Vulnerability Name CVE Severity
WordPress Plugin Ultimate Reviews PHP Object Injection (2.0.18)
WordPress Plugin Ultimate Reviews PHP Object Injection (2.1.32)
WordPress Plugin Ultimate SMS Notifications for WooCommerce CSV Injection (1.4.1) CVE-2022-2429
WordPress Plugin ULTIMATE TABLES SQL Injection (1.5)
WordPress Plugin Ultimate Tag Cloud Widget Unspecified Vulnerability (2.3)
WordPress Plugin Ultimate TinyMCE 'swfupload.swf' Cross-Site Scripting (3.5) CVE-2012-3414
WordPress Plugin Ultimate TinyMCE Multiple Unspecified Vulnerabilities (5.0)
WordPress Plugin ULTIMATE VIDEO GALLERY Cross-Site Scripting (1.4)
WordPress Plugin UltimateWoo-The Ultimate WooCommerce with Unlimited Usage PHP Object Injection (0.1.10)
WordPress Plugin Ultimate WordPress Auction Cross-Site Request Forgery (1.0.0)
WordPress Plugin Ultimate WordPress Auction Multiple Vulnerabilities (4.0.5)
WordPress Plugin Ultimate WP Query Search Filter Cross-Site Scripting (1.0.10) CVE-2023-23832
WordPress Plugin Ultimeter Security Bypass (1.9.2)
WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.3)
WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.4.1) CVE-2023-23714
WordPress Plugin Unconfirmed Cross-Site Scripting (1.2.3) CVE-2014-100018
WordPress Plugin Under Construction, Coming Soon & Maintenance Mode Multiple Vulnerabilities (1.1.1)
WordPress Plugin Under Construction/Maintenance Mode from Acurax Multiple Unspecified Vulnerabilities (2.5.2)
WordPress Plugin underConstruction Cross-Site Request Forgery (1.08) CVE-2013-2699
WordPress Plugin underConstruction Cross-Site Scripting (1.18) CVE-2021-39320
WordPress Plugin Under Construction Open Redirect (3.20)
WordPress Plugin Under Construction Unspecified Vulnerability (3.25)
WordPress Plugin Under Construction Unspecified Vulnerability (3.85)
WordPress Plugin UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5)
WordPress Plugin UnGallery Local File Disclosure (1.5.8)
WordPress Plugin Unite Gallery Lite Multiple Vulnerabilities (1.4.6)
WordPress Plugin Universal Analytics Cross-Site Scripting (1.3.0)
WordPress Plugin Universal Post Manager Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.9)
WordPress Plugin Universal Star Rating Unspecified Vulnerability (1.10.3)
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (1.5.107) CVE-2024-3190
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Remote Code Execution (1.5.89) CVE-2023-6743
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.107) CVE-2024-4779
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.109) CVE-2024-5329
WordPress Plugin Unlimited Pop-Ups Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
WordPress Plugin Unlimited PopUps SQL Injection (4.5.3) CVE-2021-24631
WordPress Plugin Unyson Information Disclosure (2.7.18)
WordPress Plugin Updater by BestWebSoft Cross-Site Scripting (1.34) CVE-2017-2171 CVE-2017-2171 CVE-2017-18565
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.22.24)
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.23.3) CVE-2023-32960
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.9.63) CVE-2015-9360
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.13.4) CVE-2017-18593
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.16.65) CVE-2021-25022
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.16.68) CVE-2021-25089
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.22.8) CVE-2022-0864
WordPress Plugin UpdraftPlus WordPress Backup Multiple Vulnerabilities (1.16.58) CVE-2021-24423
WordPress Plugin UpdraftPlus WordPress Backup Privilege Escalation (1.23.2)
WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.9.50)
WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.22.1) CVE-2022-0633
WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)
WordPress Plugin Uploader 'num' Parameter Cross-Site Scripting (1.0.0)
WordPress Plugin Uploader 'uploadify.php' Arbitrary File Upload (1.0.4)
WordPress Plugin Uploader Cross-Site Scripting and Arbitrary File Upload Vulnerabilities (1.0.4) CVE-2013-2287 CVE-2013-2288
WordPress Plugin Upload File Type Settings Cross-Site Scripting (1.1) CVE-2023-25781
WordPress Plugin Uploadify Integration Multiple Cross-Site Scripting Vulnerabilities (0.9.6)
WordPress Plugin Uploadify Remote File Upload (1.0)
WordPress Plugin UPM Polls 'PID' Parameter SQL Injection (1.0.4)
WordPress Plugin UPM Polls 'qid' Parameter SQL Injection (1.0.3)
WordPress Plugin URL Cloak & Encrypt Cross-Site Scripting (2.0) CVE-2014-4563
WordPress Plugin Use Any Font Unspecified Vulnerability (4.3.6)
WordPress Plugin User Access Manager Cross-Site Scripting (1.2.6.7)
WordPress Plugin User Access Manager Cross-Site Scripting (1.2.14)
WordPress Plugin User Access Manager Unspecified Vulnerability (1.2.6.9)
WordPress Plugin User Activation Email Cross-Site Scripting (1.3.0) CVE-2021-38325
WordPress Plugin User Activity Log Multiple Cross-Site Scripting Vulnerabilities (1.4.6)
WordPress Plugin User Activity Log Multiple Vulnerabilities (1.2.4)
WordPress Plugin User Activity Security Bypass (1.0.1) CVE-2022-4550
WordPress Plugin User Avatar TimThumb Arbitrary File Upload (1.3.7) CVE-2011-4106
WordPress Plugin User Avatar Unspecified Vulnerability (1.4.6)
WordPress Plugin User Control SQL Injection (2.1.0)
WordPress Plugin User Domain Whitelist Multiple Vulnerabilities (1.4)
WordPress Plugin user files Arbitrary File Upload (2.4.2)
WordPress Plugin User Login History Multiple Cross-Site Scripting Vulnerabilities (1.5.2) CVE-2017-15867
WordPress Plugin User Login Log Cross-Site Scripting (2.2.2)
WordPress Plugin User Meta 'uploader.php' Arbitrary File Upload (1.1.1)
WordPress Plugin User Meta Manager Information Disclosure (3.4.7)