Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36406

Across tracked plugins

Affected Plugins

85

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
ulisting ulisting N/A Listing, Classified Ads & Business Directory – uListing <= 2.0.8 - Cross-Site Request Forgery LOW *-2.0.8 2.0.9 July 5, 2026
real-time-auto-find-and-replace real-time-auto-find-and-replace N/A Better Find and Replace <= 1.2.8 - Reflected Cross-Site Scripting LOW *-1.2.8 1.2.9 July 5, 2026
publishpress publishpress N/A PublishPress: Editorial Calendar, Workflow, Comments, Notifications and Statuses <= 3.5.0 - Cross-Site Scripting LOW *-3.5.0 3.5.1 July 5, 2026
my-chatbot my-chatbot
91
My Chatbot <= 1.1 - Reflected Cross-Site Scripting LOW *-1.1 July 5, 2026
modern-events-calendar-lite modern-events-calendar-lite
93
Modern Events Calendar Lite < 5.22.1 - Admin+ Stored Cross-Site Scripting LOW *-5.22.1 5.22.2 July 5, 2026
enhanced-tooltipglossary enhanced-tooltipglossary
93
CM Tooltip Glossary <= 3.9.20 - Authenticated Stored Cross-Site Scripting LOW [*, 3.9.21) 3.9.21 July 5, 2026
elex-woocommerce-google-product-feed-plugin-basic elex-woocommerce-google-product-feed-plugin-basic
93
ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.2.3 - Reflected Cross-Site Scripting LOW *-1.2.3 1.2.4 July 5, 2026
Appointment Hour Booking – Booking Calendar appointment-hour-booking
97
Appointment Hour Booking <= 1.3.15 Admin+ Stored Cross-Site Scripting LOW [*, 1.3.16) 1.3.16 July 5, 2026
supportboard supportboard N/A Support Board <= 3.3.3 - Multiple Unauthenticated SQL Injections LOW *-3.3.3 3.3.4 July 5, 2026
simple-download-monitor simple-download-monitor N/A Simple Download Monitor <= 3.9.4 - Contributor+ Arbitrary File Download LOW [*, 3.9.5) 3.9.5 July 5, 2026
meow-gallery meow-gallery
93
Meow Gallery (+ Gallery Block) <= 4.1.8 - SQL Injection LOW [*, 4.1.9) 4.1.9 July 5, 2026
meow-gallery meow-gallery
93
Meow Gallery (+ Gallery Block) <= 4.1.9 - Missing Authorization to Arbitrary Options Update LOW *-4.1.9 4.2.0 July 5, 2026
GeoDirectory – WP Business Directory Plugin and Classified Listings Directory geodirectory
66
GeoDirectory <= 2.1.1.2 - Authenticated (admin+) Stored Cross-Site Scripting LOW *-2.1.1.2 2.1.1.3 July 5, 2026
easy-social-icons easy-social-icons
93
Easy Social Icons <= 3.1.2 - Reflected Cross-Site Scripting LOW *-3.1.2 3.1.3 July 5, 2026
zoho-crm-forms zoho-crm-forms N/A Zoho CRM Lead Magnet <= 1.7.2.4 - Cross-Site Scripting LOW *-1.7.2.4 1.7.2.9 July 5, 2026
xo-event-calendar xo-event-calendar N/A XO Event Calendar <= 2.3.6 - Reflected Cross-Site Scripting LOW *-2.3.6 2.3.7 July 5, 2026
redux-framework redux-framework N/A Gutenberg Template Library & Redux Framework <= 4.2.1 - Incorrect Authorization Leading to Arbitrary Plugin Installation and Post Deletion LOW *-4.2.12 4.2.13 July 5, 2026
redux-framework redux-framework N/A Gutenberg Template Library & Redux Framework <= 4.2.11 - Missing Authorization to Sensitive Information Disclosure LOW *-4.2.11 4.2.13 July 5, 2026
easy-social-icons easy-social-icons
93
Easy Social Icons <= 3.0.9 - Reflected Cross-Site Scripting LOW *-3.0.9 3.1.0 July 5, 2026
easy-social-icons easy-social-icons
93
Easy Social Icons <= 3.0.8 – Reflected Cross-Site Scripting LOW *-3.0.8 3.0.9 July 5, 2026
wc-dynamic-pricing-and-discounts wc-dynamic-pricing-and-discounts N/A WooCommerce Dynamic Pricing and Discounts <= 2.4.1 - Unauthenticated Settings Import/Export LOW [*, 2.4.2) 2.4.2 July 5, 2026
wc-dynamic-pricing-and-discounts wc-dynamic-pricing-and-discounts N/A WooCommerce Dynamic Pricing and Discounts <= 2.4.1 - Stored Cross-Site Scripting LOW [*, 2.4.2) 2.4.2 July 5, 2026
underconstruction underconstruction N/A underConstruction <= 1.18 - Reflected Cross-Site Scripting LOW *-1.18 1.19 July 5, 2026
software-license-manager software-license-manager N/A Software License Manager <= 4.4.9 - Authenticated (Admin+) Stored Cross-Site Scripting LOW *-4.4.9 4.5.0 July 5, 2026
qtranslate-x qtranslate-x N/A qTranslate X <= 3.4.6.8 - Authenticated (Admin+) Stored Cross-Site Scripting LOW *-3.4.6.8 July 5, 2026
cf-geoplugin cf-geoplugin
91
WordPress Geolocation Plugin – CF Geo Plugin <= 7.13.11 - Reflected Cross-Site Scripting LOW *-7.13.11 7.13.12 July 5, 2026
WP Statistics – Simple, privacy-friendly Google Analytics alternative wp-statistics
90
WP Statistics <= 13.0.9 - Reflected Cross-Site Scripting LOW *-13.0.9 13.1 July 5, 2026
wp-countdown-block wp-countdown-block N/A Countdown Block <= 1.1.1 - Missing Authorization LOW [*, 1.1.2) 1.1.2 July 5, 2026
user-activity-log user-activity-log N/A User Activity Log <= 1.4.6 - Reflected Cross-Site Scripting LOW *-1.4.6 1.4.7 July 5, 2026
user-activity-log user-activity-log N/A User Activity Log <= 1.4.6 - Reflected Cross Site Scripting LOW *-1.4.6 1.4.7 July 5, 2026
TranslatePress – Translate Multilingual sites with AI Translation translatepress-multilingual
68
TranslatePress <= 2.0.8 - Authenticated Stored Cross-Site Scripting LOW [*, 2.0.9) 2.0.9 July 5, 2026
premium-addons-for-elementor premium-addons-for-elementor N/A Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update LOW *-4.5.1 4.5.2 July 5, 2026
miniorange-openid-connect-client miniorange-openid-connect-client
93
Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting LOW *-2.1.4 2.1.5 July 5, 2026
miniorange-login-with-eve-online-google-facebook miniorange-login-with-eve-online-google-facebook
93
Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting LOW *-6.20.2 6.20.3 July 5, 2026
login-with-cognito login-with-cognito
93
Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting LOW *-1.4.3 1.4.4 July 5, 2026
login-with-azure login-with-azure
93
Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting LOW *-1.4.4 1.4.5 July 5, 2026
dzs-zoomsounds dzs-zoomsounds
83
ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.45 - Directory Traversal LOW *-6.45 6.50 July 5, 2026
Docket Cache – Object Cache Accelerator docket-cache
80
Docket Cache – Object Cache Accelerator <= 21.08.01 - Reflected Cross-Site Scripting LOW *-21.08.01 21.08.02 July 5, 2026
coolclock coolclock
93
CoolClock <= 4.3.4 - Authenticated Stored Cross-Site Scripting LOW [*, 4.3.5) 4.3.5 July 5, 2026
cookie-notice cookie-notice
93
Cookie Notice & Compliance for GDPR / CCPA <= 2.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting LOW [*, 2.1.2) 2.1.2 July 5, 2026
duplicate-page duplicate-page
93
Duplicate Page <= 4.4.1 Authenticated (Admin+) Stored Cross-Site Scripting LOW *-4.4.1 4.4.2 July 5, 2026
wp-woocommerce-quickbooks wp-woocommerce-quickbooks N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.8 1.1.9 July 5, 2026
wp-infusionsoft-woocommerce wp-infusionsoft-woocommerce N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.8 1.0.9 July 5, 2026
wp-hubspot-woocommerce wp-hubspot-woocommerce N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.4 1.0.5 July 5, 2026
wp-gravity-forms-spreadsheets wp-gravity-forms-spreadsheets N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.0 1.1.1 July 5, 2026
woo-zoho woo-zoho N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.2.3 1.2.4 July 5, 2026
woo-salesforce-plugin-crm-perks woo-salesforce-plugin-crm-perks N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.5.8 1.5.9 July 5, 2026
ultimate-post ultimate-post N/A PostX - Gutenberg Blocks for Post Grid <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW [*, 2.4.10) 2.4.10 July 5, 2026
ultimate-post ultimate-post N/A PostX - Gutenberg Blocks for Post Grid <= 2.4.9 - Stored Cross-Site Scripting LOW [*, 2.4.10) 2.4.10 July 5, 2026
ultimate-post ultimate-post N/A PostX Gutenberg Blocks Saved Templates Addon <= 2.4.9 - Private Content Disclosure LOW *-2.4.9 2.4.10 July 5, 2026
integration-for-gravity-forms-and-pipedrive integration-for-gravity-forms-and-pipedrive
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.6 1.0.7 July 5, 2026
integration-for-contact-form-7-and-pipedrive integration-for-contact-form-7-and-pipedrive
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.0 1.1.1 July 5, 2026
gf-zoho gf-zoho
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.5 1.1.6 July 5, 2026
gf-zendesk gf-zendesk
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.7 1.0.8 July 5, 2026
gf-salesforce-crmperks gf-salesforce-crmperks
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.2.5 1.2.6 July 5, 2026
gf-insightly gf-insightly
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.6 1.0.7 July 5, 2026
gf-infusionsoft gf-infusionsoft
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.4 1.1.5 July 5, 2026
gf-hubspot gf-hubspot
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.8 1.0.9 July 5, 2026
gf-freshdesk gf-freshdesk
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.2.8 1.2.9 July 5, 2026
gf-dynamics-crm gf-dynamics-crm
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.7 1.0.8 July 5, 2026
gf-constant-contact gf-constant-contact
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.5 1.0.6 July 5, 2026
Database for Contact Form 7, WPforms, Elementor forms contact-form-entries
84
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.2.1 1.2.2 July 5, 2026
cf7-zoho cf7-zoho
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.8 1.1.9 July 5, 2026
cf7-zendesk cf7-zendesk
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.7 1.0.8 July 5, 2026
cf7-salesforce cf7-salesforce
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.2.5 1.2.6 July 5, 2026
cf7-mailchimp cf7-mailchimp
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.0 1.1.1 July 5, 2026
cf7-insightly cf7-insightly
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.8 1.0.9 July 5, 2026
cf7-infusionsoft cf7-infusionsoft
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.3 1.1.4 July 5, 2026
cf7-hubspot cf7-hubspot
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.1.9 1.2.0 July 5, 2026
cf7-constant-contact cf7-constant-contact
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.9 1.1.0 July 5, 2026
cf7-active-campaign cf7-active-campaign
93
CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.3 1.0.4 July 5, 2026
wp-nested-pages wp-nested-pages N/A Nested Pages <= 3.1.15 - Open Redirect LOW *-3.1.15 3.1.16 July 5, 2026
wp-nested-pages wp-nested-pages N/A Nested Pages <= 3.1.15 - Cross-Site Request Forgery to Arbitrary Post Deletion and Modification LOW *-3.1.15 3.1.16 July 5, 2026
wp-map-block wp-map-block N/A WP Map Block – Gutenberg Map Block for Google Map and OpenStreet Map <= 1.2.2 - Stored Cross-Site Scripting LOW [*, 1.2.3) 1.2.3 July 5, 2026
woo-pdf-invoices-bulk-download woo-pdf-invoices-bulk-download N/A PHPRelativePath Library - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.0.0 July 5, 2026
stopbadbots stopbadbots N/A Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection < 6.6.7 - Reflected Cross-Site Scripting LOW [*, 6.67) 6.67 July 5, 2026
stopbadbots stopbadbots N/A Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 6.61 - Reflected Cross-Site Scripting LOW *-6.61 6.62 July 5, 2026
Real Media Library: Media Library Folder & File Manager real-media-library-lite
79
WordPress Real Media Library <= 4.14.1 - Authenticated (Author) Stored Cross-Site Scripting LOW *-4.14.1 4.14.2 July 5, 2026
read-offline read-offline N/A PHPRelativePath Library - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-0.9.17 July 5, 2026
poll-wp poll-wp
93
TS Poll – Best Poll Plugin for WordPress <= 1.5.8 - Reflected Cross-Site Scripting LOW *-1.5.8 1.5.9 July 5, 2026
mx-time-zone-clocks mx-time-zone-clocks
89
MX Time Zone Clocks <= 3.4 - Contributor+ Cross-Site Scripting LOW [*, 3.4.1) 3.4.1 July 5, 2026
mpl-publisher mpl-publisher
93
PHPRelativePath Library - Various Plugins (Various Versions) - Reflected Cross-Site Scripting LOW *-1.29.1 1.29.2 July 5, 2026
cf7-zoho cf7-zoho
93
Integration for Contact Form 7 and Zoho CRM, Bigin <= 1.1.7 - Cross-Site Scripting LOW *-1.1.7 1.1.8 July 5, 2026
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools woocommerce-jetpack
65
Booster for WooCommerce <= 5.4.3 - Authentication Bypass LOW *-5.4.3 5.4.4 July 5, 2026
woo-coupon-usage woo-coupon-usage N/A WooCommerce Affiliate Plugin – Coupon Affiliates <= 4.11.0.1 - Reflected Cross-Site Scripting LOW *-4.11.0.1 4.11.0.2 July 5, 2026
textme-sms-integration textme-sms-integration N/A TextMe SMS <= 1.8.8 - Authenticated Stored Cross-Site Scripting LOW [*, 1.8.9) 1.8.9 July 5, 2026
smtp-mail smtp-mail N/A SMTP Mail <= 1.1.14 - Reflected Cross-Site Scripting LOW *-1.1.14 1.2 July 5, 2026
smtp-mail smtp-mail N/A SMTP Mail <= 1.2.1 - SQL Injection LOW *-1.2.1 1.2.2 July 5, 2026
recipe-card-blocks-by-wpzoom recipe-card-blocks-by-wpzoom N/A Recipe Card Blocks by WPZOOM <= 2.8.2 - Authenticated Stored Cross-Site Scripting LOW [*, 2.8.3) 2.8.3 July 5, 2026
recipe-card-blocks-by-wpzoom recipe-card-blocks-by-wpzoom N/A Recipe Card Blocks by WPZOOM <= 2.8.0 - Reflected Cross-Site Scripting LOW [*, 2.8.1) 2.8.1 July 5, 2026
podlove-podcasting-plugin-for-wordpress podlove-podcasting-plugin-for-wordpress
93
Podlove Podcast Publisher <= 3.5.5 - Unauthenticated SQL Injection LOW [*, 3.5.6) 3.5.6 July 5, 2026
live-scores-for-sportspress live-scores-for-sportspress
91
Live Scores for SportsPress <= 1.9.0 - Authenticated (Admin+) Local File Inclusion LOW *-1.9.0 1.9.1 July 5, 2026
live-scores-for-sportspress live-scores-for-sportspress
91
Live Scores for SportsPress <= 1.9.0 - Reflected Cross-Site Scripting LOW *-1.9.0 1.9.1 July 5, 2026
contact-list contact-list
93
Contact List – Easy Business Directory, Staff Directory and Address Book Plugin <= 2.9.41 - Reflected Cross-Site Scripting LOW *-2.9.41 2.9.42 July 5, 2026
Database for Contact Form 7, WPforms, Elementor forms contact-form-entries
84
Contact Form Entries – Contact Form 7, WPforms and more <= 1.2.0 - Reflected Cross-Site Scripting LOW *-1.2.0 1.2.1 July 5, 2026
wp-video-lightbox wp-video-lightbox N/A WP Video Lightbox <= 1.9.2 - Contributor+ Stored Cross-Site Scripting LOW *-1.9.2 1.9.3 July 5, 2026
simply-gallery-block simply-gallery-block N/A Gallery Blocks with Lightbox <= 2.2.0 - Authenticated Stored Cross-Site Scripting LOW [*, 2.2.1) 2.2.1 July 5, 2026
simple-schools-staff-directory simple-schools-staff-directory N/A Simple Schools Staff Directory <= 1.1 - Authenticated (Admin+) Arbitrary File Upload LOW *-1.1 July 5, 2026
shortcodes-ultimate shortcodes-ultimate N/A WordPress Shortcodes Plugin — Shortcodes Ultimate <= 5.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW [*, 5.10.2) 5.10.2 July 5, 2026
post-views-counter post-views-counter N/A Post Views Counter <= 1.3.4 - Authenticated Stored Cross-Site Scripting LOW *-1.3.4 1.3.5 July 5, 2026
LOW

ulisting

ulisting

Score: N/A Listing, Classified Ads & Business Directory – uListing <= 2.0.8 - Cross-Site Request Forgery Affected: *-2.0.8 Patched: 2.0.9 Updated: July 5, 2026
LOW

real-time-auto-find-and-replace

real-time-auto-find-and-replace

Score: N/A Better Find and Replace <= 1.2.8 - Reflected Cross-Site Scripting Affected: *-1.2.8 Patched: 1.2.9 Updated: July 5, 2026
LOW

publishpress

publishpress

Score: N/A PublishPress: Editorial Calendar, Workflow, Comments, Notifications and Statuses <= 3.5.0 - Cross-Site Scripting Affected: *-3.5.0 Patched: 3.5.1 Updated: July 5, 2026
LOW

my-chatbot

my-chatbot

Score: 91/100 My Chatbot <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

modern-events-calendar-lite

modern-events-calendar-lite

Score: 93/100 Modern Events Calendar Lite < 5.22.1 - Admin+ Stored Cross-Site Scripting Affected: *-5.22.1 Patched: 5.22.2 Updated: July 5, 2026
LOW

enhanced-tooltipglossary

enhanced-tooltipglossary

Score: 93/100 CM Tooltip Glossary <= 3.9.20 - Authenticated Stored Cross-Site Scripting Affected: [*, 3.9.21) Patched: 3.9.21 Updated: July 5, 2026
LOW

elex-woocommerce-google-product-feed-plugin-basic

elex-woocommerce-google-product-feed-plugin-basic

Score: 93/100 ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.2.3 - Reflected Cross-Site Scripting Affected: *-1.2.3 Patched: 1.2.4 Updated: July 5, 2026
LOW

supportboard

supportboard

Score: N/A Support Board <= 3.3.3 - Multiple Unauthenticated SQL Injections Affected: *-3.3.3 Patched: 3.3.4 Updated: July 5, 2026
LOW

simple-download-monitor

simple-download-monitor

Score: N/A Simple Download Monitor <= 3.9.4 - Contributor+ Arbitrary File Download Affected: [*, 3.9.5) Patched: 3.9.5 Updated: July 5, 2026
LOW

meow-gallery

meow-gallery

Score: 93/100 Meow Gallery (+ Gallery Block) <= 4.1.8 - SQL Injection Affected: [*, 4.1.9) Patched: 4.1.9 Updated: July 5, 2026
LOW

meow-gallery

meow-gallery

Score: 93/100 Meow Gallery (+ Gallery Block) <= 4.1.9 - Missing Authorization to Arbitrary Options Update Affected: *-4.1.9 Patched: 4.2.0 Updated: July 5, 2026
LOW

easy-social-icons

easy-social-icons

Score: 93/100 Easy Social Icons <= 3.1.2 - Reflected Cross-Site Scripting Affected: *-3.1.2 Patched: 3.1.3 Updated: July 5, 2026
LOW

zoho-crm-forms

zoho-crm-forms

Score: N/A Zoho CRM Lead Magnet <= 1.7.2.4 - Cross-Site Scripting Affected: *-1.7.2.4 Patched: 1.7.2.9 Updated: July 5, 2026
LOW

xo-event-calendar

xo-event-calendar

Score: N/A XO Event Calendar <= 2.3.6 - Reflected Cross-Site Scripting Affected: *-2.3.6 Patched: 2.3.7 Updated: July 5, 2026
LOW

redux-framework

redux-framework

Score: N/A Gutenberg Template Library & Redux Framework <= 4.2.1 - Incorrect Authorization Leading to Arbitrary Plugin Installation and Post Deletion Affected: *-4.2.12 Patched: 4.2.13 Updated: July 5, 2026
LOW

redux-framework

redux-framework

Score: N/A Gutenberg Template Library & Redux Framework <= 4.2.11 - Missing Authorization to Sensitive Information Disclosure Affected: *-4.2.11 Patched: 4.2.13 Updated: July 5, 2026
LOW

easy-social-icons

easy-social-icons

Score: 93/100 Easy Social Icons <= 3.0.9 - Reflected Cross-Site Scripting Affected: *-3.0.9 Patched: 3.1.0 Updated: July 5, 2026
LOW

easy-social-icons

easy-social-icons

Score: 93/100 Easy Social Icons <= 3.0.8 – Reflected Cross-Site Scripting Affected: *-3.0.8 Patched: 3.0.9 Updated: July 5, 2026
LOW

wc-dynamic-pricing-and-discounts

wc-dynamic-pricing-and-discounts

Score: N/A WooCommerce Dynamic Pricing and Discounts <= 2.4.1 - Unauthenticated Settings Import/Export Affected: [*, 2.4.2) Patched: 2.4.2 Updated: July 5, 2026
LOW

wc-dynamic-pricing-and-discounts

wc-dynamic-pricing-and-discounts

Score: N/A WooCommerce Dynamic Pricing and Discounts <= 2.4.1 - Stored Cross-Site Scripting Affected: [*, 2.4.2) Patched: 2.4.2 Updated: July 5, 2026
LOW

underconstruction

underconstruction

Score: N/A underConstruction <= 1.18 - Reflected Cross-Site Scripting Affected: *-1.18 Patched: 1.19 Updated: July 5, 2026
LOW

software-license-manager

software-license-manager

Score: N/A Software License Manager <= 4.4.9 - Authenticated (Admin+) Stored Cross-Site Scripting Affected: *-4.4.9 Patched: 4.5.0 Updated: July 5, 2026
LOW

qtranslate-x

qtranslate-x

Score: N/A qTranslate X <= 3.4.6.8 - Authenticated (Admin+) Stored Cross-Site Scripting Affected: *-3.4.6.8 Patched: Updated: July 5, 2026
LOW

cf-geoplugin

cf-geoplugin

Score: 91/100 WordPress Geolocation Plugin – CF Geo Plugin <= 7.13.11 - Reflected Cross-Site Scripting Affected: *-7.13.11 Patched: 7.13.12 Updated: July 5, 2026
LOW

wp-countdown-block

wp-countdown-block

Score: N/A Countdown Block <= 1.1.1 - Missing Authorization Affected: [*, 1.1.2) Patched: 1.1.2 Updated: July 5, 2026
LOW

user-activity-log

user-activity-log

Score: N/A User Activity Log <= 1.4.6 - Reflected Cross-Site Scripting Affected: *-1.4.6 Patched: 1.4.7 Updated: July 5, 2026
LOW

user-activity-log

user-activity-log

Score: N/A User Activity Log <= 1.4.6 - Reflected Cross Site Scripting Affected: *-1.4.6 Patched: 1.4.7 Updated: July 5, 2026
LOW

premium-addons-for-elementor

premium-addons-for-elementor

Score: N/A Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update Affected: *-4.5.1 Patched: 4.5.2 Updated: July 5, 2026
LOW

miniorange-openid-connect-client

miniorange-openid-connect-client

Score: 93/100 Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting Affected: *-2.1.4 Patched: 2.1.5 Updated: July 5, 2026
LOW

miniorange-login-with-eve-online-google-facebook

miniorange-login-with-eve-online-google-facebook

Score: 93/100 Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting Affected: *-6.20.2 Patched: 6.20.3 Updated: July 5, 2026
LOW

login-with-cognito

login-with-cognito

Score: 93/100 Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting Affected: *-1.4.3 Patched: 1.4.4 Updated: July 5, 2026
LOW

login-with-azure

login-with-azure

Score: 93/100 Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting Affected: *-1.4.4 Patched: 1.4.5 Updated: July 5, 2026
LOW

dzs-zoomsounds

dzs-zoomsounds

Score: 83/100 ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.45 - Directory Traversal Affected: *-6.45 Patched: 6.50 Updated: July 5, 2026
LOW

Docket Cache – Object Cache Accelerator

docket-cache

Score: 80/100 Docket Cache – Object Cache Accelerator <= 21.08.01 - Reflected Cross-Site Scripting Affected: *-21.08.01 Patched: 21.08.02 Updated: July 5, 2026
LOW

coolclock

coolclock

Score: 93/100 CoolClock <= 4.3.4 - Authenticated Stored Cross-Site Scripting Affected: [*, 4.3.5) Patched: 4.3.5 Updated: July 5, 2026
LOW

cookie-notice

cookie-notice

Score: 93/100 Cookie Notice & Compliance for GDPR / CCPA <= 2.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting Affected: [*, 2.1.2) Patched: 2.1.2 Updated: July 5, 2026
LOW

duplicate-page

duplicate-page

Score: 93/100 Duplicate Page <= 4.4.1 Authenticated (Admin+) Stored Cross-Site Scripting Affected: *-4.4.1 Patched: 4.4.2 Updated: July 5, 2026
LOW

wp-woocommerce-quickbooks

wp-woocommerce-quickbooks

Score: N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.8 Patched: 1.1.9 Updated: July 5, 2026
LOW

wp-infusionsoft-woocommerce

wp-infusionsoft-woocommerce

Score: N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.8 Patched: 1.0.9 Updated: July 5, 2026
LOW

wp-hubspot-woocommerce

wp-hubspot-woocommerce

Score: N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.4 Patched: 1.0.5 Updated: July 5, 2026
LOW

wp-gravity-forms-spreadsheets

wp-gravity-forms-spreadsheets

Score: N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.0 Patched: 1.1.1 Updated: July 5, 2026
LOW

woo-zoho

woo-zoho

Score: N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.2.3 Patched: 1.2.4 Updated: July 5, 2026
LOW

woo-salesforce-plugin-crm-perks

woo-salesforce-plugin-crm-perks

Score: N/A CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.5.8 Patched: 1.5.9 Updated: July 5, 2026
LOW

ultimate-post

ultimate-post

Score: N/A PostX - Gutenberg Blocks for Post Grid <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: [*, 2.4.10) Patched: 2.4.10 Updated: July 5, 2026
LOW

ultimate-post

ultimate-post

Score: N/A PostX - Gutenberg Blocks for Post Grid <= 2.4.9 - Stored Cross-Site Scripting Affected: [*, 2.4.10) Patched: 2.4.10 Updated: July 5, 2026
LOW

ultimate-post

ultimate-post

Score: N/A PostX Gutenberg Blocks Saved Templates Addon <= 2.4.9 - Private Content Disclosure Affected: *-2.4.9 Patched: 2.4.10 Updated: July 5, 2026
LOW

integration-for-gravity-forms-and-pipedrive

integration-for-gravity-forms-and-pipedrive

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.6 Patched: 1.0.7 Updated: July 5, 2026
LOW

integration-for-contact-form-7-and-pipedrive

integration-for-contact-form-7-and-pipedrive

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.0 Patched: 1.1.1 Updated: July 5, 2026
LOW

gf-zoho

gf-zoho

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.5 Patched: 1.1.6 Updated: July 5, 2026
LOW

gf-zendesk

gf-zendesk

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.7 Patched: 1.0.8 Updated: July 5, 2026
LOW

gf-salesforce-crmperks

gf-salesforce-crmperks

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.2.5 Patched: 1.2.6 Updated: July 5, 2026
LOW

gf-insightly

gf-insightly

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.6 Patched: 1.0.7 Updated: July 5, 2026
LOW

gf-infusionsoft

gf-infusionsoft

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.4 Patched: 1.1.5 Updated: July 5, 2026
LOW

gf-hubspot

gf-hubspot

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.8 Patched: 1.0.9 Updated: July 5, 2026
LOW

gf-freshdesk

gf-freshdesk

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.2.8 Patched: 1.2.9 Updated: July 5, 2026
LOW

gf-dynamics-crm

gf-dynamics-crm

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.7 Patched: 1.0.8 Updated: July 5, 2026
LOW

gf-constant-contact

gf-constant-contact

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.5 Patched: 1.0.6 Updated: July 5, 2026
LOW

cf7-zoho

cf7-zoho

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.8 Patched: 1.1.9 Updated: July 5, 2026
LOW

cf7-zendesk

cf7-zendesk

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.7 Patched: 1.0.8 Updated: July 5, 2026
LOW

cf7-salesforce

cf7-salesforce

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.2.5 Patched: 1.2.6 Updated: July 5, 2026
LOW

cf7-mailchimp

cf7-mailchimp

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.0 Patched: 1.1.1 Updated: July 5, 2026
LOW

cf7-insightly

cf7-insightly

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.8 Patched: 1.0.9 Updated: July 5, 2026
LOW

cf7-infusionsoft

cf7-infusionsoft

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.3 Patched: 1.1.4 Updated: July 5, 2026
LOW

cf7-hubspot

cf7-hubspot

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.1.9 Patched: 1.2.0 Updated: July 5, 2026
LOW

cf7-constant-contact

cf7-constant-contact

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.9 Patched: 1.1.0 Updated: July 5, 2026
LOW

cf7-active-campaign

cf7-active-campaign

Score: 93/100 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.3 Patched: 1.0.4 Updated: July 5, 2026
LOW

wp-nested-pages

wp-nested-pages

Score: N/A Nested Pages <= 3.1.15 - Open Redirect Affected: *-3.1.15 Patched: 3.1.16 Updated: July 5, 2026
LOW

wp-nested-pages

wp-nested-pages

Score: N/A Nested Pages <= 3.1.15 - Cross-Site Request Forgery to Arbitrary Post Deletion and Modification Affected: *-3.1.15 Patched: 3.1.16 Updated: July 5, 2026
LOW

wp-map-block

wp-map-block

Score: N/A WP Map Block – Gutenberg Map Block for Google Map and OpenStreet Map <= 1.2.2 - Stored Cross-Site Scripting Affected: [*, 1.2.3) Patched: 1.2.3 Updated: July 5, 2026
LOW

woo-pdf-invoices-bulk-download

woo-pdf-invoices-bulk-download

Score: N/A PHPRelativePath Library - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.0.0 Patched: Updated: July 5, 2026
LOW

stopbadbots

stopbadbots

Score: N/A Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection < 6.6.7 - Reflected Cross-Site Scripting Affected: [*, 6.67) Patched: 6.67 Updated: July 5, 2026
LOW

stopbadbots

stopbadbots

Score: N/A Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 6.61 - Reflected Cross-Site Scripting Affected: *-6.61 Patched: 6.62 Updated: July 5, 2026
LOW

read-offline

read-offline

Score: N/A PHPRelativePath Library - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-0.9.17 Patched: Updated: July 5, 2026
LOW

poll-wp

poll-wp

Score: 93/100 TS Poll – Best Poll Plugin for WordPress <= 1.5.8 - Reflected Cross-Site Scripting Affected: *-1.5.8 Patched: 1.5.9 Updated: July 5, 2026
LOW

mx-time-zone-clocks

mx-time-zone-clocks

Score: 89/100 MX Time Zone Clocks <= 3.4 - Contributor+ Cross-Site Scripting Affected: [*, 3.4.1) Patched: 3.4.1 Updated: July 5, 2026
LOW

mpl-publisher

mpl-publisher

Score: 93/100 PHPRelativePath Library - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Affected: *-1.29.1 Patched: 1.29.2 Updated: July 5, 2026
LOW

cf7-zoho

cf7-zoho

Score: 93/100 Integration for Contact Form 7 and Zoho CRM, Bigin <= 1.1.7 - Cross-Site Scripting Affected: *-1.1.7 Patched: 1.1.8 Updated: July 5, 2026
LOW

woo-coupon-usage

woo-coupon-usage

Score: N/A WooCommerce Affiliate Plugin – Coupon Affiliates <= 4.11.0.1 - Reflected Cross-Site Scripting Affected: *-4.11.0.1 Patched: 4.11.0.2 Updated: July 5, 2026
LOW

textme-sms-integration

textme-sms-integration

Score: N/A TextMe SMS <= 1.8.8 - Authenticated Stored Cross-Site Scripting Affected: [*, 1.8.9) Patched: 1.8.9 Updated: July 5, 2026
LOW

smtp-mail

smtp-mail

Score: N/A SMTP Mail <= 1.1.14 - Reflected Cross-Site Scripting Affected: *-1.1.14 Patched: 1.2 Updated: July 5, 2026
LOW

smtp-mail

smtp-mail

Score: N/A SMTP Mail <= 1.2.1 - SQL Injection Affected: *-1.2.1 Patched: 1.2.2 Updated: July 5, 2026
LOW

recipe-card-blocks-by-wpzoom

recipe-card-blocks-by-wpzoom

Score: N/A Recipe Card Blocks by WPZOOM <= 2.8.2 - Authenticated Stored Cross-Site Scripting Affected: [*, 2.8.3) Patched: 2.8.3 Updated: July 5, 2026
LOW

recipe-card-blocks-by-wpzoom

recipe-card-blocks-by-wpzoom

Score: N/A Recipe Card Blocks by WPZOOM <= 2.8.0 - Reflected Cross-Site Scripting Affected: [*, 2.8.1) Patched: 2.8.1 Updated: July 5, 2026
LOW

podlove-podcasting-plugin-for-wordpress

podlove-podcasting-plugin-for-wordpress

Score: 93/100 Podlove Podcast Publisher <= 3.5.5 - Unauthenticated SQL Injection Affected: [*, 3.5.6) Patched: 3.5.6 Updated: July 5, 2026
LOW

live-scores-for-sportspress

live-scores-for-sportspress

Score: 91/100 Live Scores for SportsPress <= 1.9.0 - Authenticated (Admin+) Local File Inclusion Affected: *-1.9.0 Patched: 1.9.1 Updated: July 5, 2026
LOW

live-scores-for-sportspress

live-scores-for-sportspress

Score: 91/100 Live Scores for SportsPress <= 1.9.0 - Reflected Cross-Site Scripting Affected: *-1.9.0 Patched: 1.9.1 Updated: July 5, 2026
LOW

contact-list

contact-list

Score: 93/100 Contact List – Easy Business Directory, Staff Directory and Address Book Plugin <= 2.9.41 - Reflected Cross-Site Scripting Affected: *-2.9.41 Patched: 2.9.42 Updated: July 5, 2026
LOW

wp-video-lightbox

wp-video-lightbox

Score: N/A WP Video Lightbox <= 1.9.2 - Contributor+ Stored Cross-Site Scripting Affected: *-1.9.2 Patched: 1.9.3 Updated: July 5, 2026
LOW

simply-gallery-block

simply-gallery-block

Score: N/A Gallery Blocks with Lightbox <= 2.2.0 - Authenticated Stored Cross-Site Scripting Affected: [*, 2.2.1) Patched: 2.2.1 Updated: July 5, 2026
LOW

simple-schools-staff-directory

simple-schools-staff-directory

Score: N/A Simple Schools Staff Directory <= 1.1 - Authenticated (Admin+) Arbitrary File Upload Affected: *-1.1 Patched: Updated: July 5, 2026
LOW

shortcodes-ultimate

shortcodes-ultimate

Score: N/A WordPress Shortcodes Plugin — Shortcodes Ultimate <= 5.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: [*, 5.10.2) Patched: 5.10.2 Updated: July 5, 2026
LOW

post-views-counter

post-views-counter

Score: N/A Post Views Counter <= 1.3.4 - Authenticated Stored Cross-Site Scripting Affected: *-1.3.4 Patched: 1.3.5 Updated: July 5, 2026

Showing 31101 to 31200 of 36406 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: July 5, 2026 at 00:38 UTC.