2.21.0 | July 1, 2026 | |
| wsm-downloader | wsm-downloader | N/A | WSM Downloader <= 1.4.0 - Arbitrary File Download | LOW | *-1.4.0 | July 1, 2026 | ||
| wsm-downloader | wsm-downloader | N/A | WSM Downloader <- 1.4.0 - Domain Bypass | LOW | *-1.4.0 | July 1, 2026 | ||
| weforms | weforms | N/A | weForms <= 1.6.13 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.6.13 | 1.6.14 | July 1, 2026 | |
| username-updater | username-updater | N/A | Easy Username Updater <= 1.0.3 - Cross-Site Request Forgery to Username Change | LOW | *-1.0.3 | 1.0.4 | July 1, 2026 | |
| feed-them-social | feed-them-social |
93
|
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.8.5 - Unauthenticated PHAR Deserialization | LOW | *-2.9.8.5 | 2.9.8.6 | July 1, 2026 | |
| feed-them-social | feed-them-social |
93
|
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.8.5 - Cross-Site Request Forgery to Plugin Settings Update | LOW | *-2.9.8.5 | 2.9.8.6 | July 1, 2026 | |
| feed-them-social | feed-them-social |
93
|
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.9 - Reflected Cross-Site Scripting | LOW | *-2.9.9 | 3.0.1 | July 1, 2026 | |
| dynamic-font-replacement-4wp | dynamic-font-replacement-4wp |
89
|
Dynamic Font Replacement DFR4WP EN <= 1.3 EN - Arbitrary File Deletion | LOW | * - 1.3 EN | July 1, 2026 | ||
| Simple SEO | cds-simple-seo |
92
|
Simple SEO <= 1.7.91 - Reflected Cross-Site Scripting | LOW | *-1.7.91 | 1.7.92 | July 1, 2026 | |
| auxin-elements | auxin-elements |
89
|
Shortcodes and extra features for Phlox theme <= 2.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.9.8 | 2.9.14 | July 1, 2026 | |
| yop-poll | yop-poll | N/A | YOP Poll <= 6.4.2 - IP Spoofing via X-Forwarded-For header | LOW | *-6.4.2 | 6.4.3 | July 1, 2026 | |
| yaysmtp | yaysmtp | N/A | YaySMTP – Simple WP SMTP Mail <= 2.2 - Missing Authorization to Sensitive Information Exposure | LOW | *-2.2 | 2.2.1 | July 1, 2026 | |
| yaysmtp | yaysmtp | N/A | YaySMTP – Simple WP SMTP Mail <= 2.2 - Sensitive Information Disclosure | LOW | 2.2 | 2.2.1 | July 1, 2026 | |
| File Sharing & Download Manager – User Private Files | user-private-files |
96
|
Frontend File Manager & Sharing – User Private Files <= 1.1.2 - Subscriber+ Arbitrary File Upload | LOW | *-1.1.2 | 1.1.3 | July 1, 2026 | |
| rich-event-timeline | rich-event-timeline | N/A | Event Timeline <= 1.1.6 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.1.6 | July 1, 2026 | ||
| project-source-code-download | project-source-code-download | N/A | Project Source Code Download <= 1.0.0 - Unauthenticated Backup Download | LOW | *-1.0.0 | July 1, 2026 | ||
| give | give |
93
|
GiveWP <= 2.21.2 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-2.21.2 | 2.21.3 | July 1, 2026 | |
| ecwid-shopping-cart | ecwid-shopping-cart |
93
|
Ecwid Ecommerce Shopping Cart <= 6.10.23 - Cross-Site Request Forgery to Settings/Options Update | LOW | *-6.10.23 | 6.10.24 | July 1, 2026 | |
| ecwid-shopping-cart | ecwid-shopping-cart |
93
|
Ecwid Ecommerce Shopping Cart <= 6.10.22 - Insufficient Access Control on Multiple AJAX Actions | LOW | *-6.10.22 | 6.10.23 | July 1, 2026 | |
| give | give |
93
|
GiveWP – Donation Plugin and Fundraising Platform <= 2.21.2 - Cross-Site Request Forgery | LOW | *-2.21.2 | 2.21.3 | July 1, 2026 | |
| counter-box | counter-box |
93
|
Counter Box <= 1.2 - Cross-Site Request Forgery | LOW | *-1.2 | 1.2.1 | July 1, 2026 | |
| counter-box | counter-box |
93
|
Counter Box – WordPress plugin for countdown, timer, counter <= 1.2 - SQL Injection | LOW | *-1.2 | 1.2.1 | July 1, 2026 | |
| shortcode-for-current-date | shortcode-for-current-date | N/A | Shortcode For Current Date <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.1.6 | 2.1.7 | July 1, 2026 | |
| progressive-license | progressive-license | N/A | Progressive License <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1.0 | July 1, 2026 | ||
| microsoft-advertising-universal-event-tracking-uet | microsoft-advertising-universal-event-tracking-uet |
93
|
Microsoft Advertising Universal Event Tracking (UET) <= 1.0.3 - Authenticated Stored Cross-Site Scripting | LOW | *-1.0.3 | 1.0.4 | July 1, 2026 | |
| keep-backup-daily | keep-backup-daily |
93
|
Keep Backup Daily <= 2.0.3 - Reflected Cross-Site Scripting | LOW | *-2.0.3 | 2.0.4 | July 1, 2026 | |
| digiproveblog | digiproveblog |
91
|
Copyright Proof <= 4.16 - Reflected Cross-Site Scripting | LOW | *-4.16 | July 1, 2026 | ||
| wp-stats-manager | wp-stats-manager | N/A | WP Visitor Statistics (Real Time Traffic) <= 5.7 - Unauthenticated SQL Injection | LOW | *-5.7 | 5.8 | July 1, 2026 | |
| wp-paypal | wp-paypal | N/A | WP PayPal <= 1.2.3.8 - Cross-Site Scripting | LOW | *-1.2.3.7 | 1.2.3.8 | July 1, 2026 | |
| vc-addons-by-bit14 | vc-addons-by-bit14 | N/A | Web and WooCommerce Addons for WPBakery Builder <= 1.4.4.1 - Missing Authorization Checks | LOW | *-1.4.4.1 | 1.4.4.2 | July 1, 2026 | |
| social-share-buttons-by-supsystic | social-share-buttons-by-supsystic | N/A | Social Share Buttons by Supsystic <= 2.2.6 - SQL Injection | LOW | *-2.2.6 | 2.2.7 | July 1, 2026 | |
| slide-anything | slide-anything | N/A | Slide Anything – Responsive Content / HTML Slider and Carousel <= 2.3.46 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-2.3.46 | 2.3.47 | July 1, 2026 | |
| simple-membership | simple-membership | N/A | Simple Membership <= 4.1.2 - Membership Privilege Escalation | LOW | *-4.1.2 | 4.1.3 | July 1, 2026 | |
| simple-membership | simple-membership | N/A | Simple Membership <= 4.1.2 - Membership Privilege Escalation | LOW | *-4.1.2 | 4.1.3 | July 1, 2026 | |
| rt-custom-css-page-and-post | rt-custom-css-page-and-post | N/A | Royal Custom CSS for Page and Post <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | 1.2 | July 1, 2026 | ||
| makestories-helper | makestories-helper |
91
|
MakeStories (for Web Stories) <= 2.6.4 - Cross-Ste Scripting | LOW | *-2.6.4 | 2.6.5 | July 1, 2026 | |
| flexi-quote-rotator | flexi-quote-rotator |
89
|
Flexi Quote Rotator <= 0.9.4 - Authenticated Stored Cross-Site Scripting | LOW | *-0.9.4 | July 1, 2026 | ||
| flexi-quote-rotator | flexi-quote-rotator |
89
|
Flexi Quote Rotator <= 0.9.4 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-0.9.4 | July 1, 2026 | ||
| Download Manager | download-manager |
63
|
Download Manager <= 3.2.48 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.2.48 | 3.2.49 | July 1, 2026 | |
| visualizer | visualizer | N/A | Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization | LOW | *-3.7.9 | 3.7.10 | July 1, 2026 | |
| visualizer | visualizer | N/A | Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization | LOW | *-3.7.9 | 3.7.10 | July 1, 2026 | |
| popups | popups | N/A | Popups <= 1.9.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.9.3.8 | July 1, 2026 | ||
| login-with-phone-number | login-with-phone-number |
93
|
Login with phone number <= 1.3.7 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.3.7 | 1.3.8 | July 1, 2026 | |
| learnpress | learnpress |
93
|
LearnPress – WordPress LMS Plugin <= 4.1.6.7 - Reflected Cross-Site Scripting | LOW | *-4.1.6.7 | 4.1.6.8 | July 1, 2026 | |
| invitation-based-registrations | invitation-based-registrations |
93
|
Invitation Based Registrations <= 2.2.84 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-2.2.84 | 2.3.1 | July 1, 2026 | |
| freemind-wp-browser | freemind-wp-browser |
91
|
FreeMind WP Browser <= 1.2 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-1.2 | July 1, 2026 | ||
| featured-image-from-url | featured-image-from-url |
93
|
Featured Image from URL (FIFU) <= 4.0.0 - Stored Cross-Site Scripting | LOW | *-4.0.0 | 4.0.1 | July 1, 2026 | |
| anymind-widget | anymind-widget |
95
|
AnyMind Widget <= 1.1 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-1.1 | July 1, 2026 | ||
| advanced-wp-reset | advanced-wp-reset |
97
|
Advanced WordPress Reset <= 1.5 - Reflected Cross-Site Scripting | LOW | *-1.5 | 1.6 | July 1, 2026 | |
| wp-video-lightbox | wp-video-lightbox | N/A | Video Lightbox <= 1.9.5 - Authenticated Stored Cross-Site Scripting | LOW | *-1.9.5 | 1.9.6 | July 1, 2026 | |
| Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools | woocommerce-jetpack |
65
|
Booster for WooCommerce <= 5.5.9 - Reflected Cross-Site Scripting | LOW | *-5.5.9 | 5.6.0 | July 1, 2026 | |
| social-networks-auto-poster-facebook-twitter-g | social-networks-auto-poster-facebook-twitter-g | N/A | NextScripts: Social Networks Auto-Poster <= 4.3.25 - Reflected Cross-Site Scripting | LOW | *-4.3.25 | 4.3.26 | July 1, 2026 | |
| shareaholic | shareaholic | N/A | Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic <= 9.7.5 - Information Disclosure | LOW | *-9.7.5 | 9.7.6 | July 1, 2026 | |
| popup-anything-on-click | popup-anything-on-click | N/A | Popup Anything – A Marketing Popup and Lead Generation Conversions <= 2.1.6 - Reflected Cross-Site Scripting | LOW | *-2.1.6 | 2.1.7 | July 1, 2026 | |
| asf-allow-svg-files | asf-allow-svg-files |
95
|
Allow SVG Files <= 1.1 - Authenticated (Author+) Stored Cross-Site Scripting | LOW | *-1.1 | July 1, 2026 | ||
| add-search-to-menu | add-search-to-menu |
97
|
Ivory Search <= 5.4.6 - Reflected Cross-Site Scripting | LOW | *-5.4.6 | 5.4.7 | July 1, 2026 | |
| yellow-yard | yellow-yard | N/A | Yellow Yard Searchbar <= 2.7.27 - Reflected Cross-Site Scripting | LOW | *-2.7.27 | 2.8.12 | July 1, 2026 | |
| WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets | wp-all-import |
66
|
WP All Import <= 3.6.7 - Admin+ Arbitrary File Upload | LOW | *-3.6.7 | 3.6.8 | July 1, 2026 | |
| photo-gallery | photo-gallery | N/A | Photo Gallery by 10Web <= 1.6.8 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-1.6.8 | 1.6.9 | July 1, 2026 | |
| ND Shortcodes | nd-shortcodes |
91
|
ND Shortcodes <= 6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-6.5 | 6.6 | July 1, 2026 | |
| wp-video-lightbox | wp-video-lightbox | N/A | WP Video Lightbox <= 1.9.4 - Reflected Cross-Site Scripting | LOW | *-1.9.4 | 1.9.5 | July 1, 2026 | |
| WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets | wp-all-import |
66
|
Import any XML or CSV File to WordPress <= 3.6.7 - Admin+ Malicious File Upload | LOW | *-3.6.7 | 3.6.8 | July 1, 2026 | |
| shortcode-addons | shortcode-addons | N/A | Shortcode Addons- with Visual Composer, Divi, Beaver Builder and Elementor Extension <= 3.0.2 - Unauthenticated Arbitrary Options Update | LOW | *-3.0.2 | 3.0.3 | July 1, 2026 | |
| popup-builder | popup-builder | N/A | Popup Builder – Create highly converting, mobile friendly marketing popups. <= 4.1.11 - Cross-Site Request Forgery to Settings Update | LOW | *-4.1.11 | 4.1.12 | July 1, 2026 | |
| music-player-for-woocommerce | music-player-for-woocommerce |
93
|
Music Player for WooCommerce <= 1.0.172 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.0.172 | 1.0.173 | July 1, 2026 | |
| form-forms | form-forms |
93
|
Form – Contact Form <= 1.2.0 - Administrator+ Cross-Site Scripting | LOW | *-1.2.0 | 1.2.1 | July 1, 2026 | |
| featured-image-from-url | featured-image-from-url |
93
|
Featured Image from URL (FIFU) <= 3.9.9 - Cross-Site Request Forgery | LOW | *-3.9.9 | 4.0.0 | July 1, 2026 | |
| accordions-or-faqs | accordions-or-faqs |
95
|
Accordions – Multiple Accordions or FAQs Builder <= 2.0.2 - Unauthenticated Arbitrary Options Update | LOW | *-2.0.2 | 2.0.3 | July 1, 2026 | |
| wp-memory | wp-memory | N/A | Memory Usage, Memory Limit, PHP and Server Memory Health Check and Fix Plugin <= 2.43 - Cross-Site Scripting | LOW | *-2.43 | 2.44 | July 1, 2026 | |
| WP Popular Posts | wordpress-popular-posts | N/A | WordPress Popular Posts <= 5.5.1 - Reflected Cross-Site Scripting | LOW | *-5.5.1 | 6.0.0 | July 1, 2026 | |
| unyson | unyson | N/A | Unyson <= 2.7.26 - Cross-Site Scripting | LOW | *-2.7.26 | 2.7.27 | July 1, 2026 | |
| advanced-nocaptcha-recaptcha | advanced-nocaptcha-recaptcha |
97
|
CAPTCHA 4WP <= 7.0.6.1 - Cross-Site Request Forgery to Local File Inclusion | LOW | *-7.0.6.1 | 7.1.0 | July 1, 2026 | |
| wp-maintenance | wp-maintenance | N/A | WP Maintenance <= 6.0.7 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-6.0.7 | 6.0.8 | July 1, 2026 | |
| yikes-inc-easy-custom-woocommerce-product-tabs | yikes-inc-easy-custom-woocommerce-product-tabs | N/A | Custom Product Tabs for WooCommerce <= 1.7.7 - Subscriber+ Settings Update | LOW | *-1.7.7 | 1.7.8 | July 1, 2026 | |
| WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets | wp-all-import |
66
|
WP All Import <= 3.6.7 - Authenticated (Administrator+) Arbitrary Code Execution | LOW | *-3.6.7 | 3.6.8 | July 1, 2026 | |
| sp-client-document-manager | sp-client-document-manager |
87
|
SP Project & Document Manager <= 4.57 - Sensitive File Disclosure | LOW | *-4.57 | 4.58 | July 1, 2026 | |
| request-a-quote | request-a-quote | N/A | Request a Quote <= 2.3.7 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-2.3.7 | 2.3.8 | July 1, 2026 | |
| request-a-quote | request-a-quote | N/A | Request a Quote <= 2.3.8 - CSV Injection | LOW | *-2.3.8 | 2.3.9 | July 1, 2026 |
auto-more-tag
auto-more-tag
yaysmtp
yaysmtp
wp-marketing-automations
wp-marketing-automations
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
ultimate-member
retro-winamp-block
retro-winamp-block
publisher-media-kit
publisher-media-kit
name-directory
name-directory
maps-block-apple
maps-block-apple
autoshare-for-twitter
autoshare-for-twitter
advanced-post-manager
advanced-post-manager
wp-comment-fields
wp-comment-fields
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
ultimate-member
sophi
sophi
simple-podcasting
simple-podcasting
simple-local-avatars
simple-local-avatars
retro-winamp-block
retro-winamp-block
elasticpress
elasticpress
advanced-custom-fields
advanced-custom-fields
youzify
youzify
Melapress File Monitor
website-file-changes-monitor
give
give
give
give
wsm-downloader
wsm-downloader
wsm-downloader
wsm-downloader
weforms
weforms
username-updater
username-updater
feed-them-social
feed-them-social
feed-them-social
feed-them-social
feed-them-social
feed-them-social
dynamic-font-replacement-4wp
dynamic-font-replacement-4wp
Simple SEO
cds-simple-seo
auxin-elements
auxin-elements
yop-poll
yop-poll
yaysmtp
yaysmtp
yaysmtp
yaysmtp
File Sharing & Download Manager – User Private Files
user-private-files
rich-event-timeline
rich-event-timeline
project-source-code-download
project-source-code-download
give
give
ecwid-shopping-cart
ecwid-shopping-cart
ecwid-shopping-cart
ecwid-shopping-cart
give
give
counter-box
counter-box
counter-box
counter-box
shortcode-for-current-date
shortcode-for-current-date
progressive-license
progressive-license
microsoft-advertising-universal-event-tracking-uet
microsoft-advertising-universal-event-tracking-uet
keep-backup-daily
keep-backup-daily
digiproveblog
digiproveblog
wp-stats-manager
wp-stats-manager
wp-paypal
wp-paypal
vc-addons-by-bit14
vc-addons-by-bit14
social-share-buttons-by-supsystic
social-share-buttons-by-supsystic
slide-anything
slide-anything
simple-membership
simple-membership
simple-membership
simple-membership
rt-custom-css-page-and-post
rt-custom-css-page-and-post
makestories-helper
makestories-helper
flexi-quote-rotator
flexi-quote-rotator
flexi-quote-rotator
flexi-quote-rotator
Download Manager
download-manager
visualizer
visualizer
visualizer
visualizer
popups
popups
login-with-phone-number
login-with-phone-number
learnpress
learnpress
invitation-based-registrations
invitation-based-registrations
freemind-wp-browser
freemind-wp-browser
featured-image-from-url
featured-image-from-url
anymind-widget
anymind-widget
advanced-wp-reset
advanced-wp-reset
wp-video-lightbox
wp-video-lightbox
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools
woocommerce-jetpack
social-networks-auto-poster-facebook-twitter-g
social-networks-auto-poster-facebook-twitter-g
shareaholic
shareaholic
popup-anything-on-click
popup-anything-on-click
asf-allow-svg-files
asf-allow-svg-files
add-search-to-menu
add-search-to-menu
yellow-yard
yellow-yard
WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets
wp-all-import
photo-gallery
photo-gallery
ND Shortcodes
nd-shortcodes
wp-video-lightbox
wp-video-lightbox
WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets
wp-all-import
shortcode-addons
shortcode-addons
popup-builder
popup-builder
music-player-for-woocommerce
music-player-for-woocommerce
form-forms
form-forms
featured-image-from-url
featured-image-from-url
accordions-or-faqs
accordions-or-faqs
wp-memory
wp-memory
WP Popular Posts
wordpress-popular-posts
unyson
unyson
advanced-nocaptcha-recaptcha
advanced-nocaptcha-recaptcha
wp-maintenance
wp-maintenance
yikes-inc-easy-custom-woocommerce-product-tabs
yikes-inc-easy-custom-woocommerce-product-tabs
WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets
wp-all-import
sp-client-document-manager
sp-client-document-manager
request-a-quote
request-a-quote
request-a-quote
request-a-quote
Showing 28601 to 28700 of 36328 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 1, 2026 at 19:34 UTC.