Vulnerability Name CVE Severity
WordPress Plugin Cool Timeline (Horizontal & Vertical Timeline) Security Bypass (2.3.3)
WordPress Plugin Cool Video Gallery Command Injection (1.9) CVE-2015-7527
WordPress Plugin Cool Video Gallery Cross-Site Request Forgery (1.8)
WordPress Plugin Copify Cross-Site Request Forgery (1.3.0) CVE-2022-1900
WordPress Plugin Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16) CVE-2010-0673
WordPress Plugin copy-me Cross-Site Request Forgery (1.0.0)
WordPress Plugin Copy or Move Comments Multiple Vulnerabilities (1.0.0)
WordPress Plugin CopySafe PDF Protection Arbitrary File Upload (0.6)
WordPress Plugin CopySafe PDF Protection Unspecified Vulnerability (1.10)
WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5) CVE-2017-8100
WordPress Plugin Corner Ad Cross-Site Scripting (1.0.7)
WordPress Plugin Correos Woocommerce Arbitrary File Download (1.3.0.0) CVE-2023-0331
WordPress Plugin Countdown and CountUp, WooCommerce Sales Timer Cross-Site Request Forgery (1.5.7) CVE-2021-34636
WordPress Plugin Countdown Block Security Bypass (1.1.1) CVE-2021-24633
WordPress Plugin Count per Day 'month' Parameter SQL Injection (2.17)
WordPress Plugin Count per Day 'notes.php' Cross-Site Scripting (3.2.3)
WordPress Plugin Count per Day 'userperspan.php' Multiple Cross-Site Scripting Vulnerabilities (3.1.1) CVE-2012-3434
WordPress Plugin Count per Day Arbitrary File Download and Cross-Site Scripting Vulnerabilities (3.1) CVE-2012-0896
WordPress Plugin Count per Day Cross-Site Request Forgery (3.2.5)
WordPress Plugin Count per Day Information Disclosure (3.2.5)
WordPress Plugin Count per Day Multiple Cross-Site Scripting Vulnerabilities (3.5.4)
WordPress Plugin Count per Day Multiple Vulnerabilities (3.5.6)
WordPress Plugin Count per Day Search Bar Cross-Site Scripting (3.2.2)
WordPress Plugin Count per Day SQL Injection (3.4) CVE-2015-5533
WordPress Plugin Country State City Dropdown CF7 Security Bypass (2.7.1) CVE-2024-3520
WordPress Plugin Country State City Dropdown CF7 SQL Injection (2.7.2) CVE-2024-3495
WordPress Plugin Coupon Creator Cross-Site Request Forgery (3.1)
WordPress Plugin Couponer 'print-coupon.php' SQL Injection (1.2)
WordPress Plugin Coupon Tab for DirectoryPress Multiple Cross-Site Scripting Vulnerabilities (0.2.0)
WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.97) CVE-2019-14784
WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.98) CVE-2019-14785
WordPress Plugin CP Contact Form with PayPal Multiple Vulnerabilities (1.1.5)
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)
WordPress Plugin CP Reservation Calendar SQL Injection (1.1.6) CVE-2015-7235
WordPress Plugin CPT Bootstrap Carousel Cross-Site Scripting (1.12) CVE-2022-4834
WordPress Plugin Crafty Social Buttons Cross-Site Scripting (1.5.6)
WordPress Plugin Craw Data Server-Side Request Forgery (1.0.0) CVE-2022-2912
WordPress Plugin Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1)
WordPress Plugin Crayon Syntax Highlighter Local File Disclosure (2.6.10)
WordPress Plugin Crayon Syntax Highlighter Security Bypass (2.6.10)
WordPress Plugin Crazy Bone Cross-Site Scripting (0.5.6)
WordPress Plugin Creative Contact Form-The Best WordPress Contact Form Builder Arbitrary File Upload (0.9.7) CVE-2014-7969
WordPress Plugin Credova_Financial Information Disclosure (1.4.8) CVE-2021-39342
WordPress Plugin Crelly Slider Arbitrary File Upload (1.3.4) CVE-2019-15866
WordPress Plugin Crelly Slider Multiple Unspecified Vulnerabilities (1.1.1)
WordPress Plugin Crisp Live Chat Cross-Site Request Forgery (0.31) CVE-2021-43353
WordPress Plugin Crony Cronjob Manager Multiple Vulnerabilities (0.4.4) CVE-2017-14530
WordPress Plugin Cross-RSS Directory Traversal (1.7) CVE-2014-4941
WordPress Plugin CrossSlide jQuery Multiple Vulnerabilities (2.0.5) CVE-2015-2089
WordPress Plugin Crowd Ideas Cross-Site Scripting (1.0)
WordPress Plugin Cryptocurrency Donation Box-Bitcoin & Crypto Donations Security Bypass (1.7)
WordPress Plugin Cryptocurrency Widgets-Price Ticker & Coins List Security Bypass (2.4)
WordPress Plugin Cryptocurrency Widgets For Elementor Security Bypass (1.2.1)
WordPress Plugin Cryptocurrency Widgets Pack SQL Injection (1.8.1) CVE-2022-4059
WordPress Plugin CSS & JavaScript Toolbox SQL Injection (9.2)
WordPress Plugin CSS Hero Cross-Site Scripting (4.03) CVE-2019-19133
WordPress Plugin CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce Cross-Site Request Forgery (2.4.49) CVE-2022-47154
WordPress Plugin CSS Plus Multiple Unspecified Vulnerabilities (1.3.1)
WordPress Plugin Csv2WPeC Coupon Arbitrary File Upload (1.1) CVE-2015-1000013
WordPress Plugin Csv Import-Export Multiple Cross-Site Scripting Vulnerabilities (1.1.0) CVE-2017-17753
WordPress Plugin CSV Import Cross-Site Scripting (1.0)
WordPress Plugin CSV Importer Multiple Unspecified Vulnerabilities (0.3.7)
WordPress Plugin CTA for WordPress-Easy Side Tab includes Backdoor [Only if downloaded via the vendor website] (1.0.7) CVE-2021-24867
WordPress Plugin Currency Switcher for WooCommerce Security Bypass (2.11.1) CVE-2019-18668
WordPress Plugin Current Book Cross-Site Scripting (1.0.1) CVE-2021-24538
WordPress Plugin Custom 404 Pro Cross-Site Request Forgery (3.7.1) CVE-2023-0385
WordPress Plugin Custom 404 Pro Cross-Site Scripting (3.2.7) CVE-2019-15838
WordPress Plugin Custom 404 Pro Cross-Site Scripting (3.2.8) CVE-2019-14789
WordPress Plugin Custom 404 Pro Unspecified Vulnerability (3.7.0)
WordPress Plugin Custom Add User Cross-Site Scripting (2.0.2) CVE-2023-0043
WordPress Plugin Custom Admin Page by BestWebSoft Cross-Site Scripting (0.1.1) CVE-2017-2171 CVE-2017-2171 CVE-2017-18493
WordPress Plugin Custom Background 'uploadify.php' Arbitrary File Upload (1.01)
WordPress Plugin Custom Banners Cross-Site Request Forgery (3.2.2)
WordPress Plugin Custom Banners Cross-Site Scripting (1.2.2.2) CVE-2014-4724
WordPress Plugin Custom Body Class Cross-Site Request Forgery (0.6.0)