Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36319Across tracked plugins
Affected Plugins
83With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| better-search | better-search |
93
|
Better Search <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-4.1.0 | 4.1.1 | July 1, 2026 | |
| beds24-online-booking | beds24-online-booking |
93
|
Beds24 Online Booking <= 2.0.29 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0.29 | 2.0.30 | July 1, 2026 | |
| Ultimate Before After Image Slider & Gallery – BEAF | beaf-before-and-after-gallery |
91
|
BEAF <= 4.6.10 - Authenticated (Admin+) Arbitrary File Upload | LOW | *-4.6.10 | 4.6.11 | July 1, 2026 | |
| beacon-by | beacon-by |
93
|
Beacon Lead Magnets and Lead Capture <= 1.5.8 - Cross-Site Request Forgery | LOW | *-1.5.8 | 1.5.9 | July 1, 2026 | |
| axima-payment-gateway | axima-payment-gateway |
93
|
Pays – WooCommerce Payment Gateway <= 2.6 - Cross-Site Request Forgery | LOW | *-2.6 | 2.7 | July 1, 2026 | |
| awin-advertiser-tracking | awin-advertiser-tracking |
93
|
Awin – Advertiser Tracking for WooCommerce <= 2.0.0 - Cross-Site Request Forgery | LOW | *-2.0.0 | 2.0.1 | July 1, 2026 | |
| awesome-gallery | awesome-gallery |
89
|
Awesome Gallery <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0 | July 1, 2026 | ||
| aweos-wp-lock | aweos-wp-lock |
93
|
AWEOS WP Lock <= 1.4.8 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.4.8 | 1.4.9 | July 1, 2026 | |
| amazon-product-in-a-post-plugin | amazon-product-in-a-post-plugin |
95
|
Amazon Product in a Post <= 5.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-5.2.2 | July 1, 2026 | ||
| ajax-load-more | ajax-load-more |
97
|
Ajax Load More <= 7.3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-7.3.1.2 | 7.3.1.3 | July 1, 2026 | |
| activity-link-preview-for-buddypress | activity-link-preview-for-buddypress |
97
|
Wbcom Designs - Activity Link Preview For BuddyPress <= 1.4.4 - Unauthenticated Server-Side Request Forgery | LOW | *-1.4.4 | 1.6.0 | July 1, 2026 | |
| aco-woo-dynamic-pricing | aco-woo-dynamic-pricing |
97
|
Dynamic Pricing With Discount Rules for WooCommerce <= 4.5.8 - Authenticated (Shop manager+) SQL Injection | LOW | *-4.5.8 | 4.5.9 | July 1, 2026 | |
| accessibility-toolbar | accessibility-toolbar |
95
|
Web Accessibility with Max Access <= 2.0.9 - Cross-Site Request Forgery | LOW | *-2.0.9 | 2.1.0 | July 1, 2026 | |
| ablocks | ablocks |
95
|
aBlocks <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.9.2 | 1.9.3 | July 1, 2026 | |
| frontend-dashboard | frontend-dashboard |
93
|
Frontend Dashboard 1.0 - 2.2.6 - Missing Authorization to Unauthenticated Privilege Escalation via fed_wp_ajax_fed_login_form_post Function | LOW | 1.0-2.2.6 | 2.2.7 | July 1, 2026 | |
| where-did-they-go-from-here | where-did-they-go-from-here | N/A | WZ Followed Posts – Display what visitors are reading <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.1.0 | 3.1.1 | July 1, 2026 | |
| login-lockdown | login-lockdown |
93
|
Login Lockdown & Protection <= 2.11 - Missing Authorization to Authenticated (Subscriber+) Arbitrary IP Whitelisting | LOW | *-2.11 | 2.12 | July 1, 2026 | |
| relevanssi-premium | relevanssi-premium | N/A | Relevanssi <= 4.24.3 (Free) and <= 2.27.4 (Premium) - Unauthenticated Stored Cross-Site Scripting via Search Highlights | LOW | *-2.27.4 | 2.27.5 | July 1, 2026 | |
| relevanssi | relevanssi | N/A | Relevanssi <= 4.24.3 (Free) and <= 2.27.4 (Premium) - Unauthenticated Stored Cross-Site Scripting via Search Highlights | LOW | *-4.24.3 | 4.24.4 | July 1, 2026 | |
| wpshop | wpshop | N/A | WPshop 2 – E-Commerce 2.0.0 - 2.6.0 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover | LOW | 2.0.0-2.6.0 | 2.6.1 | July 1, 2026 | |
| xavins-list-subpages | xavins-list-subpages | N/A | Xavin's List Subpages <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.3 | July 1, 2026 | ||
| cardealerpress | cardealerpress |
93
|
CarDealerPress <= 6.8.2505.00 - Authenticated (Contributor+) Stored Cross-Site Scripting via saleclass Parameter | LOW | *-6.8.2505.00 | 6.8.2505.01 | July 1, 2026 | |
| multiple-post-type-order | multiple-post-type-order |
91
|
Multiple Post Type Order <= 1.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mpto Shortcode | LOW | *-1.10.0 | July 1, 2026 | ||
| woocommerce-multiple-addresses | woocommerce-multiple-addresses | N/A | Woocommerce Multiple Addresses <= 1.0.7.1 - Authenticated (Subscriber+) Privilege Escalation | LOW | *-1.0.7.1 | July 1, 2026 | ||
| peprodev-ups | peprodev-ups | N/A | PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Authentication Bypass to Account Takeover | LOW | 1.9.1-7.5.2 | 8.0.0 | July 1, 2026 | |
| peprodev-ups | peprodev-ups | N/A | PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Missing Authorization to Unauthenticated Email Enumeration | LOW | 1.9.1-7.5.2 | 8.0.0 | July 1, 2026 | |
| peprodev-ups | peprodev-ups | N/A | PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Missing Authorization to Limited Unauthenticated Arbitrary User Meta Update via handel_ajax_req Function | LOW | 1.9.1-7.5.2 | 8.0.0 | July 1, 2026 | |
| smartpay | smartpay | N/A | Download Manager and Payment Form WordPress Plugin – WP SmartPay 1.1.0 - 2.7.13 - Authenticated (Subscriber+) Information Exposure | LOW | 1.1.0-2.7.13 | 2.8.0 | July 1, 2026 | |
| search-exclude | search-exclude | N/A | Search Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings Modification | LOW | *-2.4.9 | 2.5.0 | July 1, 2026 | |
| wpshop | wpshop | N/A | WPshop 2 – E-Commerce 2.0.0 - 2.6.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Key Generation | LOW | 2.0.0-2.6.0 | 2.6.1 | July 1, 2026 | |
| Royal Addons for Elementor – Addons and Templates Kit for Elementor | royal-elementor-addons | N/A | Royal Elementor Addons and Templates <= 1.7.1017 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.7.1017 | 1.7.1018 | July 1, 2026 | |
| pgs-core | pgs-core | N/A | PGS Core <= 5.8.0 - Unauthenticated PHP Object Injection | LOW | *-5.8.0 | 5.9.0 | July 1, 2026 | |
| pgs-core | pgs-core | N/A | PGS Core <= 5.8.0 - Missing Authorization via Multiple Functions | LOW | *-5.8.0 | 5.9.0 | July 1, 2026 | |
| pgs-core | pgs-core | N/A | PGS Core <= 5.8.0 - Unauthenticated SQL Injection | LOW | *-5.8.0 | 5.9.0 | July 1, 2026 | |
| cision-block | cision-block |
93
|
Cision Block <= 4.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | LOW | *-4.3.0 | 4.4.0 | July 1, 2026 | |
| Depicter — Popup & Slider Builder | depicter |
95
|
Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection via 's' Parameter | LOW | *-3.6.1 | 3.6.2 | July 1, 2026 | |
| layoutboxx | layoutboxx |
91
|
LayoutBoxx <= 0.3.1 - Unauthenticated Arbitrary Shortcode Execution | LOW | *-0.3.1 | July 1, 2026 | ||
| ahathat | ahathat |
92
|
AHAthat Plugin <= 1.6 - Cross-Site Request Forgery to AHA Page Deletion | LOW | *-1.6 | July 1, 2026 | ||
| short-tax-post | short-tax-post | N/A | Reales WP STPT <= 2.1.2 - Authenticated (Subscriber+) Privilege Escalation via Password Update | LOW | *-2.1.2 | July 1, 2026 | ||
| User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | user-registration | N/A | User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion | LOW | *-4.2.1 | 4.2.2 | July 1, 2026 | |
| short-tax-post | short-tax-post | N/A | Reales WP STPT <= 2.1.2 - Unauthorized User Registration | LOW | *-2.1.2 | July 1, 2026 | ||
| external-image-replace | external-image-replace |
89
|
External image replace <= 1.0.8 - Authenticated (Contributor+) Arbitrary File Upload | LOW | *-1.0.8 | July 1, 2026 | ||
| envolve-plugin | envolve-plugin |
93
|
Envolve Plugin <= 1.0 - Unauthenticated Language File Deletion | LOW | *-1.0 | 1.1.0 | July 1, 2026 | |
| captivatesync-trade | captivatesync-trade |
93
|
Captivate Sync <= 3.0.3 - Unauthenticated PHP Object Injection | LOW | *-3.0.3 | 3.2.2 | July 1, 2026 | |
| buddyboss-platform-pro | buddyboss-platform-pro |
93
|
BuddyBoss Platform Pro <= 2.7.01 - Authentication Bypass via Apple OAuth provider | LOW | *-2.7.01 | 2.7.10 | July 1, 2026 | |
| surveyjs | surveyjs | N/A | SurveyJS <= 1.12.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | LOW | *-1.12.32 | 1.12.33 | July 1, 2026 | |
| abundatrade-plugin | abundatrade-plugin |
95
|
Abundatrade Plugin <= 1.8.02 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.8.02 | July 1, 2026 | ||
| personizely | personizely | N/A | Personizely <= 0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via widgetId Parameter | LOW | *-0.10 | 0.11 | July 1, 2026 | |
| job-listings | job-listings |
91
|
Job Listings 0.1 - 0.1.1 - Unauthenticated Privilege Escalation via register_action Function | LOW | 0.1-0.1.1 | July 1, 2026 | ||
| subpage-view | subpage-view | N/A | Subpage List <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.3.3 | July 1, 2026 | ||
| advanced-reorder-image-text-slider | advanced-reorder-image-text-slider |
95
|
Advanced Reorder Image Text Slider <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0 | July 1, 2026 | ||
| xavins-review-ratings | xavins-review-ratings | N/A | Xavin's Review Ratings <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.4.0 | July 1, 2026 | ||
| vertical-response-newsletter-widget | vertical-response-newsletter-widget | N/A | VerticalResponse Newsletter Widget <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.6 | July 1, 2026 | ||
| woo-category-slider-by-pluginever | woo-category-slider-by-pluginever | N/A | Product Category Slider for WooCommerce <= 4.3.4 - Authenticated (Contributor+) Local File Inclusion | LOW | *-4.3.4 | 4.3.5 | July 1, 2026 | |
| visual-builder | visual-builder | N/A | Visual Builder <= 1.2.2 - Missing Authorization | LOW | *-1.2.2 | 1.3 | July 1, 2026 | |
| totalprocessing-card-payments | totalprocessing-card-payments | N/A | Nomupay Payment Processing Gateway <= 7.1.7 - Authenticated (Shop Manager+) Arbitrary File Download | LOW | *-7.1.7 | 7.1.8 | July 1, 2026 | |
| theme-blvd-sliders | theme-blvd-sliders | N/A | Theme Blvd Sliders <= 1.2.5 - Reflected Cross-Site Scripting | LOW | *-1.2.5 | July 1, 2026 | ||
| section-widget | section-widget | N/A | Section Widget <= 3.3.1 - Reflected Cross-Site Scripting | LOW | *-3.3.1 | July 1, 2026 | ||
| occupancyplan | occupancyplan | N/A | occupancyplan <= 1.0.3.0 - Cross-Site Request Forgery to SQL Injection | LOW | *-1.0.3.0 | July 1, 2026 | ||
| ms-registration | ms-registration |
89
|
Custom Login and Registration <= 1.0.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-1.0.0 | July 1, 2026 | ||
| likecoin | likecoin |
93
|
Web3Press <= 3.2.0 - Authenticated (Contributor+) Arbitrary File Read | LOW | *-3.2.0 | 3.3.0 | July 1, 2026 | |
| kstats-reloaded | kstats-reloaded |
91
|
kStats Reloaded <= 0.7.4 - Reflected Cross-Site Scripting | LOW | *-0.7.4 | July 1, 2026 | ||
| igit-related-posts-with-thumb-images-after-posts | igit-related-posts-with-thumb-images-after-posts |
93
|
IGIT Related Posts With Thumb Image After Posts <= 4.5.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-4.5.3 | 5.0 | July 1, 2026 | |
| ec-authorizenet | ec-authorizenet |
91
|
EC Authorize.net <= 0.3.3 - Reflected Cross-Site Scripting | LOW | *-0.3.3 | July 1, 2026 | ||
| database-toolset | database-toolset |
87
|
Database Toolset <= 1.8.4 - Unauthenticated Sensitive Information Exposure via Backup Files | LOW | *-1.8.4 | July 1, 2026 | ||
| crossword-compiler-puzzles | crossword-compiler-puzzles |
91
|
Crossword Compiler Puzzles <= 14.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-14.5 | 14.6 | July 1, 2026 | |
| category-widget | category-widget |
91
|
Category Widget <= 2.0.2 - Reflected Cross-Site Scripting | LOW | *-2.0.2 | July 1, 2026 | ||
| alink-tap | alink-tap |
95
|
Alink Tap <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.3.1 | July 1, 2026 | ||
| ultimate-woocommerce-auction-pro | ultimate-woocommerce-auction-pro | N/A | Ultimate Auction Pro <= 1.5.2 - Unauthenticated SQL Injection via 'auction_id' | LOW | *-1.5.2 | 1.5.3 | July 1, 2026 | |
| sitepress-multilingual-cms | sitepress-multilingual-cms | N/A | WPML Multilingual CMS 3.6.0 - 4.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpml_language_switcher Shortcode | LOW | 3.6.0-4.7.3 | 4.7.4 | July 1, 2026 | |
| taxonomy-chain-menu | taxonomy-chain-menu | N/A | Taxonomy Chain Menu <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via pn_chain_menu Shortcode | LOW | *-1.0.8 | 2.0.9 | July 1, 2026 | |
| td-composer | td-composer | N/A | tagDiv Composer <= 5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes | LOW | *-5.4 | 5.4.1 | July 1, 2026 | |
| formality | formality |
93
|
Formality <= 1.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Parameter | LOW | *-1.5.8 | 1.5.9 | July 1, 2026 | |
| kiwichat | kiwichat |
91
|
KiwiChat NextClient <= 6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter | LOW | *-6.2 | July 1, 2026 | ||
| otpless | otpless | N/A | OTP-less one tap Sign in 2.0.14 - 2.0.59 - Unauthenticated Arbitrary Email Update to Account Takeover/Privilege Escalation | LOW | 2.0.14-2.0.59 | July 1, 2026 | ||
| gmapsmania | gmapsmania |
91
|
GmapsMania <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-1.1 | July 1, 2026 | ||
| yame-linkinbio | yame-linkinbio | N/A | Yame | Link In Bio <= 0.9.0 - Unauthenticated Information Exposure | LOW | *-0.9.0 | July 1, 2026 | ||
| flynax-bridge | flynax-bridge |
93
|
Flynax Bridge <= 2.2.0 - Unauthenticated Arbitrary User Deletion | LOW | *-2.2.0 | 2.2.1 | July 1, 2026 | |
| scw-seat-reservation | scw-seat-reservation | N/A | Advance Seat Reservation Management for WooCommerce <= 3.3 - Unauthenticated SQL Injection | LOW | *-3.3 | 3.4 | July 1, 2026 | |
| mstore-api | mstore-api |
93
|
MStore API – Create Native Android & iOS Apps On The Cloud <= 4.17.4 - Unauthenticated Limited Privilege Escalation | LOW | *-4.17.4 | 4.17.5 | July 1, 2026 | |
| g5plus-auteur | g5plus-auteur |
87
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-7.1 | July 1, 2026 | ||
| g5plus-auteur | g5plus-auteur |
87
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Settings Updates | LOW | *-7.1 | July 1, 2026 | ||
| g5plus-auteur | g5plus-auteur |
87
|
Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload | LOW | *-7.1 | July 1, 2026 | ||
| full-customer | full-customer |
93
|
FULL – Cliente 3.1.5 - 3.1.25 - Authenticated (Subscriber+) SQL Injection | LOW | *-3.1.25 | 3.1.26 | July 1, 2026 | |
| flynax-bridge | flynax-bridge |
93
|
Flynax Bridge <= 2.2.0 - Unauthenticated Limited Privilege Escalation | LOW | *-2.2.0 | 2.2.1 | July 1, 2026 | |
| buddyboss-platform | buddyboss-platform |
93
|
BuddyBoss Platform and BuddyBoss Theme <= Multiple Versions - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'invitee_name' | LOW | *-2.8.50 | 2.8.51 | July 1, 2026 | |
| buddyboss-platform | buddyboss-platform |
93
|
BuddyBoss Platform <= 2.8.50 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bbp_topic_title' | LOW | *-2.8.50 | 2.8.51 | July 1, 2026 | |
| buddyboss-platform | buddyboss-platform |
93
|
BuddyBoss Platform <= 2.8.50 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bp_nouveau_ajax_media_save' function | LOW | *-2.8.50 | 2.8.51 | July 1, 2026 | |
| blog2social | blog2social |
93
|
Blog2Social: Social Media Auto Post & Scheduler <= 8.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-8.3.3 | 8.4.0 | July 1, 2026 | |
| beyot-framework | beyot-framework |
87
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-6.0.6 | July 1, 2026 | ||
| beyot-framework | beyot-framework |
87
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Settings Updates | LOW | *-6.0.6 | July 1, 2026 | ||
| beyot-framework | beyot-framework |
87
|
Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload | LOW | *-6.0.6 | July 1, 2026 | ||
| benaa-framework | benaa-framework |
87
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-4.0.0 | July 1, 2026 | ||
| benaa-framework | benaa-framework |
87
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Settings Updates | LOW | *-4.0.0 | July 1, 2026 | ||
| benaa-framework | benaa-framework |
87
|
Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload | LOW | *-4.0.0 | July 1, 2026 | ||
| april-framework | april-framework |
93
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | LOW | *-5.1 | July 1, 2026 | ||
| april-framework | april-framework |
93
|
Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Settings Updates | LOW | *-5.1 | July 1, 2026 | ||
| april-framework | april-framework |
93
|
Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload | LOW | *-5.1 | July 1, 2026 | ||
| ap-plugin-scripteo | ap-plugin-scripteo |
85
|
Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.88 - Unauthenticated SQL Injection | LOW | *-4.88 | 4.89 | July 1, 2026 | |
| wordpress-simple-paypal-shopping-cart | wordpress-simple-paypal-shopping-cart | N/A | WordPress Simple PayPal Shopping Cart <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | LOW | *-5.1.3 | 5.1.4 | July 1, 2026 |
better-search
better-search
beds24-online-booking
beds24-online-booking
Ultimate Before After Image Slider & Gallery – BEAF
beaf-before-and-after-gallery
beacon-by
beacon-by
axima-payment-gateway
axima-payment-gateway
awin-advertiser-tracking
awin-advertiser-tracking
awesome-gallery
awesome-gallery
aweos-wp-lock
aweos-wp-lock
amazon-product-in-a-post-plugin
amazon-product-in-a-post-plugin
ajax-load-more
ajax-load-more
activity-link-preview-for-buddypress
activity-link-preview-for-buddypress
aco-woo-dynamic-pricing
aco-woo-dynamic-pricing
accessibility-toolbar
accessibility-toolbar
ablocks
ablocks
frontend-dashboard
frontend-dashboard
where-did-they-go-from-here
where-did-they-go-from-here
login-lockdown
login-lockdown
relevanssi-premium
relevanssi-premium
relevanssi
relevanssi
wpshop
wpshop
xavins-list-subpages
xavins-list-subpages
cardealerpress
cardealerpress
multiple-post-type-order
multiple-post-type-order
woocommerce-multiple-addresses
woocommerce-multiple-addresses
peprodev-ups
peprodev-ups
peprodev-ups
peprodev-ups
peprodev-ups
peprodev-ups
smartpay
smartpay
search-exclude
search-exclude
wpshop
wpshop
Royal Addons for Elementor – Addons and Templates Kit for Elementor
royal-elementor-addons
pgs-core
pgs-core
pgs-core
pgs-core
pgs-core
pgs-core
cision-block
cision-block
Depicter — Popup & Slider Builder
depicter
layoutboxx
layoutboxx
ahathat
ahathat
short-tax-post
short-tax-post
User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder
user-registration
short-tax-post
short-tax-post
external-image-replace
external-image-replace
envolve-plugin
envolve-plugin
captivatesync-trade
captivatesync-trade
buddyboss-platform-pro
buddyboss-platform-pro
surveyjs
surveyjs
abundatrade-plugin
abundatrade-plugin
personizely
personizely
job-listings
job-listings
subpage-view
subpage-view
advanced-reorder-image-text-slider
advanced-reorder-image-text-slider
xavins-review-ratings
xavins-review-ratings
vertical-response-newsletter-widget
vertical-response-newsletter-widget
woo-category-slider-by-pluginever
woo-category-slider-by-pluginever
visual-builder
visual-builder
totalprocessing-card-payments
totalprocessing-card-payments
theme-blvd-sliders
theme-blvd-sliders
section-widget
section-widget
occupancyplan
occupancyplan
ms-registration
ms-registration
likecoin
likecoin
kstats-reloaded
kstats-reloaded
igit-related-posts-with-thumb-images-after-posts
igit-related-posts-with-thumb-images-after-posts
ec-authorizenet
ec-authorizenet
database-toolset
database-toolset
crossword-compiler-puzzles
crossword-compiler-puzzles
category-widget
category-widget
alink-tap
alink-tap
ultimate-woocommerce-auction-pro
ultimate-woocommerce-auction-pro
sitepress-multilingual-cms
sitepress-multilingual-cms
taxonomy-chain-menu
taxonomy-chain-menu
td-composer
td-composer
formality
formality
kiwichat
kiwichat
otpless
otpless
gmapsmania
gmapsmania
yame-linkinbio
yame-linkinbio
flynax-bridge
flynax-bridge
scw-seat-reservation
scw-seat-reservation
mstore-api
mstore-api
g5plus-auteur
g5plus-auteur
g5plus-auteur
g5plus-auteur
g5plus-auteur
g5plus-auteur
full-customer
full-customer
flynax-bridge
flynax-bridge
buddyboss-platform
buddyboss-platform
buddyboss-platform
buddyboss-platform
buddyboss-platform
buddyboss-platform
blog2social
blog2social
beyot-framework
beyot-framework
beyot-framework
beyot-framework
beyot-framework
beyot-framework
benaa-framework
benaa-framework
benaa-framework
benaa-framework
benaa-framework
benaa-framework
april-framework
april-framework
april-framework
april-framework
april-framework
april-framework
ap-plugin-scripteo
ap-plugin-scripteo
wordpress-simple-paypal-shopping-cart
wordpress-simple-paypal-shopping-cart
Showing 9201 to 9300 of 36319 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 1, 2026 at 01:44 UTC.