Plugin Score by Kitgenix

Known Plugin Vulnerabilities

Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.

Open Vulnerabilities

36313

Across tracked plugins

Affected Plugins

95

With open vulnerabilities

Critical / High

0

Require immediate attention

Recently Updated

0

In the last 30 days

Vulnerability List

Export CSV
Vulnerability list with plugin score and patch status
PluginSlugScoreVulnerabilityCVE IDSeverityAffected VersionsPatchedUpdated
wordpress-tooltips wordpress-tooltips N/A Tooltips <= 10.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-10.8.3 June 30, 2026
woocommerce-parcelas woocommerce-parcelas N/A WooCommerce Parcelas <= 1.3.5 - Authenticated (Shop manager+) Stored Cross-Site Scripting LOW *-1.3.5 June 30, 2026
woo-reviews-by-wiremo woo-reviews-by-wiremo N/A Wiremo <= 1.4.99 - Missing Authorization LOW *-1.4.99 June 30, 2026
woo-gerencianet-official woo-gerencianet-official N/A Gerencianet Oficial <= 3.1.3 - Unauthenticated Information Exposure LOW *-3.1.3 June 30, 2026
webman-amplifier webman-amplifier N/A WebMan Amplifier <= 1.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.5.12 1.6.0 June 30, 2026
wc-order-cancellation-return wc-order-cancellation-return N/A Order Cancellation & Returns for WooCommerce <= 1.1.12 - Authenticated (Subscriber+) Insecure Direct Object Reference LOW *-1.1.12 1.1.13 June 30, 2026
wb-sticky-notes wb-sticky-notes N/A Sticky Notes for WP Dashboard <= 1.2.4 - Missing Authorization LOW *-1.2.4 1.2.5 June 30, 2026
watcher-elementor watcher-elementor N/A Watcher for Elementor <= 1.0.9 - Missing Authorization LOW *-1.0.9 June 30, 2026
walker-elementor walker-elementor N/A Walker for Elementor <= 1.1.6 - Missing Authorization LOW *-1.1.6 June 30, 2026
video-playlist-and-gallery-plugin video-playlist-and-gallery-plugin N/A Post Video Players <= 1.163 - Authenticated (Editor+) Stored Cross-Site Scripting LOW *-1.163 June 30, 2026
video-playlist-and-gallery-plugin video-playlist-and-gallery-plugin N/A Post Video Players <= 1.163 - Authenticated (Contributor+) Information Exposure LOW *-1.163 June 30, 2026
vcaching vcaching N/A Varnish/Nginx Proxy Caching <= 1.8.3 - Unauthenticated Information Exposure LOW *-1.8.3 June 30, 2026
vc-addons-by-bit14 vc-addons-by-bit14 N/A Web and WooCommerce Addons for WPBakery Builder <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.5 June 30, 2026
valenti-engine valenti-engine N/A Valenti Engine <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.0.3 June 30, 2026
user-specific-content user-specific-content N/A User Specific Content <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.0.6 June 30, 2026
universal-video-player universal-video-player N/A Universal Video Player <= 3.8.4 - Reflected Cross-Site Scripting LOW *-3.8.4 June 30, 2026
ungrabber ungrabber N/A UnGrabber <= 3.1.3 - Missing Authorization LOW *-3.1.3 June 30, 2026
trash-duplicate-and-301-redirect trash-duplicate-and-301-redirect N/A Trash Duplicate and 301 Redirect <= 1.9.1 - Missing Authorization LOW *-1.9.1 June 30, 2026
transmail transmail N/A Zoho ZeptoMail <= 3.3.1 - Cross-Site Request Forgery LOW *-3.3.1 3.3.2 June 30, 2026
timeline-awesome timeline-awesome N/A History Timeline <= 1.0.6 - Missing Authorization LOW *-1.0.6 June 30, 2026
thesis-openhook thesis-openhook N/A OpenHook <= 4.3.1 - Cross-Site Request Forgery LOW *-4.3.1 June 30, 2026
the-moneytizer the-moneytizer N/A The Moneytizer <= 10.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-10.0.9 10.0.10 June 30, 2026
terms-descriptions terms-descriptions N/A Terms descriptions <= 3.4.9 - Unauthenticated Information Exposure LOW *-3.4.9 June 30, 2026
tc-logo-slider tc-logo-slider N/A Logo Slider , Logo Carousel , Logo showcase , Client Logo <= 1.8.1 - Authenticated (Editor+) Stored Cross-Site Scripting LOW *-1.8.1 June 30, 2026
tasty-recipes-lite tasty-recipes-lite N/A Tasty Recipes Lite <= 1.1.5 - Missing Authorization LOW *-1.1.5 1.1.6 June 30, 2026
tasty-recipes-lite tasty-recipes-lite N/A Tasty Recipes Lite <= 1.1.5 - Missing Authorization LOW *-1.1.5 1.1.6 June 30, 2026
superlogoshowcase-wp superlogoshowcase-wp N/A Super Logos Showcase <= 2.8 - Reflected Cross-Site Scripting LOW *-2.8 June 30, 2026
social-profilr-display-social-network-profile social-profilr-display-social-network-profile N/A Social Profilr <= 1.0 - Cross-Site Request Forgery LOW *-1.0 June 30, 2026
sliper-elementor sliper-elementor N/A Sliper for Elementor <= 1.0.10 - Missing Authorization LOW *-1.0.10 June 30, 2026
simple-facebook-plugin simple-facebook-plugin N/A Simple Like Page <= 1.5.3 - Missing Authorization LOW *-1.5.3 2.0.0 June 30, 2026
simple-archive-generator simple-archive-generator N/A Simple Archive Generator <= 5.2 - Cross-Site Request Forgery LOW *-5.2 June 30, 2026
sermon-manager-for-wordpress sermon-manager-for-wordpress N/A Sermon Manager <= 2.30.0 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.30.0 June 30, 2026
series series N/A Series <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.0.1 June 30, 2026
serial-codes-generator-and-validator serial-codes-generator-and-validator N/A Serial Codes Generator and Validator with WooCommerce Support <= 2.8.2 - Missing Authorization LOW *-2.8.2 2.8.3 June 30, 2026
seo-slider seo-slider N/A SEO Slider <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.1.1 June 30, 2026
sensitive-tag-cloud sensitive-tag-cloud N/A SensitiveTagCloud <= 1.4.1 - Cross-Site Request Forgery LOW *-1.4.1 June 30, 2026
robotstxt-rewrite robotstxt-rewrite N/A Robots.txt rewrite <= 1.6.1 - Cross-Site Request Forgery LOW *-1.6.1 June 30, 2026
reuters-direct reuters-direct N/A Reuters Direct <= 3.0.0 - Missing Authorization LOW *-3.0.0 June 30, 2026
restropress restropress N/A RestroPress <= 3.2.7 - Missing Authorization LOW *-3.2.7 3.2.8 June 30, 2026
responsive-block-control responsive-block-control N/A Responsive Block Control <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.3.0 1.3.1 June 30, 2026
recent-posts-from-each-category recent-posts-from-each-category N/A Recent Posts From Each Category <= 1.4 - Cross-Site Request Forgery LOW *-1.4 June 30, 2026
realbig-media realbig-media N/A Realbig <= 1.1.3 - Missing Authorization LOW *-1.1.3 June 30, 2026
questionar-elementor questionar-elementor N/A Questionar for Elementor <= 1.1.7 - Missing Authorization LOW *-1.1.7 June 30, 2026
postie postie N/A Postie <= 1.9.73 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.9.73 1.9.74 June 30, 2026
post-snippets post-snippets N/A Post Snippets <= 4.0.11 - Cross-Site Request Forgery LOW *-4.0.11 4.0.12 June 30, 2026
portfolio-manager-powered-by-behance portfolio-manager-powered-by-behance N/A Behance Portfolio Manager <= 1.7.5 - Cross-Site Request Forgery LOW *-1.7.5 1.8.0 June 30, 2026
portfolio-manager-powered-by-behance portfolio-manager-powered-by-behance N/A Behance Portfolio Manager <= 1.7.5 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-1.7.5 1.8.0 June 30, 2026
pardakht-delkhah pardakht-delkhah N/A Pardakht Delkhah <= 3.0.0 - Cross-Site Request Forgery LOW *-3.0.0 June 30, 2026
page-title-splitter page-title-splitter N/A Page Title Splitter <= 2.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.5.9 June 30, 2026
orders-chat-for-woocommerce orders-chat-for-woocommerce N/A Orders Chat for WooCommerce <= 1.2.0 - Missing Authorization LOW *-1.2.0 June 30, 2026
noindex-by-path noindex-by-path N/A Noindex by Path <= 1.0 - Cross-Site Request Forgery LOW *-1.0 June 30, 2026
newsletters-lite newsletters-lite N/A Newsletters <= 4.11 - Unauthenticated PHP Object Injection LOW *-4.11 4.12 June 30, 2026
new-contact-form-widget new-contact-form-widget N/A Contact Form Widget <= 1.5.1 - Cross-Site Request Forgery LOW *-1.5.1 June 30, 2026
nd-booking nd-booking N/A Hotel Booking <= 3.8 - Missing Authorization LOW *-3.8 June 30, 2026
All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements mystickyelements
85
 My Sticky Elements <= 2.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Bulk Lead Deletion LOW *-2.3.3 2.3.4 June 30, 2026
myd-delivery myd-delivery N/A MyD Delivery <= 1.3.7 - Unauthenticated Insecure Direct Object Reference LOW *-1.3.7 June 30, 2026
mybooktable mybooktable N/A MyBookTable Bookstore <= 3.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-3.5.6 June 30, 2026
mx-time-zone-clocks mx-time-zone-clocks N/A MX Time Zone Clocks <= 5.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-5.1.1 June 30, 2026
mergado-marketing-pack mergado-marketing-pack
89
 Mergado Pack <= 4.2.0 - Cross-Site Request Forgery LOW *-4.2.0 June 30, 2026
maximum-products-per-user-for-woocommerce maximum-products-per-user-for-woocommerce
93
 Maximum Products per User for WooCommerce <= 4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-4.4.3 4.4.4 June 30, 2026
master-addons master-addons
93
 Master Addons for Elementor <= 2.0.9.9.4 - Unauthenticated Insecure Direct Object Reference LOW *-2.0.9.9.4 2.1.0 June 30, 2026
logger-elementor logger-elementor
91
 Logger for Elementor <= 1.0.9 - Missing Authorization LOW *-1.0.9 June 30, 2026
locatoraid locatoraid
91
 Locatoraid Store Locator <= 3.9.65 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-3.9.65 June 30, 2026
live-shopping-video-streams live-shopping-video-streams
89
 Live Shopping & Shoppable Videos For WooCommerce <= 2.2.0 - Cross-Site Request Forgery LOW *-2.2.0 June 30, 2026
live-shopping-video-streams live-shopping-video-streams
89
 Live Shopping & Shoppable Videos For WooCommerce <= 2.2.0 - Missing Authorization LOW *-2.2.0 June 30, 2026
listingpro-reviews listingpro-reviews
93
 ListingPro Reviews < 2.9.11 - Reflected Cross-Site Scripting LOW [*, 2.9.11) 2.9.11 June 30, 2026
kalender-digital kalender-digital
93
 Calendar.online / Kalender.digital <= 1.0.13 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.0.13 1.0.14 June 30, 2026
jobbank jobbank
89
 JobBank <= 1.2.2 - Reflected Cross-Site Scripting LOW *-1.2.2 June 30, 2026
infility-global infility-global
81
 Infility Global <= 2.14.49 - Unauthenticated SQL Injection LOW *-2.14.49 June 30, 2026
inext-woo-pincode-checker inext-woo-pincode-checker
91
 iNext Woo Pincode Checker <= 2.3.1 - Cross-Site Request Forgery LOW *-2.3.1 June 30, 2026
ilogic-accessibility ilogic-accessibility
91
 Accessibility Press <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting LOW *-1.0.2 June 30, 2026
hotel-listing hotel-listing
86
 Hotel Listing <= 1.4.0 - Reflected Cross-Site Scripting LOW *-1.4.0 June 30, 2026
hide-plugins hide-plugins
91
 Hide Plugins <= 1.0.4 - Missing Authorization LOW *-1.0.4 June 30, 2026
headinger-elementor headinger-elementor
91
 Headinger for Elementor <= 1.1.4 - Missing Authorization LOW *-1.1.4 June 30, 2026
gt3-photo-video-gallery gt3-photo-video-gallery
93
 Photo Gallery <= 2.7.7.26 - Reflected Cross-Site Scripting LOW *-2.7.7.26 2.7.7.27 June 30, 2026
gs-envato-portfolio gs-envato-portfolio
91
 GS Portfolio for Envato <= 1.4.2 - Missing Authorization LOW *-1.4.2 June 30, 2026
gravity-signature-forms-add-on gravity-signature-forms-add-on
93
 Signature Add-On for Gravity Forms <= 1.8.6 - Missing Authorization LOW *-1.8.6 1.8.7 June 30, 2026
graphist-elementor graphist-elementor
91
 Graphist <= 1.2.10 - Missing Authorization LOW *-1.2.10 June 30, 2026
grand-media grand-media
91
 Gmedia Photo Gallery <= 1.24.1 - Cross-Site Request Forgery LOW *-1.24.1 June 30, 2026
gmaper-elementor gmaper-elementor
91
 Gmaper for Elementor <= 1.0.9 - Missing Authorization LOW *-1.0.9 June 30, 2026
gallery-portfolio gallery-portfolio
91
 Portfolio Gallery <= 1.4.8 - Missing Authorization LOW *-1.4.8 June 30, 2026
funnelforms-free funnelforms-free
87
 Funnelforms Free <= 3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-3.8 June 30, 2026
formfacade formfacade
91
 FormFacade <= 1.4.1 - Cross-Site Request Forgery LOW *-1.4.1 June 30, 2026
follow-my-blog-post follow-my-blog-post
93
 Follow My Blog Post <= 2.4.0 - Missing Authorization to Unauthenticated Arbitrary Content Deletion LOW *-2.4.0 2.4.1 June 30, 2026
flowbox flowbox
91
 Flowbox <= 1.1.5 - Missing Authorization LOW *-1.1.5 June 30, 2026
featured-image-generator featured-image-generator
91
 Featured Image Generator <= 1.3.3 - Missing Authorization LOW *-1.3.3 June 30, 2026
extra-shortcodes extra-shortcodes
91
 Extra Shortcodes <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-2.2 June 30, 2026
everest-backup everest-backup
91
 Everest Backup <= 2.3.9 - Cross-Site Request Forgery LOW *-2.3.9 June 30, 2026
effect-maker effect-maker
89
 Effect Maker <= 1.2.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting LOW *-1.2.1 June 30, 2026
easyindex easyindex
91
 EasyIndex <= 1.1.1704 - Cross-Site Request Forgery LOW *-1.1.1704 June 30, 2026
easy-upload-files-during-checkout easy-upload-files-during-checkout
93
 Easy Upload Files During Checkout <= 3.0.0 - Missing Authorization LOW *-3.0.0 3.0.1 June 30, 2026
download-media-library download-media-library
91
 Download Media Library <= 0.2.1 - Unauthenticated Sensitive Information Exposure LOW *-0.2.1 June 30, 2026
dmca-badge dmca-badge
91
 DMCA Protection Badge <= 2.2.0 - Missing Authorization LOW *-2.2.0 June 30, 2026
direct-payments-wp direct-payments-wp
89
 Direct Payments WP <= 1.3.0 - Authenticated (Subscriber+) Sensitive Information Exposure LOW *-1.3.0 June 30, 2026
direct-payments-wp direct-payments-wp
89
 Direct Payments WP <= 1.3.0 - Missing Authorization LOW *-1.3.0 June 30, 2026
custom-url-to-featured-image custom-url-to-featured-image
91
 Add Featured Image Custom Link <= 2.0.0 - Authenticated (Author+) Stored Cross-Site Scripting LOW *-2.0.0 June 30, 2026
custom-style custom-style
91
 Custom Style <= 1.0 - Cross-Site Request Forgery LOW *-1.0 June 30, 2026
custom-post-status custom-post-status
91
 Custom Post Status <= 1.1.0 - Cross-Site Request Forgery LOW *-1.1.0 June 30, 2026
custom-background-changer custom-background-changer
91
 Custom Background Changer <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-3.0 June 30, 2026
curatorio curatorio
93
 Curator.io <= 1.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting LOW *-1.9.5 1.9.6 June 30, 2026
LOW

wordpress-tooltips

wordpress-tooltips

Score: N/A Tooltips <= 10.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-10.8.3 Patched: Updated: June 30, 2026
LOW

woocommerce-parcelas

woocommerce-parcelas

Score: N/A WooCommerce Parcelas <= 1.3.5 - Authenticated (Shop manager+) Stored Cross-Site Scripting Affected: *-1.3.5 Patched: Updated: June 30, 2026
LOW

woo-reviews-by-wiremo

woo-reviews-by-wiremo

Score: N/A Wiremo <= 1.4.99 - Missing Authorization Affected: *-1.4.99 Patched: Updated: June 30, 2026
LOW

woo-gerencianet-official

woo-gerencianet-official

Score: N/A Gerencianet Oficial <= 3.1.3 - Unauthenticated Information Exposure Affected: *-3.1.3 Patched: Updated: June 30, 2026
LOW

webman-amplifier

webman-amplifier

Score: N/A WebMan Amplifier <= 1.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.5.12 Patched: 1.6.0 Updated: June 30, 2026
LOW

wc-order-cancellation-return

wc-order-cancellation-return

Score: N/A Order Cancellation & Returns for WooCommerce <= 1.1.12 - Authenticated (Subscriber+) Insecure Direct Object Reference Affected: *-1.1.12 Patched: 1.1.13 Updated: June 30, 2026
LOW

wb-sticky-notes

wb-sticky-notes

Score: N/A Sticky Notes for WP Dashboard <= 1.2.4 - Missing Authorization Affected: *-1.2.4 Patched: 1.2.5 Updated: June 30, 2026
LOW

watcher-elementor

watcher-elementor

Score: N/A Watcher for Elementor <= 1.0.9 - Missing Authorization Affected: *-1.0.9 Patched: Updated: June 30, 2026
LOW

walker-elementor

walker-elementor

Score: N/A Walker for Elementor <= 1.1.6 - Missing Authorization Affected: *-1.1.6 Patched: Updated: June 30, 2026
LOW

video-playlist-and-gallery-plugin

video-playlist-and-gallery-plugin

Score: N/A Post Video Players <= 1.163 - Authenticated (Editor+) Stored Cross-Site Scripting Affected: *-1.163 Patched: Updated: June 30, 2026
LOW

video-playlist-and-gallery-plugin

video-playlist-and-gallery-plugin

Score: N/A Post Video Players <= 1.163 - Authenticated (Contributor+) Information Exposure Affected: *-1.163 Patched: Updated: June 30, 2026
LOW

vcaching

vcaching

Score: N/A Varnish/Nginx Proxy Caching <= 1.8.3 - Unauthenticated Information Exposure Affected: *-1.8.3 Patched: Updated: June 30, 2026
LOW

vc-addons-by-bit14

vc-addons-by-bit14

Score: N/A Web and WooCommerce Addons for WPBakery Builder <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.5 Patched: Updated: June 30, 2026
LOW

valenti-engine

valenti-engine

Score: N/A Valenti Engine <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.0.3 Patched: Updated: June 30, 2026
LOW

user-specific-content

user-specific-content

Score: N/A User Specific Content <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.0.6 Patched: Updated: June 30, 2026
LOW

universal-video-player

universal-video-player

Score: N/A Universal Video Player <= 3.8.4 - Reflected Cross-Site Scripting Affected: *-3.8.4 Patched: Updated: June 30, 2026
LOW

ungrabber

ungrabber

Score: N/A UnGrabber <= 3.1.3 - Missing Authorization Affected: *-3.1.3 Patched: Updated: June 30, 2026
LOW

trash-duplicate-and-301-redirect

trash-duplicate-and-301-redirect

Score: N/A Trash Duplicate and 301 Redirect <= 1.9.1 - Missing Authorization Affected: *-1.9.1 Patched: Updated: June 30, 2026
LOW

transmail

transmail

Score: N/A Zoho ZeptoMail <= 3.3.1 - Cross-Site Request Forgery Affected: *-3.3.1 Patched: 3.3.2 Updated: June 30, 2026
LOW

timeline-awesome

timeline-awesome

Score: N/A History Timeline <= 1.0.6 - Missing Authorization Affected: *-1.0.6 Patched: Updated: June 30, 2026
LOW

thesis-openhook

thesis-openhook

Score: N/A OpenHook <= 4.3.1 - Cross-Site Request Forgery Affected: *-4.3.1 Patched: Updated: June 30, 2026
LOW

the-moneytizer

the-moneytizer

Score: N/A The Moneytizer <= 10.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-10.0.9 Patched: 10.0.10 Updated: June 30, 2026
LOW

terms-descriptions

terms-descriptions

Score: N/A Terms descriptions <= 3.4.9 - Unauthenticated Information Exposure Affected: *-3.4.9 Patched: Updated: June 30, 2026
LOW

tc-logo-slider

tc-logo-slider

Score: N/A Logo Slider , Logo Carousel , Logo showcase , Client Logo <= 1.8.1 - Authenticated (Editor+) Stored Cross-Site Scripting Affected: *-1.8.1 Patched: Updated: June 30, 2026
LOW

tasty-recipes-lite

tasty-recipes-lite

Score: N/A Tasty Recipes Lite <= 1.1.5 - Missing Authorization Affected: *-1.1.5 Patched: 1.1.6 Updated: June 30, 2026
LOW

tasty-recipes-lite

tasty-recipes-lite

Score: N/A Tasty Recipes Lite <= 1.1.5 - Missing Authorization Affected: *-1.1.5 Patched: 1.1.6 Updated: June 30, 2026
LOW

superlogoshowcase-wp

superlogoshowcase-wp

Score: N/A Super Logos Showcase <= 2.8 - Reflected Cross-Site Scripting Affected: *-2.8 Patched: Updated: June 30, 2026
LOW

sliper-elementor

sliper-elementor

Score: N/A Sliper for Elementor <= 1.0.10 - Missing Authorization Affected: *-1.0.10 Patched: Updated: June 30, 2026
LOW

simple-facebook-plugin

simple-facebook-plugin

Score: N/A Simple Like Page <= 1.5.3 - Missing Authorization Affected: *-1.5.3 Patched: 2.0.0 Updated: June 30, 2026
LOW

simple-archive-generator

simple-archive-generator

Score: N/A Simple Archive Generator <= 5.2 - Cross-Site Request Forgery Affected: *-5.2 Patched: Updated: June 30, 2026
LOW

sermon-manager-for-wordpress

sermon-manager-for-wordpress

Score: N/A Sermon Manager <= 2.30.0 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.30.0 Patched: Updated: June 30, 2026
LOW

series

series

Score: N/A Series <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.0.1 Patched: Updated: June 30, 2026
LOW

serial-codes-generator-and-validator

serial-codes-generator-and-validator

Score: N/A Serial Codes Generator and Validator with WooCommerce Support <= 2.8.2 - Missing Authorization Affected: *-2.8.2 Patched: 2.8.3 Updated: June 30, 2026
LOW

seo-slider

seo-slider

Score: N/A SEO Slider <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.1.1 Patched: Updated: June 30, 2026
LOW

sensitive-tag-cloud

sensitive-tag-cloud

Score: N/A SensitiveTagCloud <= 1.4.1 - Cross-Site Request Forgery Affected: *-1.4.1 Patched: Updated: June 30, 2026
LOW

robotstxt-rewrite

robotstxt-rewrite

Score: N/A Robots.txt rewrite <= 1.6.1 - Cross-Site Request Forgery Affected: *-1.6.1 Patched: Updated: June 30, 2026
LOW

reuters-direct

reuters-direct

Score: N/A Reuters Direct <= 3.0.0 - Missing Authorization Affected: *-3.0.0 Patched: Updated: June 30, 2026
LOW

restropress

restropress

Score: N/A RestroPress <= 3.2.7 - Missing Authorization Affected: *-3.2.7 Patched: 3.2.8 Updated: June 30, 2026
LOW

responsive-block-control

responsive-block-control

Score: N/A Responsive Block Control <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.3.0 Patched: 1.3.1 Updated: June 30, 2026
LOW

recent-posts-from-each-category

recent-posts-from-each-category

Score: N/A Recent Posts From Each Category <= 1.4 - Cross-Site Request Forgery Affected: *-1.4 Patched: Updated: June 30, 2026
LOW

realbig-media

realbig-media

Score: N/A Realbig <= 1.1.3 - Missing Authorization Affected: *-1.1.3 Patched: Updated: June 30, 2026
LOW

questionar-elementor

questionar-elementor

Score: N/A Questionar for Elementor <= 1.1.7 - Missing Authorization Affected: *-1.1.7 Patched: Updated: June 30, 2026
LOW

postie

postie

Score: N/A Postie <= 1.9.73 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.9.73 Patched: 1.9.74 Updated: June 30, 2026
LOW

post-snippets

post-snippets

Score: N/A Post Snippets <= 4.0.11 - Cross-Site Request Forgery Affected: *-4.0.11 Patched: 4.0.12 Updated: June 30, 2026
LOW

portfolio-manager-powered-by-behance

portfolio-manager-powered-by-behance

Score: N/A Behance Portfolio Manager <= 1.7.5 - Cross-Site Request Forgery Affected: *-1.7.5 Patched: 1.8.0 Updated: June 30, 2026
LOW

portfolio-manager-powered-by-behance

portfolio-manager-powered-by-behance

Score: N/A Behance Portfolio Manager <= 1.7.5 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-1.7.5 Patched: 1.8.0 Updated: June 30, 2026
LOW

pardakht-delkhah

pardakht-delkhah

Score: N/A Pardakht Delkhah <= 3.0.0 - Cross-Site Request Forgery Affected: *-3.0.0 Patched: Updated: June 30, 2026
LOW

page-title-splitter

page-title-splitter

Score: N/A Page Title Splitter <= 2.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.5.9 Patched: Updated: June 30, 2026
LOW

orders-chat-for-woocommerce

orders-chat-for-woocommerce

Score: N/A Orders Chat for WooCommerce <= 1.2.0 - Missing Authorization Affected: *-1.2.0 Patched: Updated: June 30, 2026
LOW

noindex-by-path

noindex-by-path

Score: N/A Noindex by Path <= 1.0 - Cross-Site Request Forgery Affected: *-1.0 Patched: Updated: June 30, 2026
LOW

newsletters-lite

newsletters-lite

Score: N/A Newsletters <= 4.11 - Unauthenticated PHP Object Injection Affected: *-4.11 Patched: 4.12 Updated: June 30, 2026
LOW

new-contact-form-widget

new-contact-form-widget

Score: N/A Contact Form Widget <= 1.5.1 - Cross-Site Request Forgery Affected: *-1.5.1 Patched: Updated: June 30, 2026
LOW

nd-booking

nd-booking

Score: N/A Hotel Booking <= 3.8 - Missing Authorization Affected: *-3.8 Patched: Updated: June 30, 2026
LOW

myd-delivery

myd-delivery

Score: N/A MyD Delivery <= 1.3.7 - Unauthenticated Insecure Direct Object Reference Affected: *-1.3.7 Patched: Updated: June 30, 2026
LOW

mybooktable

mybooktable

Score: N/A MyBookTable Bookstore <= 3.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-3.5.6 Patched: Updated: June 30, 2026
LOW

mx-time-zone-clocks

mx-time-zone-clocks

Score: N/A MX Time Zone Clocks <= 5.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-5.1.1 Patched: Updated: June 30, 2026
LOW

mergado-marketing-pack

mergado-marketing-pack

Score: 89/100 Mergado Pack <= 4.2.0 - Cross-Site Request Forgery Affected: *-4.2.0 Patched: Updated: June 30, 2026
LOW

maximum-products-per-user-for-woocommerce

maximum-products-per-user-for-woocommerce

Score: 93/100 Maximum Products per User for WooCommerce <= 4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-4.4.3 Patched: 4.4.4 Updated: June 30, 2026
LOW

master-addons

master-addons

Score: 93/100 Master Addons for Elementor <= 2.0.9.9.4 - Unauthenticated Insecure Direct Object Reference Affected: *-2.0.9.9.4 Patched: 2.1.0 Updated: June 30, 2026
LOW

logger-elementor

logger-elementor

Score: 91/100 Logger for Elementor <= 1.0.9 - Missing Authorization Affected: *-1.0.9 Patched: Updated: June 30, 2026
LOW

locatoraid

locatoraid

Score: 91/100 Locatoraid Store Locator <= 3.9.65 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-3.9.65 Patched: Updated: June 30, 2026
LOW

live-shopping-video-streams

live-shopping-video-streams

Score: 89/100 Live Shopping & Shoppable Videos For WooCommerce <= 2.2.0 - Cross-Site Request Forgery Affected: *-2.2.0 Patched: Updated: June 30, 2026
LOW

live-shopping-video-streams

live-shopping-video-streams

Score: 89/100 Live Shopping & Shoppable Videos For WooCommerce <= 2.2.0 - Missing Authorization Affected: *-2.2.0 Patched: Updated: June 30, 2026
LOW

listingpro-reviews

listingpro-reviews

Score: 93/100 ListingPro Reviews < 2.9.11 - Reflected Cross-Site Scripting Affected: [*, 2.9.11) Patched: 2.9.11 Updated: June 30, 2026
LOW

kalender-digital

kalender-digital

Score: 93/100 Calendar.online / Kalender.digital <= 1.0.13 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.0.13 Patched: 1.0.14 Updated: June 30, 2026
LOW

jobbank

jobbank

Score: 89/100 JobBank <= 1.2.2 - Reflected Cross-Site Scripting Affected: *-1.2.2 Patched: Updated: June 30, 2026
LOW

infility-global

infility-global

Score: 81/100 Infility Global <= 2.14.49 - Unauthenticated SQL Injection Affected: *-2.14.49 Patched: Updated: June 30, 2026
LOW

inext-woo-pincode-checker

inext-woo-pincode-checker

Score: 91/100 iNext Woo Pincode Checker <= 2.3.1 - Cross-Site Request Forgery Affected: *-2.3.1 Patched: Updated: June 30, 2026
LOW

ilogic-accessibility

ilogic-accessibility

Score: 91/100 Accessibility Press <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting Affected: *-1.0.2 Patched: Updated: June 30, 2026
LOW

hotel-listing

hotel-listing

Score: 86/100 Hotel Listing <= 1.4.0 - Reflected Cross-Site Scripting Affected: *-1.4.0 Patched: Updated: June 30, 2026
LOW

hide-plugins

hide-plugins

Score: 91/100 Hide Plugins <= 1.0.4 - Missing Authorization Affected: *-1.0.4 Patched: Updated: June 30, 2026
LOW

headinger-elementor

headinger-elementor

Score: 91/100 Headinger for Elementor <= 1.1.4 - Missing Authorization Affected: *-1.1.4 Patched: Updated: June 30, 2026
LOW

gt3-photo-video-gallery

gt3-photo-video-gallery

Score: 93/100 Photo Gallery <= 2.7.7.26 - Reflected Cross-Site Scripting Affected: *-2.7.7.26 Patched: 2.7.7.27 Updated: June 30, 2026
LOW

gs-envato-portfolio

gs-envato-portfolio

Score: 91/100 GS Portfolio for Envato <= 1.4.2 - Missing Authorization Affected: *-1.4.2 Patched: Updated: June 30, 2026
LOW

gravity-signature-forms-add-on

gravity-signature-forms-add-on

Score: 93/100 Signature Add-On for Gravity Forms <= 1.8.6 - Missing Authorization Affected: *-1.8.6 Patched: 1.8.7 Updated: June 30, 2026
LOW

graphist-elementor

graphist-elementor

Score: 91/100 Graphist <= 1.2.10 - Missing Authorization Affected: *-1.2.10 Patched: Updated: June 30, 2026
LOW

grand-media

grand-media

Score: 91/100 Gmedia Photo Gallery <= 1.24.1 - Cross-Site Request Forgery Affected: *-1.24.1 Patched: Updated: June 30, 2026
LOW

gmaper-elementor

gmaper-elementor

Score: 91/100 Gmaper for Elementor <= 1.0.9 - Missing Authorization Affected: *-1.0.9 Patched: Updated: June 30, 2026
LOW

gallery-portfolio

gallery-portfolio

Score: 91/100 Portfolio Gallery <= 1.4.8 - Missing Authorization Affected: *-1.4.8 Patched: Updated: June 30, 2026
LOW

funnelforms-free

funnelforms-free

Score: 87/100 Funnelforms Free <= 3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-3.8 Patched: Updated: June 30, 2026
LOW

formfacade

formfacade

Score: 91/100 FormFacade <= 1.4.1 - Cross-Site Request Forgery Affected: *-1.4.1 Patched: Updated: June 30, 2026
LOW

follow-my-blog-post

follow-my-blog-post

Score: 93/100 Follow My Blog Post <= 2.4.0 - Missing Authorization to Unauthenticated Arbitrary Content Deletion Affected: *-2.4.0 Patched: 2.4.1 Updated: June 30, 2026
LOW

flowbox

flowbox

Score: 91/100 Flowbox <= 1.1.5 - Missing Authorization Affected: *-1.1.5 Patched: Updated: June 30, 2026
LOW

featured-image-generator

featured-image-generator

Score: 91/100 Featured Image Generator <= 1.3.3 - Missing Authorization Affected: *-1.3.3 Patched: Updated: June 30, 2026
LOW

extra-shortcodes

extra-shortcodes

Score: 91/100 Extra Shortcodes <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-2.2 Patched: Updated: June 30, 2026
LOW

everest-backup

everest-backup

Score: 91/100 Everest Backup <= 2.3.9 - Cross-Site Request Forgery Affected: *-2.3.9 Patched: Updated: June 30, 2026
LOW

effect-maker

effect-maker

Score: 89/100 Effect Maker <= 1.2.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting Affected: *-1.2.1 Patched: Updated: June 30, 2026
LOW

easyindex

easyindex

Score: 91/100 EasyIndex <= 1.1.1704 - Cross-Site Request Forgery Affected: *-1.1.1704 Patched: Updated: June 30, 2026
LOW

easy-upload-files-during-checkout

easy-upload-files-during-checkout

Score: 93/100 Easy Upload Files During Checkout <= 3.0.0 - Missing Authorization Affected: *-3.0.0 Patched: 3.0.1 Updated: June 30, 2026
LOW

download-media-library

download-media-library

Score: 91/100 Download Media Library <= 0.2.1 - Unauthenticated Sensitive Information Exposure Affected: *-0.2.1 Patched: Updated: June 30, 2026
LOW

dmca-badge

dmca-badge

Score: 91/100 DMCA Protection Badge <= 2.2.0 - Missing Authorization Affected: *-2.2.0 Patched: Updated: June 30, 2026
LOW

direct-payments-wp

direct-payments-wp

Score: 89/100 Direct Payments WP <= 1.3.0 - Authenticated (Subscriber+) Sensitive Information Exposure Affected: *-1.3.0 Patched: Updated: June 30, 2026
LOW

direct-payments-wp

direct-payments-wp

Score: 89/100 Direct Payments WP <= 1.3.0 - Missing Authorization Affected: *-1.3.0 Patched: Updated: June 30, 2026
LOW

custom-url-to-featured-image

custom-url-to-featured-image

Score: 91/100 Add Featured Image Custom Link <= 2.0.0 - Authenticated (Author+) Stored Cross-Site Scripting Affected: *-2.0.0 Patched: Updated: June 30, 2026
LOW

custom-style

custom-style

Score: 91/100 Custom Style <= 1.0 - Cross-Site Request Forgery Affected: *-1.0 Patched: Updated: June 30, 2026
LOW

custom-post-status

custom-post-status

Score: 91/100 Custom Post Status <= 1.1.0 - Cross-Site Request Forgery Affected: *-1.1.0 Patched: Updated: June 30, 2026
LOW

custom-background-changer

custom-background-changer

Score: 91/100 Custom Background Changer <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-3.0 Patched: Updated: June 30, 2026
LOW

curatorio

curatorio

Score: 93/100 Curator.io <= 1.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting Affected: *-1.9.5 Patched: 1.9.6 Updated: June 30, 2026

Showing 3901 to 4000 of 36313 results

Download: CSV JSON
Important: Review Required

Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.

Data updated daily from trusted sources. Last updated: June 30, 2026 at 20:28 UTC.