Vulnerability Name CVE Severity
WordPress Plugin Kanzu Support Desk-WordPress Helpdesk Remote Code Execution (2.4.6)
WordPress Plugin Katalyst TimThumb 'timthumb.php' Arbitrary File Upload (1.0)
WordPress Plugin KBoard Multiple Vulnerabilities (3.3)
WordPress Plugin Keep Backup Daily Cross-Site Scripting (2.0.2) CVE-2022-1820
WordPress Plugin Keep Backup Daily Unspecified Vulnerability (2.0.3)
WordPress Plugin Kento Post View Counter Multiple Vulnerabilities (2.8)
WordPress Plugin Ketchup Restaurant Reservations Multiple Vulnerabilities (1.0.0) CVE-2022-2753 CVE-2022-2754
WordPress Plugin Keydatas Arbitrary File Upload (2.5.2) CVE-2024-6220
WordPress Plugin Keyring Cross-Site Scripting (1.5)
WordPress Plugin Keyword Meta Cross-Site Request Forgery (3.0) CVE-2021-24611
WordPress Plugin Keyword Strategy Internal Links Multiple Cross-Site Scripting Vulnerabilities (2.0) CVE-2014-4537
WordPress Plugin Kimili Flash Embed Unspecified Vulnerability (2.2.1)
WordPress Plugin Kindeditor For WordPress Cross-Site Scripting (1.3.3)
WordPress Plugin Kino Gallery TimThumb Arbitrary File Upload (1.0) CVE-2011-4106
WordPress Plugin Kish Guest Posting 'uploadify.php' Arbitrary File Upload (1.2) CVE-2012-1125 CVE-2012-5318
WordPress Plugin KittyCatfish Ads by Missilesilo SQL Injection (2.2)
WordPress Plugin KJM Admin Notices Cross-Site Scripting (2.0.1) CVE-2021-39344
WordPress Plugin kk Star Ratings 'root' Parameter Remote File Include (1.7)
WordPress Plugin kk Star Ratings Security Bypass (2.3.1)
WordPress Plugin Klarna Checkout for WooCommerce Security Bypass (2.0.9)
WordPress Plugin Klaviyo Cross-Site Scripting (3.0.7) CVE-2023-25456
WordPress Plugin Klaviyo Cross-Site Scripting (3.0.9) CVE-2023-0874
WordPress Plugin Knews Multilingual Newsletters 'ff' Parameter Cross-Site Scripting (1.1.0)
WordPress Plugin Knews Multilingual Newsletters Cross-Site Request Forgery (1.2.5)
WordPress Plugin Knews Multilingual Newsletters SQL Injection (1.7.0)
WordPress Plugin KN Fix Your Title Cross-Site Scripting (1.0.1)
WordPress Plugin Knight Lab Timeline Cross-Site Scripting (3.6.6) CVE-2020-15092
WordPress Plugin KNR Author List Widget 'listItem[]' Parameter SQL Injection (2.0.0)
WordPress Plugin Konnichiwa! Membership Cross-Site Scripting (0.8.3) CVE-2021-38317
WordPress Plugin Kraken.io Image Optimizer Cross-Site Request Forgery (2.6.5) CVE-2022-38454
WordPress Plugin Laika Pedigree Tree Unspecified Vulnerability (0.13.4)
WordPress Plugin Lana Email Logger Cross-Site Scripting (1.0.2) CVE-2023-3166
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Cross-Site Scripting (1.4.9.5) CVE-2021-25067
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Cross-Site Scripting (1.4.9.8.9) CVE-2022-4718
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Local File Inclusion (1.4.3)
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Unspecified Vulnerability (1.4.1)
WordPress Plugin Language Bar Flags Cross-Site Request Forgery (1.0.8) CVE-2021-24431
WordPress Plugin Lara's Google Analytics Cross-Site Scripting (2.0.4)
WordPress Plugin Larsens Calender Cross-Site Scripting (1.2) CVE-2020-23762
WordPress Plugin Last.fm Rotation Local File Inclusion (1.0) CVE-2014-5181
WordPress Plugin lasTunes Cross-Site Scripting (3.6.1)
WordPress Plugin Latest Posts by BestWebSoft Cross-Site Scripting (0.2) CVE-2017-2171
WordPress Plugin Launcher:Coming Soon & Maintenance Mode Cross-Site Scripting (1.0.10) CVE-2019-7411
WordPress Plugin LayerSlider Cross-Site Request Forgery (4.6.1)
WordPress Plugin LayerSlider Multiple Vulnerabilities (6.2.0)
WordPress Plugin LayerSlider SQL Injection (7.10.0) CVE-2024-2879
WordPress Plugin Lazy content Slider Cross-Site Request Forgery (3.4)
WordPress Plugin LazyEater Multiple Unspecified Vulnerabilities (1.2.4)
WordPress Plugin LazyEater Unspecified Vulnerability (1.2.1)
WordPress Plugin Lazyest Backup 'xml_or_all' Parameter Cross-Site Scripting (0.2.1) CVE-2011-5264
WordPress Plugin Lazyest Gallery 'image' Parameter Cross-Site Scripting (1.0.28)
WordPress Plugin Lazyest Gallery EXIF Code Cross-Site Scripting (1.1.20) CVE-2014-2333
WordPress Plugin Lazy Load Cross-Site Scripting (0.6)
WordPress Plugin Lazy SEO Arbitrary File Upload (1.3.2) CVE-2013-5961
WordPress Plugin LB Mixed Slideshow 'upload.php' Arbitrary File Upload (1.0)
WordPress Plugin LBstopattack Cross-Site Request Forgery (1.1.2) CVE-2022-3097
WordPress Plugin LB Tube Video for WordPress Cross-Site Scripting (1.0)
WordPress Plugin Ldap WP Login/Active Directory Integration Multiple Vulnerabilities (3.0.1) CVE-2022-2987
WordPress Plugin LeadConnector Security Bypass (1.7) CVE-2024-1371
WordPress Plugin LeaderBoard Cross-Site Request Forgery (1.1.1)
WordPress Plugin leads5050-visitor-insights Security Bypass (1.0.5)
WordPress Plugin LeadSnap PHP Object Injection (1.23)
WordPress Plugin Leaflet 'id' Parameter Cross-Site Scripting (0.0.1) CVE-2012-2913
WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (3.9.8)
WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (3.11.2)
WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Vulnerabilities (2.3)
WordPress Plugin Leaflet Maps Marker Pro (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (2.3)
WordPress Plugin Leaflet Maps Marker Pro Multiple Vulnerabilities (1.5.7)
WordPress Plugin LeagueManager Multiple Cross-Site Scripting Vulnerabilities (3.7) CVE-2012-2912
WordPress Plugin LeagueManager Multiple SQL Injection Vulnerabilities (3.9.1.1)
WordPress Plugin LeagueManager SQL Injection (3.8) CVE-2013-1852
WordPress Plugin Leaky Paywall Cross-Site Scripting (4.16.5) CVE-2021-39357
WordPress Plugin Leaky Paywall PHP Object Injection (4.9.1)
WordPress Plugin LearnDash LMS Arbitrary File Upload (2.5.3) CVE-2018-25019
WordPress Plugin LearnDash LMS Cross-Site Scripting (3.1.1.1) CVE-2020-7108