Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36406Across tracked plugins
Affected Plugins
88With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| molie-instructure-canvas-linking-tool | molie-instructure-canvas-linking-tool |
89
|
MOLIE <= 0.5 - SQL Injection | LOW | *-0.5 | July 4, 2026 | ||
| molie-instructure-canvas-linking-tool | molie-instructure-canvas-linking-tool |
89
|
MOLIE – Instructure Canvas Linking tool <= 0.5 - Reflected Cross-Site Scripting | LOW | *-0.5 | July 4, 2026 | ||
| lead-form-builder | lead-form-builder |
93
|
Contact Form & Lead Form Elementor Builder <= 1.6.3 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.6.3 | 1.6.4 | July 4, 2026 | |
| Download Manager | download-manager |
63
|
WordPress Download Manager <= 3.2.21 - Cross-Site Scripting | LOW | [*, 3.2.22) | 3.2.22 | July 4, 2026 | |
| correos-express | correos-express |
91
|
CorreosExpress <= 2.6.0 - Sensitive Data Exposure | LOW | *-2.6.0 | July 4, 2026 | ||
| buttonizer-multifunctional-button | buttonizer-multifunctional-button |
93
|
Buttonizer - Smart Floating Action Button <= 2.5.4 - Admin+ Stored Cross-Site Scripting | LOW | *-2.5.4 | 2.5.5 | July 4, 2026 | |
| asgaros-forum | asgaros-forum |
97
|
Asgaros Forums <= 1.15.13 - Authenticated Stored Cross-Site Scripting | LOW | *-1.15.13 | 1.15.14 | July 4, 2026 | |
| social-networks-auto-poster-facebook-twitter-g | social-networks-auto-poster-facebook-twitter-g | N/A | NextScripts: Social Networks Auto-Poster <= 4.3.20 - Reflected Cross-Site Scripting | LOW | *-4.3.20 | 4.3.21 | July 4, 2026 | |
| awesome-support | awesome-support |
93
|
Awesome Support – WordPress HelpDesk & Support Plugin <= 6.0.6 - Reflected Cross-Site Scripting | LOW | *-6.0.6 | 6.0.7 | July 4, 2026 | |
| browser-and-operating-system-finder | browser-and-operating-system-finder |
91
|
Browser and Operating System Finder <= 1.1 - Cross-Site Request Forgery | LOW | [*, 1.2) | 1.2 | July 4, 2026 | |
| hide_my_wp | hide_my_wp |
91
|
Hide My WP <= 6.2.3 - Authorization Bypass | LOW | *-6.2.3 | 6.2.4 | July 4, 2026 | |
| hide_my_wp | hide_my_wp |
91
|
Hide My WP <= 6.2.3 - SQL Injection | LOW | *-6.2.3 | 6.2.4 | July 4, 2026 | |
| wpfront-user-role-editor | wpfront-user-role-editor | N/A | WPFront User Role Editor < 3.2.1.11184 - Reflected Cross-Site Scripting | LOW | [*, 3.2.1.11184) | 3.2.1.11184 | July 4, 2026 | |
| wpfront-user-role-editor | wpfront-user-role-editor | N/A | WPFront User Role Editor <= 3.2.0 - Reflected Cross-Site Scripting | LOW | *-3.2.0 | 3.2.1 | July 4, 2026 | |
| tickera-event-ticketing-system | tickera-event-ticketing-system | N/A | Tickera <= 3.4.8.2 - Unauthenticated Stored Cross-Site Scripting | LOW | *-3.4.8.2 | 3.4.8.3 | July 4, 2026 | |
| paid-memberships-pro | paid-memberships-pro |
93
|
Paid Memberships Pro <= 2.6.5 - Reflected Cross-Site Scripting | LOW | [*, 2.6.6) | 2.6.6 | July 4, 2026 | |
| idpay-contact-form-7 | idpay-contact-form-7 |
93
|
IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting | LOW | *-2.1.2 | 2.3.2 | July 4, 2026 | |
| html5-responsive-faq | html5-responsive-faq |
91
|
HTML5 Responsive FAQ <= 2.8.5 - Authenticated Stored Cross-Site Scripting | LOW | *-2.8.5 | July 4, 2026 | ||
| gwolle-gb | gwolle-gb |
93
|
Gwolle Guestbook <= 4.1.2 - Reflected Cross-Site Scripting | LOW | *-4.1.2 | 4.2 | July 4, 2026 | |
| cybersoldier | cybersoldier |
93
|
Cybersoldier < 1.7.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | [*, 1.7.0) | 1.7.0 | July 4, 2026 | |
| wp-guppy | wp-guppy | N/A | WP Guppy < 1.3 - Information Disclosure | LOW | [*, 1.3) | 1.3 | July 4, 2026 | |
| wc-multivendor-marketplace | wc-multivendor-marketplace | N/A | WCFM - WooCommerce Multivendor Marketplace <= 3.4.11 - Unauthenticated SQL Injection | LOW | *-3.4.11 | 3.4.12 | July 4, 2026 | |
| simple-slider | simple-slider | N/A | Simple Slider < 1.1 - Reflected Cross-Site Scripting | LOW | [*, 1.1) | 1.1 | July 4, 2026 | |
| ni-woocommerce-custom-order-status | ni-woocommerce-custom-order-status |
93
|
Ni WooCommerce Custom Order Status <= 1.9.6 - SQL Injection | LOW | *-1.9.6 | 1.9.7 | July 4, 2026 | |
| logo-carousel-free | logo-carousel-free |
93
|
Logo Carousel <= 3.4.1 - Unauthorised Private Post Access | LOW | *-3.4.1 | 3.4.2 | July 4, 2026 | |
| logo-carousel-free | logo-carousel-free |
93
|
Logo Carousel <= 3.4.1 - Contributor+ Stored Cross-Site Scripting | LOW | *-3.4.1 | 3.4.2 | July 4, 2026 | |
| kudos-donations | kudos-donations |
93
|
Kudos Donations – Easy donations and payments with Mollie < 3.1.2 - Cross-Site Request Forgery | LOW | [*, 3.1.2) | 3.1.2 | July 4, 2026 | |
| kiwi-logo-carousel | kiwi-logo-carousel |
93
|
Logo Carousel < 1.7.2 - Stored Cross-Site Scripting | LOW | [*, 1.7.2) | 1.7.2 | July 4, 2026 | |
| icegram | icegram |
93
|
Icegram <= 2.0.4 - Reflected Cross-Site Scripting via message_id | LOW | [*, 2.0.5) | 2.0.5 | July 4, 2026 | |
| exportfeed-list-woocommerce-products-on-ebay-store | exportfeed-list-woocommerce-products-on-ebay-store |
91
|
ExportFeed <= 2.0.1.0 - SQL Injection | LOW | *-2.0.1.0 | July 4, 2026 | ||
| Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder | everest-forms |
68
|
Everest Forms <= 1.7.9 - Reflected Cross-Site Scripting | LOW | [*, 1.8.0) | 1.8.0 | July 4, 2026 | |
| blog2social | blog2social |
93
|
Blog2Social <= 6.8.6 - Reflected Cross-Site Scripting | LOW | *-6.8.6 | 6.8.7 | July 4, 2026 | |
| ninja-forms-uploads | ninja-forms-uploads |
93
|
Ninja Forms - File Uploads Extension <= 3.3.12 - Reflected Cross-Site Scripting | LOW | *-3.3.12 | 3.3.13 | July 4, 2026 | |
| child-theme-generator | child-theme-generator |
89
|
Child Theme Generator <= 2.2.7 Cross-Site Request Forgery to Arbitrary Folder Deletion | LOW | *-2.2.7 | July 4, 2026 | ||
| easy-registration-forms | easy-registration-forms |
87
|
Easy Registration Forms <= 2.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.1.1 | July 4, 2026 | ||
| woo-preview-emails | woo-preview-emails | N/A | Preview E-Mails for WooCommerce <= 1.6.8 - Reflected Cross-Site Scripting | LOW | *-1.6.8 | 2.0.0 | July 4, 2026 | |
| User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration | wp-user-frontend | N/A | WP User Frontend – Membership, Profile, Registration & Post Submission Plugin for WordPress < 3.5.25 - Authenticated (Admin+) SQL Injection | LOW | [*, 3.5.25) | 3.5.25 | July 4, 2026 | |
| facebook-conversion-pixel | facebook-conversion-pixel |
93
|
Pixel Cat – Conversion Pixel Manager <= 2.6.3 - Reflected Cross-Site Scripting | LOW | *-2.6.3 | 2.6.4 | July 4, 2026 | |
| child-theme-generator | child-theme-generator |
89
|
Child Theme Generator <= 2.2.7 - Reflected Cross-Site Scripting | LOW | *-2.2.7 | July 4, 2026 | ||
| easy-login-woocommerce | easy-login-woocommerce |
93
|
Login/Signup Popup ( Inline Form + Woocommerce ) <= 2.1 - Reflected Cross-Site Scripting | LOW | *-2.1 | 2.2 | July 4, 2026 | |
| Backup Migration | backup-backup |
61
|
Backup Migration <= 1.1.5 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.1.5 | 1.1.6 | July 4, 2026 | |
| sportspress | sportspress | N/A | SportsPress <= 2.7.8 - Reflected Cross-Site Scripting | LOW | *-2.7.8 | 2.7.9 | July 4, 2026 | |
| smart-product-review | smart-product-review | N/A | Wordpress Plugin Smart Product Review <= 1.0.4 - Unauthenticated Arbitrary File Upload | LOW | *-1.0.4 | 1.0.5 | July 4, 2026 | |
| push-notifications-for-wp | push-notifications-for-wp | N/A | Push Notifications for WordPress (Lite) < 6.0.1 - Cross-Site Request Forgery | LOW | [*, 6.0.1) | 6.0.1 | July 4, 2026 | |
| mortgage-loan-calculator | mortgage-loan-calculator |
91
|
Mortgage Calculator / Loan Calculator < 1.5.17 - Cross-Site Scripting | LOW | [*, 1.5.17) | 1.5.17 | July 4, 2026 | |
| directorist | directorist |
93
|
Directorist <= 7.0.6.1 - Cross-Site Request Forgery to Arbitrary File Upload | LOW | *-7.0.6.1 | 7.0.6.2 | July 4, 2026 | |
| wp-user-avatar | wp-user-avatar | N/A | ProfilePress <= 3.2.2 - Reflected Cross-Site Scripting | LOW | [*, 3.2.3) | 3.2.3 | July 4, 2026 | |
| wp-user-avatar | wp-user-avatar | N/A | ProfilePress <= 3.2.2 - Reflected Cross-Site Scripting via ppress_cc_data Parameter | LOW | [*, 3.2.3) | 3.2.3 | July 4, 2026 | |
| wp-limits | wp-limits | N/A | Wp Limits <= 1.0 - Cross-Site Request Forgery | LOW | *-1.0 | July 4, 2026 | ||
| wp-admin-logo-changer | wp-admin-logo-changer | N/A | WP Admin Logo Changer <= 1.0 - Plugin's Settings Update via Cross-Site Request Forgery | LOW | *-1.0 | July 4, 2026 | ||
| winterlock | winterlock | N/A | WP System Log < 1.0.21 - Cross-Site Scripting | LOW | [*, 1.0.21) | 1.0.21 | July 4, 2026 | |
| user-meta-shortcodes | user-meta-shortcodes | N/A | User meta shortcodes <= 0.5 - Improper Access Control | LOW | *-0.5 | July 4, 2026 | ||
| totop-link | totop-link | N/A | ToTop Link <= 1.7.1 - Unauthenticated PHP Object Injection | LOW | *-1.7.1 | July 4, 2026 | ||
| titan-labs-security-audit | titan-labs-security-audit | N/A | Security Audit <= 1.0.0 - Authenticated (Admin+) Cross-Site Scripting | LOW | *-1.0.0 | July 4, 2026 | ||
| temporary-login-without-password | temporary-login-without-password | N/A | Temporary Login Without Password <= 1.7.0 - Subscriber+ Plugin Settings Update | LOW | *-1.7.0 | 1.7.1 | July 4, 2026 | |
| stopbadbots | stopbadbots | N/A | WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots < 6.67 - Unauthenticated SQL Injection | LOW | [*, 6.67) | 6.67 | July 4, 2026 | |
| single-post-exporter | single-post-exporter | N/A | Single Post Exporter <= 1.1.1 - Cross-Site Request Forgery | LOW | *-1.1.1 | July 4, 2026 | ||
| shiny-buttons | shiny-buttons | N/A | Shiny Buttons – CSS3 Button Generator for WordPress <= 1.1.0 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.1.0 | July 4, 2026 | ||
| seo-booster | seo-booster | N/A | SEO Booster <= 3.7 - Admin+ SQL Injection | LOW | *-3.7 | 3.8 | July 4, 2026 | |
| quotes-collection | quotes-collection | N/A | Quotes Collection <= 2.5.2 - Authenticated (Admin+) SQL Injection | LOW | *-2.5.2 | July 4, 2026 | ||
| pagepost-content-shortcode | pagepost-content-shortcode |
91
|
Page/Post Content Shortcode <= 1.0 - Missing Authorization | LOW | *-1.0 | July 4, 2026 | ||
| nofollow | nofollow |
91
|
Ultimate NoFollow <= 1.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.4.8 | July 4, 2026 | ||
| modern-events-calendar-lite | modern-events-calendar-lite |
93
|
Modern Events Calendar Lite <= 6.1.4 - Unauthenticated Blind SQL Injection via time Parameter | LOW | [*, 6.1.5) | 6.1.5 | July 4, 2026 | |
| modern-events-calendar-lite | modern-events-calendar-lite |
93
|
Modern Events Calendar Lite <= 6.1.0 - Reflected Cross-Site Scripting via current_month_divider parameter | LOW | *-6.1.0 | 6.1.5 | July 4, 2026 | |
| mediamatic | mediamatic |
87
|
Mediamatic – Media Library Folders <= 2.8.0 - SQL Injection | LOW | *-2.8.0 | 2.8.1 | July 4, 2026 | |
| inspirational-quote-rotator | inspirational-quote-rotator |
91
|
Inspirational Quote Rotator <= 1.0.0 - Stored Cross-Site Scripting | LOW | *-1.0.0 | July 4, 2026 | ||
| improved-include-page | improved-include-page |
91
|
Improved Include Page <= 1.2 - Authenticated (Contributor+) Arbitrary Posts/Pages Access | LOW | *-1.2 | July 4, 2026 | ||
| fsflex-local-fonts | fsflex-local-fonts |
91
|
Flex Local Fonts <= 1.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.0.0 | July 4, 2026 | ||
| filter-portfolio-gallery | filter-portfolio-gallery |
91
|
Filter Portfolio Gallery <= 1.5 - Cross-Site Request Forgery | LOW | *-1.5 | July 4, 2026 | ||
| facebook-conversion-pixel | facebook-conversion-pixel |
93
|
Pixel Cat Lite <= 2.6.2 - Admin+ Stored Cross-Site Scripting | LOW | *-2.6.2 | 2.6.3 | July 4, 2026 | |
| facebook-conversion-pixel | facebook-conversion-pixel |
93
|
Pixel Cat – Conversion Pixel Manager <= 2.6.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.6.1 | 2.6.2 | July 4, 2026 | |
| display-post-metadata | display-post-metadata |
93
|
Display Post Metadata <= 1.4.0 - Stored Cross-Site Scripting | LOW | [*, 1.5.0) | 1.5.0 | July 4, 2026 | |
| contact-form-advanced-database | contact-form-advanced-database |
91
|
Contact Form Advanced Database <= 1.0.8 - Missing Authorization | LOW | *-1.0.8 | July 4, 2026 | ||
| auto-post-thumbnail | auto-post-thumbnail |
93
|
Auto Featured Image <= 3.9.2 - Reflected Cross-Site Scripting | LOW | *-3.9.2 | 3.9.3 | July 4, 2026 | |
| All-in-One Video Gallery | all-in-one-video-gallery |
70
|
All-In-One-Gallery <= 2.4.9 - Admin+ Local File Inclusion | LOW | *-2.4.9 | 2.5.0 | July 4, 2026 | |
| nex-forms-express-wp-form-builder | nex-forms-express-wp-form-builder |
93
|
NEX-Forms – Ultimate Form Builder <= 8.4.2 - Cross-Site Request Forgery to Cross-Site Scripting | LOW | *-8.4.2 | 8.4.3 | July 4, 2026 | |
| Database for Contact Form 7, WPforms, Elementor forms | contact-form-entries |
84
|
Contact Form Entries <= 1.2.3 - Reflected Cross-Site Scripting | LOW | *-1.2.3 | 1.2.4 | July 4, 2026 | |
| WP Popular Posts | wordpress-popular-posts | N/A | WordPress Popular Posts <= 5.3.2 - Authenticated Arbitrary File Upload | LOW | *-5.3.2 | 5.3.3 | July 4, 2026 | |
| flash-album-gallery | flash-album-gallery |
91
|
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio <= 6.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-6.1.2 | July 4, 2026 | ||
| Database Addon for Contact Form 7 – CFDB7 | contact-form-cfdb7 |
89
|
Contact Form 7 Database Addon – CFDB7 plugin <= 1.2.5.9 - Cross-Site Request Forgery | LOW | *-1.2.5.9 | 1.2.6.1 | July 4, 2026 | |
| Database Addon for Contact Form 7 – CFDB7 | contact-form-cfdb7 |
89
|
Contact Form 7 Database Addon – CFDB7 <= 1.2.6.1 - Unauthenticated Stored Cross-Site Scripting | LOW | *-1.2.6.1 | 1.2.6.2 | July 4, 2026 | |
| contact-form-to-email | contact-form-to-email |
93
|
Contact Form Email <= 1.3.24 - Authenticated (Admin+) Stored Cross-Site Scripting | LOW | *-1.3.24 | 1.3.25 | July 4, 2026 | |
| likebtn-like-button | likebtn-like-button |
93
|
Like Button Rating <= 2.6.37 - Unauthorised Vote Export to Email & IP Addresses Disclosure | LOW | *-2.6.37 | 2.6.38 | July 4, 2026 | |
| caldera-forms | caldera-forms |
93
|
Caldera forms <= 1.9.4 - Admin+ Stored Cross-Site Scripting | LOW | [*, 1.9.5) | 1.9.5 | July 4, 2026 | |
| wp-reset | wp-reset | N/A | WP Reset PRO 5.00-5.98 - Cross-Site Request Forgery | LOW | 5.00-5.98 | 5.99 | July 4, 2026 | |
| wp-reset | wp-reset | N/A | WP Reset – Most Advanced WordPress Reset Tool (PRO) 5.00- 5.98 - Missing Authorization to Database Reset | LOW | 5.00-5.98 | 5.99 | July 4, 2026 | |
| meks-easy-instagram-widget | meks-easy-instagram-widget |
93
|
Meks Easy Photo Feed Widget < 1.2.4 - Authenticated Stored Cross-Site Scripting | LOW | [*, 1.2.4) | 1.2.4 | July 4, 2026 | |
| error-log-viewer | error-log-viewer |
93
|
Error Log Viewer <= 1.1.1 - Arbitrary File Deletion | LOW | *-1.1.1 | 1.1.2 | July 4, 2026 | |
| Booking Package | booking-package |
85
|
Booking Package <= 1.5.10 - Reflected Cross-Site Scripting | LOW | [*, 1.5.11) | 1.5.11 | July 4, 2026 | |
| learnpress | learnpress |
93
|
LearnPress <= 4.1.3 - Authenticated SQL Injection | LOW | [*, 4.1.4) | 4.1.4 | July 4, 2026 | |
| get-custom-field-values | get-custom-field-values |
93
|
Get Custom Field Values <= 4.0.0 - Contributor+ Stored Cross-Site Scripting | LOW | [*, 4.0.1) | 4.0.1 | July 4, 2026 | |
| get-custom-field-values | get-custom-field-values |
93
|
Get Custom Field Values < 4.0 - Arbitrary Post Metadata Access | LOW | [*, 4.0) | 4.0 | July 4, 2026 | |
| WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards | wp-data-access | N/A | WP Data Access <= 4.3.1 - Admin+ SQL Injection | LOW | *-4.3.1 | 5.0.0 | July 4, 2026 | |
| woocommerce-currency-switcher | woocommerce-currency-switcher | N/A | WooCommerce Currency Switcher <= 1.3.7 - Reflected Cross-Site Scripting | LOW | *-1.3.7 | 1.3.7.1 | July 4, 2026 | |
| tawkto-live-chat | tawkto-live-chat | N/A | Tawk.To Live Chat <= 0.5.4 - Missing Authorization to Visitor Monitoring & Chat Removal | LOW | [*, 0.6.0) | 0.6.0 | July 4, 2026 | |
| secure-copy-content-protection | secure-copy-content-protection | N/A | Secure Copy Content Protection and Content Locking <= 2.8.1 - Unauthenticated SQL Injection | LOW | *-2.8.1 | 2.8.2 | July 4, 2026 | |
| registrations-for-the-events-calendar | registrations-for-the-events-calendar | N/A | Registrations for the Events Calendar <= 2.7.5 - Unauthenticated SQL Injection | LOW | [*, 2.7.6) | 2.7.6 | July 4, 2026 | |
| peters-login-redirect | peters-login-redirect |
93
|
LoginWP < 3.0.0.5 - Reflected Cross-Site Scripting via rul_login_url, rul_logout_url Parameter | LOW | [*, 3.0.0.5) | 3.0.0.5 | July 4, 2026 | |
| Email Log | email-log |
89
|
Email Log <= 2.4.7 - Reflected Cross-Site Scripting | LOW | *-2.4.7 | 2.4.8 | July 4, 2026 | |
| bookly-responsive-appointment-booking-tool | bookly-responsive-appointment-booking-tool |
93
|
Bookly <= 20.3 - Staff Member Stored Cross-Site Scripting | LOW | *-20.3 | 20.3.1 | July 4, 2026 |
molie-instructure-canvas-linking-tool
molie-instructure-canvas-linking-tool
molie-instructure-canvas-linking-tool
molie-instructure-canvas-linking-tool
lead-form-builder
lead-form-builder
Download Manager
download-manager
correos-express
correos-express
buttonizer-multifunctional-button
buttonizer-multifunctional-button
asgaros-forum
asgaros-forum
social-networks-auto-poster-facebook-twitter-g
social-networks-auto-poster-facebook-twitter-g
awesome-support
awesome-support
browser-and-operating-system-finder
browser-and-operating-system-finder
hide_my_wp
hide_my_wp
hide_my_wp
hide_my_wp
wpfront-user-role-editor
wpfront-user-role-editor
wpfront-user-role-editor
wpfront-user-role-editor
tickera-event-ticketing-system
tickera-event-ticketing-system
paid-memberships-pro
paid-memberships-pro
idpay-contact-form-7
idpay-contact-form-7
html5-responsive-faq
html5-responsive-faq
gwolle-gb
gwolle-gb
cybersoldier
cybersoldier
wp-guppy
wp-guppy
wc-multivendor-marketplace
wc-multivendor-marketplace
simple-slider
simple-slider
ni-woocommerce-custom-order-status
ni-woocommerce-custom-order-status
logo-carousel-free
logo-carousel-free
logo-carousel-free
logo-carousel-free
kudos-donations
kudos-donations
kiwi-logo-carousel
kiwi-logo-carousel
icegram
icegram
exportfeed-list-woocommerce-products-on-ebay-store
exportfeed-list-woocommerce-products-on-ebay-store
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder
everest-forms
blog2social
blog2social
ninja-forms-uploads
ninja-forms-uploads
child-theme-generator
child-theme-generator
easy-registration-forms
easy-registration-forms
woo-preview-emails
woo-preview-emails
User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
wp-user-frontend
facebook-conversion-pixel
facebook-conversion-pixel
child-theme-generator
child-theme-generator
easy-login-woocommerce
easy-login-woocommerce
Backup Migration
backup-backup
sportspress
sportspress
smart-product-review
smart-product-review
push-notifications-for-wp
push-notifications-for-wp
mortgage-loan-calculator
mortgage-loan-calculator
directorist
directorist
wp-user-avatar
wp-user-avatar
wp-user-avatar
wp-user-avatar
wp-limits
wp-limits
wp-admin-logo-changer
wp-admin-logo-changer
winterlock
winterlock
user-meta-shortcodes
user-meta-shortcodes
totop-link
totop-link
titan-labs-security-audit
titan-labs-security-audit
temporary-login-without-password
temporary-login-without-password
stopbadbots
stopbadbots
single-post-exporter
single-post-exporter
shiny-buttons
shiny-buttons
seo-booster
seo-booster
quotes-collection
quotes-collection
pagepost-content-shortcode
pagepost-content-shortcode
nofollow
nofollow
modern-events-calendar-lite
modern-events-calendar-lite
modern-events-calendar-lite
modern-events-calendar-lite
mediamatic
mediamatic
inspirational-quote-rotator
inspirational-quote-rotator
improved-include-page
improved-include-page
fsflex-local-fonts
fsflex-local-fonts
filter-portfolio-gallery
filter-portfolio-gallery
facebook-conversion-pixel
facebook-conversion-pixel
facebook-conversion-pixel
facebook-conversion-pixel
display-post-metadata
display-post-metadata
contact-form-advanced-database
contact-form-advanced-database
auto-post-thumbnail
auto-post-thumbnail
All-in-One Video Gallery
all-in-one-video-gallery
nex-forms-express-wp-form-builder
nex-forms-express-wp-form-builder
Database for Contact Form 7, WPforms, Elementor forms
contact-form-entries
WP Popular Posts
wordpress-popular-posts
flash-album-gallery
flash-album-gallery
Database Addon for Contact Form 7 – CFDB7
contact-form-cfdb7
Database Addon for Contact Form 7 – CFDB7
contact-form-cfdb7
contact-form-to-email
contact-form-to-email
likebtn-like-button
likebtn-like-button
caldera-forms
caldera-forms
wp-reset
wp-reset
wp-reset
wp-reset
meks-easy-instagram-widget
meks-easy-instagram-widget
error-log-viewer
error-log-viewer
Booking Package
booking-package
learnpress
learnpress
get-custom-field-values
get-custom-field-values
get-custom-field-values
get-custom-field-values
WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards
wp-data-access
woocommerce-currency-switcher
woocommerce-currency-switcher
tawkto-live-chat
tawkto-live-chat
secure-copy-content-protection
secure-copy-content-protection
registrations-for-the-events-calendar
registrations-for-the-events-calendar
peters-login-redirect
peters-login-redirect
Email Log
email-log
bookly-responsive-appointment-booking-tool
bookly-responsive-appointment-booking-tool
Showing 30601 to 30700 of 36406 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 4, 2026 at 19:13 UTC.