Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36406Across tracked plugins
Affected Plugins
92With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| bulk-edit-user-profiles-in-spreadsheet | bulk-edit-user-profiles-in-spreadsheet |
93
|
Bulk Edit and Create User Profiles – WP Sheet Editor <= 1.5.13 - Cross-Site Scripting | LOW | [*, 1.5.14) | 1.5.14 | July 4, 2026 | |
| bmi-bmr-calculator | bmi-bmr-calculator |
91
|
BMI BMR Calculator <= 1.3 - Reflected Cross-Site Scripting | LOW | *-1.3 | July 4, 2026 | ||
| automatic-grid-image-listing | automatic-grid-image-listing |
91
|
AGIL(Automatic Grid Image Listing) <= 1.0 - Arbitrary File Upload | LOW | *-1.0 | July 4, 2026 | ||
| advanced-uploader | advanced-uploader |
95
|
Advanced uploader <= 4.2 - Authenticated (Subscriber+) Arbitrary File Upload | LOW | *-4.2 | July 4, 2026 | ||
| advanced-image-sitemap | advanced-image-sitemap |
95
|
Advanced Image Sitemap <= 1.2 - Reflected Cross-Site Scripting | LOW | *-1.2 | July 4, 2026 | ||
| VikBooking Hotel Booking Engine & PMS | vikbooking |
95
|
VikBooking Hotel Booking Engine & PMS <= 1.5.3 - Arbitrary File Upload | LOW | *-1.5.3 | 1.5.4 | July 4, 2026 | |
| VikBooking Hotel Booking Engine & PMS | vikbooking |
95
|
VikBooking Hotel Booking Engine & PMS <= 1.5.3 - Sensitive Information Exposure | LOW | *-1.5.3 | 1.5.4 | July 4, 2026 | |
| ubigeo-peru | ubigeo-peru | N/A | Ubigeo de Perú para Woocommerce y WordPress <= 3.6.3 - Unauthenticated SQL Injection | LOW | [*, 3.6.4) | 3.6.4 | July 4, 2026 | |
| slide-anything | slide-anything | N/A | Slide Anything – Responsive Content / HTML Slider and Carousel <= 2.3.43 - Editor+ Cross-Site Scripting | LOW | [*, 2.3.44) | 2.3.44 | July 4, 2026 | |
| popup-by-supsystic | popup-by-supsystic | N/A | Popup by Supsystic <= 1.10.8 - Sensitive Information Disclosure | LOW | [*, 1.10.9) | 1.10.9 | July 4, 2026 | |
| personal-dictionary | personal-dictionary |
93
|
Personal Dictionary <= 1.3.3 - Unauthenticated SQL Injection | LOW | [*, 1.3.4) | 1.3.4 | July 4, 2026 | |
| mapsvg | mapsvg |
91
|
MapSVG <= 6.2.19 - SQL Injection | LOW | [*, 6.2.20) | 6.2.20 | July 4, 2026 | |
| event-list | event-list |
93
|
Event List < 0.8.7 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-0.8.7 | 0.8.8 | July 4, 2026 | |
| Booking Calendar | booking |
71
|
Booking Calendar <= 9.1 - PHP Object Injection via Shortcode | LOW | *-9.1 | 9.1.1 | July 4, 2026 | |
| woc-open-close | woc-open-close | N/A | Woocommerce Open Close – Best Business Schedules Manager <= 4.3.0 - Reflected Cross-Site Scripting | LOW | *-4.3.0 | 4.3.1 | July 4, 2026 | |
| sitesupercharger | sitesupercharger | N/A | SiteSuperCharger <= 5.1.10 - Unauthenticated SQL Injection | LOW | *-5.1.10 | 5.2.0 | July 4, 2026 | |
| kb-support | kb-support |
91
|
KB Support – WordPress Help Desk <= 1.5.5 - Multiple Unauthenticated Stored Cross-Site Scripting | LOW | *-1.5.5 | 1.5.6 | July 4, 2026 | |
| wp-maintenance | wp-maintenance | N/A | WP Maintenance <= 6.0.5 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-6.0.5 | 6.0.6 | July 4, 2026 | |
| simple-ajax-chat | simple-ajax-chat | N/A | Simple Ajax Chat <= 20220115 - Cross-Site Request Forgery | LOW | *-20220115 | 20220216 | July 4, 2026 | |
| simple-ajax-chat | simple-ajax-chat | N/A | Simple Ajax Chat Plugin <= 20220115 - Sensitive Information Disclosure | LOW | *-20220115 | 20220216 | July 4, 2026 | |
| wp-easycart | wp-easycart | N/A | Shopping Cart & eCommerce Store <= 5.2.6 - Cross-Site Request Forgery | LOW | *-5.2.6 | 5.3.0 | July 4, 2026 | |
| Advanced Booking & Appointment System – Webba Booking Calendar | webba-booking-lite |
70
|
Webba Booking <= 4.2.21 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-4.2.21 | 4.2.22 | July 4, 2026 | |
| product-filter-for-woocommerce-product | product-filter-for-woocommerce-product | N/A | Product Filter For WooCommerce Product <= 1.3.1 - Unauthenticated SQL Injection | LOW | *-1.3.0 | July 4, 2026 | ||
| modern-events-calendar-lite | modern-events-calendar-lite |
93
|
Modern Events Calendar Lite <= 6.5.1 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-6.5.1 | 6.5.2 | July 4, 2026 | |
| fancy-product-designer | fancy-product-designer |
93
|
Fancy Product Designer <= 4.7.5 - Cross-Site Request Forgery to Arbitrary File Upload | LOW | *-4.7.5 | 4.7.6 | July 4, 2026 | |
| exmage-wp-image-links | exmage-wp-image-links |
93
|
EXMAGE – WordPress Image Links <= 1.0.6 - Admin+ Blind SSRF | LOW | *-1.0.6 | 1.0.7 | July 4, 2026 | |
| wp-video-gallery-free | wp-video-gallery-free | N/A | WP Video Gallery <= 1.7.1 - SQL Injection | LOW | *-1.7.1 | July 4, 2026 | ||
| wp-system-log | wp-system-log | N/A | Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | * | July 4, 2026 | ||
| wp-social-buttons | wp-social-buttons | N/A | WP Social Buttons <= 2.1 - Admin+ Cross-Site Scripting | LOW | *-2.1 | 2.2 | July 4, 2026 | |
| wp-2fa | wp-2fa | N/A | WP 2FA – Two-factor authentication for WordPress <= 2.1.0 - Insecure Direct Object Reference | LOW | *-2.1.0 | 2.2.0 | July 4, 2026 | |
| woo-document-preview | woo-document-preview | N/A | Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 1.4.0) | 1.4.0 | July 4, 2026 | |
| woo-audio-preview | woo-audio-preview | N/A | Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 1.4.0) | 1.4.0 | July 4, 2026 | |
| wbcom-designs-buddypress-search | wbcom-designs-buddypress-search | N/A | Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | * | July 4, 2026 | ||
| wbcom-designs-buddypress-ads | wbcom-designs-buddypress-ads | N/A | Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 1.3.1) | 1.3.1 | July 4, 2026 | |
| users-ultra | users-ultra | N/A | Users Ultra Membership, Users Community and Member Profiles With PayPal Integration Plugin <= 3.1.0 - Unauthenticated SQL Injection | LOW | *-3.1.0 | July 4, 2026 | ||
| udraw | udraw | N/A | Web To Print Shop : uDraw <= 3.3.3 - Unauthenticated Arbitrary File Access | LOW | *-3.3.3 | 3.4.0 | July 4, 2026 | |
| tipsacarrier | tipsacarrier | N/A | Tipsacarrier < 1.5.0.5 - Missing Authorization to Order Disclosure | LOW | [*, 1.5.0.5) | 1.5.0.5 | July 4, 2026 | |
| sitemap-by-click5 | sitemap-by-click5 | N/A | Sitemap by click5 <= 1.0.35 - Unauthenticated Arbitrary Options Update | LOW | *-1.0.35 | 1.0.36 | July 4, 2026 | |
| sema-api | sema-api | N/A | SEMA API <= 3.64 - SQL Injection | LOW | *-3.64 | 4.02 | July 4, 2026 | |
| rsfirewall | rsfirewall | N/A | RSFirewall! <= 1.1.24 - IP Address Spoofing | LOW | *-1.1.24 | 1.1.25 | July 4, 2026 | |
| review-buddypress-groups | review-buddypress-groups | N/A | Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 2.8.1) | 2.8.1 | July 4, 2026 | |
| multiple-shipping-address-woocommerce | multiple-shipping-address-woocommerce |
93
|
Multiple Shipping Address Woocommerce < 2.0 - Unauthenticated SQL Injection | LOW | [*, 2.0) | 2.0 | July 4, 2026 | |
| lock-my-bp | lock-my-bp |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 1.7.0) | 1.7.0 | July 4, 2026 | |
| lifterlms-gateway-paypal | lifterlms-gateway-paypal |
93
|
LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting | LOW | [*, 1.4.0) | 1.4.0 | July 4, 2026 | |
| igniteup | igniteup |
93
|
IgniteUp – Coming Soon and Maintenance Mode <= 3.4.1 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-3.4.1 | 3.4.2 | July 4, 2026 | |
| fast-flow-dashboard | fast-flow-dashboard |
93
|
Fast Flow <= 1.2.10 - Cross-Site Scripting | LOW | *-1.2.10 | 1.2.11 | July 4, 2026 | |
| Elementor Website Builder – more than just a page builder | elementor |
79
|
Elementor Website Builder 3.6.0 - 3.6.2 - Missing Authorization to Remote Code Execution | LOW | 3.6.0-3.6.2 | 3.6.3 | July 4, 2026 | |
| easily-generate-rest-api-url | easily-generate-rest-api-url |
91
|
Easily Generate Rest API Url <= 1.0.0 - Stored Cross-Site Scripting | LOW | *-1.0.0 | July 4, 2026 | ||
| documentor-lite | documentor-lite |
93
|
Documentor – Create Product Documentation <= 1.5.3 - Unauthenticated SQL Injection | LOW | *-1.5.3 | 1.5.4 | July 4, 2026 | |
| daily-prayer-time-for-mosques | daily-prayer-time-for-mosques |
93
|
Daily Prayer Time < 2022.03.01 - Unauthenticated SQL Injection | LOW | [*, 2022.03.01) | 2022.03.01 | July 4, 2026 | |
| custom-font-uploader | custom-font-uploader |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 2.2.0) | 2.2.0 | July 4, 2026 | |
| custom-email-options | custom-email-options |
91
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | * | July 4, 2026 | ||
| contest-gallery | contest-gallery |
93
|
Contest Gallery – Photo Contest Plugin for WordPress <= 13.1.0.5 - SQL Injection | LOW | *-13.1.0.5 | 13.1.0.6 | July 4, 2026 | |
| cart-link-for-woocommerce | cart-link-for-woocommerce |
93
|
Cart Link for WooCommerce <= 2.0.2 - Cross-Site Request Forgery | LOW | *-1.0.2 | 1.1.0 | July 4, 2026 | |
| buddypress-sticky-post | buddypress-sticky-post |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 1.9.9) | 1.9.9 | July 4, 2026 | |
| buddypress-hashtag | buddypress-hashtag |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 2.7.0) | 2.7.0 | July 4, 2026 | |
| buddypress-check-ins-pro | buddypress-check-ins-pro |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 1.4.0) | 1.4.0 | July 4, 2026 | |
| bp-user-to-do-list | bp-user-to-do-list |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 3.0.0) | 3.0.0 | July 4, 2026 | |
| bp-user-profile-reviews | bp-user-profile-reviews |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 2.7.0) | 2.7.0 | July 4, 2026 | |
| bp-job-manager-integration | bp-job-manager-integration |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 2.6.1) | 2.6.1 | July 4, 2026 | |
| bp-create-group-type | bp-create-group-type |
91
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | * | July 4, 2026 | ||
| bp-check-in | bp-check-in |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 1.9.4) | 1.9.4 | July 4, 2026 | |
| bp-activity-social-share | bp-activity-social-share |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 3.3.0) | 3.3.0 | July 4, 2026 | |
| bp-activity-filter | bp-activity-filter |
93
|
Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation | LOW | [*, 2.8.0) | 2.8.0 | July 4, 2026 | |
| books-papers | books-papers |
93
|
Books & Papers <= 0.20210223 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-0.20210223 | 0.20220219 | July 4, 2026 | |
| badgeos | badgeos |
83
|
BadgeOS <= 3.7.0 - Unauthenticated SQL Injection | LOW | *-3.7.0 | 3.7.1 | July 4, 2026 | |
| autolinks | autolinks |
91
|
Autolinks <= 1.0.1 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-1.0.1 | July 4, 2026 | ||
| admin-menu-restriction | admin-menu-restriction |
95
|
Admin Menu Editor <= 1.0.4 - Reflected Cross-Site Scripting | LOW | *-1.0.4 | July 4, 2026 | ||
| ad-invalid-click-protector | ad-invalid-click-protector |
97
|
Ad Invalid Click Protector (AICP) <= 1.2.5.2 - Cross-Site Request Forgery to Arbitrary Ban Deletion | LOW | *-1.2.5.2 | 1.2.7 | July 4, 2026 | |
| 5-stars-rating-funnel | 5-stars-rating-funnel |
95
|
5 Stars Rating Funnel <= 1.2.53 - Unauthenticated SQL Injection | LOW | *-1.2.53 | 1.2.54 | July 4, 2026 | |
| calderawp-license-manager | calderawp-license-manager |
91
|
CalderaWP License Manager <= 1.2.11 - Cross-Site Request Forgery | LOW | *-1.2.11 | July 4, 2026 | ||
| woc-order-alert | woc-order-alert | N/A | Order Listener for WooCommerce – Play Sounds Instantly on New Orders <= 3.2.1 - Unauthenticated SQL Injection | LOW | [*, 3.2.2) | 3.2.2 | July 4, 2026 | |
| themify-ptb-search | themify-ptb-search | N/A | Themify PTB Search Addon <= 1.3.9 - Reflected Cross-Site Scripting | LOW | *-1.3.9 | 1.4.0 | July 4, 2026 | |
| eroom-zoom-meetings-webinar | eroom-zoom-meetings-webinar |
93
|
eRoom – Zoom Meetings & Webinar <= 1.3.8 - Cross-Site Request Forgery | LOW | *-1.3.8 | 1.3.9 | July 4, 2026 | |
| eroom-zoom-meetings-webinar | eroom-zoom-meetings-webinar |
93
|
eRoom – Zoom Meetings & Webinar <= 1.3.7 - Cross-Site Request Forgery | LOW | *-1.3.7 | 1.3.8 | July 4, 2026 | |
| yoo-slider | yoo-slider | N/A | Yoo Slider plugin <= 2.0.0 - Cross-Site Request Forgery | LOW | *-2.0.0 | 2.1.0 | July 4, 2026 | |
| yoo-slider | yoo-slider | N/A | Yoo Slider plugin <= 2.0.0 - Cross-Site Request Forgery | LOW | *-2.0.0 | 2.1.0 | July 4, 2026 | |
| Responsive Tabs | responsive-tabs |
95
|
Responsive Tabs <= 4.0.5 - Authenticated Stored Cross-Site Scripting | LOW | *-4.0.5 | 4.0.6 | July 4, 2026 | |
| visual-form-builder | visual-form-builder | N/A | Visual Form Builder <= 3.0.7 - Cross-Site Request Forgery to Data Modification | LOW | [*, 3.0.8) | 3.0.8 | July 4, 2026 | |
| searchiq | searchiq | N/A | SearchIQ – The Search Solution <= 3.8 - Unauthenticated Stored Cross-Site Scripting | LOW | *-3.8 | 3.9 | July 4, 2026 | |
| rsvp | rsvp | N/A | RSVP and Event Management <= 2.7.7 - Unauthenticated Sensitive Information Disclosure | LOW | *-2.7.7 | 2.7.8 | July 4, 2026 | |
| photo-gallery | photo-gallery |
93
|
Photo Gallery by 10Web <= 1.6.2 - SQL Injection | LOW | [*, 1.6.3) | 1.6.3 | July 4, 2026 | |
| photo-gallery | photo-gallery |
93
|
Photo Gallery by 10Web <= 1.6.2 - Cross-Site Scripting | LOW | [*, 1.6.3) | 1.6.3 | July 4, 2026 | |
| one-click-demo-import | one-click-demo-import |
93
|
Catch Themes Demo Import <= 3.0.2 - Authenticated (Admin+) Arbitrary File Upload | LOW | [*, 3.1.0) | 3.1.0 | July 4, 2026 | |
| master-elements | master-elements |
91
|
Master Elements <= 8.0 - Unauthenticated SQL injection | LOW | *-8.0 | July 4, 2026 | ||
| leadin | leadin |
93
|
HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics <= 8.8.13 - Server Side Request Forgery | LOW | [*, 8.8.15) | 8.8.15 | July 4, 2026 | |
| layerslider | layerslider |
93
|
LayerSlider <= 7.1.1 - Admin+ Stored Cross-Site Scripting | LOW | *-7.1.1 | 7.1.2 | July 4, 2026 | |
| jc-importer | jc-importer |
93
|
Import WP – Import and Export WordPress data to XML or CSV files <= 2.4.5 - Authenticated Arbitrary File Upload | LOW | *-2.4.5 | 2.4.6 | July 4, 2026 | |
| import-users-from-csv-with-meta | import-users-from-csv-with-meta |
93
|
Import and export users and customers <= 1.19.2 - Stored Cross-Site Scripting | LOW | [*, 1.19.2.1) | 1.19.2.1 | July 4, 2026 | |
| gotmls | gotmls |
93
|
Anti-Malware Security and Brute-Force Firewall <= 4.20.95 - Reflected Cross-Site Scripting | LOW | [*, 4.20.96) | 4.20.96 | July 4, 2026 | |
| good-bad-comments | good-bad-comments |
91
|
Good & Bad Comments <= 1.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.0.0 | July 4, 2026 | ||
| easy-social-icons | easy-social-icons |
93
|
Easy Social Icons <= 3.1.4 - Admin+ Cross-Site Scripting | LOW | *-3.1.4 | 3.2.0 | July 4, 2026 | |
| easy-social-icons | easy-social-icons |
93
|
Easy Social Icons <= 3.2.0 - Authenticated (Admin+) Cross-Site Scripting and Missing Authorization Checks | LOW | *-3.2.0 | 3.2.1 | July 4, 2026 | |
| easy-social-icons | easy-social-icons |
93
|
Easy Social Icons <= 3.2.2 - Admin+ Cross-Site Scripting | LOW | *-3.2.2 | 3.2.3 | July 4, 2026 | |
| easy-facebook-likebox-premium | easy-facebook-likebox-premium |
91
|
Easy Social Feed <= 6.2.6 - Reflected Cross-Site Scripting | LOW | *-6.2.6 | 6.2.7 | July 4, 2026 | |
| Easy Social Feed – Social Photos Gallery and Post Feed for WordPress | easy-facebook-likebox |
72
|
Easy Social Feed <= 6.2.6 - Reflected Cross-Site Scripting | LOW | *-6.2.6 | 6.2.7 | July 4, 2026 | |
| contexture-page-security | contexture-page-security |
91
|
Page Security & Membership <= 1.5.15 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.5.15 | July 4, 2026 | ||
| All-In-One Security (AIOS) – Security and Firewall | all-in-one-wp-security-and-firewall |
72
|
All In One WP Security & Firewall <= 4.4.10 - Open Redirect and Reflected Cross-Site Scripting | LOW | [*, 4.4.11) | 4.4.11 | July 4, 2026 | |
| AdRotate Banner Manager | adrotate |
74
|
AdRotate – Ad manager & AdSense Ads <= 5.8.22 - Authenticated Stored Cross-Site Scripting via Group Names | LOW | [*, 5.8.23) | 5.8.23 | July 4, 2026 | |
| AdRotate Banner Manager | adrotate |
74
|
AdRotate – Ad manager & AdSense Ads <= 5.8.22 - Authenticated Stored Cross-Site Scripting via Advert Names | LOW | [*, 5.8.23) | 5.8.23 | July 4, 2026 |
bulk-edit-user-profiles-in-spreadsheet
bulk-edit-user-profiles-in-spreadsheet
bmi-bmr-calculator
bmi-bmr-calculator
automatic-grid-image-listing
automatic-grid-image-listing
advanced-uploader
advanced-uploader
advanced-image-sitemap
advanced-image-sitemap
VikBooking Hotel Booking Engine & PMS
vikbooking
VikBooking Hotel Booking Engine & PMS
vikbooking
ubigeo-peru
ubigeo-peru
slide-anything
slide-anything
popup-by-supsystic
popup-by-supsystic
personal-dictionary
personal-dictionary
mapsvg
mapsvg
event-list
event-list
Booking Calendar
booking
woc-open-close
woc-open-close
sitesupercharger
sitesupercharger
kb-support
kb-support
wp-maintenance
wp-maintenance
simple-ajax-chat
simple-ajax-chat
simple-ajax-chat
simple-ajax-chat
wp-easycart
wp-easycart
Advanced Booking & Appointment System – Webba Booking Calendar
webba-booking-lite
product-filter-for-woocommerce-product
product-filter-for-woocommerce-product
modern-events-calendar-lite
modern-events-calendar-lite
fancy-product-designer
fancy-product-designer
exmage-wp-image-links
exmage-wp-image-links
wp-video-gallery-free
wp-video-gallery-free
wp-system-log
wp-system-log
wp-social-buttons
wp-social-buttons
wp-2fa
wp-2fa
woo-document-preview
woo-document-preview
woo-audio-preview
woo-audio-preview
wbcom-designs-buddypress-search
wbcom-designs-buddypress-search
wbcom-designs-buddypress-ads
wbcom-designs-buddypress-ads
users-ultra
users-ultra
udraw
udraw
tipsacarrier
tipsacarrier
sitemap-by-click5
sitemap-by-click5
sema-api
sema-api
rsfirewall
rsfirewall
review-buddypress-groups
review-buddypress-groups
multiple-shipping-address-woocommerce
multiple-shipping-address-woocommerce
lock-my-bp
lock-my-bp
lifterlms-gateway-paypal
lifterlms-gateway-paypal
igniteup
igniteup
fast-flow-dashboard
fast-flow-dashboard
Elementor Website Builder – more than just a page builder
elementor
easily-generate-rest-api-url
easily-generate-rest-api-url
documentor-lite
documentor-lite
daily-prayer-time-for-mosques
daily-prayer-time-for-mosques
custom-font-uploader
custom-font-uploader
custom-email-options
custom-email-options
contest-gallery
contest-gallery
cart-link-for-woocommerce
cart-link-for-woocommerce
buddypress-sticky-post
buddypress-sticky-post
buddypress-hashtag
buddypress-hashtag
buddypress-check-ins-pro
buddypress-check-ins-pro
bp-user-to-do-list
bp-user-to-do-list
bp-user-profile-reviews
bp-user-profile-reviews
bp-job-manager-integration
bp-job-manager-integration
bp-create-group-type
bp-create-group-type
bp-check-in
bp-check-in
bp-activity-social-share
bp-activity-social-share
bp-activity-filter
bp-activity-filter
books-papers
books-papers
badgeos
badgeos
autolinks
autolinks
admin-menu-restriction
admin-menu-restriction
ad-invalid-click-protector
ad-invalid-click-protector
5-stars-rating-funnel
5-stars-rating-funnel
calderawp-license-manager
calderawp-license-manager
woc-order-alert
woc-order-alert
themify-ptb-search
themify-ptb-search
eroom-zoom-meetings-webinar
eroom-zoom-meetings-webinar
eroom-zoom-meetings-webinar
eroom-zoom-meetings-webinar
yoo-slider
yoo-slider
yoo-slider
yoo-slider
Responsive Tabs
responsive-tabs
visual-form-builder
visual-form-builder
searchiq
searchiq
rsvp
rsvp
photo-gallery
photo-gallery
photo-gallery
photo-gallery
one-click-demo-import
one-click-demo-import
master-elements
master-elements
leadin
leadin
layerslider
layerslider
jc-importer
jc-importer
import-users-from-csv-with-meta
import-users-from-csv-with-meta
gotmls
gotmls
good-bad-comments
good-bad-comments
easy-social-icons
easy-social-icons
easy-social-icons
easy-social-icons
easy-social-icons
easy-social-icons
easy-facebook-likebox-premium
easy-facebook-likebox-premium
Easy Social Feed – Social Photos Gallery and Post Feed for WordPress
easy-facebook-likebox
contexture-page-security
contexture-page-security
All-In-One Security (AIOS) – Security and Firewall
all-in-one-wp-security-and-firewall
AdRotate Banner Manager
adrotate
AdRotate Banner Manager
adrotate
Showing 29301 to 29400 of 36406 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 4, 2026 at 06:08 UTC.