Known Plugin Vulnerabilities
Track known vulnerabilities from configured sources. Default view shows all open and closed vulnerabilities, ordered by most recently updated first.
Open Vulnerabilities
36319Across tracked plugins
Affected Plugins
96With open vulnerabilities
Critical / High
0Require immediate attention
Recently Updated
0In the last 30 days
Vulnerability List
Export CSV| Plugin | Slug | Score | Vulnerability | CVE ID | Severity | Affected Versions | Patched | Updated |
|---|---|---|---|---|---|---|---|---|
| the-pack-addon | the-pack-addon | N/A | The Pack Elementor addons <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.1.6 | July 1, 2026 | ||
| social-counter | social-counter | N/A | Social Counter <= 2.0.5 - Authenticated (Administrator+) PHP Object Injection | LOW | *-2.0.5 | 2.1 | July 1, 2026 | |
| simple-google-photos-grid | simple-google-photos-grid | N/A | Simple Google Photos Grid <= 1.5 - Authenticated (Contributor+) Server-Side Request Forgery | LOW | *-1.5 | 1.6 | July 1, 2026 | |
| sf-booking | sf-booking | N/A | Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input' | LOW | *-5.1 | 6.0 | July 1, 2026 | |
| send-from | send-from | N/A | Send From <= 2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.2 | 2.3 | July 1, 2026 | |
| scss-library | scss-library | N/A | SCSS-Library <= 0.4.1 - Cross-Site Request Forgery | LOW | *-0.4.1 | July 1, 2026 | ||
| rrssb | rrssb | N/A | RRSSB <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.1 | July 1, 2026 | ||
| responsive-lightbox | responsive-lightbox | N/A | Responsive Lightbox & Gallery <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.5.0 | 2.5.1 | July 1, 2026 | |
| repayment-calculator | repayment-calculator | N/A | Loan Calculator <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.3 | July 1, 2026 | ||
| related-posts-via-taxonomies | related-posts-via-taxonomies | N/A | Related Posts via Taxonomies <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.1 | July 1, 2026 | ||
| raphicon | raphicon | N/A | RAphicon <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.1.2 | July 1, 2026 | ||
| print-science-designer | print-science-designer | N/A | Print Science Designer <= 1.3.155 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.3.155 | July 1, 2026 | ||
| Prevent Direct Access – Protect WordPress Files | prevent-direct-access |
90
|
Prevent Direct Access 2.8.6 - 2.8.8.2 - Incorrect Authorization to Authenticated (Contributor+) Multiple Media Actions | LOW | 2.8.6-2.8.8.2 | 2.8.8.3 | July 1, 2026 | |
| Prevent Direct Access – Protect WordPress Files | prevent-direct-access |
90
|
Prevent Direct Access – Protect WordPress Files <= 2.8.8 - Unauthenticated Sensitive Information Exposure | LOW | *-2.8.8 | 2.8.8.1 | July 1, 2026 | |
| plugin-central | plugin-central | N/A | Plugin Central <= 2.5.1 - Cross-Site Request Forgery to Arbitrary File Deletion | LOW | *-2.5.1 | July 1, 2026 | ||
| peekaboo | peekaboo | N/A | Peekaboo <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1 | July 1, 2026 | ||
| paypal-express-checkout | paypal-express-checkout | N/A | PayPal Express Checkout <= 2.1.2 - Cross-Site Request Forgery | LOW | *-2.1.2 | July 1, 2026 | ||
| occupancyplan | occupancyplan | N/A | occupancyplan <= 1.0.3.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.0.3.0 | July 1, 2026 | ||
| nepali-post-date | nepali-post-date | N/A | Nepali Post Date <= 5.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-5.1.1 | July 1, 2026 | ||
| navegg | navegg |
91
|
Navegg Analytics <= 3.3.3 - Cross-Site Request Forgery | LOW | *-3.3.3 | July 1, 2026 | ||
| multi-column-taxonomy-list | multi-column-taxonomy-list |
91
|
Multi-Column Taxonomy List <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.5 | July 1, 2026 | ||
| modern-polls | modern-polls |
91
|
Modern Polls <= 1.0.10 - Cross-Site Request Forgery | LOW | *-1.0.10 | July 1, 2026 | ||
| mixcloud-embed | mixcloud-embed |
91
|
Mixcloud Embed <= 2.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.2.0 | July 1, 2026 | ||
| mini-twitter-feed | mini-twitter-feed |
91
|
Mini twitter feed <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.0 | July 1, 2026 | ||
| milat-jquery-automatic-popup | milat-jquery-automatic-popup |
91
|
Milat jQuery Automatic Popup <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-site Scripting | LOW | *-1.3.1 | July 1, 2026 | ||
| media-library-downloader | media-library-downloader |
93
|
Media Library Downloader <= 1.3.1 - Missing Authorization | LOW | *-1.3.1 | 1.3.2 | July 1, 2026 | |
| landing-pages-and-domain-aliases | landing-pages-and-domain-aliases |
91
|
Landing pages and Domain aliases for WordPress <= 0.8 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-0.8 | July 1, 2026 | ||
| inline-text-popup | inline-text-popup |
91
|
Inline Text Popup <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.0 | July 1, 2026 | ||
| image-hover-effects-for-visual-composer | image-hover-effects-for-visual-composer |
91
|
Image Hover Effects For WPBakery Page Builder <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0 | July 1, 2026 | ||
| image-content-show-hover | image-content-show-hover |
91
|
Image Style Hover <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.6 | July 1, 2026 | ||
| hashtagger | hashtagger |
91
|
Smart Hashtags [#hashtagger] <= 7.2.3 - Missing Authorization | LOW | *-7.2.3 | July 1, 2026 | ||
| hacklog-remote-attachment | hacklog-remote-attachment |
91
|
Hacklog Remote Attachment <= 1.3.2 - Cross-Site Request Forgery | LOW | *-1.3.2 | July 1, 2026 | ||
| guitar-tuner | guitar-tuner |
91
|
GTDB Guitar Tuners <= 4.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-4.2.2 | July 1, 2026 | ||
| gt-tabs | gt-tabs |
91
|
Tabs <= 4.0.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-4.0.3 | July 1, 2026 | ||
| google-news | google-news |
91
|
Google News <= 2.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.5.1 | July 1, 2026 | ||
| google-1 | google-1 |
91
|
Peadig’s Google +1 Button <= 0.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-0.1.2 | July 1, 2026 | ||
| gna-search-shortcode | gna-search-shortcode |
91
|
GNA Search Shortcode <= 0.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-0.9.5 | July 1, 2026 | ||
| floating-social-bar | floating-social-bar |
91
|
Floating Social Bar <= 1.1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.1.7 | July 1, 2026 | ||
| flickr-shortcode-importer | flickr-shortcode-importer |
91
|
Flickr Shortcode Importer <= 2.2.3 - Authenticated (Administrator+) PHP Object Injection | LOW | *-2.2.3 | July 1, 2026 | ||
| fable-extra | fable-extra |
93
|
Fable Extra <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.6 | 1.0.7 | July 1, 2026 | |
| external-markdown | external-markdown |
91
|
External Markdown <= 0.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-0.0.1 | July 1, 2026 | ||
| dropdown-content | dropdown-content |
91
|
Dropdown Content <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.2 | July 1, 2026 | ||
| drop-caps | drop-caps |
91
|
Drop Caps <= 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-2.1 | July 1, 2026 | ||
| custom-taxonomy-category-and-term-fields | custom-taxonomy-category-and-term-fields |
91
|
LSD Custom taxonomy and category meta <= 1.3.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.3.2 | July 1, 2026 | ||
| custom-post-popup | custom-post-popup |
91
|
WP Custom Post Popup <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0.1 | July 1, 2026 | ||
| custom-functions | custom-functions |
91
|
Custom Functions Plugin <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.1 | July 1, 2026 | ||
| covid-19-alert | covid-19-alert |
91
|
COVID-19 (Coronavirus) Update Your Customers <= 1.5.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.5.1 | July 1, 2026 | ||
| confirm-user-registration | confirm-user-registration |
91
|
Confirm User Registration <= 2.1.5 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.1.5 | July 1, 2026 | ||
| cf7-calendar | cf7-calendar |
91
|
Contact Form 7 Calendar <= 3.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-3.0.1 | July 1, 2026 | ||
| carousel-of-post-images | carousel-of-post-images |
91
|
Carousel-of-post-images <= 1.07 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.07 | July 1, 2026 | ||
| call-now-coccoc-pht-blog | call-now-coccoc-pht-blog |
91
|
Call Now PHT Blog <= 2.4.1 - Cross-Site Request Forgery | LOW | *-2.4.1 | July 1, 2026 | ||
| business-contact-widget | business-contact-widget |
91
|
Business Contact Widget <= 2.7.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-2.7.0 | July 1, 2026 | ||
| bm-builder | bm-builder |
93
|
BM Content Builder <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update | LOW | *-3.16.2.1 | 3.16.3 | July 1, 2026 | |
| blog-manager-wp | blog-manager-wp |
91
|
Blog Manager WP <= 1.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-1.0.5 | July 1, 2026 | ||
| beerxml-shortcode | beerxml-shortcode |
93
|
BeerXML Shortcode <= 0.7.1 - Authenticated (Contributor+) Server-Side Request Forgery | LOW | *-0.7.1 | 0.8 | July 1, 2026 | |
| bbcode-deluxe | bbcode-deluxe |
91
|
BBCode Deluxe <= 2020.08.01.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2020.08.01.2 | July 1, 2026 | ||
| awesome-wp-image-gallery | awesome-wp-image-gallery |
89
|
Awesome Wp Image Gallery <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.0 | July 1, 2026 | ||
| availability | availability |
91
|
Availability Calendar <= 0.2.4 - Cross-Site Request Forgery | LOW | *-0.2.4 | July 1, 2026 | ||
| animate | animate |
95
|
Animate <= 0.5 - Authenticated (Contributor+) Server-Side Request Forgery | LOW | *-0.5 | July 1, 2026 | ||
| aio-time-clock-lite | aio-time-clock-lite |
97
|
All in One Time Clock Lite <= 1.3.325 - Cross-Site Request Forgery | LOW | *-1.3.325 | 1.3.326 | July 1, 2026 | |
| advanced-lazy-load | advanced-lazy-load |
95
|
Advanced lazy load <= 1.6.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.6.0 | July 1, 2026 | ||
| ableplayer | ableplayer |
97
|
Able Player, accessible HTML5 media player <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via preload Parameter | LOW | *-1.2.1 | 1.2.2 | July 1, 2026 | |
| ableplayer | ableplayer |
97
|
Able Player <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.2.1 | 1.2.2 | July 1, 2026 | |
| 360-view | 360-view |
95
|
360 View <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-1.1.0 | July 1, 2026 | ||
| advanced-accordion-block | advanced-accordion-block |
97
|
Advanced Accordion Gutenberg Block <= 5.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | LOW | *-5.0.2 | 5.0.3 | July 1, 2026 | |
| embed-lottie-player | embed-lottie-player |
93
|
Lottie Player <= 1.1.8 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload | LOW | *-1.1.8 | 1.2.0 | July 1, 2026 | |
| elex-bulk-edit-products-prices-attributes-for-woocommerce-basic | elex-bulk-edit-products-prices-attributes-for-woocommerce-basic |
93
|
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes <= 1.4.9 - Authenticated (Subscriber+) SQL Injection | LOW | *-1.4.9 | 1.5.0 | July 1, 2026 | |
| WPMasterToolKit (WPMTK) – All in one plugin | wpmastertoolkit | N/A | WPMasterToolKit (WPMTK) – All in one plugin <= 2.5.2 - Authenticated (Administrator+) to Arbitrary File Read and Write | LOW | *-1.15.0 | 2.6.0 | July 1, 2026 | |
| database-toolset | database-toolset |
87
|
Database Toolset <= 1.8.4 - Unauthenticated Arbitrary File Deletion | LOW | *-1.8.4 | July 1, 2026 | ||
| fusedesk | fusedesk |
91
|
FuseDesk <= 6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via successredirect Parameter | LOW | *-6.7 | 6.8 | July 1, 2026 | |
| verification-sms-targetsms | verification-sms-targetsms | N/A | Verification SMS with TargetSMS <= 1.5 - Unauthenticated Limited Remote Code Execution | LOW | *-1.5 | July 1, 2026 | ||
| xelion-webchat | xelion-webchat | N/A | Xelion Webchat <= 9.1.0 - Authenticated (Subscriber+) Arbitrary Options Update | LOW | *-9.1.0 | 9.2.0 | July 1, 2026 | |
| buddy-press-force-password-change | buddy-press-force-password-change |
91
|
Buddypress Force Password Change <= 0.1 - Authenticated (Subscriber+) Account Takeover via Password Update | LOW | *-0.1 | July 1, 2026 | ||
| frontend-login-and-registration-blocks | frontend-login-and-registration-blocks |
93
|
Frontend Login and Registration Blocks <= 1.0.8 - Authenticated (Subscriber+) Privilege Escalation via Password Reset | LOW | *-1.0.8 | 1.0.9 | July 1, 2026 | |
| flynax-bridge | flynax-bridge |
93
|
Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover | LOW | *-2.2.0 | 2.2.1 | July 1, 2026 | |
| flynax-bridge | flynax-bridge |
93
|
Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Password Update | LOW | *-2.2.0 | 2.2.1 | July 1, 2026 | |
| xc-woo-google-cloud-print | xc-woo-google-cloud-print | N/A | Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) <= 4.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Order Information Disclosure | LOW | *-4.1 | July 1, 2026 | ||
| amz-configurator-core | amz-configurator-core |
95
|
Configurator Theme Core <= 1.4.7 - Authenticated (Subscriber+) Privilege Escalation | LOW | *-1.4.7 | July 1, 2026 | ||
| my-tickets | my-tickets |
93
|
My Tickets – Accessible Event Ticketing <= 2.0.16 - Authenticated (Subscriber+) Privilege Escalation | LOW | *-2.0.16 | 2.0.17 | July 1, 2026 | |
| mangboard | mangboard |
93
|
MangBoard WP <= 1.8.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via Board Header And Footer | LOW | *-1.8.6 | 1.8.7 | July 1, 2026 | |
| powerpress | powerpress | N/A | PowerPress Podcasting plugin by Blubrry <= 11.12.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-11.12.5 | 11.12.6 | July 1, 2026 | |
| wordpress-simple-paypal-shopping-cart | wordpress-simple-paypal-shopping-cart | N/A | WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Product Price Manipulation | LOW | *-5.1.2 | 5.1.3 | July 1, 2026 | |
| wordpress-simple-paypal-shopping-cart | wordpress-simple-paypal-shopping-cart | N/A | WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Information Exposure via file_url Parameter | LOW | *-5.1.2 | 5.1.3 | July 1, 2026 | |
| wpeventplus | wpeventplus | N/A | WordPress Events Calendar Registration & Tickets <= 2.6.0 - Reflected Cross-Site Scripting | LOW | *-2.6.0 | July 1, 2026 | ||
| Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools | woocommerce-jetpack |
65
|
Booster for WooCommerce <= 7.2.5 - Reflected Cross-Site Scripting | LOW | *-7.2.5 | 7.2.6 | July 1, 2026 | |
| webtexttool | webtexttool | N/A | Textmetrics <= 3.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-3.6.2 | 3.6.3 | July 1, 2026 | |
| watu | watu | N/A | Watu Quiz <= 3.4.3 - Authenticated (Administrator+) SQL Injection | LOW | *-3.4.3 | 3.4.4 | July 1, 2026 | |
| visualcomposer | visualcomposer | N/A | Visual Composer Website Builder <= 45.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-45.10.0 | 45.11.0 | July 1, 2026 | |
| vikrestaurants | vikrestaurants | N/A | VikRestaurants Table Reservations and Take-Away <= 1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | LOW | *-1.3.3 | 1.4 | July 1, 2026 | |
| v-form | v-form | N/A | VForm <= 3.1.14 - Authenticated (Administrator+) Stored Cross-Site Scripting | LOW | *-3.1.14 | 3.1.15 | July 1, 2026 | |
| User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | user-registration | N/A | User Registration <= 4.1.5 - Reflected Cross-Site Scripting | LOW | *-4.1.5 | 4.2.0 | July 1, 2026 | |
| ulisting | ulisting | N/A | uListing <= 2.2.0 - Authenticated (Administrator+) PHP Object Injection | LOW | *-2.2.0 | July 1, 2026 | ||
| uicore-elements | uicore-elements | N/A | UiCore Elements – Free Elementor widgets and templates <= 1.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | LOW | *-1.0.16 | 1.2.0 | July 1, 2026 | |
| theme-switcha | theme-switcha | N/A | Theme Switcha <= 3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.4 | 3.4.1 | July 1, 2026 | |
| sky-elementor-addons | sky-elementor-addons | N/A | Sky Addons for Elementor <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-3.0.1 | 3.0.3 | July 1, 2026 | |
| skt-blocks | skt-blocks | N/A | SKT Blocks <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.0 | 2.1 | July 1, 2026 | |
| sirv | sirv | N/A | Sirv <= 7.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-7.5.3 | 7.5.4 | July 1, 2026 | |
| simple-download-counter | simple-download-counter | N/A | Simple Download Counter <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | LOW | *-2.2 | 2.2.1 | July 1, 2026 | |
| simple-calendar-for-elementor | simple-calendar-for-elementor | N/A | Simple calendar for Elementor <= 1.6.4 - Cross-Site Request Forgery | LOW | *-1.6.4 | 1.6.5 | July 1, 2026 | |
| seriously-simple-podcasting | seriously-simple-podcasting | N/A | Seriously Simple Podcasting <= 3.9.0 - Authenticated (Editor+) Stored Cross-Site Scripting | LOW | *-3.9.0 | 3.10.0 | July 1, 2026 |
the-pack-addon
the-pack-addon
social-counter
social-counter
simple-google-photos-grid
simple-google-photos-grid
sf-booking
sf-booking
send-from
send-from
scss-library
scss-library
rrssb
rrssb
responsive-lightbox
responsive-lightbox
repayment-calculator
repayment-calculator
related-posts-via-taxonomies
related-posts-via-taxonomies
raphicon
raphicon
print-science-designer
print-science-designer
Prevent Direct Access – Protect WordPress Files
prevent-direct-access
Prevent Direct Access – Protect WordPress Files
prevent-direct-access
plugin-central
plugin-central
peekaboo
peekaboo
paypal-express-checkout
paypal-express-checkout
occupancyplan
occupancyplan
nepali-post-date
nepali-post-date
navegg
navegg
multi-column-taxonomy-list
multi-column-taxonomy-list
modern-polls
modern-polls
mixcloud-embed
mixcloud-embed
mini-twitter-feed
mini-twitter-feed
milat-jquery-automatic-popup
milat-jquery-automatic-popup
media-library-downloader
media-library-downloader
landing-pages-and-domain-aliases
landing-pages-and-domain-aliases
inline-text-popup
inline-text-popup
image-hover-effects-for-visual-composer
image-hover-effects-for-visual-composer
image-content-show-hover
image-content-show-hover
hashtagger
hashtagger
hacklog-remote-attachment
hacklog-remote-attachment
guitar-tuner
guitar-tuner
gt-tabs
gt-tabs
google-news
google-news
google-1
google-1
gna-search-shortcode
gna-search-shortcode
floating-social-bar
floating-social-bar
flickr-shortcode-importer
flickr-shortcode-importer
fable-extra
fable-extra
external-markdown
external-markdown
dropdown-content
dropdown-content
drop-caps
drop-caps
custom-taxonomy-category-and-term-fields
custom-taxonomy-category-and-term-fields
custom-post-popup
custom-post-popup
custom-functions
custom-functions
covid-19-alert
covid-19-alert
confirm-user-registration
confirm-user-registration
cf7-calendar
cf7-calendar
carousel-of-post-images
carousel-of-post-images
call-now-coccoc-pht-blog
call-now-coccoc-pht-blog
business-contact-widget
business-contact-widget
bm-builder
bm-builder
blog-manager-wp
blog-manager-wp
beerxml-shortcode
beerxml-shortcode
bbcode-deluxe
bbcode-deluxe
awesome-wp-image-gallery
awesome-wp-image-gallery
availability
availability
animate
animate
aio-time-clock-lite
aio-time-clock-lite
advanced-lazy-load
advanced-lazy-load
ableplayer
ableplayer
ableplayer
ableplayer
360-view
360-view
advanced-accordion-block
advanced-accordion-block
embed-lottie-player
embed-lottie-player
elex-bulk-edit-products-prices-attributes-for-woocommerce-basic
elex-bulk-edit-products-prices-attributes-for-woocommerce-basic
WPMasterToolKit (WPMTK) – All in one plugin
wpmastertoolkit
database-toolset
database-toolset
fusedesk
fusedesk
verification-sms-targetsms
verification-sms-targetsms
xelion-webchat
xelion-webchat
buddy-press-force-password-change
buddy-press-force-password-change
frontend-login-and-registration-blocks
frontend-login-and-registration-blocks
flynax-bridge
flynax-bridge
flynax-bridge
flynax-bridge
xc-woo-google-cloud-print
xc-woo-google-cloud-print
amz-configurator-core
amz-configurator-core
my-tickets
my-tickets
mangboard
mangboard
powerpress
powerpress
wordpress-simple-paypal-shopping-cart
wordpress-simple-paypal-shopping-cart
wordpress-simple-paypal-shopping-cart
wordpress-simple-paypal-shopping-cart
wpeventplus
wpeventplus
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools
woocommerce-jetpack
webtexttool
webtexttool
watu
watu
visualcomposer
visualcomposer
vikrestaurants
vikrestaurants
v-form
v-form
User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder
user-registration
ulisting
ulisting
uicore-elements
uicore-elements
theme-switcha
theme-switcha
sky-elementor-addons
sky-elementor-addons
skt-blocks
skt-blocks
sirv
sirv
simple-download-counter
simple-download-counter
simple-calendar-for-elementor
simple-calendar-for-elementor
seriously-simple-podcasting
seriously-simple-podcasting
Showing 9401 to 9500 of 36319 results
Vulnerability data is aggregated from automated feeds and public sources. Results may include false positives or outdated information. Always verify details and apply updates in a staging environment before deploying to production.
Data updated daily from trusted sources. Last updated: July 1, 2026 at 04:13 UTC.