Plugin Score by Kitgenix

Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36189

Across tracked plugins

Affected Plugins

83

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
flash-album-gallery flash-album-gallery
91
 Album and Image Gallery with Lightbox – Flagallery Photo Portfolio <= 2.00 - SQL Injection LOW *-2.00 2.10 June 28, 2026
wp_rokbox wp_rokbox N/A WordPress RokBox <= 2.13 - Content Spoofing LOW *-2.13 June 28, 2026
wp_rokbox wp_rokbox N/A WordPress RokBox <= 2.13 - Arbitrary File Upload LOW *-2.13 June 28, 2026
wp_rokbox wp_rokbox N/A WordPress RokBox <= 2.13 - Full Path Disclosure LOW *-2.13 June 28, 2026
wp_rokbox wp_rokbox N/A WordPress RokBox <= 2.13 - Sensitive Data Disclosure LOW *-2.13 June 28, 2026
wp_rokbox wp_rokbox N/A WordPress RokBox <= 2.13 - Denial of Service LOW *-2.13 June 28, 2026
wp_rokbox wp_rokbox N/A WordPress RokBox <= 2.13 - Cross-Site Scripting LOW *-2.13 June 28, 2026
wp_rokbox wp_rokbox N/A WordPress RokBox <= 2.13 - Abuse of Functionality LOW *-2.13 June 28, 2026
usc-e-shop usc-e-shop N/A Welcart e-Commerce < 1.2.2 - Cross-Site Scripting LOW [*, 1.2.2) 1.2.2 June 28, 2026
usc-e-shop usc-e-shop N/A Welcart e-Commerce < 1.2.2 - Cross-Site Request Forgery LOW [*, 1.2.2) 1.2.2 June 28, 2026
knews knews
93
 Knews Multilingual Newsletters < 1.2.6 - Cross-Site Request Forgery LOW [*, 1.2.6) 1.2.6 June 28, 2026
buddystream buddystream
93
 BuddyStream <= 3.6.2 - Reflected Cross-Site Scripting LOW *-3.6.2 3.6.3 June 28, 2026
floating-social-media-links floating-social-media-links
91
 Floating Social Media Links < 1.4.3 - Remote File Inclusion via fsml-hideshow.js.php wpp parameter LOW [*, 1.4.3) 1.4.3 June 28, 2026
floating-social-media-links floating-social-media-links
91
 Floating Social Media Links < 1.4.3 - Remote File Inclusion via fsml-admin.js.php wpp parameter LOW [*, 1.4.3) 1.4.3 June 28, 2026
woocommerce-predictive-search woocommerce-predictive-search N/A Predictive Search for WooCommerce <= 1.0.5 - Cross-Site Scripting LOW *-1.0.5 1.0.6 June 28, 2026
video-lead-form video-lead-form N/A Video Lead Form < 0.6 - Cross-Site Scripting LOW [*, 0.6) 0.6 June 28, 2026
ads-box ads-box
95
 Ads Box <= 1.0 - SQL Injection LOW *-1.0 June 28, 2026
simple-gmail-login simple-gmail-login N/A Simple Gmail Login < 1.1.4 - Sensitive Information Disclosure LOW [*, 1.1.4) 1.1.4 June 28, 2026
zarzadzanie_kontem zarzadzanie_kontem N/A Zarzadzanie Kontem (Unknown Versions) - Arbitrary File Upload LOW * June 28, 2026
wysija-newsletters wysija-newsletters N/A MailPoet Newsletters (Previous) <= 2.1.6 - Cross-Site Scripting LOW *-2.1.6 2.1.7 June 28, 2026
plg_novana plg_novana N/A Plg Novana Plugin (All Versions) - SQL Injection LOW * June 28, 2026
advanced-text-widget advanced-text-widget
95
 Advanced Text Widget <= 2.0.1 - Cross-Site Scripting LOW *-2.0.1 2.0.2 June 28, 2026
fbsurveypro fbsurveypro
91
 Facebook Survey Pro <= 1.0 - SQL Injection LOW *-1.0 June 28, 2026
post-views post-views N/A Post Views <= 2.6.1.2 - Cross-Site Scripting LOW *-2.6.1.2 2.6.1.3 June 28, 2026
wp-filebase wp-filebase N/A WP-Filebase <= 0.2.9.24 - Missing Authorization Checks LOW *-0.2.9.24 0.2.9.25 June 28, 2026
uk-cookie uk-cookie N/A Uk Cookie <= 1.1 - Cross-Site Scripting LOW *-1.1 June 28, 2026
wp-image-news-slider wp-image-news-slider N/A Image News Slider <= 3.3 - Arbitrary File Upload LOW *-3.3 3.4 June 28, 2026
wysija-newsletters wysija-newsletters N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.1.6 2.1.7 June 28, 2026
wp-yasslideshow wp-yasslideshow N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-3.3 3.4 June 28, 2026
wp-vertical-gallery wp-vertical-gallery N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.2 2.3 June 28, 2026
wp-superb-slideshow wp-superb-slideshow N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.3 2.4 June 28, 2026
wp-royal-gallery wp-royal-gallery N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.0 2.1 June 28, 2026
wp-powerplaygallery wp-powerplaygallery N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW [*, 3.2) 3.2 June 28, 2026
wp-matrix-gallery wp-matrix-gallery N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.2 2.3 June 28, 2026
wp-levoslideshow wp-levoslideshow N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.2 2.3 June 28, 2026
wp-image-news-slider wp-image-news-slider N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-3.4 3.5 June 28, 2026
wp-homepage-slideshow wp-homepage-slideshow N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.2 2.3 June 28, 2026
wp-flipslideshow wp-flipslideshow N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.1 2.2 June 28, 2026
wp-extended wp-extended N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
wp-ecommerce-cvs-importer wp-ecommerce-cvs-importer N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
wp-dreamworkgallery wp-dreamworkgallery N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.2 2.3 June 28, 2026
wp-carouselslideshow wp-carouselslideshow N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-3.10 3.11 June 28, 2026
wp-bliss-gallery wp-bliss-gallery N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW [*, 2.3) 2.3 June 28, 2026
wp-3dflick-slideshow wp-3dflick-slideshow N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.2 2.3 June 28, 2026
wp-3dbanner-rotator wp-3dbanner-rotator N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.1 2.2 June 28, 2026
ultimate-tinymce ultimate-tinymce N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-3.5 3.6 June 28, 2026
sprapid sprapid N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
spotlightyour spotlightyour N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW [*, 4.4) 4.4 June 28, 2026
smart-slide-show smart-slide-show N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.3 2.4 June 28, 2026
slide-show-pro slide-show-pro N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.3 2.4 June 28, 2026
power-zoomer power-zoomer N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.1 2.3 June 28, 2026
pica-photo-gallery pica-photo-gallery N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
pdw-file-browser pdw-file-browser N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery nextgen-gallery
66
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-1.9.6 1.9.7 June 28, 2026
mac-dock-photogallery mac-dock-photogallery
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-1.0 June 28, 2026
mac-dock-gallery mac-dock-gallery
93
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW [*, 3.0) 3.0 June 28, 2026
fresh-page fresh-page
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
fluid-accessible-uploader fluid-accessible-uploader
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
fluid-accessible-ui-options fluid-accessible-ui-options
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
fluid-accessible-rich-inline-edit fluid-accessible-rich-inline-edit
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
fluid-accessible-pager fluid-accessible-pager
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
flash-album-gallery flash-album-gallery
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW [*, 2.12) 2.12 June 28, 2026
dm-albums dm-albums
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
comment-extra-field comment-extra-field
89
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-1.7 June 28, 2026
blaze-slide-show-for-wordpress blaze-slide-show-for-wordpress
91
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW *-2.4 2.6 June 28, 2026
apptha-slider-gallery apptha-slider-gallery
95
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
apptha-banner apptha-banner
95
 SWFUpload <= 2.2.0.1 - Cross-Site Scripting LOW * June 28, 2026
cardoza-ajax-search cardoza-ajax-search
93
 Cardoza AJAX Search < 1.3 - Unauthenticated SQL Injection LOW [*, 1.3) 1.3 June 28, 2026
answer-my-question answer-my-question
95
 Answer My Question < 1.2 - Cross-Site Scripting LOW [*, 1.2) 1.2 June 28, 2026
all-video-gallery all-video-gallery
95
 All Video Gallery <= 1.1 - SQL Injection LOW [*, 1.2) 1.2 June 28, 2026
Yoast SEO – Advanced SEO with real-time guidance and built-in AI wordpress-seo
89
 Yoast SEO <= 2.1.1 - Cross Site Scripting via post_title parameter LOW *-2.1.1 2.2 June 28, 2026
foxypress foxypress
89
 FoxyPress <= 0.4.2.6 - Cross-Site Scripting LOW *-0.4.2.6 0.4.2.7 June 28, 2026
foxypress foxypress
89
 FoxyPress <= 0.4.2.7 - Open Redirect LOW *-0.4.2.7 0.4.2.8 June 28, 2026
foxypress foxypress
89
 FoxyPress < 0.4.2.6 - Arbitrary File Upload LOW *-0.4.2.5 0.4.2.6 June 28, 2026
foxypress foxypress
89
 FoxyPress <= 0.4.9 - Cross-Site Request Forgery LOW *-0.4.9 June 28, 2026
foxypress foxypress
89
 FoxyPress <= 0.4.9 - SQL Injection LOW *-0.4.9 June 28, 2026
fs-real-estate-plugin fs-real-estate-plugin
91
 FireStorm Professional Real Estate Plugin <= 2.06.03 - SQL Injections LOW *-2.06.03 2.06.04 June 28, 2026
cimy-user-manager cimy-user-manager
93
 Cimy User Manager < 1.4.4 - Arbitrary File Read LOW [*, 1.4.4) 1.4.4 June 28, 2026
ungallery ungallery N/A UnGallery < 2.1.6 - Command Injection LOW [*, 2.1.6) 2.1.6 June 28, 2026
white-label-cms white-label-cms N/A White Label CMS < 1.5.1 - Reflected Cross-Site Scripting LOW [*, 1.5.1) 1.5.1 June 28, 2026
white-label-cms white-label-cms N/A White Label CMS < 1.5.1 - Cross-Site Scripting LOW [*, 1.5.1) 1.5.1 June 28, 2026
Wordfence Security – Firewall, Malware Scan, and Login Security wordfence
70
 Wordfence Security - Firewall & Malware Scan <= 3.3.6 - Stored Cross-Site Scripting LOW *-3.3.6 3.3.7 June 28, 2026
Wordfence Security – Firewall, Malware Scan, and Login Security wordfence
70
 Wordfence < 3.3.7 - Reflected Cross-Site Scripting LOW [*, 3.3.7) 3.3.7 June 28, 2026
social-discussions social-discussions N/A Social Discussions <= 6.1.1 - Remote File Inclusion and Full Path Disclosure LOW *-6.1.1 6.1.2 June 28, 2026
slideshow-jquery-image-gallery slideshow-jquery-image-gallery N/A Slideshow < 2.1.13 - Cross-Site Scripting and Sensitive Information Disclosure LOW *-2.1.12 2.1.13 June 28, 2026
crayon-syntax-highlighter crayon-syntax-highlighter
89
 Crayon Syntax Highlighter Plugin <= 1.13 - Remote File Inclusion LOW *-1.13 1.14 June 28, 2026
eshop-magic eshop-magic
93
 Eshop Magic < 0.2 - Arbitrary File Read LOW [*, 0.2) 0.2 June 28, 2026
spider-calendar spider-calendar N/A Spider Calendar < 1.1.3 - Multiple Vulnerabilities LOW [*, 1.1.3) 1.1.3 June 28, 2026
social-hashtags social-hashtags N/A Social Hashtags <= 3.0.0 - Cross-Site Scripting LOW *-3.0.0 June 28, 2026
wordpress-whois-search wordpress-whois-search N/A WHOIS <= 1.4.2.4 - Cross-Site Scripting LOW *-1.4.2.4 June 28, 2026
mf-gig-calendar mf-gig-calendar N/A MF Gig Calendar <= 0.9.4.1 - Cross-Site Scripting LOW *-0.9.4.1 0.9.5 June 28, 2026
simple-download-button-shortcode simple-download-button-shortcode N/A Simple Download Button Shortcode <= 1.0 - Information Disclosure via Arbitrary File Downloads LOW 1.0 1.1 June 28, 2026
wp-topbar wp-topbar N/A WP-TopBar <= 4.02 - Cross-Site Request Forgery to Stored Cross-Site Scripting LOW *-4.02 4.03 June 28, 2026
dvs-custom-notification dvs-custom-notification
91
 DVS Custom Notification <= 1.0.1 - Cross-Site Request Forgery LOW *-1.0.1 June 28, 2026
download-monitor download-monitor
93
 Download Monitor <= 3.3.5.8 - Reflected Cross-Site Scripting LOW *-3.3.5.8 3.3.5.9 June 28, 2026
tdo-mini-forms tdo-mini-forms N/A TDO Mini Forms <= 0.13.9 - Arbitrary File Upload LOW *-0.13.9 June 28, 2026
Media File Renamer: Rename for better SEO (AI-Powered) media-file-renamer
88
 Media File Renamer – Auto & Manual Rename <= 5.2.5 - Missing Authorization Checks LOW *-5.2.5 5.2.6 June 28, 2026
floating-tweets floating-tweets
89
 Floating Tweets <= 1.0.1 - Reflected Cross-Site Scripting LOW *-1.0.1 June 28, 2026
sem-wysiwyg sem-wysiwyg N/A sem-wysiwyg <= 1.0 - Arbitrary File Upload LOW *-1.0 June 28, 2026
rich-widget rich-widget N/A Rich Widget <= 0.2.4 - Arbitrary File Upload LOW *-0.2.4 June 28, 2026
LOW

flash-album-gallery

flash-album-gallery

Score: 91/100 Album and Image Gallery with Lightbox – Flagallery Photo Portfolio <= 2.00 - SQL Injection Affected: *-2.00 Patched: 2.10 Updated: June 28, 2026
LOW

wp_rokbox

wp_rokbox

Score: N/A WordPress RokBox <= 2.13 - Content Spoofing Affected: *-2.13 Patched: Updated: June 28, 2026
LOW

wp_rokbox

wp_rokbox

Score: N/A WordPress RokBox <= 2.13 - Arbitrary File Upload Affected: *-2.13 Patched: Updated: June 28, 2026
LOW

wp_rokbox

wp_rokbox

Score: N/A WordPress RokBox <= 2.13 - Full Path Disclosure Affected: *-2.13 Patched: Updated: June 28, 2026
LOW

wp_rokbox

wp_rokbox

Score: N/A WordPress RokBox <= 2.13 - Sensitive Data Disclosure Affected: *-2.13 Patched: Updated: June 28, 2026
LOW

wp_rokbox

wp_rokbox

Score: N/A WordPress RokBox <= 2.13 - Denial of Service Affected: *-2.13 Patched: Updated: June 28, 2026
LOW

wp_rokbox

wp_rokbox

Score: N/A WordPress RokBox <= 2.13 - Cross-Site Scripting Affected: *-2.13 Patched: Updated: June 28, 2026
LOW

wp_rokbox

wp_rokbox

Score: N/A WordPress RokBox <= 2.13 - Abuse of Functionality Affected: *-2.13 Patched: Updated: June 28, 2026
LOW

usc-e-shop

usc-e-shop

Score: N/A Welcart e-Commerce < 1.2.2 - Cross-Site Scripting Affected: [*, 1.2.2) Patched: 1.2.2 Updated: June 28, 2026
LOW

usc-e-shop

usc-e-shop

Score: N/A Welcart e-Commerce < 1.2.2 - Cross-Site Request Forgery Affected: [*, 1.2.2) Patched: 1.2.2 Updated: June 28, 2026
LOW

knews

knews

Score: 93/100 Knews Multilingual Newsletters < 1.2.6 - Cross-Site Request Forgery Affected: [*, 1.2.6) Patched: 1.2.6 Updated: June 28, 2026
LOW

buddystream

buddystream

Score: 93/100 BuddyStream <= 3.6.2 - Reflected Cross-Site Scripting Affected: *-3.6.2 Patched: 3.6.3 Updated: June 28, 2026
LOW

floating-social-media-links

floating-social-media-links

Score: 91/100 Floating Social Media Links < 1.4.3 - Remote File Inclusion via fsml-hideshow.js.php wpp parameter Affected: [*, 1.4.3) Patched: 1.4.3 Updated: June 28, 2026
LOW

floating-social-media-links

floating-social-media-links

Score: 91/100 Floating Social Media Links < 1.4.3 - Remote File Inclusion via fsml-admin.js.php wpp parameter Affected: [*, 1.4.3) Patched: 1.4.3 Updated: June 28, 2026
LOW

woocommerce-predictive-search

woocommerce-predictive-search

Score: N/A Predictive Search for WooCommerce <= 1.0.5 - Cross-Site Scripting Affected: *-1.0.5 Patched: 1.0.6 Updated: June 28, 2026
LOW

video-lead-form

video-lead-form

Score: N/A Video Lead Form < 0.6 - Cross-Site Scripting Affected: [*, 0.6) Patched: 0.6 Updated: June 28, 2026
LOW

ads-box

ads-box

Score: 95/100 Ads Box <= 1.0 - SQL Injection Affected: *-1.0 Patched: Updated: June 28, 2026
LOW

simple-gmail-login

simple-gmail-login

Score: N/A Simple Gmail Login < 1.1.4 - Sensitive Information Disclosure Affected: [*, 1.1.4) Patched: 1.1.4 Updated: June 28, 2026
LOW

zarzadzanie_kontem

zarzadzanie_kontem

Score: N/A Zarzadzanie Kontem (Unknown Versions) - Arbitrary File Upload Affected: * Patched: Updated: June 28, 2026
LOW

wysija-newsletters

wysija-newsletters

Score: N/A MailPoet Newsletters (Previous) <= 2.1.6 - Cross-Site Scripting Affected: *-2.1.6 Patched: 2.1.7 Updated: June 28, 2026
LOW

plg_novana

plg_novana

Score: N/A Plg Novana Plugin (All Versions) - SQL Injection Affected: * Patched: Updated: June 28, 2026
LOW

advanced-text-widget

advanced-text-widget

Score: 95/100 Advanced Text Widget <= 2.0.1 - Cross-Site Scripting Affected: *-2.0.1 Patched: 2.0.2 Updated: June 28, 2026
LOW

fbsurveypro

fbsurveypro

Score: 91/100 Facebook Survey Pro <= 1.0 - SQL Injection Affected: *-1.0 Patched: Updated: June 28, 2026
LOW

post-views

post-views

Score: N/A Post Views <= 2.6.1.2 - Cross-Site Scripting Affected: *-2.6.1.2 Patched: 2.6.1.3 Updated: June 28, 2026
LOW

wp-filebase

wp-filebase

Score: N/A WP-Filebase <= 0.2.9.24 - Missing Authorization Checks Affected: *-0.2.9.24 Patched: 0.2.9.25 Updated: June 28, 2026
LOW

uk-cookie

uk-cookie

Score: N/A Uk Cookie <= 1.1 - Cross-Site Scripting Affected: *-1.1 Patched: Updated: June 28, 2026
LOW

wp-image-news-slider

wp-image-news-slider

Score: N/A Image News Slider <= 3.3 - Arbitrary File Upload Affected: *-3.3 Patched: 3.4 Updated: June 28, 2026
LOW

wysija-newsletters

wysija-newsletters

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.1.6 Patched: 2.1.7 Updated: June 28, 2026
LOW

wp-yasslideshow

wp-yasslideshow

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-3.3 Patched: 3.4 Updated: June 28, 2026
LOW

wp-vertical-gallery

wp-vertical-gallery

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.2 Patched: 2.3 Updated: June 28, 2026
LOW

wp-superb-slideshow

wp-superb-slideshow

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.3 Patched: 2.4 Updated: June 28, 2026
LOW

wp-royal-gallery

wp-royal-gallery

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.0 Patched: 2.1 Updated: June 28, 2026
LOW

wp-powerplaygallery

wp-powerplaygallery

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: [*, 3.2) Patched: 3.2 Updated: June 28, 2026
LOW

wp-matrix-gallery

wp-matrix-gallery

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.2 Patched: 2.3 Updated: June 28, 2026
LOW

wp-levoslideshow

wp-levoslideshow

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.2 Patched: 2.3 Updated: June 28, 2026
LOW

wp-image-news-slider

wp-image-news-slider

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-3.4 Patched: 3.5 Updated: June 28, 2026
LOW

wp-homepage-slideshow

wp-homepage-slideshow

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.2 Patched: 2.3 Updated: June 28, 2026
LOW

wp-flipslideshow

wp-flipslideshow

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.1 Patched: 2.2 Updated: June 28, 2026
LOW

wp-extended

wp-extended

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

wp-ecommerce-cvs-importer

wp-ecommerce-cvs-importer

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

wp-dreamworkgallery

wp-dreamworkgallery

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.2 Patched: 2.3 Updated: June 28, 2026
LOW

wp-carouselslideshow

wp-carouselslideshow

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-3.10 Patched: 3.11 Updated: June 28, 2026
LOW

wp-bliss-gallery

wp-bliss-gallery

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: [*, 2.3) Patched: 2.3 Updated: June 28, 2026
LOW

wp-3dflick-slideshow

wp-3dflick-slideshow

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.2 Patched: 2.3 Updated: June 28, 2026
LOW

wp-3dbanner-rotator

wp-3dbanner-rotator

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.1 Patched: 2.2 Updated: June 28, 2026
LOW

ultimate-tinymce

ultimate-tinymce

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-3.5 Patched: 3.6 Updated: June 28, 2026
LOW

sprapid

sprapid

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

spotlightyour

spotlightyour

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: [*, 4.4) Patched: 4.4 Updated: June 28, 2026
LOW

smart-slide-show

smart-slide-show

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.3 Patched: 2.4 Updated: June 28, 2026
LOW

slide-show-pro

slide-show-pro

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.3 Patched: 2.4 Updated: June 28, 2026
LOW

power-zoomer

power-zoomer

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.1 Patched: 2.3 Updated: June 28, 2026
LOW

pica-photo-gallery

pica-photo-gallery

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

pdw-file-browser

pdw-file-browser

Score: N/A SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

mac-dock-photogallery

mac-dock-photogallery

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-1.0 Patched: Updated: June 28, 2026
LOW

mac-dock-gallery

mac-dock-gallery

Score: 93/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: [*, 3.0) Patched: 3.0 Updated: June 28, 2026
LOW

fresh-page

fresh-page

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

fluid-accessible-uploader

fluid-accessible-uploader

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

fluid-accessible-ui-options

fluid-accessible-ui-options

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

fluid-accessible-rich-inline-edit

fluid-accessible-rich-inline-edit

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

fluid-accessible-pager

fluid-accessible-pager

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

flash-album-gallery

flash-album-gallery

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: [*, 2.12) Patched: 2.12 Updated: June 28, 2026
LOW

dm-albums

dm-albums

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

comment-extra-field

comment-extra-field

Score: 89/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-1.7 Patched: Updated: June 28, 2026
LOW

blaze-slide-show-for-wordpress

blaze-slide-show-for-wordpress

Score: 91/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: *-2.4 Patched: 2.6 Updated: June 28, 2026
LOW

apptha-slider-gallery

apptha-slider-gallery

Score: 95/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

apptha-banner

apptha-banner

Score: 95/100 SWFUpload <= 2.2.0.1 - Cross-Site Scripting Affected: * Patched: Updated: June 28, 2026
LOW

cardoza-ajax-search

cardoza-ajax-search

Score: 93/100 Cardoza AJAX Search < 1.3 - Unauthenticated SQL Injection Affected: [*, 1.3) Patched: 1.3 Updated: June 28, 2026
LOW

answer-my-question

answer-my-question

Score: 95/100 Answer My Question < 1.2 - Cross-Site Scripting Affected: [*, 1.2) Patched: 1.2 Updated: June 28, 2026
LOW

all-video-gallery

all-video-gallery

Score: 95/100 All Video Gallery <= 1.1 - SQL Injection Affected: [*, 1.2) Patched: 1.2 Updated: June 28, 2026
LOW

foxypress

foxypress

Score: 89/100 FoxyPress <= 0.4.2.6 - Cross-Site Scripting Affected: *-0.4.2.6 Patched: 0.4.2.7 Updated: June 28, 2026
LOW

foxypress

foxypress

Score: 89/100 FoxyPress <= 0.4.2.7 - Open Redirect Affected: *-0.4.2.7 Patched: 0.4.2.8 Updated: June 28, 2026
LOW

foxypress

foxypress

Score: 89/100 FoxyPress < 0.4.2.6 - Arbitrary File Upload Affected: *-0.4.2.5 Patched: 0.4.2.6 Updated: June 28, 2026
LOW

foxypress

foxypress

Score: 89/100 FoxyPress <= 0.4.9 - Cross-Site Request Forgery Affected: *-0.4.9 Patched: Updated: June 28, 2026
LOW

foxypress

foxypress

Score: 89/100 FoxyPress <= 0.4.9 - SQL Injection Affected: *-0.4.9 Patched: Updated: June 28, 2026
LOW

fs-real-estate-plugin

fs-real-estate-plugin

Score: 91/100 FireStorm Professional Real Estate Plugin <= 2.06.03 - SQL Injections Affected: *-2.06.03 Patched: 2.06.04 Updated: June 28, 2026
LOW

cimy-user-manager

cimy-user-manager

Score: 93/100 Cimy User Manager < 1.4.4 - Arbitrary File Read Affected: [*, 1.4.4) Patched: 1.4.4 Updated: June 28, 2026
LOW

ungallery

ungallery

Score: N/A UnGallery < 2.1.6 - Command Injection Affected: [*, 2.1.6) Patched: 2.1.6 Updated: June 28, 2026
LOW

white-label-cms

white-label-cms

Score: N/A White Label CMS < 1.5.1 - Reflected Cross-Site Scripting Affected: [*, 1.5.1) Patched: 1.5.1 Updated: June 28, 2026
LOW

white-label-cms

white-label-cms

Score: N/A White Label CMS < 1.5.1 - Cross-Site Scripting Affected: [*, 1.5.1) Patched: 1.5.1 Updated: June 28, 2026
LOW

social-discussions

social-discussions

Score: N/A Social Discussions <= 6.1.1 - Remote File Inclusion and Full Path Disclosure Affected: *-6.1.1 Patched: 6.1.2 Updated: June 28, 2026
LOW

slideshow-jquery-image-gallery

slideshow-jquery-image-gallery

Score: N/A Slideshow < 2.1.13 - Cross-Site Scripting and Sensitive Information Disclosure Affected: *-2.1.12 Patched: 2.1.13 Updated: June 28, 2026
LOW

crayon-syntax-highlighter

crayon-syntax-highlighter

Score: 89/100 Crayon Syntax Highlighter Plugin <= 1.13 - Remote File Inclusion Affected: *-1.13 Patched: 1.14 Updated: June 28, 2026
LOW

eshop-magic

eshop-magic

Score: 93/100 Eshop Magic < 0.2 - Arbitrary File Read Affected: [*, 0.2) Patched: 0.2 Updated: June 28, 2026
LOW

spider-calendar

spider-calendar

Score: N/A Spider Calendar < 1.1.3 - Multiple Vulnerabilities Affected: [*, 1.1.3) Patched: 1.1.3 Updated: June 28, 2026
LOW

social-hashtags

social-hashtags

Score: N/A Social Hashtags <= 3.0.0 - Cross-Site Scripting Affected: *-3.0.0 Patched: Updated: June 28, 2026
LOW

wordpress-whois-search

wordpress-whois-search

Score: N/A WHOIS <= 1.4.2.4 - Cross-Site Scripting Affected: *-1.4.2.4 Patched: Updated: June 28, 2026
LOW

mf-gig-calendar

mf-gig-calendar

Score: N/A MF Gig Calendar <= 0.9.4.1 - Cross-Site Scripting Affected: *-0.9.4.1 Patched: 0.9.5 Updated: June 28, 2026
LOW

simple-download-button-shortcode

simple-download-button-shortcode

Score: N/A Simple Download Button Shortcode <= 1.0 - Information Disclosure via Arbitrary File Downloads Affected: 1.0 Patched: 1.1 Updated: June 28, 2026
LOW

wp-topbar

wp-topbar

Score: N/A WP-TopBar <= 4.02 - Cross-Site Request Forgery to Stored Cross-Site Scripting Affected: *-4.02 Patched: 4.03 Updated: June 28, 2026
LOW

dvs-custom-notification

dvs-custom-notification

Score: 91/100 DVS Custom Notification <= 1.0.1 - Cross-Site Request Forgery Affected: *-1.0.1 Patched: Updated: June 28, 2026
LOW

download-monitor

download-monitor

Score: 93/100 Download Monitor <= 3.3.5.8 - Reflected Cross-Site Scripting Affected: *-3.3.5.8 Patched: 3.3.5.9 Updated: June 28, 2026
LOW

tdo-mini-forms

tdo-mini-forms

Score: N/A TDO Mini Forms <= 0.13.9 - Arbitrary File Upload Affected: *-0.13.9 Patched: Updated: June 28, 2026
LOW

floating-tweets

floating-tweets

Score: 89/100 Floating Tweets <= 1.0.1 - Reflected Cross-Site Scripting Affected: *-1.0.1 Patched: Updated: June 28, 2026
LOW

sem-wysiwyg

sem-wysiwyg

Score: N/A sem-wysiwyg <= 1.0 - Arbitrary File Upload Affected: *-1.0 Patched: Updated: June 28, 2026
LOW

rich-widget

rich-widget

Score: N/A Rich Widget <= 0.2.4 - Arbitrary File Upload Affected: *-0.2.4 Patched: Updated: June 28, 2026

Showing 35801 to 35900 of 36189 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: June 28, 2026 at 20:59 UTC.