Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36406

Across tracked plugins

Affected Plugins

96

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
catch-gallery catch-gallery
93
CatchThemes Plugins (Various Versions) - Missing Authorization LOW [*, 1.7) 1.7 July 4, 2026
catch-duplicate-switcher catch-duplicate-switcher
93
CatchThemes Plugins (Various Versions) - Missing Authorization LOW [*, 1.6) 1.6 July 4, 2026
catch-breadcrumb catch-breadcrumb
93
CatchThemes Plugins (Various Versions) - Missing Authorization LOW [*, 1.7) 1.7 July 4, 2026
smart-id smart-id N/A eID Easy <= 4.6 - Reflected Cross-Site Scripting LOW *-4.6 4.7 July 4, 2026
BulletProof Security bulletproof-security
68
BulletProof Security <= 5.1 - Sensitive Information Disclosure LOW *-5.1 5.2 July 4, 2026
buddyboss-platform buddyboss-platform
93
Buddyboss Platform <= 1.7.8 - SQL Injection LOW *-1.7.8 1.7.9 July 4, 2026
yith-maintenance-mode yith-maintenance-mode N/A YITH Maintenance Mode <= 1.3.7 - Stored Cross-Site Scripting LOW *-1.3.7 1.3.8 July 4, 2026
Shared Files – Frontend File Upload Form & Secure File Sharing shared-files
78
Shared Files – Easy Download Manager and File Sharing Plugin with Frontend File Upload <= 1.6.56 - Authenticated (Admin+) Stored Cross-Site Scripting LOW [*, 1.6.57) 1.6.57 July 4, 2026
seo-redirection seo-redirection N/A SEO Redirection Plugin – 301 Redirect Manager <= 7.8 - Cross-Site Request Forgery LOW *-7.8 7.9 July 4, 2026
podcast-subscribe-buttons podcast-subscribe-buttons
93
Podcast Subscribe Buttons < 1.4.2 - Stored Cross-Site Scripting LOW [*, 1.4.2) 1.4.2 July 4, 2026
planso-forms planso-forms
91
PlanSo Forms <= 2.6.4 - Authenticated (Admin+) Stored Cross-Site Scripting LOW *-2.6.4 July 4, 2026
pdf-light-viewer pdf-light-viewer
93
PDF Light Viewer <= 1.4.11 - Authenticated Command Injection LOW *-1.4.11 1.4.12 July 4, 2026
find-my-blocks find-my-blocks
93
Find My Blocks < 3.4.0 - Sensitive Information Disclosure LOW [*, 3.4.0) 3.4.0 July 4, 2026
compact-wp-audio-player compact-wp-audio-player
93
Compact WP Audio Player <= 1.9.6 - Setting Change via Cross-Site Request Forgery LOW *-1.9.6 1.9.7 July 4, 2026
compact-wp-audio-player compact-wp-audio-player
93
Compact WP Audio Player <= 1.9.6 - Contributor+ Stored Cross-Site Scripting LOW *-1.9.6 1.9.7 July 4, 2026
3d-flipbook-dflip-lite 3d-flipbook-dflip-lite
97
PDF Flipbook, 3D Flipbook WordPress – DearFlip Lite <= 1.7.12 - Contributor+ Stored Cross-Site Scripting LOW *-1.7.12 1.7.13 July 4, 2026
wpdiscuz wpdiscuz N/A Comments - wpDiscuz <= 7.3.0 - Authenticated Stored Cross-Site Scripting LOW *-7.3.0 7.3.2 July 4, 2026
woocommerce-multi-currency woocommerce-multi-currency N/A WooCommerce Multi Currency <= 2.1.17 - Missing Authorization LOW *-2.1.17 2.1.18 July 4, 2026
woo-multi-currency woo-multi-currency N/A WooCommerce Multi Currency <= 2.1.17 - Missing Authorization LOW *-2.1.17 2.1.18 July 4, 2026
travelpayouts travelpayouts N/A Travelpayouts <= 1.0.16 - Cross-Site Request Forgery LOW *-1.0.16 1.0.17 July 4, 2026
software-license-manager software-license-manager N/A Software License Manager <= 4.5.0 - Cross-Site Request Forgery leading to Arbitrary Domain Deletion LOW [*, 4.5.1) 4.5.1 July 4, 2026
simple-social-buttons simple-social-buttons N/A Simple Social Media Share Buttons <= 3.2.3 - Admin+ Stored Cross-Site Scripting LOW *-3.2.3 3.2.4 July 4, 2026
seo-redirection seo-redirection N/A SEO Redirection Plugin – 301 Redirect Manager <= 7.3 - Reflected Cross-Site Scripting LOW *-7.3 7.4 July 4, 2026
quiz-master-next quiz-master-next N/A Quiz And Survey Master <= 7.3.1 - Admin+ Stored Cross-Site Scripting LOW *-7.3.1 7.3.2 July 4, 2026
quiz-master-next quiz-master-next N/A Quiz and Survey Master <= 7.1.13 - Cross-Site Scripting LOW *-7.1.13 7.1.14 July 4, 2026
poll-maker poll-maker
93
Poll Maker < 3.4.2 - Unauthenticated SQL Injection LOW [*, 3.4.2) 3.4.2 July 4, 2026
download-from-files download-from-files
91
Download from files <= 1.48 - Arbitrary File Upload LOW *-1.48 July 4, 2026
coming-soon-page coming-soon-page
93
Coming soon and Maintenance mode <= 3.5.2 - Authenticated Stored Cross-Site Scripting LOW [*, 3.5.3) 3.5.3 July 4, 2026
block-options block-options
93
EditorsKit <= 1.31.5 - Authenticated (Contributor+) Code Injection LOW *-1.31.5 1.31.6 July 4, 2026
affiliate-power affiliate-power
97
Affiliate Power – Sales Tracking for Affiliate Marketers <= 2.2.0 - Reflected Cross-Site Scripting LOW *-2.2.0 2.3.0 July 4, 2026
WP Statistics – Simple, privacy-friendly Google Analytics alternative wp-statistics
90
WP Statistics <= 13.1.1 - Cross-Site Request Forgery to Arbitrary Plugin Activation and Deactivation LOW *-13.1.1 13.1.2 July 4, 2026
Easy Accordion – AI-Powered FAQ & Accordion Blocks, Product FAQ easy-accordion-free
93
Easy Accordion <= 2.0.21 - Authenticated Stored Cross-Site Scripting LOW *-2.0.21 2.0.22 July 4, 2026
Appointment Hour Booking – Booking Calendar appointment-hour-booking
97
Appointment Hour Booking <= 1.3.16 - Cross-Site Scripting LOW [*, 1.3.17) 1.3.17 July 4, 2026
yabp yabp N/A Yet Another bol.com - <= 1.4 - Reflected Cross-Site Scripting LOW *-1.4 July 4, 2026
wp-publications wp-publications N/A wp-publications < 1.1 - Local File Inclusion LOW *-0.0 1.1 July 4, 2026
woo-moneybird woo-moneybird N/A Integration of Moneybird for WooCommerce <= 2.1.2 - Reflected Cross-Site Scripting LOW *-2.1.2 July 4, 2026
webful-simple-grocery-shop webful-simple-grocery-shop N/A WordPress Simple Shop <= 1.2 - Reflected Cross-Site Scripting LOW *-1.2 July 4, 2026
sms-ovh sms-ovh N/A SMS OVH <= 0.1 - Reflected Cross-Site Scripting LOW *-0.1 July 4, 2026
simple-custom-website-data simple-custom-website-data N/A Custom Website Data <= 2.2 - Reflected Cross-Site Scripting LOW *-2.2 July 4, 2026
rsvpmaker-excel rsvpmaker-excel N/A RSVPmaker Excel <= 1.1 - Reflected Cross-Site Scripting LOW *-1.1 July 4, 2026
refer-a-friend-widget-for-wp refer-a-friend-widget-for-wp N/A WordPress InviteBox Plugin <= 1.4.1 - Reflected Cross-Site Scripting LOW *-1.4.1 July 4, 2026
post-title-counter post-title-counter N/A Post Title Counter <= 1.1 - Reflected Cross-Site Scripting LOW *-1.1 July 4, 2026
gnu-mailman-integration gnu-mailman-integration
91
GNU-Mailman Integration <= 1.0.6 - Reflected Cross-Site Scripting LOW *-1.0.6 July 4, 2026
advance-search advance-search
95
Advance Search <= 1.1.2 - Reflected Cross-Site Scripting LOW *-1.1.2 1.1.3 July 4, 2026
youtube-video-inserter youtube-video-inserter N/A YouTube Video Inserter <= 1.2.1.0 Reflected Cross-Site Scripting LOW *-1.2.1.0 July 4, 2026
wp-t-wap wp-t-wap N/A WP-T-Wap <= 1.13.2 - Reflected Cross-Site Scripting LOW *-1.13.2 July 4, 2026
wp-scrippets wp-scrippets N/A WP Scrippets <= 1.5.1 - Reflected Cross-Site Scripting LOW *-1.5.1 July 4, 2026
wp-design-maps-places wp-design-maps-places N/A WP Design Maps & Places <= 1.2 - Reflected Cross-Site Scripting LOW *-1.2 July 4, 2026
wiseagentleadform wiseagentleadform N/A Wise Agent Capture Forms <= 2.0 - Reflected Cross-Site Scripting LOW *-2.0 3.0 July 4, 2026
wc-payment-gateway-per-category wc-payment-gateway-per-category N/A WooCommerce Payment Gateway Per Category <= 2.0.10 - Reflected Cross-Site Scripting LOW *-2.0.10 July 4, 2026
spideranalyse spideranalyse N/A spideranalyse <= 0.0.1 - Reflected Cross-Site Scripting LOW *-0.0.1 July 4, 2026
simple-matted-thumbnails simple-matted-thumbnails N/A Simple Matted Thumbnails <= 1.01 - Reflected Cross-Site Scripting LOW *-1.01 July 4, 2026
push-notification-by-feedify push-notification-by-feedify N/A Feedify – Web Push Notifications <= 2.1.8 Reflected Cross-Site Scripting LOW *-2.1.8 2.1.9 July 4, 2026
osd-subscribe osd-subscribe
91
OSD Subscribe <= 1.2.3 - Reflected Cross-Site Scripting LOW *-1.2.3 July 4, 2026
ops-robots-txt ops-robots-txt
93
On Page SEO + Whatsapp Chat Button <= 1.0.1 Reflected Cross-Site Scripting LOW *-1.0.1 1.0.2 July 4, 2026
notices notices
91
Notices <= 6.1 - Reflected Cross-Site Scripting LOW *-6.1 July 4, 2026
moolamojo moolamojo
91
MoolaMojo <= 0.7.4.1 Reflected Cross-Site Scripting LOW *-0.7.4.1 July 4, 2026
insert-special-characters insert-special-characters
93
ansi-regex >=2.1.1 =4.0.0 =5.0.0 =6.0.0 <6.0.1 - Regular Expression Denial of Service (ReDoS) LOW *-1.0.4 1.0.5 July 4, 2026
edit-comments-xt edit-comments-xt
91
Edit Comments XT <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 4, 2026
dropdown-and-scrollable-text dropdown-and-scrollable-text
93
Dropdown and scrollable Text <= 2.0 Reflected Cross-Site Scripting LOW *-2.0 2.1 July 4, 2026
dj-email-publish dj-email-publish
91
DJ EmailPublish <= 1.7.2 Reflected Cross-Site Scripting LOW *-1.7.2 July 4, 2026
bug-library bug-library
93
Bug Library <= 2.0.3 - Reflected Cross-Site Scripting LOW *-2.0.3 2.0.4 July 4, 2026
border-loading-bar border-loading-bar
89
Border Loading Bar <= 1.0.1 - Reflected Cross-Site Scripting LOW *-1.0.1 July 4, 2026
twitter-friends-widget twitter-friends-widget N/A Twitter Friends Widget <= 3.1 - Reflected Cross-Site Scripting LOW *-3.1 July 4, 2026
simplesamlphp-authentication simplesamlphp-authentication N/A simpleSAMLphp Authentication <= 0.7.0 - Reflected Cross-Site Scripting LOW *-0.7.0 July 4, 2026
rentpress rentpress N/A RentPress <= 6.6.4 - Reflected Cross-Site Scripting LOW *-6.6.4 July 4, 2026
custom-sub-menus custom-sub-menus
91
Custom Menu <= 1.3.3 - Reflected Cross-Site Scripting LOW *-1.3.3 July 4, 2026
3d-cover-carousel 3d-cover-carousel
95
3D Cover Carousel <= 1.0 - Reflected Cross-Site Scripting LOW *-1.0 July 4, 2026
WP Go Maps (formerly WP Google Maps) wp-google-maps
66
WP Google Maps <= 8.1.12 - Authenticated Stored Cross-Site Scripting LOW [*, 8.1.13) 8.1.13 July 4, 2026
wp-google-maps-pro wp-google-maps-pro N/A WP Google Maps Pro <= 8.1.11 - Authenticated Stored Cross-Site Scripting LOW *-8.1.11 8.1.12 July 4, 2026
wp-academic-people wp-academic-people N/A WP Academic People List <= 0.4.1 - Reflected Cross-Site Scripting LOW *-0.4.1 July 4, 2026
user-activation-email user-activation-email N/A User Activation Email <= 1.3.0 - Reflected Cross-Site Scripting LOW *-1.3.0 July 4, 2026
sp-rental-manager sp-rental-manager N/A SP Rental Manager <= 1.5.3 - Unauthenticated SQL Injection LOW *-1.5.3 July 4, 2026
more-from-google more-from-google
91
More From Google <= 0.0.2 - Reflected Cross-Site Scripting LOW *-0.0.2 July 4, 2026
konnichiwa konnichiwa
91
Konnichiwa! Membership <= 0.8.3 Reflected Cross-Site Scripting LOW *-0.8.3 July 4, 2026
xforwoocommerce xforwoocommerce N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.7.0) 1.7.0 July 4, 2026
wp-sitemap-page wp-sitemap-page N/A WP Sitemap Page <= 1.6.6 - Admin+ Stored Cross Site Scripting LOW [*, 1.7.0) 1.7.0 July 4, 2026
woocommerce-warranties-and-returns woocommerce-warranties-and-returns N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 5.3.0) 5.3.0 July 4, 2026
woocommerce-frontend-shop-manager woocommerce-frontend-shop-manager N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 4.7.0) 4.7.0 July 4, 2026
weather-effect weather-effect N/A Weather Effect – Christmas Santa Snow Falling <= 1.3.3 - Cross-Site Request Forgery LOW [*, 1.3.4) 1.3.4 July 4, 2026
weather-effect weather-effect N/A Weather Effect – Christmas Santa Snow Falling <= 1.3.5 - Stored Cross-Site Scripting LOW *-1.3.5 1.3.6 July 4, 2026
spam-control-xforwc spam-control-xforwc N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.5.0) 1.5.0 July 4, 2026
share-print-pdf-woocommerce share-print-pdf-woocommerce N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 2.8.0) 2.8.0 July 4, 2026
seo-for-woocommerce seo-for-woocommerce N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.6.0) 1.6.0 July 4, 2026
product-loops product-loops N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.7.0) 1.7.0 July 4, 2026
price-commander-xforwc price-commander-xforwc N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.3.0) 1.3.0 July 4, 2026
prdctfltr prdctfltr N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 8.2.0) 8.2.0 July 4, 2026
package-quantity-xforwc package-quantity-xforwc
93
Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.2.0) 1.2.0 July 4, 2026
live-search-xforwc live-search-xforwc
93
Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 2.1.0) 2.1.0 July 4, 2026
improved-variable-product-attributes improved-variable-product-attributes
93
Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 5.3.0) 5.3.0 July 4, 2026
improved-sale-badges improved-sale-badges
93
Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 4.4.0) 4.4.0 July 4, 2026
floating-cart-xforwc floating-cart-xforwc
93
Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.3.0) 1.3.0 July 4, 2026
chained-quiz chained-quiz
93
Chained Quiz < 1.2.7.2 - Cross-Site Scripting LOW [*, 1.2.7.2) 1.2.7.2 July 4, 2026
bulk-add-to-cart-xforwc bulk-add-to-cart-xforwc
93
Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.3.0) 1.3.0 July 4, 2026
add-tabs-xforwc add-tabs-xforwc
97
Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization LOW [*, 1.5.0) 1.5.0 July 4, 2026
WP User Manager – User Profile Builder & Membership wp-user-manager
83
User Registration < 2.0.2 - Authenticated Stored Cross-Site Scripting LOW [*, 2.0.2) 2.0.2 July 4, 2026
wp-pinterest-automatic wp-pinterest-automatic N/A Pinterest Automatic <= 4.14.3 - Unuathenticated Arbitrary Options Update LOW *-4.14.3 4.14.4 July 4, 2026
wp-automatic wp-automatic N/A WordPress Automatic Plugin <= 3.53.2 - Unauthenticated Arbitrary Options Update LOW [*, 3.53.3) 3.53.3 July 4, 2026
woo-altcoin-payment-gateway woo-altcoin-payment-gateway N/A Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop <= 1.6.0 - Reflected Cross-Site Scripting LOW *-1.6.0 1.6.1 July 4, 2026
userswp userswp N/A UsersWP – User Registration & User Profile <= 1.2.2.28 - Reflected Cross-Site Scripting LOW *-1.2.2.28 1.2.2.29 July 4, 2026
LOW

catch-gallery

catch-gallery

Score: 93/100 CatchThemes Plugins (Various Versions) - Missing Authorization Affected: [*, 1.7) Patched: 1.7 Updated: July 4, 2026
LOW

catch-duplicate-switcher

catch-duplicate-switcher

Score: 93/100 CatchThemes Plugins (Various Versions) - Missing Authorization Affected: [*, 1.6) Patched: 1.6 Updated: July 4, 2026
LOW

catch-breadcrumb

catch-breadcrumb

Score: 93/100 CatchThemes Plugins (Various Versions) - Missing Authorization Affected: [*, 1.7) Patched: 1.7 Updated: July 4, 2026
LOW

smart-id

smart-id

Score: N/A eID Easy <= 4.6 - Reflected Cross-Site Scripting Affected: *-4.6 Patched: 4.7 Updated: July 4, 2026
LOW

BulletProof Security

bulletproof-security

Score: 68/100 BulletProof Security <= 5.1 - Sensitive Information Disclosure Affected: *-5.1 Patched: 5.2 Updated: July 4, 2026
LOW

buddyboss-platform

buddyboss-platform

Score: 93/100 Buddyboss Platform <= 1.7.8 - SQL Injection Affected: *-1.7.8 Patched: 1.7.9 Updated: July 4, 2026
LOW

yith-maintenance-mode

yith-maintenance-mode

Score: N/A YITH Maintenance Mode <= 1.3.7 - Stored Cross-Site Scripting Affected: *-1.3.7 Patched: 1.3.8 Updated: July 4, 2026
LOW

seo-redirection

seo-redirection

Score: N/A SEO Redirection Plugin – 301 Redirect Manager <= 7.8 - Cross-Site Request Forgery Affected: *-7.8 Patched: 7.9 Updated: July 4, 2026
LOW

podcast-subscribe-buttons

podcast-subscribe-buttons

Score: 93/100 Podcast Subscribe Buttons < 1.4.2 - Stored Cross-Site Scripting Affected: [*, 1.4.2) Patched: 1.4.2 Updated: July 4, 2026
LOW

planso-forms

planso-forms

Score: 91/100 PlanSo Forms <= 2.6.4 - Authenticated (Admin+) Stored Cross-Site Scripting Affected: *-2.6.4 Patched: Updated: July 4, 2026
LOW

pdf-light-viewer

pdf-light-viewer

Score: 93/100 PDF Light Viewer <= 1.4.11 - Authenticated Command Injection Affected: *-1.4.11 Patched: 1.4.12 Updated: July 4, 2026
LOW

find-my-blocks

find-my-blocks

Score: 93/100 Find My Blocks < 3.4.0 - Sensitive Information Disclosure Affected: [*, 3.4.0) Patched: 3.4.0 Updated: July 4, 2026
LOW

compact-wp-audio-player

compact-wp-audio-player

Score: 93/100 Compact WP Audio Player <= 1.9.6 - Setting Change via Cross-Site Request Forgery Affected: *-1.9.6 Patched: 1.9.7 Updated: July 4, 2026
LOW

compact-wp-audio-player

compact-wp-audio-player

Score: 93/100 Compact WP Audio Player <= 1.9.6 - Contributor+ Stored Cross-Site Scripting Affected: *-1.9.6 Patched: 1.9.7 Updated: July 4, 2026
LOW

3d-flipbook-dflip-lite

3d-flipbook-dflip-lite

Score: 97/100 PDF Flipbook, 3D Flipbook WordPress – DearFlip Lite <= 1.7.12 - Contributor+ Stored Cross-Site Scripting Affected: *-1.7.12 Patched: 1.7.13 Updated: July 4, 2026
LOW

wpdiscuz

wpdiscuz

Score: N/A Comments - wpDiscuz <= 7.3.0 - Authenticated Stored Cross-Site Scripting Affected: *-7.3.0 Patched: 7.3.2 Updated: July 4, 2026
LOW

woocommerce-multi-currency

woocommerce-multi-currency

Score: N/A WooCommerce Multi Currency <= 2.1.17 - Missing Authorization Affected: *-2.1.17 Patched: 2.1.18 Updated: July 4, 2026
LOW

woo-multi-currency

woo-multi-currency

Score: N/A WooCommerce Multi Currency <= 2.1.17 - Missing Authorization Affected: *-2.1.17 Patched: 2.1.18 Updated: July 4, 2026
LOW

travelpayouts

travelpayouts

Score: N/A Travelpayouts <= 1.0.16 - Cross-Site Request Forgery Affected: *-1.0.16 Patched: 1.0.17 Updated: July 4, 2026
LOW

software-license-manager

software-license-manager

Score: N/A Software License Manager <= 4.5.0 - Cross-Site Request Forgery leading to Arbitrary Domain Deletion Affected: [*, 4.5.1) Patched: 4.5.1 Updated: July 4, 2026
LOW

simple-social-buttons

simple-social-buttons

Score: N/A Simple Social Media Share Buttons <= 3.2.3 - Admin+ Stored Cross-Site Scripting Affected: *-3.2.3 Patched: 3.2.4 Updated: July 4, 2026
LOW

seo-redirection

seo-redirection

Score: N/A SEO Redirection Plugin – 301 Redirect Manager <= 7.3 - Reflected Cross-Site Scripting Affected: *-7.3 Patched: 7.4 Updated: July 4, 2026
LOW

quiz-master-next

quiz-master-next

Score: N/A Quiz And Survey Master <= 7.3.1 - Admin+ Stored Cross-Site Scripting Affected: *-7.3.1 Patched: 7.3.2 Updated: July 4, 2026
LOW

quiz-master-next

quiz-master-next

Score: N/A Quiz and Survey Master <= 7.1.13 - Cross-Site Scripting Affected: *-7.1.13 Patched: 7.1.14 Updated: July 4, 2026
LOW

poll-maker

poll-maker

Score: 93/100 Poll Maker < 3.4.2 - Unauthenticated SQL Injection Affected: [*, 3.4.2) Patched: 3.4.2 Updated: July 4, 2026
LOW

download-from-files

download-from-files

Score: 91/100 Download from files <= 1.48 - Arbitrary File Upload Affected: *-1.48 Patched: Updated: July 4, 2026
LOW

coming-soon-page

coming-soon-page

Score: 93/100 Coming soon and Maintenance mode <= 3.5.2 - Authenticated Stored Cross-Site Scripting Affected: [*, 3.5.3) Patched: 3.5.3 Updated: July 4, 2026
LOW

block-options

block-options

Score: 93/100 EditorsKit <= 1.31.5 - Authenticated (Contributor+) Code Injection Affected: *-1.31.5 Patched: 1.31.6 Updated: July 4, 2026
LOW

affiliate-power

affiliate-power

Score: 97/100 Affiliate Power – Sales Tracking for Affiliate Marketers <= 2.2.0 - Reflected Cross-Site Scripting Affected: *-2.2.0 Patched: 2.3.0 Updated: July 4, 2026
LOW

yabp

yabp

Score: N/A Yet Another bol.com - <= 1.4 - Reflected Cross-Site Scripting Affected: *-1.4 Patched: Updated: July 4, 2026
LOW

wp-publications

wp-publications

Score: N/A wp-publications < 1.1 - Local File Inclusion Affected: *-0.0 Patched: 1.1 Updated: July 4, 2026
LOW

woo-moneybird

woo-moneybird

Score: N/A Integration of Moneybird for WooCommerce <= 2.1.2 - Reflected Cross-Site Scripting Affected: *-2.1.2 Patched: Updated: July 4, 2026
LOW

webful-simple-grocery-shop

webful-simple-grocery-shop

Score: N/A WordPress Simple Shop <= 1.2 - Reflected Cross-Site Scripting Affected: *-1.2 Patched: Updated: July 4, 2026
LOW

sms-ovh

sms-ovh

Score: N/A SMS OVH <= 0.1 - Reflected Cross-Site Scripting Affected: *-0.1 Patched: Updated: July 4, 2026
LOW

simple-custom-website-data

simple-custom-website-data

Score: N/A Custom Website Data <= 2.2 - Reflected Cross-Site Scripting Affected: *-2.2 Patched: Updated: July 4, 2026
LOW

rsvpmaker-excel

rsvpmaker-excel

Score: N/A RSVPmaker Excel <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 4, 2026
LOW

refer-a-friend-widget-for-wp

refer-a-friend-widget-for-wp

Score: N/A WordPress InviteBox Plugin <= 1.4.1 - Reflected Cross-Site Scripting Affected: *-1.4.1 Patched: Updated: July 4, 2026
LOW

post-title-counter

post-title-counter

Score: N/A Post Title Counter <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 4, 2026
LOW

gnu-mailman-integration

gnu-mailman-integration

Score: 91/100 GNU-Mailman Integration <= 1.0.6 - Reflected Cross-Site Scripting Affected: *-1.0.6 Patched: Updated: July 4, 2026
LOW

advance-search

advance-search

Score: 95/100 Advance Search <= 1.1.2 - Reflected Cross-Site Scripting Affected: *-1.1.2 Patched: 1.1.3 Updated: July 4, 2026
LOW

youtube-video-inserter

youtube-video-inserter

Score: N/A YouTube Video Inserter <= 1.2.1.0 Reflected Cross-Site Scripting Affected: *-1.2.1.0 Patched: Updated: July 4, 2026
LOW

wp-t-wap

wp-t-wap

Score: N/A WP-T-Wap <= 1.13.2 - Reflected Cross-Site Scripting Affected: *-1.13.2 Patched: Updated: July 4, 2026
LOW

wp-scrippets

wp-scrippets

Score: N/A WP Scrippets <= 1.5.1 - Reflected Cross-Site Scripting Affected: *-1.5.1 Patched: Updated: July 4, 2026
LOW

wp-design-maps-places

wp-design-maps-places

Score: N/A WP Design Maps & Places <= 1.2 - Reflected Cross-Site Scripting Affected: *-1.2 Patched: Updated: July 4, 2026
LOW

wiseagentleadform

wiseagentleadform

Score: N/A Wise Agent Capture Forms <= 2.0 - Reflected Cross-Site Scripting Affected: *-2.0 Patched: 3.0 Updated: July 4, 2026
LOW

wc-payment-gateway-per-category

wc-payment-gateway-per-category

Score: N/A WooCommerce Payment Gateway Per Category <= 2.0.10 - Reflected Cross-Site Scripting Affected: *-2.0.10 Patched: Updated: July 4, 2026
LOW

spideranalyse

spideranalyse

Score: N/A spideranalyse <= 0.0.1 - Reflected Cross-Site Scripting Affected: *-0.0.1 Patched: Updated: July 4, 2026
LOW

simple-matted-thumbnails

simple-matted-thumbnails

Score: N/A Simple Matted Thumbnails <= 1.01 - Reflected Cross-Site Scripting Affected: *-1.01 Patched: Updated: July 4, 2026
LOW

push-notification-by-feedify

push-notification-by-feedify

Score: N/A Feedify – Web Push Notifications <= 2.1.8 Reflected Cross-Site Scripting Affected: *-2.1.8 Patched: 2.1.9 Updated: July 4, 2026
LOW

osd-subscribe

osd-subscribe

Score: 91/100 OSD Subscribe <= 1.2.3 - Reflected Cross-Site Scripting Affected: *-1.2.3 Patched: Updated: July 4, 2026
LOW

ops-robots-txt

ops-robots-txt

Score: 93/100 On Page SEO + Whatsapp Chat Button <= 1.0.1 Reflected Cross-Site Scripting Affected: *-1.0.1 Patched: 1.0.2 Updated: July 4, 2026
LOW

notices

notices

Score: 91/100 Notices <= 6.1 - Reflected Cross-Site Scripting Affected: *-6.1 Patched: Updated: July 4, 2026
LOW

moolamojo

moolamojo

Score: 91/100 MoolaMojo <= 0.7.4.1 Reflected Cross-Site Scripting Affected: *-0.7.4.1 Patched: Updated: July 4, 2026
LOW

insert-special-characters

insert-special-characters

Score: 93/100 ansi-regex >=2.1.1 =4.0.0 =5.0.0 =6.0.0 <6.0.1 - Regular Expression Denial of Service (ReDoS) Affected: *-1.0.4 Patched: 1.0.5 Updated: July 4, 2026
LOW

edit-comments-xt

edit-comments-xt

Score: 91/100 Edit Comments XT <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 4, 2026
LOW

dropdown-and-scrollable-text

dropdown-and-scrollable-text

Score: 93/100 Dropdown and scrollable Text <= 2.0 Reflected Cross-Site Scripting Affected: *-2.0 Patched: 2.1 Updated: July 4, 2026
LOW

dj-email-publish

dj-email-publish

Score: 91/100 DJ EmailPublish <= 1.7.2 Reflected Cross-Site Scripting Affected: *-1.7.2 Patched: Updated: July 4, 2026
LOW

bug-library

bug-library

Score: 93/100 Bug Library <= 2.0.3 - Reflected Cross-Site Scripting Affected: *-2.0.3 Patched: 2.0.4 Updated: July 4, 2026
LOW

border-loading-bar

border-loading-bar

Score: 89/100 Border Loading Bar <= 1.0.1 - Reflected Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: July 4, 2026
LOW

twitter-friends-widget

twitter-friends-widget

Score: N/A Twitter Friends Widget <= 3.1 - Reflected Cross-Site Scripting Affected: *-3.1 Patched: Updated: July 4, 2026
LOW

simplesamlphp-authentication

simplesamlphp-authentication

Score: N/A simpleSAMLphp Authentication <= 0.7.0 - Reflected Cross-Site Scripting Affected: *-0.7.0 Patched: Updated: July 4, 2026
LOW

rentpress

rentpress

Score: N/A RentPress <= 6.6.4 - Reflected Cross-Site Scripting Affected: *-6.6.4 Patched: Updated: July 4, 2026
LOW

custom-sub-menus

custom-sub-menus

Score: 91/100 Custom Menu <= 1.3.3 - Reflected Cross-Site Scripting Affected: *-1.3.3 Patched: Updated: July 4, 2026
LOW

3d-cover-carousel

3d-cover-carousel

Score: 95/100 3D Cover Carousel <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: July 4, 2026
LOW

WP Go Maps (formerly WP Google Maps)

wp-google-maps

Score: 66/100 WP Google Maps <= 8.1.12 - Authenticated Stored Cross-Site Scripting Affected: [*, 8.1.13) Patched: 8.1.13 Updated: July 4, 2026
LOW

wp-google-maps-pro

wp-google-maps-pro

Score: N/A WP Google Maps Pro <= 8.1.11 - Authenticated Stored Cross-Site Scripting Affected: *-8.1.11 Patched: 8.1.12 Updated: July 4, 2026
LOW

wp-academic-people

wp-academic-people

Score: N/A WP Academic People List <= 0.4.1 - Reflected Cross-Site Scripting Affected: *-0.4.1 Patched: Updated: July 4, 2026
LOW

user-activation-email

user-activation-email

Score: N/A User Activation Email <= 1.3.0 - Reflected Cross-Site Scripting Affected: *-1.3.0 Patched: Updated: July 4, 2026
LOW

sp-rental-manager

sp-rental-manager

Score: N/A SP Rental Manager <= 1.5.3 - Unauthenticated SQL Injection Affected: *-1.5.3 Patched: Updated: July 4, 2026
LOW

more-from-google

more-from-google

Score: 91/100 More From Google <= 0.0.2 - Reflected Cross-Site Scripting Affected: *-0.0.2 Patched: Updated: July 4, 2026
LOW

konnichiwa

konnichiwa

Score: 91/100 Konnichiwa! Membership <= 0.8.3 Reflected Cross-Site Scripting Affected: *-0.8.3 Patched: Updated: July 4, 2026
LOW

xforwoocommerce

xforwoocommerce

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.7.0) Patched: 1.7.0 Updated: July 4, 2026
LOW

wp-sitemap-page

wp-sitemap-page

Score: N/A WP Sitemap Page <= 1.6.6 - Admin+ Stored Cross Site Scripting Affected: [*, 1.7.0) Patched: 1.7.0 Updated: July 4, 2026
LOW

woocommerce-warranties-and-returns

woocommerce-warranties-and-returns

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 5.3.0) Patched: 5.3.0 Updated: July 4, 2026
LOW

woocommerce-frontend-shop-manager

woocommerce-frontend-shop-manager

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 4.7.0) Patched: 4.7.0 Updated: July 4, 2026
LOW

weather-effect

weather-effect

Score: N/A Weather Effect – Christmas Santa Snow Falling <= 1.3.3 - Cross-Site Request Forgery Affected: [*, 1.3.4) Patched: 1.3.4 Updated: July 4, 2026
LOW

weather-effect

weather-effect

Score: N/A Weather Effect – Christmas Santa Snow Falling <= 1.3.5 - Stored Cross-Site Scripting Affected: *-1.3.5 Patched: 1.3.6 Updated: July 4, 2026
LOW

spam-control-xforwc

spam-control-xforwc

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.5.0) Patched: 1.5.0 Updated: July 4, 2026
LOW

share-print-pdf-woocommerce

share-print-pdf-woocommerce

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 2.8.0) Patched: 2.8.0 Updated: July 4, 2026
LOW

seo-for-woocommerce

seo-for-woocommerce

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.6.0) Patched: 1.6.0 Updated: July 4, 2026
LOW

product-loops

product-loops

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.7.0) Patched: 1.7.0 Updated: July 4, 2026
LOW

price-commander-xforwc

price-commander-xforwc

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.3.0) Patched: 1.3.0 Updated: July 4, 2026
LOW

prdctfltr

prdctfltr

Score: N/A Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 8.2.0) Patched: 8.2.0 Updated: July 4, 2026
LOW

package-quantity-xforwc

package-quantity-xforwc

Score: 93/100 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.2.0) Patched: 1.2.0 Updated: July 4, 2026
LOW

live-search-xforwc

live-search-xforwc

Score: 93/100 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 2.1.0) Patched: 2.1.0 Updated: July 4, 2026
LOW

improved-variable-product-attributes

improved-variable-product-attributes

Score: 93/100 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 5.3.0) Patched: 5.3.0 Updated: July 4, 2026
LOW

improved-sale-badges

improved-sale-badges

Score: 93/100 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 4.4.0) Patched: 4.4.0 Updated: July 4, 2026
LOW

floating-cart-xforwc

floating-cart-xforwc

Score: 93/100 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.3.0) Patched: 1.3.0 Updated: July 4, 2026
LOW

chained-quiz

chained-quiz

Score: 93/100 Chained Quiz < 1.2.7.2 - Cross-Site Scripting Affected: [*, 1.2.7.2) Patched: 1.2.7.2 Updated: July 4, 2026
LOW

bulk-add-to-cart-xforwc

bulk-add-to-cart-xforwc

Score: 93/100 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.3.0) Patched: 1.3.0 Updated: July 4, 2026
LOW

add-tabs-xforwc

add-tabs-xforwc

Score: 97/100 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization Affected: [*, 1.5.0) Patched: 1.5.0 Updated: July 4, 2026
LOW

wp-pinterest-automatic

wp-pinterest-automatic

Score: N/A Pinterest Automatic <= 4.14.3 - Unuathenticated Arbitrary Options Update Affected: *-4.14.3 Patched: 4.14.4 Updated: July 4, 2026
LOW

wp-automatic

wp-automatic

Score: N/A WordPress Automatic Plugin <= 3.53.2 - Unauthenticated Arbitrary Options Update Affected: [*, 3.53.3) Patched: 3.53.3 Updated: July 4, 2026
LOW

woo-altcoin-payment-gateway

woo-altcoin-payment-gateway

Score: N/A Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop <= 1.6.0 - Reflected Cross-Site Scripting Affected: *-1.6.0 Patched: 1.6.1 Updated: July 4, 2026
LOW

userswp

userswp

Score: N/A UsersWP – User Registration & User Profile <= 1.2.2.28 - Reflected Cross-Site Scripting Affected: *-1.2.2.28 Patched: 1.2.2.29 Updated: July 4, 2026

Showing 31001 to 31100 of 36406 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: July 4, 2026 at 23:37 UTC.