Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36406

Across tracked plugins

Affected Plugins

94

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
azw-woocommerce-file-uploads azw-woocommerce-file-uploads
91
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
awesome-ssl awesome-ssl
91
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
autosave-net autosave-net
91
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
automizy-gravity-forms automizy-gravity-forms
91
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
automatic-youtube-gallery automatic-youtube-gallery
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.6.5) 1.6.5 July 4, 2026
automatic-internal-links-for-seo automatic-internal-links-for-seo
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.0.4) 1.0.4 July 4, 2026
auto-advance-for-gravity-forms auto-advance-for-gravity-forms
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 4.3) 4.3 July 4, 2026
atlas-knowledge-base atlas-knowledge-base
91
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
appexperts appexperts
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.2.2) 1.2.2 July 4, 2026
app-ads-txt app-ads-txt
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.1.7.0) 1.1.7.0 July 4, 2026
anywhere-elementor anywhere-elementor
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.2.5) 1.2.5 July 4, 2026
any-popup any-popup
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
annasta-woocommerce-product-filters annasta-woocommerce-product-filters
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.5.0) 1.5.0 July 4, 2026
animated-fullscreen-menu animated-fullscreen-menu
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW *-2.2.7 2.2.8 July 4, 2026
animate-everything animate-everything
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
anfrageformular anfrageformular
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
alt-manager alt-manager
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.5.0) 1.5.0 July 4, 2026
alley-business-toolkit alley-business-toolkit
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.1.8) 1.1.8 July 4, 2026
All-in-One Video Gallery all-in-one-video-gallery
70
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 2.5.4) 2.5.4 July 4, 2026
all-in-one-invite-codes all-in-one-invite-codes
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.0.13) 1.0.13 July 4, 2026
ajax-search-for-woocommerce ajax-search-for-woocommerce
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.17.0) 1.17.0 July 4, 2026
airpress airpress
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
age-verification-screen-for-woocommerce age-verification-screen-for-woocommerce
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.0.1) 1.0.1 July 4, 2026
advanced-page-visit-counter advanced-page-visit-counter
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 6.0.0) 6.0.0 July 4, 2026
advanced-nocaptcha-recaptcha advanced-nocaptcha-recaptcha
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 7.0.5) 7.0.5 July 4, 2026
advanced-form-integration advanced-form-integration
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.49.0) 1.49.0 July 4, 2026
advanced-database-replacer advanced-database-replacer
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
advanced-classifieds-and-directory-pro advanced-classifieds-and-directory-pro
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.8.8) 1.8.8 July 4, 2026
advance-wc-analytics advance-wc-analytics
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 3.0.1) 3.0.1 July 4, 2026
advance-menu-manager advance-menu-manager
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
adminify adminify
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 2.0.5) 2.0.5 July 4, 2026
admin-notices-for-team admin-notices-for-team
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
adfoxly adfoxly
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW *-1.8.4 1.8.5 July 4, 2026
addons-for-visual-composer addons-for-visual-composer
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 2.9.2) 2.9.2 July 4, 2026
addons-for-elementor addons-for-elementor
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 7.1.4) 7.1.4 July 4, 2026
DiviTorque Lite – Divi Theme, Divi Builder & Extra Theme addons-for-divi
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 3.5.0) 3.5.0 July 4, 2026
addons-for-beaver-builder addons-for-beaver-builder
93
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 2.8.4) 2.8.4 July 4, 2026
addon-elements-for-elementor-page-builder addon-elements-for-elementor-page-builder
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.11.14) 1.11.14 July 4, 2026
add-twitter-pixel add-twitter-pixel
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.0.4) 1.0.4 July 4, 2026
add-tiktok-advertising-pixel add-tiktok-advertising-pixel
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.2.2) 1.2.2 July 4, 2026
add-search-to-menu add-search-to-menu
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 5.4.4) 5.4.4 July 4, 2026
add-pinterest-conversion-tags add-pinterest-conversion-tags
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.2.3) 1.2.3 July 4, 2026
add-fields-to-checkout-page-woocommerce add-fields-to-checkout-page-woocommerce
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW *-1.2.6 1.2.7 July 4, 2026
add-expires-headers add-expires-headers
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 2.6) 2.6 July 4, 2026
activitytime activitytime
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.0.6) 1.0.6 July 4, 2026
activity-log-mainwp activity-log-mainwp
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.7.1) 1.7.1 July 4, 2026
ach-for-stripe-plaid ach-for-stripe-plaid
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
acf-options-importexport acf-options-importexport
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW * July 4, 2026
acf-frontend-form-element acf-frontend-form-element
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 3.3.33) 3.3.33 July 4, 2026
acf-for-woocommerce-product acf-for-woocommerce-product
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.8) 1.8 July 4, 2026
acf-blocks acf-blocks
95
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 2.6.8) 2.6.8 July 4, 2026
Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance accessibility-checker
89
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.2.8) 1.2.8 July 4, 2026
abeta-punchout abeta-punchout
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW *-0.4 1.0 July 4, 2026
3d-viewer 3d-viewer
97
Freemius SDK <= 2.4.2 - Missing Authorization Checks LOW [*, 1.2.7) 1.2.7 July 4, 2026
MC4WP: Mailchimp for WordPress mailchimp-for-wp
87
MC4WP: Mailchimp for WordPress <= 4.8.6 - Authenticated (Admin+) Stored Cross-Site Scripting LOW *-4.8.6 4.8.7 July 4, 2026
wp-limit-failed-login-attempts wp-limit-failed-login-attempts N/A Limit Login Attempts (Spam Protection) <= 4.9.1 - Unauthenticated SQL Injection LOW *-4.9.1 5.1 July 4, 2026
woo-coupon-usage woo-coupon-usage N/A WooCommerce Affiliate Plugin - Coupon Affiliates < 4.16.4.5 - Stored Cross-Site Scripting LOW [*, 4.16.4.5) 4.16.4.5 July 4, 2026
MC4WP: Mailchimp for WordPress mailchimp-for-wp
87
MC4WP: Mailchimp for WordPress < 4.8.7 - Cross-Site Scripting LOW [*, 4.8.7) 4.8.7 July 4, 2026
Booking for Appointments and Events Calendar – Amelia ameliabooking
97
Amelia <= 1.0.46 - Stored Cross Site Scripting via lastName LOW *-1.0.46 1.0.47 July 4, 2026
Iptanus File Upload wp-file-upload
76
WordPress File Upload / WordPress File Upload Pro <= 4.16.2 - Authenticated (Contributor+) Path Traversal LOW *-4.16.2 4.16.3 July 4, 2026
wordpress-file-upload-pro wordpress-file-upload-pro N/A WordPress File Upload / WordPress File Upload Pro <= 4.16.2 - Authenticated (Contributor+) Path Traversal LOW *-4.16.2 4.16.3 July 4, 2026
woo-smart-wishlist woo-smart-wishlist N/A WPC Smart Wishlist for WooCommerce <= 2.9.3 - Reflected Cross-Site Scripting LOW [*, 2.9.4) 2.9.4 July 4, 2026
string-locator string-locator N/A String Locator <= 2.4.2 - Authenticated Arbitrary File Read LOW [*, 2.5.0) 2.5.0 July 4, 2026
sermon-browser sermon-browser N/A Sermon Browser <= 0.45.22 - Cross-Site Request Forgery LOW *-0.45.22 July 4, 2026
pz-linkcard pz-linkcard N/A Pz-LinkCard <= 2.4.5.1 - Reflected Cross-Site Scripting LOW *-2.4.5.1 2.4.5.2 July 4, 2026
osmapper osmapper
91
OSMapper <= 2.1.5 - Unauthenticated Arbitrary Post Deletion LOW *-2.1.5 July 4, 2026
narnoo-distributor narnoo-distributor
91
Narnoo Distributor <= 2.5.1 - Path Traversal LOW *-2.5.1 July 4, 2026
mapping-multiple-urls-redirect-same-page mapping-multiple-urls-redirect-same-page
91
Mapping Multiple URLs Redirect Same Page <= 5.8 - Reflected Cross-Site Scripting LOW *-5.8 July 4, 2026
dtabs dtabs
91
dTabs <= 1.4 - Reflected Cross-Site Scripting LOW *-1.4 July 4, 2026
delete-old-orders delete-old-orders
91
Delete Old Order <= 0.2 - Cross-Site Scripting LOW *-0.2 July 4, 2026
database-peek database-peek
91
Database Peek <= 1.2 - Reflected Cross-Site Scripting LOW *-1.2 July 4, 2026
bulk-creator bulk-creator
91
Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting LOW *-1.0.1 July 4, 2026
bank-mellat bank-mellat
93
Bank Mellat <= 2.0.0 - Reflected Cross-Site Scripting LOW *-2.0.0 2.0.1 July 4, 2026
Booking for Appointments and Events Calendar – Amelia ameliabooking
97
Appointment and Event Booking Calendar for WordPress - Amelia < 1.0.47 - Arbitrary Booking Update and Sensitive Data Exposure LOW [*, 1.0.47) 1.0.47 July 4, 2026
GEO Plugin by Squirrly SEO squirrly-seo N/A SEO Plugin by Squirrly SEO <= 11.1.11 - Reflected Cross-Site Scripting LOW [*, 11.1.12) 11.1.12 July 4, 2026
simple-link-directory simple-link-directory N/A Simple Link Directory <= 7.7.1 - Unauthenticated SQL Injection LOW [*, 7.7.2) 7.7.2 July 4, 2026
notificationx notificationx
93
NotificationX <= 2.3.11 - SQL Injection LOW *-2.3.11 2.3.12 July 4, 2026
modern-events-calendar-lite modern-events-calendar-lite
93
Modern Events Calendar Lite <= 6.3.0 - Stored Cross-Site Scripting LOW *-6.3.0 6.4.0 July 4, 2026
mistape mistape
91
Mistape 1.4.0 - Backdoor LOW 1.4.0 July 4, 2026
miniorange-2-factor-authentication miniorange-2-factor-authentication
93
miniOrange's Google Authenticator <= 5.4.52 - Unauthenticated Arbitrary Options Deletion LOW *-5.4.52 5.5 July 4, 2026
interactive-3d-flipbook-powered-physics-engine interactive-3d-flipbook-powered-physics-engine
93
3D FlipBook <= 1.12.0 - Subscriber+ Stored Cross-Site Scripting LOW [*, 1.12.1) 1.12.1 July 4, 2026
infographic-and-list-builder-ilist infographic-and-list-builder-ilist
93
Infographic Maker – iList <= 4.3.7 - SQL Injection LOW *-4.3.7 4.3.8 July 4, 2026
formcraft-form-builder formcraft-form-builder
93
Formcraft3 <= 3.8.27 - Server Side Request Forgery LOW [*, 3.8.28) 3.8.28 July 4, 2026
bookingpress-appointment-booking bookingpress-appointment-booking
93
BookingPress < 1.0.11 - SQL Injection LOW [*, 1.0.11) 1.0.11 July 4, 2026
ap-pricing-tables-lite ap-pricing-tables-lite
95
AP Pricing Tables Lite <= 1.1.4 - Reflected Cross-Site Scripting LOW *-1.1.4 1.1.5 July 4, 2026
ap-mega-menu ap-mega-menu
97
Mega Menu <= 3.0.7 - Reflected Cross-Site Scripting LOW [*, 3.0.8) 3.0.8 July 4, 2026
advanced-booking-calendar advanced-booking-calendar
95
Advanced Booking Calendar <= 1.6.9 - Unauthenticated SQL Injection LOW *-1.6.9 1.7.0 July 4, 2026
contact-form-x contact-form-x
93
Contact Form X <= 2.4 - Reflected Cross-Site Scripting LOW *-2.4 2.4.1 July 4, 2026
simple-membership simple-membership N/A Simple Membership <= 4.0.9 - Cross-Site Request Forgery to Arbitrary Transaction Deletion LOW [*, 4.1.0) 4.1.0 July 4, 2026
photoswipe-masonry photoswipe-masonry
93
Photoswipe Masonry Gallery <= 1.2.14 Stored Cross-Site Scripting LOW *-1.2.14 1.2.15 July 4, 2026
boldgrid-backup boldgrid-backup
93
Total Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure LOW *-1.14.13 1.14.14 July 4, 2026
backupwordpress backupwordpress
93
BackupWordPress <= 3.12 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure LOW 3.12 3.13 July 4, 2026
Booking for Appointments and Events Calendar – Amelia ameliabooking
97
Amelia <= 1.0.46 - Cross-Site Request Forgery LOW *-1.0.46 1.0.47 July 4, 2026
Booking for Appointments and Events Calendar – Amelia ameliabooking
97
Amelia <= 1.0.46 - Reflected Cross-Site Scripting LOW *-1.0.46 1.0.47 July 4, 2026
Booking for Appointments and Events Calendar – Amelia ameliabooking
97
Appointment and Event Booking Calendar - Amelia < 1.0.47 - Arbitrary File Upload LOW [*, 1.0.47) 1.0.47 July 4, 2026
WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters wp-google-map-plugin
74
WP MAPS – Easiest & Most Advanced WordPress Plugin for Google Maps <= 4.2.3 - Cross-Site Request Forgery LOW [*, 4.2.4) 4.2.4 July 4, 2026
maxgalleria maxgalleria
93
MaxGalleria <= 6.2.5 - Stored Cross-Site Scripting LOW [*, 6.2.7) 6.2.7 July 4, 2026
WooCommerce woocommerce
80
WooCommerce <= 6.2.0 - Incorrect Authorization Checks on REST API Endpoints LOW *-6.2.0 6.2.1 July 4, 2026
WooCommerce woocommerce
80
WooCommerce <= 6.2.0 - Path Traversal via Tax Importer LOW *-6.2.0 6.2.1 July 4, 2026
BulletProof Security bulletproof-security
68
BulletProof Security <= 5.7 - Admin+ Stored Cross-Site Scripting LOW [*, 5.8) 5.8 July 4, 2026
LOW

azw-woocommerce-file-uploads

azw-woocommerce-file-uploads

Score: 91/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

awesome-ssl

awesome-ssl

Score: 91/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

autosave-net

autosave-net

Score: 91/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

automizy-gravity-forms

automizy-gravity-forms

Score: 91/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

automatic-youtube-gallery

automatic-youtube-gallery

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.6.5) Patched: 1.6.5 Updated: July 4, 2026
LOW

automatic-internal-links-for-seo

automatic-internal-links-for-seo

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.0.4) Patched: 1.0.4 Updated: July 4, 2026
LOW

auto-advance-for-gravity-forms

auto-advance-for-gravity-forms

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 4.3) Patched: 4.3 Updated: July 4, 2026
LOW

atlas-knowledge-base

atlas-knowledge-base

Score: 91/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

appexperts

appexperts

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.2.2) Patched: 1.2.2 Updated: July 4, 2026
LOW

app-ads-txt

app-ads-txt

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.1.7.0) Patched: 1.1.7.0 Updated: July 4, 2026
LOW

anywhere-elementor

anywhere-elementor

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.2.5) Patched: 1.2.5 Updated: July 4, 2026
LOW

any-popup

any-popup

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

annasta-woocommerce-product-filters

annasta-woocommerce-product-filters

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.5.0) Patched: 1.5.0 Updated: July 4, 2026
LOW

animated-fullscreen-menu

animated-fullscreen-menu

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: *-2.2.7 Patched: 2.2.8 Updated: July 4, 2026
LOW

animate-everything

animate-everything

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

anfrageformular

anfrageformular

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

alt-manager

alt-manager

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.5.0) Patched: 1.5.0 Updated: July 4, 2026
LOW

alley-business-toolkit

alley-business-toolkit

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.1.8) Patched: 1.1.8 Updated: July 4, 2026
LOW

All-in-One Video Gallery

all-in-one-video-gallery

Score: 70/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 2.5.4) Patched: 2.5.4 Updated: July 4, 2026
LOW

all-in-one-invite-codes

all-in-one-invite-codes

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.0.13) Patched: 1.0.13 Updated: July 4, 2026
LOW

ajax-search-for-woocommerce

ajax-search-for-woocommerce

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.17.0) Patched: 1.17.0 Updated: July 4, 2026
LOW

airpress

airpress

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

age-verification-screen-for-woocommerce

age-verification-screen-for-woocommerce

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.0.1) Patched: 1.0.1 Updated: July 4, 2026
LOW

advanced-page-visit-counter

advanced-page-visit-counter

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 6.0.0) Patched: 6.0.0 Updated: July 4, 2026
LOW

advanced-nocaptcha-recaptcha

advanced-nocaptcha-recaptcha

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 7.0.5) Patched: 7.0.5 Updated: July 4, 2026
LOW

advanced-form-integration

advanced-form-integration

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.49.0) Patched: 1.49.0 Updated: July 4, 2026
LOW

advanced-database-replacer

advanced-database-replacer

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

advanced-classifieds-and-directory-pro

advanced-classifieds-and-directory-pro

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.8.8) Patched: 1.8.8 Updated: July 4, 2026
LOW

advance-wc-analytics

advance-wc-analytics

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 3.0.1) Patched: 3.0.1 Updated: July 4, 2026
LOW

advance-menu-manager

advance-menu-manager

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

adminify

adminify

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 2.0.5) Patched: 2.0.5 Updated: July 4, 2026
LOW

admin-notices-for-team

admin-notices-for-team

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

adfoxly

adfoxly

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: *-1.8.4 Patched: 1.8.5 Updated: July 4, 2026
LOW

addons-for-visual-composer

addons-for-visual-composer

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 2.9.2) Patched: 2.9.2 Updated: July 4, 2026
LOW

addons-for-elementor

addons-for-elementor

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 7.1.4) Patched: 7.1.4 Updated: July 4, 2026
LOW

addons-for-beaver-builder

addons-for-beaver-builder

Score: 93/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 2.8.4) Patched: 2.8.4 Updated: July 4, 2026
LOW

addon-elements-for-elementor-page-builder

addon-elements-for-elementor-page-builder

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.11.14) Patched: 1.11.14 Updated: July 4, 2026
LOW

add-twitter-pixel

add-twitter-pixel

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.0.4) Patched: 1.0.4 Updated: July 4, 2026
LOW

add-tiktok-advertising-pixel

add-tiktok-advertising-pixel

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.2.2) Patched: 1.2.2 Updated: July 4, 2026
LOW

add-search-to-menu

add-search-to-menu

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 5.4.4) Patched: 5.4.4 Updated: July 4, 2026
LOW

add-pinterest-conversion-tags

add-pinterest-conversion-tags

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.2.3) Patched: 1.2.3 Updated: July 4, 2026
LOW

add-fields-to-checkout-page-woocommerce

add-fields-to-checkout-page-woocommerce

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: *-1.2.6 Patched: 1.2.7 Updated: July 4, 2026
LOW

add-expires-headers

add-expires-headers

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 2.6) Patched: 2.6 Updated: July 4, 2026
LOW

activitytime

activitytime

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.0.6) Patched: 1.0.6 Updated: July 4, 2026
LOW

activity-log-mainwp

activity-log-mainwp

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.7.1) Patched: 1.7.1 Updated: July 4, 2026
LOW

ach-for-stripe-plaid

ach-for-stripe-plaid

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

acf-options-importexport

acf-options-importexport

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: * Patched: Updated: July 4, 2026
LOW

acf-frontend-form-element

acf-frontend-form-element

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 3.3.33) Patched: 3.3.33 Updated: July 4, 2026
LOW

acf-for-woocommerce-product

acf-for-woocommerce-product

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.8) Patched: 1.8 Updated: July 4, 2026
LOW

acf-blocks

acf-blocks

Score: 95/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 2.6.8) Patched: 2.6.8 Updated: July 4, 2026
LOW

abeta-punchout

abeta-punchout

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: *-0.4 Patched: 1.0 Updated: July 4, 2026
LOW

3d-viewer

3d-viewer

Score: 97/100 Freemius SDK <= 2.4.2 - Missing Authorization Checks Affected: [*, 1.2.7) Patched: 1.2.7 Updated: July 4, 2026
LOW

MC4WP: Mailchimp for WordPress

mailchimp-for-wp

Score: 87/100 MC4WP: Mailchimp for WordPress <= 4.8.6 - Authenticated (Admin+) Stored Cross-Site Scripting Affected: *-4.8.6 Patched: 4.8.7 Updated: July 4, 2026
LOW

wp-limit-failed-login-attempts

wp-limit-failed-login-attempts

Score: N/A Limit Login Attempts (Spam Protection) <= 4.9.1 - Unauthenticated SQL Injection Affected: *-4.9.1 Patched: 5.1 Updated: July 4, 2026
LOW

woo-coupon-usage

woo-coupon-usage

Score: N/A WooCommerce Affiliate Plugin - Coupon Affiliates < 4.16.4.5 - Stored Cross-Site Scripting Affected: [*, 4.16.4.5) Patched: 4.16.4.5 Updated: July 4, 2026
LOW

MC4WP: Mailchimp for WordPress

mailchimp-for-wp

Score: 87/100 MC4WP: Mailchimp for WordPress < 4.8.7 - Cross-Site Scripting Affected: [*, 4.8.7) Patched: 4.8.7 Updated: July 4, 2026
LOW

Iptanus File Upload

wp-file-upload

Score: 76/100 WordPress File Upload / WordPress File Upload Pro <= 4.16.2 - Authenticated (Contributor+) Path Traversal Affected: *-4.16.2 Patched: 4.16.3 Updated: July 4, 2026
LOW

wordpress-file-upload-pro

wordpress-file-upload-pro

Score: N/A WordPress File Upload / WordPress File Upload Pro <= 4.16.2 - Authenticated (Contributor+) Path Traversal Affected: *-4.16.2 Patched: 4.16.3 Updated: July 4, 2026
LOW

woo-smart-wishlist

woo-smart-wishlist

Score: N/A WPC Smart Wishlist for WooCommerce <= 2.9.3 - Reflected Cross-Site Scripting Affected: [*, 2.9.4) Patched: 2.9.4 Updated: July 4, 2026
LOW

string-locator

string-locator

Score: N/A String Locator <= 2.4.2 - Authenticated Arbitrary File Read Affected: [*, 2.5.0) Patched: 2.5.0 Updated: July 4, 2026
LOW

sermon-browser

sermon-browser

Score: N/A Sermon Browser <= 0.45.22 - Cross-Site Request Forgery Affected: *-0.45.22 Patched: Updated: July 4, 2026
LOW

pz-linkcard

pz-linkcard

Score: N/A Pz-LinkCard <= 2.4.5.1 - Reflected Cross-Site Scripting Affected: *-2.4.5.1 Patched: 2.4.5.2 Updated: July 4, 2026
LOW

osmapper

osmapper

Score: 91/100 OSMapper <= 2.1.5 - Unauthenticated Arbitrary Post Deletion Affected: *-2.1.5 Patched: Updated: July 4, 2026
LOW

narnoo-distributor

narnoo-distributor

Score: 91/100 Narnoo Distributor <= 2.5.1 - Path Traversal Affected: *-2.5.1 Patched: Updated: July 4, 2026
LOW

mapping-multiple-urls-redirect-same-page

mapping-multiple-urls-redirect-same-page

Score: 91/100 Mapping Multiple URLs Redirect Same Page <= 5.8 - Reflected Cross-Site Scripting Affected: *-5.8 Patched: Updated: July 4, 2026
LOW

dtabs

dtabs

Score: 91/100 dTabs <= 1.4 - Reflected Cross-Site Scripting Affected: *-1.4 Patched: Updated: July 4, 2026
LOW

delete-old-orders

delete-old-orders

Score: 91/100 Delete Old Order <= 0.2 - Cross-Site Scripting Affected: *-0.2 Patched: Updated: July 4, 2026
LOW

database-peek

database-peek

Score: 91/100 Database Peek <= 1.2 - Reflected Cross-Site Scripting Affected: *-1.2 Patched: Updated: July 4, 2026
LOW

bulk-creator

bulk-creator

Score: 91/100 Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 4, 2026
LOW

bank-mellat

bank-mellat

Score: 93/100 Bank Mellat <= 2.0.0 - Reflected Cross-Site Scripting Affected: *-2.0.0 Patched: 2.0.1 Updated: July 4, 2026
LOW

Booking for Appointments and Events Calendar – Amelia

ameliabooking

Score: 97/100 Appointment and Event Booking Calendar for WordPress - Amelia < 1.0.47 - Arbitrary Booking Update and Sensitive Data Exposure Affected: [*, 1.0.47) Patched: 1.0.47 Updated: July 4, 2026
LOW

GEO Plugin by Squirrly SEO

squirrly-seo

Score: N/A SEO Plugin by Squirrly SEO <= 11.1.11 - Reflected Cross-Site Scripting Affected: [*, 11.1.12) Patched: 11.1.12 Updated: July 4, 2026
LOW

simple-link-directory

simple-link-directory

Score: N/A Simple Link Directory <= 7.7.1 - Unauthenticated SQL Injection Affected: [*, 7.7.2) Patched: 7.7.2 Updated: July 4, 2026
LOW

notificationx

notificationx

Score: 93/100 NotificationX <= 2.3.11 - SQL Injection Affected: *-2.3.11 Patched: 2.3.12 Updated: July 4, 2026
LOW

modern-events-calendar-lite

modern-events-calendar-lite

Score: 93/100 Modern Events Calendar Lite <= 6.3.0 - Stored Cross-Site Scripting Affected: *-6.3.0 Patched: 6.4.0 Updated: July 4, 2026
LOW

mistape

mistape

Score: 91/100 Mistape 1.4.0 - Backdoor Affected: 1.4.0 Patched: Updated: July 4, 2026
LOW

miniorange-2-factor-authentication

miniorange-2-factor-authentication

Score: 93/100 miniOrange's Google Authenticator <= 5.4.52 - Unauthenticated Arbitrary Options Deletion Affected: *-5.4.52 Patched: 5.5 Updated: July 4, 2026
LOW

interactive-3d-flipbook-powered-physics-engine

interactive-3d-flipbook-powered-physics-engine

Score: 93/100 3D FlipBook <= 1.12.0 - Subscriber+ Stored Cross-Site Scripting Affected: [*, 1.12.1) Patched: 1.12.1 Updated: July 4, 2026
LOW

infographic-and-list-builder-ilist

infographic-and-list-builder-ilist

Score: 93/100 Infographic Maker – iList <= 4.3.7 - SQL Injection Affected: *-4.3.7 Patched: 4.3.8 Updated: July 4, 2026
LOW

formcraft-form-builder

formcraft-form-builder

Score: 93/100 Formcraft3 <= 3.8.27 - Server Side Request Forgery Affected: [*, 3.8.28) Patched: 3.8.28 Updated: July 4, 2026
LOW

bookingpress-appointment-booking

bookingpress-appointment-booking

Score: 93/100 BookingPress < 1.0.11 - SQL Injection Affected: [*, 1.0.11) Patched: 1.0.11 Updated: July 4, 2026
LOW

ap-pricing-tables-lite

ap-pricing-tables-lite

Score: 95/100 AP Pricing Tables Lite <= 1.1.4 - Reflected Cross-Site Scripting Affected: *-1.1.4 Patched: 1.1.5 Updated: July 4, 2026
LOW

ap-mega-menu

ap-mega-menu

Score: 97/100 Mega Menu <= 3.0.7 - Reflected Cross-Site Scripting Affected: [*, 3.0.8) Patched: 3.0.8 Updated: July 4, 2026
LOW

advanced-booking-calendar

advanced-booking-calendar

Score: 95/100 Advanced Booking Calendar <= 1.6.9 - Unauthenticated SQL Injection Affected: *-1.6.9 Patched: 1.7.0 Updated: July 4, 2026
LOW

contact-form-x

contact-form-x

Score: 93/100 Contact Form X <= 2.4 - Reflected Cross-Site Scripting Affected: *-2.4 Patched: 2.4.1 Updated: July 4, 2026
LOW

simple-membership

simple-membership

Score: N/A Simple Membership <= 4.0.9 - Cross-Site Request Forgery to Arbitrary Transaction Deletion Affected: [*, 4.1.0) Patched: 4.1.0 Updated: July 4, 2026
LOW

photoswipe-masonry

photoswipe-masonry

Score: 93/100 Photoswipe Masonry Gallery <= 1.2.14 Stored Cross-Site Scripting Affected: *-1.2.14 Patched: 1.2.15 Updated: July 4, 2026
LOW

boldgrid-backup

boldgrid-backup

Score: 93/100 Total Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure Affected: *-1.14.13 Patched: 1.14.14 Updated: July 4, 2026
LOW

backupwordpress

backupwordpress

Score: 93/100 BackupWordPress <= 3.12 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure Affected: 3.12 Patched: 3.13 Updated: July 4, 2026
LOW

maxgalleria

maxgalleria

Score: 93/100 MaxGalleria <= 6.2.5 - Stored Cross-Site Scripting Affected: [*, 6.2.7) Patched: 6.2.7 Updated: July 4, 2026
LOW

WooCommerce

woocommerce

Score: 80/100 WooCommerce <= 6.2.0 - Incorrect Authorization Checks on REST API Endpoints Affected: *-6.2.0 Patched: 6.2.1 Updated: July 4, 2026
LOW

WooCommerce

woocommerce

Score: 80/100 WooCommerce <= 6.2.0 - Path Traversal via Tax Importer Affected: *-6.2.0 Patched: 6.2.1 Updated: July 4, 2026
LOW

BulletProof Security

bulletproof-security

Score: 68/100 BulletProof Security <= 5.7 - Admin+ Stored Cross-Site Scripting Affected: [*, 5.8) Patched: 5.8 Updated: July 4, 2026

Showing 30101 to 30200 of 36406 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: July 4, 2026 at 14:05 UTC.