Vulnerability Name CVE Severity
WordPress Plugin WP ULike Cross-Site Scripting (3.1)
WordPress Plugin WP ULike Multiple Vulnerabilities (3.1)
WordPress Plugin WP Ultimate Email Marketer Multiple Vulnerabilities (1.1.0) CVE-2013-3263 CVE-2013-3264 CVE-2014-4600
WordPress Plugin WP Ultimate Exporter Cross-Site Scripting (1.0)
WordPress Plugin WP Ultimate Exporter SQL Injection (1.1)
WordPress Plugin WP Ultimate Recipe Cross-Site Scripting (3.12.6) CVE-2019-15836
WordPress Plugin WP Unique Article Header Image Cross-Site Request Forgery (1.0) CVE-2014-9400
WordPress Plugin WP User Avatar Cross-Site Scripting (1.9.18)
WordPress Plugin WP User Frontend Arbitrary File Upload (2.3.10)
WordPress Plugin WP User Groups Cross-Site Request Forgery (2.0.0)
WordPress Plugin WP Vault Local File Inclusion (0.8.6.6)
WordPress Plugin WP Video Lightbox Cross-Site Scripting (1.7.4)
WordPress Plugin WP w3all phpBB Multiple Unspecified Vulnerabilities (1.6.3)
WordPress Plugin WP Web Scraper Unspecified Vulnerability (2.4)
WordPress Plugin WP Whois Domain Cross-Site Scripting (1.0.0)
WordPress Plugin WP Widget Cache Cross-Site Scripting (0.26)
WordPress Plugin WP with Spritz Local/Remote File Inclusion (1.0)
WordPress Plugin WR ContactForm SQL Injection (1.1.9)
WordPress Plugin wSecure Lite Remote Code Execution (2.3)
WordPress Plugin WTI Like Post Cross-Site Scripting (1.4.4)
WordPress Plugin WTI Like Post SQL Injection (1.4.2)
WordPress Plugin Wu-Rating Cross-Site Scripting (1.0 12319) CVE-2014-4601
WordPress Plugin Wunderbar Basic Cross-Site Scripting (1.1.3)
WordPress Plugin XCloner-Backup and Restore Multiple Vulnerabilities (3.1.2) CVE-2015-4336 CVE-2015-4337 CVE-2015-4338
WordPress Plugin XData Toolkit Arbitrary File Upload (1.9)
WordPress Plugin XEN Carousel Multiple Cross-Site Scripting Vulnerabilities (0.12.2) CVE-2014-4602
WordPress Plugin Xerte Online 'save.php' Arbitrary File Upload (0.32)
WordPress Plugin Xhanch-My Twitter Cross-Site Request Forgery (2.7.6) CVE-2013-3253
WordPress Plugin Xhanch-My Twitter Multiple Cross-Site Request Forgery Vulnerabilities (2.7.7)
WordPress Plugin xili-language Multiple Unspecified Vulnerabilities (2.17.0)
WordPress Plugin XML File Export Import for Stamps.com and WooCommerce Cross-Site Request Forgery (1.1.8)
WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (3.9)
WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (4.5)
WordPress Plugin Xorbin Analog Flash Clock Cross-Site Scripting (1.0) CVE-2013-4692
WordPress Plugin Xorbin Digital Flash Clock Cross-Site Scripting (1.0) CVE-2013-4693
WordPress Plugin XO Security Cross-Site Scripting (1.5.2)
WordPress Plugin xPinner Lite Multiple Vulnerabilities (2.2)
WordPress Plugin Xtreme Locator Dealer Locator SQL Injection (1.5)
WordPress Plugin XVE Various Embed Multiple Cross-Site Scripting Vulnerabilities (1.0.3)
WordPress Plugin Yahoo! Updates for WordPress Multiple Cross-Site Scripting Vulnerabilities (1.0) CVE-2014-4603
WordPress Plugin Yakadanda Google+ Hangout Events Cross-Site Scripting (0.3.7)
WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)
WordPress Plugin Yasr-Yet Another Stars Rating SQL Injection (0.9.0)
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (0.9.1)
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (1.3.2)
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (1.7.0)
WordPress Plugin YAS Slideshow Arbitrary File Upload (3.4)
WordPress Plugin YAWPP (Yet Another WordPress Petition Plugin) SQL Injection (1.2) CVE-2014-5182
WordPress Plugin Yes-co ORES Cross-Site Scripting (1.3.44)
WordPress Plugin Yet Another Photoblog Unspecified Vulnerability (1.10.6)
WordPress Plugin Yet Another Related Posts (YARPP) Multiple Vulnerabilities (4.2.4)
WordPress Plugin Yet Another Related Posts Plugin (YARPP) PHP Object Injection (4.4)
WordPress Plugin YITH Advanced Refund System for WooCommerce Security Bypass (1.0.10) CVE-2019-16251
WordPress Plugin YITH Color and Label Variations for WooCommerce Security Bypass (1.8.11) CVE-2019-16251
WordPress Plugin YITH Custom Thank You Page for Woocommerce Security Bypass (1.1.6) CVE-2019-16251
WordPress Plugin YITH Desktop Notifications for WooCommerce Security Bypass (1.2.7) CVE-2019-16251
WordPress Plugin YITH Maintenance Mode Cross-Site Scripting (1.1.4)
WordPress Plugin YITH PayPal Express Checkout for WooCommerce Security Bypass (1.2.5) CVE-2019-16251
WordPress Plugin YITH Pre-Order for WooCommerce Security Bypass (1.1.9) CVE-2019-16251
WordPress Plugin YITH Product Size Charts for WooCommerce Security Bypass (1.1.11) CVE-2019-16251
WordPress Plugin YITH WooCommerce Added to Cart Popup Security Bypass (1.3.11) CVE-2019-16251
WordPress Plugin YITH WooCommerce Advanced Reviews Security Bypass (1.3.9) CVE-2019-16251
WordPress Plugin YITH WooCommerce Affiliates Security Bypass (1.6.3) CVE-2019-16251
WordPress Plugin YITH WooCommerce Ajax Product Filter Cross-Site Scripting (3.11.0)
WordPress Plugin YITH WooCommerce Ajax Search Security Bypass (1.6.9) CVE-2019-16251
WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)
WordPress Plugin YITH WooCommerce Authorize.net Payment Gateway Security Bypass (1.1.12) CVE-2019-16251
WordPress Plugin YITH WooCommerce Badge Management Security Bypass (1.3.19) CVE-2019-16251
WordPress Plugin YITH WooCommerce Best Sellers Security Bypass (1.1.11) CVE-2019-16251
WordPress Plugin YITH WooCommerce Brands Add-On Security Bypass (1.3.6) CVE-2019-16251
WordPress Plugin YITH WooCommerce Bulk Product Editing Security Bypass (1.2.13) CVE-2019-16251
WordPress Plugin YITH WooCommerce Cart Messages Security Bypass (1.4.3) CVE-2019-16251
WordPress Plugin YITH WooCommerce Compare PHP Object Injection (2.0.9)
WordPress Plugin YITH WooCommerce Compare Security Bypass (2.3.13) CVE-2019-16251
WordPress Plugin YITH WooCommerce Frequently Bought Together Security Bypass (1.2.10) CVE-2019-16251