Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36406Across tracked plugins
Affected Plugins
87With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| GTM4WP – A Google Tag Manager (GTM) plugin for WordPress | duracelltomi-google-tag-manager |
94
|
Google Tag Manager for WordPress <= 1.15 - Reflected Cross-Site Scripting via Site Search | LOW | *-1.15 | 1.15.1 | July 4, 2026 | |
| computer-repair-shop | computer-repair-shop |
93
|
CRM WordPress Plugin – RepairBuddy <= 3.72 - SQL Injection | LOW | *-3.72 | 3.73 | July 4, 2026 | |
| code-snippets | code-snippets |
93
|
Code Snippets <= 2.14.3 - Reflected Cross-Site Scripting | LOW | *-2.14.3 | 2.14.4 | July 4, 2026 | |
| wp-easy-events | wp-easy-events | N/A | Event Management, Events Calendar, RSVP Event Tickets Plugin <= 3.8.4 - Cross-Site Scripting | LOW | *-3.8.4 | 3.8.5 | July 4, 2026 | |
| wp-crm | wp-crm | N/A | WP-CRM – Customer Relations Management for WordPress <= 1.2.1 - CSV injection | LOW | *-1.2.1 | July 4, 2026 | ||
| webriti-smtp-mail | webriti-smtp-mail | N/A | Webriti SMTP Mail <= 1.0 - Cross-Site Request Forgery to options update | LOW | *-1.0 | July 4, 2026 | ||
| themify-wc-product-filter | themify-wc-product-filter | N/A | Themify - WooCommerce Product Filter <= 1.3.7 - Reflected Cross-Site Scripting | LOW | *-1.3.7 | 1.3.8 | July 4, 2026 | |
| svg-vector-icon-plugin | svg-vector-icon-plugin | N/A | WP SVG Icons <= 3.2.3 - Authenticated (Admin+) Arbitrary File Upload | LOW | *-3.2.3 | July 4, 2026 | ||
| social-locker | social-locker | N/A | OnePress Social Locker <= 5.6.2 - Cross-Site Request Forgery to Settings Update | LOW | *-5.6.2 | July 4, 2026 | ||
| slideshow-ck | slideshow-ck | N/A | Slideshow CK <= 1.4.9 - Authenticated Stored Cross-Site Scripting | LOW | *-1.4.9 | 1.4.10 | July 4, 2026 | |
| second-street-promotion | second-street-promotion | N/A | Second Street <= 3.1.6 - Stored Cross-Site Scripting via organization_id | LOW | *-3.1.6 | 3.1.7 | July 4, 2026 | |
| quick-subscribe | quick-subscribe | N/A | Quick Subscribe <= 1.7.1 - Cross-Site Request Forgery to Arbitrary Settings Update and Stored Cross-Site Scripting | LOW | *-1.7.1 | July 4, 2026 | ||
| official-mailerlite-sign-up-forms | official-mailerlite-sign-up-forms |
93
|
MailerLite - Signup forms <= 1.5.3 - Reflected Cross-Site Scripting | LOW | *-1.5.3 | 1.5.4 | July 4, 2026 | |
| member-hero | member-hero |
91
|
Member Hero <= 1.0.9 - Remote Code Execution | LOW | *-1.0.9 | July 4, 2026 | ||
| logwpmail | logwpmail |
91
|
Log WP_Mail <= 0.1 - Sensitive Information Disclosure | LOW | *-0.1 | July 4, 2026 | ||
| latest-tweets-widget | latest-tweets-widget |
91
|
Latest Tweets Widget <= 1.1.4 - Arbitrary Settings Update via Cross-Site Request Forgery | LOW | *-1.1.4 | July 4, 2026 | ||
| jupiterx-core | jupiterx-core |
93
|
JupiterX Theme <= 2.0.6 and JupiterX Core <= 2.0.6 - Authenticated Arbitrary Plugin Deactivation and Settings Modification | LOW | *-2.0.6 | 2.0.7 | July 4, 2026 | |
| jupiterx-core | jupiterx-core |
93
|
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 - Authenticated Privilege Escalation | LOW | *-2.0.7 | 2.0.8 | July 4, 2026 | |
| jupiterx-core | jupiterx-core |
93
|
JupiterX Core <= 2.0.6 - Information Disclosure, Modification, and Denial of Service | LOW | *-2.0.6 | 2.0.7 | July 4, 2026 | |
| hc-custom-wp-admin-url | hc-custom-wp-admin-url |
87
|
HC Custom WP-Admin URL <= 1.4 - Information Exposure | LOW | *-1.4 | July 4, 2026 | ||
| hc-custom-wp-admin-url | hc-custom-wp-admin-url |
87
|
HC Custom WP-Admin URL <= 1.4 - Cross-Site Request Forgery | LOW | *-1.4 | July 4, 2026 | ||
| email-users | email-users |
91
|
Email Users <= 4.8.8 - Arbitrary Settings Update via Cross-Site Request Forgery | LOW | *-4.8.8 | July 4, 2026 | ||
| custom-share-buttons-with-floating-sidebar | custom-share-buttons-with-floating-sidebar |
93
|
Custom Share Buttons with Floating Sidebar <= 4.1 - Stored Cross-Site Scripting | LOW | *-4.1 | 4.2 | July 4, 2026 | |
| carousel-ck | carousel-ck |
91
|
Carousel CK <= 1.1.0 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-1.1.0 | July 4, 2026 | ||
| code-snippets-extended | code-snippets-extended |
87
|
Code Snippets Extended <= 1.4.7 - Cross-Site Request Forgery | LOW | *-1.4.7 | July 4, 2026 | ||
| code-snippets-extended | code-snippets-extended |
87
|
Code Snippets Extended <= 1.4.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.4.7 | July 4, 2026 | ||
| opal-hotel-room-booking | opal-hotel-room-booking |
91
|
Opal Hotel Room Booking plugin <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.2.7 | July 4, 2026 | ||
| popup-box | popup-box | N/A | Popup Box <= 2.1.2 - Authenticated Local File Inclusion | LOW | *-2.1.2 | 2.2 | July 4, 2026 | |
| wp-athletics | wp-athletics | N/A | WP Athletics <= 1.1.7 - Stored Cross-Site Scripting | LOW | *-1.1.7 | July 4, 2026 | ||
| wp-athletics | wp-athletics | N/A | WP Athletics <= 1.1.7 - Reflected Cross-Site Scripting | LOW | *-1.1.7 | July 4, 2026 | ||
| useful-banner-manager | useful-banner-manager | N/A | Useful Banner Manager <= 1.6.1 - Cross-Site Request Forgery | LOW | *-1.6.1 | July 4, 2026 | ||
| serp-rank | serp-rank | N/A | Keyword Rank Tracker <= 1.0.7 - Stored Cross-Site Scripting | LOW | *-1.0.7 | 1.0.8 | July 4, 2026 | |
| rsvpmaker | rsvpmaker | N/A | RSVPMaker <= 9.3.2 - Unauthenticated SQL Injection | LOW | *-9.3.2 | 9.3.3 | July 4, 2026 | |
| iq-block-country | iq-block-country |
93
|
iQ Block Country <= 1.2.13 - Protection Bypass due to IP Spoofing | LOW | *-1.2.13 | 1.2.17 | July 4, 2026 | |
| hot-linked-image-cacher | hot-linked-image-cacher |
89
|
Hot Linked Image Cacher <= 1.16 - Cross-Site Request Forgery | LOW | *-1.16 | July 4, 2026 | ||
| google-places-reviews | google-places-reviews |
93
|
Google Places Reviews < 2.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | [*, 2.0.0) | 2.0.0 | July 4, 2026 | |
| enqueue-anything | enqueue-anything |
91
|
Enqueue Anything <= 1.0.1 - Missing Authorization | LOW | *-1.0.1 | July 4, 2026 | ||
| bestbooks | bestbooks |
91
|
Bestbooks <= 2.6.3 - Unauthenticated SQL Injection | LOW | *-2.6.3 | July 4, 2026 | ||
| all-in-one-invite-codes | all-in-one-invite-codes |
97
|
All in One Invite Codes <= 1.0.14 - Cross-Site Scripting | LOW | *-1.0.14 | 1.0.15 | July 4, 2026 | |
| advanced-admin-search | advanced-admin-search |
97
|
Advanced Admin Search <= 1.1.2 - Cross-Site Scripting | LOW | *-1.1.2 | 1.1.6 | July 4, 2026 | |
| counter-box | counter-box |
93
|
Counter Box <= 1.1.1 - Authenticated Local File Inclusion | LOW | *-1.1.1 | 1.2 | July 4, 2026 | |
| hover-effects | hover-effects |
93
|
Hover Effects – easily create any hover effect <= 2.1 - Authenticated Local File Inclusion | LOW | *-2.1 | 2.1.1 | July 4, 2026 | |
| mwp-herd-effect | mwp-herd-effect |
93
|
Herd Effects <= 5.2 - Local File Inclusion | LOW | *-5.2 | 5.2.1 | July 4, 2026 | |
| wpify-woo | wpify-woo | N/A | WPify Woo Czech <= 3.5.6 - Reflected Cross-Site Scripting | LOW | *-3.5.6 | 3.5.7 | July 4, 2026 | |
| wp-born-babies | wp-born-babies | N/A | //// WP BORN BABIES PLUGIN /// <= 1.0 - Authenticated (Contributor+) Cross-Site Scripting | LOW | *-1.0 | July 4, 2026 | ||
| user-meta | user-meta | N/A | User Meta – User Profile Builder and User management plugin <= 2.4.3 - Path Traversal | LOW | [*, 2.4.4) | 2.4.4 | July 4, 2026 | |
| Throws SPAM Away | throws-spam-away | N/A | Throws SPAM Away <= 3.3 - Cross-Site Request Forgery to Comment Modification | LOW | [*, 3.3.1) | 3.3.1 | July 4, 2026 | |
| slider-video | slider-video | N/A | Video Slider WordPress <= 1.4.6 - Authenticated (Admin+) Cross-Site Scripting | LOW | [*, 1.4.8) | 1.4.8 | July 4, 2026 | |
| photo-gallery | photo-gallery |
93
|
Photo Gallery by 10Web <= 1.6.3 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | [*, 1.6.4) | 1.6.4 | July 4, 2026 | |
| livesync | livesync |
91
|
LiveSync for WordPress <= 1.0 - Cross-Site Request Forgery to Arbitrary Settings Update | LOW | *-1.0 | July 4, 2026 | ||
| formcraft-form-builder | formcraft-form-builder |
93
|
FormCraft Basic <= 1.2.5 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | [*, 1.2.6) | 1.2.6 | July 4, 2026 | |
| ajax-search-for-woocommerce | ajax-search-for-woocommerce |
97
|
FiboSearch <= 1.17.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | [*, 1.17.0) | 1.17.0 | July 4, 2026 | |
| Iptanus File Upload | wp-file-upload |
76
|
WordPress File Upload <= 4.16.3 - Cross-Site Scripting | LOW | *-4.16.3 | 4.16.4 | July 4, 2026 | |
| files-download-delay | files-download-delay |
91
|
Files Download Delay <= 1.0.6 - Missing Authorization to Settings Reset | LOW | [*, 1.0.7) | 1.0.7 | July 4, 2026 | |
| nd-donations | nd-donations |
89
|
Donations <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.8 | July 4, 2026 | ||
| insert-special-characters | insert-special-characters |
93
|
semver-regex <= 3.1.3 and 4.0.0-4.0.3 - Regular Expression Denial of Service (ReDoS) | LOW | *-1.0.4 | 1.0.5 | July 4, 2026 | |
| wordpress-plugin-for-simple-google-adsense-insertion | wordpress-plugin-for-simple-google-adsense-insertion | N/A | WP Simple Adsense Insertion <= 2.0 - Cross-Site Request Forgery | LOW | *-2.0 | 2.1 | July 4, 2026 | |
| quick-restaurant-reservations | quick-restaurant-reservations | N/A | Quick Restaurant Reservations <= 1.4.1 - Reflected Cross-Site Scripting | LOW | *-1.4.1 | 1.4.2 | July 4, 2026 | |
| pie-forms-for-wp | pie-forms-for-wp | N/A | WordPress Forms by Pie Forms <= 1.4.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | [*, 1.4.9.4) | 1.4.9.4 | July 4, 2026 | |
| loginizer | loginizer |
93
|
Loginizer <= 1.7.5 - Reflected Cross-Site Scripting via 'name' | LOW | *-1.7.5 | 1.7.6 | July 4, 2026 | |
| GTM4WP – A Google Tag Manager (GTM) plugin for WordPress | duracelltomi-google-tag-manager |
94
|
Google Tag Manager for WordPress <= 1.15 - Cross-Site Scripting via Cloudflare Country Code | LOW | *-1.15 | 1.15.1 | July 4, 2026 | |
| WP Statistics – Simple, privacy-friendly Google Analytics alternative | wp-statistics |
90
|
WP Statistics <= 13.2.1 - Reflected Cross-Site Scripting | LOW | [*, 13.2.2) | 13.2.2 | July 4, 2026 | |
| wp-fundraising-donation | wp-fundraising-donation | N/A | WP Fundraising Donation and Crowdfunding Platform <= 1.4.2 - Unauthenticated SQL Injection | LOW | *-1.4.2 | 1.5.0 | July 4, 2026 | |
| wp-db-backup | wp-db-backup | N/A | Database Backup for WordPress <= 2.5.1 - Cross-Site Request Forgery to Settings Update | LOW | [*, 2.5.2) | 2.5.2 | July 4, 2026 | |
| greenwallet-gateway | greenwallet-gateway |
93
|
WooCommerce Green Wallet Gateway <= 1.0.1 - Reflected Cross-Site Scripting | LOW | [*, 1.0.2) | 1.0.2 | July 4, 2026 | |
| wpqa | wpqa | N/A | WPQA - Builder forms Addon For WordPress <= 5.4 - Unauthenticated Private Message Disclosure | LOW | *-5.4 | 5.5 | July 4, 2026 | |
| wpqa | wpqa | N/A | WPQA - Builder forms Addon For WordPress <= 5.3 - Reflected Cross-Site Scripting | LOW | [*, 5.4) | 5.4 | July 4, 2026 | |
| use-any-font | use-any-font | N/A | Use Any Font | Custom Font Uploader <= 6.2.7 - Cross-Site Scripting | LOW | *-6.2.7 | 6.2.8 | July 4, 2026 | |
| quotes-llama | quotes-llama | N/A | Quotes llama <= 0.7 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-0.7 | 1.0.0 | July 4, 2026 | |
| easy-faq-with-expanding-text | easy-faq-with-expanding-text |
91
|
Easy FAQ with Expanding Text <= 3.2.8.3.1 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-3.2.8.3.1 | July 4, 2026 | ||
| bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang | bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang |
91
|
Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam <= 2.0.0 - Cross-Site Scripting | LOW | *-2.0.0 | 2.0.1 | July 4, 2026 | |
| user-meta | user-meta | N/A | User Meta <= 2.4.2 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-2.4.2 | 2.4.3 | July 4, 2026 | |
| team-members | team-members | N/A | Team Members <= 5.1.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-5.1.0 | 5.1.1 | July 4, 2026 | |
| stafflist | stafflist | N/A | StaffList <= 3.1.6 - Reflected Cross-Site Scripting | LOW | *-3.1.6 | 3.1.7 | July 4, 2026 | |
| slideshow-jquery-image-gallery | slideshow-jquery-image-gallery | N/A | Slideshow <= 2.3.1 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-2.3.1 | July 4, 2026 | ||
| simple-real-estate-pack-4 | simple-real-estate-pack-4 | N/A | Simple Real Estate Pack <= 1.4.8 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.4.8 | July 4, 2026 | ||
| realty-workstation | realty-workstation | N/A | Realty Workstation <= 1.0.9 - Authenticated SQL Injection | LOW | *-1.0.9 | 1.0.10 | July 4, 2026 | |
| open-external-links-in-a-new-window | open-external-links-in-a-new-window |
93
|
External Links in New Window / New Tab <= 1.42 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.42 | 1.43 | July 4, 2026 | |
| open-external-links-in-a-new-window | open-external-links-in-a-new-window |
93
|
External Links in New Window / New Tab <= 1.42 - Tabnabbing | LOW | *-1.42 | 1.43 | July 4, 2026 | |
| note-press | note-press |
87
|
Note Press <= 0.1.10 - Authenticated (Admin+) SQL Injection via id Parameter | LOW | *-0.1.10 | July 4, 2026 | ||
| note-press | note-press |
87
|
Note Press <= 0.1.10 - Authenticated (Admin+) SQL Injection via ids Parameter | LOW | *-0.1.10 | July 4, 2026 | ||
| note-press | note-press |
87
|
Note Press <= 0.1.10 - Authenticated (Admin+) SQL Injection via Update | LOW | *-0.1.10 | July 4, 2026 | ||
| no-future-posts | no-future-posts |
91
|
No Future Posts <= 1.4 - Stored Cross-Site Scripting | LOW | *-1.4 | July 4, 2026 | ||
| logo-slider | logo-slider |
91
|
Logo Slider <= 1.4.8 - Authenticated (Admin+) SQL Injection | LOW | *-1.4.8 | July 4, 2026 | ||
| jivochat | jivochat |
93
|
JivoChat Live Chat – WP live chat plugin for WordPress <= 1.3.5.3 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-1.3.5.3 | 1.3.5.4 | July 4, 2026 | |
| imdb-info-box | imdb-info-box |
91
|
IMDB Info Box <= 2.0 - Stored Cross-Site Scripting | LOW | *-2.0 | July 4, 2026 | ||
| hpbtool | hpbtool |
91
|
hpb Dashboard <= 1.3.1 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-1.3.1 | July 4, 2026 | ||
| form-maker | form-maker |
93
|
Form Maker <= 1.14.11 - Stored Cross-Site Scripting | LOW | *-1.14.11 | 1.14.12 | July 4, 2026 | |
| five-minute-webshop | five-minute-webshop |
93
|
Five Minute Webshop <= 1.3.2 - Authenticated (Admin+) SQL Injection via id | LOW | *-1.3.2 | 1.3.3 | July 4, 2026 | |
| five-minute-webshop | five-minute-webshop |
93
|
Five Minute Webshop <= 1.3.2 - Authenticated (Admin+) SQL Injection via orderby | LOW | *-1.3.2 | 1.3.3 | July 4, 2026 | |
| cube-slider | cube-slider |
91
|
CUBE SLIDER <= 1.2 - Authenticated (Admin+) SQL Injection | LOW | *-1.2 | July 4, 2026 | ||
| cp-image-store | cp-image-store |
93
|
CP Image Store with Slideshow <= 1.0.67 - Unauthenticated SQL Injection | LOW | [*, 1.0.68) | 1.0.68 | July 4, 2026 | |
| change-wp-admin-login | change-wp-admin-login |
93
|
Change WP Admin Login <= 1.0.9 - Missing Authorization Checks | LOW | *-1.0.9 | 1.1.0 | July 4, 2026 | |
| callbook-mobile-bar | callbook-mobile-bar |
91
|
Call&Book Mobile Bar <= 1.2.2 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-1.2.2 | July 4, 2026 | ||
| bulk-page-creator | bulk-page-creator |
93
|
Bulk Page Creator <= 1.1.3 - Cross-Site Request Forgery to Arbitrary Page Creation | LOW | *-1.1.3 | 1.1.4 | July 4, 2026 | |
| birthdays-widget | birthdays-widget |
91
|
Birthdays Widget <= 1.7.18 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.7.18 | July 4, 2026 | ||
| bannerman | bannerman |
89
|
BannerMan <= 0.2.4 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-0.2.4 | July 4, 2026 | ||
| bannerman | bannerman |
89
|
BannerMan <= 0.2.4 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-0.2.4 | July 4, 2026 | ||
| amtythumb | amtythumb |
95
|
amtyThumb <= 4.2.0 - Authenticated SQL Injection | LOW | *-4.2.0 | July 4, 2026 | ||
| amazon-link | amazon-link |
95
|
Amazon Link <= 3.2.10 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-3.2.10 | July 4, 2026 |
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress
duracelltomi-google-tag-manager
computer-repair-shop
computer-repair-shop
code-snippets
code-snippets
wp-easy-events
wp-easy-events
wp-crm
wp-crm
webriti-smtp-mail
webriti-smtp-mail
themify-wc-product-filter
themify-wc-product-filter
svg-vector-icon-plugin
svg-vector-icon-plugin
social-locker
social-locker
slideshow-ck
slideshow-ck
second-street-promotion
second-street-promotion
quick-subscribe
quick-subscribe
official-mailerlite-sign-up-forms
official-mailerlite-sign-up-forms
member-hero
member-hero
logwpmail
logwpmail
latest-tweets-widget
latest-tweets-widget
jupiterx-core
jupiterx-core
jupiterx-core
jupiterx-core
jupiterx-core
jupiterx-core
hc-custom-wp-admin-url
hc-custom-wp-admin-url
hc-custom-wp-admin-url
hc-custom-wp-admin-url
email-users
email-users
custom-share-buttons-with-floating-sidebar
custom-share-buttons-with-floating-sidebar
carousel-ck
carousel-ck
code-snippets-extended
code-snippets-extended
code-snippets-extended
code-snippets-extended
opal-hotel-room-booking
opal-hotel-room-booking
popup-box
popup-box
wp-athletics
wp-athletics
wp-athletics
wp-athletics
useful-banner-manager
useful-banner-manager
serp-rank
serp-rank
rsvpmaker
rsvpmaker
iq-block-country
iq-block-country
hot-linked-image-cacher
hot-linked-image-cacher
google-places-reviews
google-places-reviews
enqueue-anything
enqueue-anything
bestbooks
bestbooks
all-in-one-invite-codes
all-in-one-invite-codes
advanced-admin-search
advanced-admin-search
counter-box
counter-box
hover-effects
hover-effects
mwp-herd-effect
mwp-herd-effect
wpify-woo
wpify-woo
wp-born-babies
wp-born-babies
user-meta
user-meta
Throws SPAM Away
throws-spam-away
slider-video
slider-video
photo-gallery
photo-gallery
livesync
livesync
formcraft-form-builder
formcraft-form-builder
ajax-search-for-woocommerce
ajax-search-for-woocommerce
Iptanus File Upload
wp-file-upload
files-download-delay
files-download-delay
nd-donations
nd-donations
insert-special-characters
insert-special-characters
wordpress-plugin-for-simple-google-adsense-insertion
wordpress-plugin-for-simple-google-adsense-insertion
quick-restaurant-reservations
quick-restaurant-reservations
pie-forms-for-wp
pie-forms-for-wp
loginizer
loginizer
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress
duracelltomi-google-tag-manager
WP Statistics – Simple, privacy-friendly Google Analytics alternative
wp-statistics
wp-fundraising-donation
wp-fundraising-donation
wp-db-backup
wp-db-backup
greenwallet-gateway
greenwallet-gateway
wpqa
wpqa
wpqa
wpqa
use-any-font
use-any-font
quotes-llama
quotes-llama
easy-faq-with-expanding-text
easy-faq-with-expanding-text
bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang
bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang
user-meta
user-meta
team-members
team-members
stafflist
stafflist
slideshow-jquery-image-gallery
slideshow-jquery-image-gallery
simple-real-estate-pack-4
simple-real-estate-pack-4
realty-workstation
realty-workstation
open-external-links-in-a-new-window
open-external-links-in-a-new-window
open-external-links-in-a-new-window
open-external-links-in-a-new-window
note-press
note-press
note-press
note-press
note-press
note-press
no-future-posts
no-future-posts
logo-slider
logo-slider
jivochat
jivochat
imdb-info-box
imdb-info-box
hpbtool
hpbtool
form-maker
form-maker
five-minute-webshop
five-minute-webshop
five-minute-webshop
five-minute-webshop
cube-slider
cube-slider
cp-image-store
cp-image-store
change-wp-admin-login
change-wp-admin-login
callbook-mobile-bar
callbook-mobile-bar
bulk-page-creator
bulk-page-creator
birthdays-widget
birthdays-widget
bannerman
bannerman
bannerman
bannerman
amtythumb
amtythumb
amazon-link
amazon-link
Showing 29101 to 29200 of 36406 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 4, 2026 at 04:15 UTC.