Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36189

Across tracked plugins

Affected Plugins

With open vulnerabilities

Critical / High

Require immediate attention

Vulnerability List

Export CSV

Vulnerability list with plugin score and patch status
Plugin	Slug	Score	Vulnerability	Severity	Affected Versions	Patched	Updated
keyring	keyring	93	Keyring < 1.5.1 - Cross-Site Scripting	LOW	*-1.5	1.5.1	June 29, 2026
immopress	immopress	91	ImmoPress <= 0.0.4 - Reflected Cross-Site Scripting	LOW	*-0.0.4		June 29, 2026
hunk-external-links	hunk-external-links	91	Hunk External Links <= 3.0.5 - Reflected Cross-Site Scripting	LOW	*-3.0.5		June 29, 2026
google-maps-in-posts	google-maps-in-posts	91	Google Maps in Posts <= 1.5.3 - Reflected Cross-Site Scripting	LOW	*-1.5.3		June 29, 2026
google-map-generator	google-map-generator	91	Google Map Generator <= 1.3.1 - Reflected Cross-Site Scripting	LOW	*-1.3.1		June 29, 2026
gbteamstats	gbteamstats	91	GB Team Stats <= 1.5.1 - Reflected Cross-Site Scripting	LOW	*-1.5.1		June 29, 2026
garees-flickr-feed	garees-flickr-feed	91	Garee's Flickr Feed <= 0.8 - Cross-Site Scripting	LOW	*-0.8		June 29, 2026
fixedly	fixedly	91	Fixedly Media Gallery <= 1.3.1 - Reflected Cross-Site Scripting	LOW	*-1.3.1		June 29, 2026
filtre-de-surveillance-gouvernemental	filtre-de-surveillance-gouvernemental	91	Filtre de surveillance gouvernemental <= 1.1 - Reflected Cross-Site Scripting	LOW	*-1.1		June 29, 2026
fancy-cats	fancy-cats	91	Fancy Cats <= 1.1 - Reflected Cross-Site Scripting	LOW	*-1.1		June 29, 2026
dialogs	dialogs	91	Dialogs <= 1.0.3 - Reflected Cross-Site Scripting	LOW	*-1.0.3		June 29, 2026
daily-inspiration-generator	daily-inspiration-generator	89	Daily Inspiration Generator <= 2.0 - Open Redirect	LOW	*-2.0		June 29, 2026
daily-inspiration-generator	daily-inspiration-generator	89	Daily Inspiration Generator <= 2.0 - Reflected Cross-Site Scripting	LOW	*-2.0		June 29, 2026
coupon-tab-for-directorypress-pp	coupon-tab-for-directorypress-pp	91	Coupon Tab for DirectoryPress (pp-coupon-tab) <= 0.2.0 - Reflected Cross-Site Scripting	LOW	*-0.2.0		June 29, 2026
contentboxes	contentboxes	91	Contentboxes <= 1.1 - Reflected Cross-Site Scripting	LOW	*-1.1		June 29, 2026
clipta-video-informer	clipta-video-informer	91	Clipta Video Informer <= 1.0 - Reflected Cross-Site Scripting	LOW	*-1.0		June 29, 2026
clicksold-wordpress-plugin	clicksold-wordpress-plugin	91	ClickSold IDX < 1.49 - Reflected Cross-Site Scripting	LOW	*-1.48	1.49	June 29, 2026
captcha-in-thai	captcha-in-thai	91	CAPTCHA in Thai <= 1.1 - Reflected Cross-Site Scripting	LOW	*-1.1		June 29, 2026
blogroll-fun	blogroll-fun	93	Blogroll Fun – Show Last Post and Last Update Time < 0.8.5 - Reflected Cross-Site Scripting	LOW	*-0.8.4	0.8.5	June 29, 2026
avchat-3	avchat-3	91	Community Lite Video Chat < 1.4.2 - Reflected Cross-Site Scripting	LOW	*-1.4.1	1.4.2	June 29, 2026
athlon-manage-calameo-publications	athlon-manage-calameo-publications	93	Manage Calameo Publications by Athlon < 1.1.1 - Reflected Cross-Site Scripting	LOW	*-1.1.0	1.1.1	June 29, 2026
animal-captcha	animal-captcha	95	Animal Captcha <= 1.6.2 - Reflected Cross-Site Scripting	LOW	*-1.6.2		June 29, 2026
yahoo-updates-for-wordpress	yahoo-updates-for-wordpress	N/A	Yahoo Updates For WordPress <= 1.0 - Cross-Site Scripting	LOW	*-1.0		June 29, 2026
wp-guestmap	wp-guestmap	N/A	WP Guestmap <= 1.8 - Multiple Cross-Site Scripting	LOW	*-1.8		June 29, 2026
wordthumb	wordthumb	N/A	TimThumb <= 2.8.13 - Remote Code Execution	LOW	*-1.07		June 29, 2026
user-avatar	user-avatar	N/A	TimThumb <= 2.8.13 - Remote Code Execution	LOW	*-1.4.12		June 29, 2026
timthumb	timthumb	N/A	TimThumb <= 2.8.13 - Remote Code Execution	LOW	*-2.8.13		June 29, 2026
vn-calendar	vn-calendar	N/A	VN Calendar <= 1.0 - Cross-Site Scripting	LOW	*-1.0		June 29, 2026
anyfont	anyfont	95	Anyfont <= 2.2.3 - Cross-Site Scripting	LOW	*-2.2.3		June 29, 2026
videowhisper-live-streaming-integration	videowhisper-live-streaming-integration	N/A	Broadcast Live Video – Live Streaming < 4.27.4 - Cross-Site Scripting	LOW	[*, 4.27.4)	4.27.4	June 29, 2026
theme-my-login	theme-my-login	N/A	Theme My Login <= 6.3.9 - Local File Inclusion	LOW	[*, 6.3.10)	6.3.10	June 29, 2026
random-banner	random-banner	N/A	Random Banner < 2.0 - Cross-Site Scripting	LOW	[*, 2.0)	2.0	June 29, 2026
custom-banners	custom-banners	91	Custom Banners < 2.1 - Cross-Site Scripting	LOW	[*, 2.1)	2.1	June 29, 2026
blogstand-smart-banner	blogstand-smart-banner	91	Blogstand Banner <= 1.0 - Cross-Site Request Forgery to Cross-Site Scripting	LOW	*-1.0		June 29, 2026
easy-banners	easy-banners	91	Easy Banners <= 1.4 - Cross-Site Scripting	LOW	*-1.4		June 29, 2026
simple-share-buttons-adder	simple-share-buttons-adder	N/A	Simple Share Buttons Adder <= 4.4 - Cross-Site Request Forgery	LOW	[*, 4.5)	4.5	June 29, 2026
simple-share-buttons-adder	simple-share-buttons-adder	N/A	Simple Share Buttons Adder <= 4.4 - Cross-Site Request Forgery	LOW	*-4.4	4.5	June 29, 2026
ajax-search-lite	ajax-search-lite	97	Ajax Search Lite < 3.11 - Remote Code Execution	LOW	[*, 3.11)	3.11	June 29, 2026
disqus-comment-system	disqus-comment-system	93	Disqus Comment System < 2.76 - Remote Code Execution	LOW	[*, 2.76)	2.76	June 29, 2026
wu-rating	wu-rating	N/A	Wu-Rating <= 1.0 12319 - Cross-Site Scripting	LOW	* - 1.0 12319		June 29, 2026
wp-tmkm-amazon	wp-tmkm-amazon	N/A	wp-tmkm-amazon < 1.5.3 - Cross-Site Scripting	LOW	[*, 1.5.3)	1.5.3	June 29, 2026
wp-restful	wp-restful	N/A	WP Restful <= 0.1 - Multiple Cross-Site Scripting	LOW	*-0.1		June 29, 2026
wp-responsive-preview	wp-responsive-preview	N/A	WordPress Responsive Preview <= 1.1 - Reflected Cross-Site Scripting	LOW	[*, 1.2)	1.2	June 29, 2026
wp-picasa-image	wp-picasa-image	N/A	WP-Picasa-Image <= 1.0 - Reflected Cross-Site Scripting	LOW	*-1.0		June 29, 2026
wp-microblogs	wp-microblogs	N/A	WP Microblogs <= 0.4.0 - Cross-Site Scripting	LOW	*-0.4.0		June 29, 2026
wp-football	wp-football	N/A	wp-football <= 1.1 - Cross-Site Scripting	LOW	*-1.1		June 29, 2026
wp-facethumb	wp-facethumb	N/A	WP Facethumb <= 1.0 - Cross-Site Scripting	LOW	*-1.0		June 29, 2026
wp-consultant	wp-consultant	N/A	WP Consultant <= 1.0 - Reflected Cross-Site Scripting	LOW	*-1.0		June 29, 2026
wp-blipbot	wp-blipbot	N/A	WP BlipBot <= 3.0.9 - Cross-Site Scripting	LOW	*-3.0.9		June 29, 2026
wp-appointments-schedules	wp-appointments-schedules	N/A	Appointments Scheduler <= 1.5 - Cross-Site Scripting	LOW	*-1.5		June 29, 2026
wikipop	wikipop	N/A	WikiPop <= 2.0 - Cross-Site Scripting	LOW	*-2.0		June 29, 2026
walk-score	walk-score	N/A	Walk Score Plugin <= 0.5.5 - Cross-Site Scripting	LOW	*-0.5.5		June 29, 2026
videowhisper-video-presentation	videowhisper-video-presentation	N/A	VideoWhisper Video Presentation <= 3.25 - Reflected Cross-Site Scripting	LOW	*-3.25	3.31	June 29, 2026
video-posts-webcam-recorder	video-posts-webcam-recorder	N/A	Video Posts Webcam Recorder <= 1.55.4 - Reflected Cross-Site Scripting	LOW	*-1.55.4	1.55.5	June 29, 2026
video-comments-webcam-recorder	video-comments-webcam-recorder	N/A	HTML5 Webcam Microphone Recorder Forms < 1.55 - Cross-Site Scripting	LOW	*-1.55	1.55.3	June 29, 2026
ruven-toolkit	ruven-toolkit	N/A	Ruven Toolkit <= 2.0 - Reflected Cross-Site Scripting	LOW	*-2.0		June 29, 2026
adminonline	adminonline	95	AdminOnline (Unspecified Version) - Directly Traversal/Arbitrary File Read	LOW	*		June 29, 2026
member-approval	member-approval	91	Member Approval <= 131109 - Cross-Site Scripting	LOW	*-131109		June 29, 2026
jw-player-plugin-for-wordpress	jw-player-plugin-for-wordpress	91	JW Player for Flash & HTML5 Video < 2.1.4 - Cross-Site Request Forgery leading to player deletion	LOW	[*, 2.1.4)	2.1.4	June 29, 2026
feature-comments	feature-comments	93	Featured Comments < 1.2.5 - Cross-Site Request Forgery	LOW	[*, 1.2.5)	1.2.5	June 29, 2026
disqus-comment-system	disqus-comment-system	93	Disqus Comment System < 2.76 - Reflected Cross-Site Scripting	LOW	[*, 2.76)	2.76	June 29, 2026
participants-database	participants-database	N/A	Participants Database < 1.5.4.9 - SQL Injection	LOW	[*, 1.5.4.9)	1.5.4.9	June 29, 2026
popup-images	popup-images	N/A	Popup Images (Unknown Version) - Cross-Site Scripting	LOW	*		June 29, 2026
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic	all-in-one-seo-pack	88	All in One SEO <= 2.1.5 - Missing Authorization	LOW	*-2.1.5	2.1.6	June 29, 2026
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic	all-in-one-seo-pack	88	All in One SEO <= 2.1.5 - Cross-Site Scripting	LOW	*-2.1.5	2.1.6	June 29, 2026
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic	all-in-one-seo-pack	88	All in One SEO <= 2.2.4.1 - Privilege Escalation to Arbitrary Post Modification	LOW	*-2.2.4.1	2.2.5	June 29, 2026
simple-popup-images	simple-popup-images	N/A	Simple Popup Images <= 1.0 - Cross-Site Scripting	LOW	*-1.0	1.1	June 29, 2026
cross-rss	cross-rss	91	Cross-RSS <= 1.7 - Path Traversal	LOW	*-1.7		June 29, 2026
zelist-directory	zelist-directory	N/A	zeList <= 0.5.11.07 - Cross-Site Scripting	LOW	*-0.5.11.07		June 29, 2026
zdstats	zdstats	N/A	ZdStatistics <= 2.0.1 - Cross-Site Scripting	LOW	*-2.0.1		June 29, 2026
your-text-manager	your-text-manager	N/A	Your Text Manager <= 0.3.0 - Cross-Site Scripting	LOW	*-0.3.0		June 29, 2026
yawpp	yawpp	N/A	YAWPP (Yet Another WordPress Petition Plugin) <= 1.2.1 - Authenticated SQL Injection	LOW	*-1.2.1	1.2.2	June 29, 2026
wppm	wppm	N/A	WP Plugin Manager (wppm) <= 1.6.4.b - Cross-Site Scripting	LOW	* - 1.6.4.b		June 29, 2026
wp-social-invitations	wp-social-invitations	N/A	WordPress Social Invitations – Lite <= 1.4.4.2 - Reflected Cross-Site Scripting	LOW	*-1.4.4.2	1.4.4.3	June 29, 2026
wp-rss-poster	wp-rss-poster	N/A	WP Rss Poster <= 1.0.0 - SQL Injection	LOW	*-1.0.0		June 29, 2026
wp-easycart	wp-easycart	N/A	EasyCart <= 2.0.5 - Sensitive Information Disclosure	LOW	*-2.0.5	2.0.6	June 29, 2026
webengage	webengage	N/A	WebEngage Feedback, Survey and Notification < 2.0.1 - Cross-Site Scripting	LOW	[*, 2.0.1)	2.0.1	June 29, 2026
validated	validated	N/A	Validated <= 1.0.2 - Cross-Site Scripting	LOW	*-1.0.2	2.0.0	June 29, 2026
ultimate-product-catalogue	ultimate-product-catalogue	N/A	Ultimate Product Catalog < 2.1.1 - Authenticated (Admin+) SQL Injection	LOW	*-2.1	2.1.1	June 29, 2026
tera-charts	tera-charts	N/A	Tera Charts < 1.0 - Directory Traversal	LOW	*-0.1	1.0	June 29, 2026
swipehq-payment-gateway-woocommerce	swipehq-payment-gateway-woocommerce	N/A	SwipeHQ Payment Gateway WooCommerce <= 2.7.1 - Reflected Cross-Site Scripting	LOW	*-2.7.1		June 29, 2026
swipe-hq-checkout-for-jigoshop	swipe-hq-checkout-for-jigoshop	N/A	Jigoshop Swipe plugin <= 3.1.0 - Cross-Site Scripting	LOW	*-3.1.0		June 29, 2026
stripshow	stripshow	N/A	stripShow Plugin <= 2.5.2 - SQL Injection	LOW	*-2.5.2		June 29, 2026
ss-downloads	ss-downloads	N/A	SS Downloads <= 1.4.4.1 - Cross-Site Scripting	LOW	*-1.4.4.1	1.5	June 29, 2026
rezgo	rezgo	N/A	Rezgo Online Booking < 1.8.2 - Cross-Site Scripting	LOW	[*, 1.8.2)	1.8.2	June 29, 2026
rezgo	rezgo	N/A	Rezgo Online Booking < 1.4.3 - Cross-Site Scripting	LOW	[*, 1.4.3)	1.4.3	June 29, 2026
quartz	quartz	N/A	Quartz <= 1.01.1 - SQL Injection	LOW	*-1.01.1		June 29, 2026
podcast-channels	podcast-channels	N/A	Podcast Channels <= 0.20 - Cross-Site Scripting	LOW	[*, 0.21)	0.21	June 29, 2026
omfg-mobile	omfg-mobile	N/A	OMFG Mobile Pro <= 1.1.26 - Cross-Site Scripting	LOW	*-1.1.26		June 29, 2026
oleggo-livestream	oleggo-livestream	N/A	Oleggo LiveStream <= 0.2.6 - Cross-Site Scripting	LOW	*-0.2.6		June 29, 2026
malware-finder	malware-finder	91	Malware Finder <= 1.1 - Cross-Site Scripting	LOW	*-1.1		June 29, 2026
lastfm-rotation	lastfm-rotation	91	Last.fm Rotation <= 1.0 - Directory Traversal	LOW	*-1.0		June 29, 2026
jrss-widget	jrss-widget	91	jRSS Widget <= 1.2 - Server-Side Request Forgery	LOW	*-1.2		June 29, 2026
hdw-player-video-player-video-gallery	hdw-player-video-player-video-gallery	91	HDW Player Plugin (Video Player & Video Gallery) <= 2.4.2 - Authenticated (Admin+) SQL Injection	LOW	*-2.4.2	3.0	June 29, 2026
fbpromotions	fbpromotions	91	Bugs Go Viral : Facebook Promotion Generator <= 1.3.4 - Cross-Site Scripting	LOW	*-1.3.4		June 29, 2026
envialosimple-email-marketing-y-newsletters-gratis	envialosimple-email-marketing-y-newsletters-gratis	91	EnvialoSimple: Email Marketing y Newsletters < 1.98 - Cross-Site Scripting	LOW	*-1.97	1.98	June 29, 2026
enl-newsletter	enl-newsletter	86	ENL Newsletter <= 1.0.1 - Authenticated (Admin+) SQL Injection	LOW	*-1.0.1		June 29, 2026
efence	efence	91	efence <= 1.3.2 - Multiple Cross-Site Scripting	LOW	*-1.3.2		June 29, 2026
easy-post-types	easy-post-types	87	WP Easy Post Types < 1.4.4 - Cross-Site Scripting	LOW	[*, 1.4.4)	1.4.4	June 29, 2026
easy-career-openings	easy-career-openings	89	Easy Career Opening <= 0.4 - Unauthenticated Cross-Site Scripting	LOW	*-0.4		June 29, 2026

LOW

keyring

Score: 93/100 Keyring < 1.5.1 - Cross-Site Scripting Affected: *-1.5 Patched: 1.5.1 Updated: June 29, 2026

LOW

immopress

Score: 91/100 ImmoPress <= 0.0.4 - Reflected Cross-Site Scripting Affected: *-0.0.4 Patched: Updated: June 29, 2026

LOW

hunk-external-links

Score: 91/100 Hunk External Links <= 3.0.5 - Reflected Cross-Site Scripting Affected: *-3.0.5 Patched: Updated: June 29, 2026

LOW

google-maps-in-posts

Score: 91/100 Google Maps in Posts <= 1.5.3 - Reflected Cross-Site Scripting Affected: *-1.5.3 Patched: Updated: June 29, 2026

LOW

google-map-generator

Score: 91/100 Google Map Generator <= 1.3.1 - Reflected Cross-Site Scripting Affected: *-1.3.1 Patched: Updated: June 29, 2026

LOW

gbteamstats

Score: 91/100 GB Team Stats <= 1.5.1 - Reflected Cross-Site Scripting Affected: *-1.5.1 Patched: Updated: June 29, 2026

LOW

garees-flickr-feed

Score: 91/100 Garee's Flickr Feed <= 0.8 - Cross-Site Scripting Affected: *-0.8 Patched: Updated: June 29, 2026

LOW

fixedly

Score: 91/100 Fixedly Media Gallery <= 1.3.1 - Reflected Cross-Site Scripting Affected: *-1.3.1 Patched: Updated: June 29, 2026

LOW

filtre-de-surveillance-gouvernemental

Score: 91/100 Filtre de surveillance gouvernemental <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: June 29, 2026

LOW

fancy-cats

Score: 91/100 Fancy Cats <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: June 29, 2026

LOW

dialogs

Score: 91/100 Dialogs <= 1.0.3 - Reflected Cross-Site Scripting Affected: *-1.0.3 Patched: Updated: June 29, 2026

LOW

daily-inspiration-generator

Score: 89/100 Daily Inspiration Generator <= 2.0 - Open Redirect Affected: *-2.0 Patched: Updated: June 29, 2026

LOW

daily-inspiration-generator

Score: 89/100 Daily Inspiration Generator <= 2.0 - Reflected Cross-Site Scripting Affected: *-2.0 Patched: Updated: June 29, 2026

LOW

coupon-tab-for-directorypress-pp

Score: 91/100 Coupon Tab for DirectoryPress (pp-coupon-tab) <= 0.2.0 - Reflected Cross-Site Scripting Affected: *-0.2.0 Patched: Updated: June 29, 2026

LOW

contentboxes

Score: 91/100 Contentboxes <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: June 29, 2026

LOW

clipta-video-informer

Score: 91/100 Clipta Video Informer <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

clicksold-wordpress-plugin

Score: 91/100 ClickSold IDX < 1.49 - Reflected Cross-Site Scripting Affected: *-1.48 Patched: 1.49 Updated: June 29, 2026

LOW

captcha-in-thai

Score: 91/100 CAPTCHA in Thai <= 1.1 - Reflected Cross-Site Scripting Affected: *-1.1 Patched: Updated: June 29, 2026

LOW

avchat-3

Score: 91/100 Community Lite Video Chat < 1.4.2 - Reflected Cross-Site Scripting Affected: *-1.4.1 Patched: 1.4.2 Updated: June 29, 2026

LOW

athlon-manage-calameo-publications

Score: 93/100 Manage Calameo Publications by Athlon < 1.1.1 - Reflected Cross-Site Scripting Affected: *-1.1.0 Patched: 1.1.1 Updated: June 29, 2026

LOW

animal-captcha

Score: 95/100 Animal Captcha <= 1.6.2 - Reflected Cross-Site Scripting Affected: *-1.6.2 Patched: Updated: June 29, 2026

LOW

yahoo-updates-for-wordpress

Score: N/A Yahoo Updates For WordPress <= 1.0 - Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

wp-guestmap

Score: N/A WP Guestmap <= 1.8 - Multiple Cross-Site Scripting Affected: *-1.8 Patched: Updated: June 29, 2026

LOW

wordthumb

Score: N/A TimThumb <= 2.8.13 - Remote Code Execution Affected: *-1.07 Patched: Updated: June 29, 2026

LOW

user-avatar

Score: N/A TimThumb <= 2.8.13 - Remote Code Execution Affected: *-1.4.12 Patched: Updated: June 29, 2026

LOW

timthumb

Score: N/A TimThumb <= 2.8.13 - Remote Code Execution Affected: *-2.8.13 Patched: Updated: June 29, 2026

LOW

vn-calendar

Score: N/A VN Calendar <= 1.0 - Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

anyfont

Score: 95/100 Anyfont <= 2.2.3 - Cross-Site Scripting Affected: *-2.2.3 Patched: Updated: June 29, 2026

LOW

videowhisper-live-streaming-integration

Score: N/A Broadcast Live Video – Live Streaming < 4.27.4 - Cross-Site Scripting Affected: [*, 4.27.4) Patched: 4.27.4 Updated: June 29, 2026

LOW

theme-my-login

Score: N/A Theme My Login <= 6.3.9 - Local File Inclusion Affected: [*, 6.3.10) Patched: 6.3.10 Updated: June 29, 2026

LOW

random-banner

Score: N/A Random Banner < 2.0 - Cross-Site Scripting Affected: [*, 2.0) Patched: 2.0 Updated: June 29, 2026

LOW

custom-banners

Score: 91/100 Custom Banners < 2.1 - Cross-Site Scripting Affected: [*, 2.1) Patched: 2.1 Updated: June 29, 2026

LOW

blogstand-smart-banner

Score: 91/100 Blogstand Banner <= 1.0 - Cross-Site Request Forgery to Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

easy-banners

Score: 91/100 Easy Banners <= 1.4 - Cross-Site Scripting Affected: *-1.4 Patched: Updated: June 29, 2026

LOW

simple-share-buttons-adder

Score: N/A Simple Share Buttons Adder <= 4.4 - Cross-Site Request Forgery Affected: [*, 4.5) Patched: 4.5 Updated: June 29, 2026

LOW

simple-share-buttons-adder

Score: N/A Simple Share Buttons Adder <= 4.4 - Cross-Site Request Forgery Affected: *-4.4 Patched: 4.5 Updated: June 29, 2026

LOW

ajax-search-lite

Score: 97/100 Ajax Search Lite < 3.11 - Remote Code Execution Affected: [*, 3.11) Patched: 3.11 Updated: June 29, 2026

LOW

disqus-comment-system

Score: 93/100 Disqus Comment System < 2.76 - Remote Code Execution Affected: [*, 2.76) Patched: 2.76 Updated: June 29, 2026

LOW

wu-rating

Score: N/A Wu-Rating <= 1.0 12319 - Cross-Site Scripting Affected: * - 1.0 12319 Patched: Updated: June 29, 2026

LOW

wp-tmkm-amazon

Score: N/A wp-tmkm-amazon < 1.5.3 - Cross-Site Scripting Affected: [*, 1.5.3) Patched: 1.5.3 Updated: June 29, 2026

LOW

wp-restful

Score: N/A WP Restful <= 0.1 - Multiple Cross-Site Scripting Affected: *-0.1 Patched: Updated: June 29, 2026

LOW

wp-responsive-preview

Score: N/A WordPress Responsive Preview <= 1.1 - Reflected Cross-Site Scripting Affected: [*, 1.2) Patched: 1.2 Updated: June 29, 2026

LOW

wp-picasa-image

Score: N/A WP-Picasa-Image <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

wp-microblogs

Score: N/A WP Microblogs <= 0.4.0 - Cross-Site Scripting Affected: *-0.4.0 Patched: Updated: June 29, 2026

LOW

wp-football

Score: N/A wp-football <= 1.1 - Cross-Site Scripting Affected: *-1.1 Patched: Updated: June 29, 2026

LOW

wp-facethumb

Score: N/A WP Facethumb <= 1.0 - Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

wp-consultant

Score: N/A WP Consultant <= 1.0 - Reflected Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

wp-blipbot

Score: N/A WP BlipBot <= 3.0.9 - Cross-Site Scripting Affected: *-3.0.9 Patched: Updated: June 29, 2026

LOW

wp-appointments-schedules

Score: N/A Appointments Scheduler <= 1.5 - Cross-Site Scripting Affected: *-1.5 Patched: Updated: June 29, 2026

LOW

wikipop

Score: N/A WikiPop <= 2.0 - Cross-Site Scripting Affected: *-2.0 Patched: Updated: June 29, 2026

LOW

walk-score

Score: N/A Walk Score Plugin <= 0.5.5 - Cross-Site Scripting Affected: *-0.5.5 Patched: Updated: June 29, 2026

LOW

videowhisper-video-presentation

Score: N/A VideoWhisper Video Presentation <= 3.25 - Reflected Cross-Site Scripting Affected: *-3.25 Patched: 3.31 Updated: June 29, 2026

LOW

video-posts-webcam-recorder

Score: N/A Video Posts Webcam Recorder <= 1.55.4 - Reflected Cross-Site Scripting Affected: *-1.55.4 Patched: 1.55.5 Updated: June 29, 2026

LOW

video-comments-webcam-recorder

Score: N/A HTML5 Webcam Microphone Recorder Forms < 1.55 - Cross-Site Scripting Affected: *-1.55 Patched: 1.55.3 Updated: June 29, 2026

LOW

ruven-toolkit

Score: N/A Ruven Toolkit <= 2.0 - Reflected Cross-Site Scripting Affected: *-2.0 Patched: Updated: June 29, 2026

LOW

adminonline

Score: 95/100 AdminOnline (Unspecified Version) - Directly Traversal/Arbitrary File Read Affected: * Patched: Updated: June 29, 2026

LOW

member-approval

Score: 91/100 Member Approval <= 131109 - Cross-Site Scripting Affected: *-131109 Patched: Updated: June 29, 2026

LOW

jw-player-plugin-for-wordpress

Score: 91/100 JW Player for Flash & HTML5 Video < 2.1.4 - Cross-Site Request Forgery leading to player deletion Affected: [*, 2.1.4) Patched: 2.1.4 Updated: June 29, 2026

LOW

feature-comments

Score: 93/100 Featured Comments < 1.2.5 - Cross-Site Request Forgery Affected: [*, 1.2.5) Patched: 1.2.5 Updated: June 29, 2026

LOW

disqus-comment-system

Score: 93/100 Disqus Comment System < 2.76 - Reflected Cross-Site Scripting Affected: [*, 2.76) Patched: 2.76 Updated: June 29, 2026

LOW

participants-database

Score: N/A Participants Database < 1.5.4.9 - SQL Injection Affected: [*, 1.5.4.9) Patched: 1.5.4.9 Updated: June 29, 2026

LOW

popup-images

Score: N/A Popup Images (Unknown Version) - Cross-Site Scripting Affected: * Patched: Updated: June 29, 2026

LOW

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

Score: 88/100 All in One SEO <= 2.1.5 - Missing Authorization Affected: *-2.1.5 Patched: 2.1.6 Updated: June 29, 2026

LOW

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

Score: 88/100 All in One SEO <= 2.1.5 - Cross-Site Scripting Affected: *-2.1.5 Patched: 2.1.6 Updated: June 29, 2026

LOW

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

Score: 88/100 All in One SEO <= 2.2.4.1 - Privilege Escalation to Arbitrary Post Modification Affected: *-2.2.4.1 Patched: 2.2.5 Updated: June 29, 2026

LOW

simple-popup-images

Score: N/A Simple Popup Images <= 1.0 - Cross-Site Scripting Affected: *-1.0 Patched: 1.1 Updated: June 29, 2026

LOW

cross-rss

Score: 91/100 Cross-RSS <= 1.7 - Path Traversal Affected: *-1.7 Patched: Updated: June 29, 2026

LOW

zelist-directory

Score: N/A zeList <= 0.5.11.07 - Cross-Site Scripting Affected: *-0.5.11.07 Patched: Updated: June 29, 2026

LOW

zdstats

Score: N/A ZdStatistics <= 2.0.1 - Cross-Site Scripting Affected: *-2.0.1 Patched: Updated: June 29, 2026

LOW

your-text-manager

Score: N/A Your Text Manager <= 0.3.0 - Cross-Site Scripting Affected: *-0.3.0 Patched: Updated: June 29, 2026

LOW

yawpp

Score: N/A YAWPP (Yet Another WordPress Petition Plugin) <= 1.2.1 - Authenticated SQL Injection Affected: *-1.2.1 Patched: 1.2.2 Updated: June 29, 2026

LOW

wppm

Score: N/A WP Plugin Manager (wppm) <= 1.6.4.b - Cross-Site Scripting Affected: * - 1.6.4.b Patched: Updated: June 29, 2026

LOW

wp-social-invitations

Score: N/A WordPress Social Invitations – Lite <= 1.4.4.2 - Reflected Cross-Site Scripting Affected: *-1.4.4.2 Patched: 1.4.4.3 Updated: June 29, 2026

LOW

wp-rss-poster

Score: N/A WP Rss Poster <= 1.0.0 - SQL Injection Affected: *-1.0.0 Patched: Updated: June 29, 2026

LOW

wp-easycart

Score: N/A EasyCart <= 2.0.5 - Sensitive Information Disclosure Affected: *-2.0.5 Patched: 2.0.6 Updated: June 29, 2026

LOW

webengage

Score: N/A WebEngage Feedback, Survey and Notification < 2.0.1 - Cross-Site Scripting Affected: [*, 2.0.1) Patched: 2.0.1 Updated: June 29, 2026

LOW

validated

Score: N/A Validated <= 1.0.2 - Cross-Site Scripting Affected: *-1.0.2 Patched: 2.0.0 Updated: June 29, 2026

LOW

ultimate-product-catalogue

Score: N/A Ultimate Product Catalog < 2.1.1 - Authenticated (Admin+) SQL Injection Affected: *-2.1 Patched: 2.1.1 Updated: June 29, 2026

LOW

tera-charts

Score: N/A Tera Charts < 1.0 - Directory Traversal Affected: *-0.1 Patched: 1.0 Updated: June 29, 2026

LOW

swipehq-payment-gateway-woocommerce

Score: N/A SwipeHQ Payment Gateway WooCommerce <= 2.7.1 - Reflected Cross-Site Scripting Affected: *-2.7.1 Patched: Updated: June 29, 2026

LOW

swipe-hq-checkout-for-jigoshop

Score: N/A Jigoshop Swipe plugin <= 3.1.0 - Cross-Site Scripting Affected: *-3.1.0 Patched: Updated: June 29, 2026

LOW

stripshow

Score: N/A stripShow Plugin <= 2.5.2 - SQL Injection Affected: *-2.5.2 Patched: Updated: June 29, 2026

LOW

ss-downloads

Score: N/A SS Downloads <= 1.4.4.1 - Cross-Site Scripting Affected: *-1.4.4.1 Patched: 1.5 Updated: June 29, 2026

LOW

rezgo

Score: N/A Rezgo Online Booking < 1.8.2 - Cross-Site Scripting Affected: [*, 1.8.2) Patched: 1.8.2 Updated: June 29, 2026

LOW

rezgo

Score: N/A Rezgo Online Booking < 1.4.3 - Cross-Site Scripting Affected: [*, 1.4.3) Patched: 1.4.3 Updated: June 29, 2026

LOW

quartz

Score: N/A Quartz <= 1.01.1 - SQL Injection Affected: *-1.01.1 Patched: Updated: June 29, 2026

LOW

podcast-channels

Score: N/A Podcast Channels <= 0.20 - Cross-Site Scripting Affected: [*, 0.21) Patched: 0.21 Updated: June 29, 2026

LOW

omfg-mobile

Score: N/A OMFG Mobile Pro <= 1.1.26 - Cross-Site Scripting Affected: *-1.1.26 Patched: Updated: June 29, 2026

LOW

oleggo-livestream

Score: N/A Oleggo LiveStream <= 0.2.6 - Cross-Site Scripting Affected: *-0.2.6 Patched: Updated: June 29, 2026

LOW

malware-finder

Score: 91/100 Malware Finder <= 1.1 - Cross-Site Scripting Affected: *-1.1 Patched: Updated: June 29, 2026

LOW

lastfm-rotation

Score: 91/100 Last.fm Rotation <= 1.0 - Directory Traversal Affected: *-1.0 Patched: Updated: June 29, 2026

LOW

jrss-widget

Score: 91/100 jRSS Widget <= 1.2 - Server-Side Request Forgery Affected: *-1.2 Patched: Updated: June 29, 2026

LOW

hdw-player-video-player-video-gallery

Score: 91/100 HDW Player Plugin (Video Player & Video Gallery) <= 2.4.2 - Authenticated (Admin+) SQL Injection Affected: *-2.4.2 Patched: 3.0 Updated: June 29, 2026

LOW

fbpromotions

Score: 91/100 Bugs Go Viral : Facebook Promotion Generator <= 1.3.4 - Cross-Site Scripting Affected: *-1.3.4 Patched: Updated: June 29, 2026

LOW

envialosimple-email-marketing-y-newsletters-gratis

Score: 91/100 EnvialoSimple: Email Marketing y Newsletters < 1.98 - Cross-Site Scripting Affected: *-1.97 Patched: 1.98 Updated: June 29, 2026

LOW

enl-newsletter

Score: 86/100 ENL Newsletter <= 1.0.1 - Authenticated (Admin+) SQL Injection Affected: *-1.0.1 Patched: Updated: June 29, 2026

LOW

efence

Score: 91/100 efence <= 1.3.2 - Multiple Cross-Site Scripting Affected: *-1.3.2 Patched: Updated: June 29, 2026

LOW

easy-post-types

Score: 87/100 WP Easy Post Types < 1.4.4 - Cross-Site Scripting Affected: [*, 1.4.4) Patched: 1.4.4 Updated: June 29, 2026

LOW

easy-career-openings

Score: 89/100 Easy Career Opening <= 0.4 - Unauthenticated Cross-Site Scripting Affected: *-0.4 Patched: Updated: June 29, 2026

Showing 35301 to 35400 of 36189 results

Download: CSV JSON

Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: June 29, 2026 at 04:28 UTC.

Known Plugin Vulnerabilities

Open Vulnerabilities

Affected Plugins

Critical / High

Recently Updated

Vulnerability List