Vulnerability Name CVE Severity
.htaccess Redirect Cross-Site Scripting (0.3.1) CVE-2021-38361
0mk Shortener Cross-Site Request Forgery (0.2) CVE-2022-2933
1 Flash Gallery 'upload.php' Arbitrary File Upload (1.5.7)
1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities (0.2.5)
1-click Retweet/Share/Like Cross-Site Scripting (5.2)
1player Cross-Site Scripting (1.3)
2 Click Social Media Buttons 'xing-url' Parameter Cross-Site Scripting (0.32.2) CVE-2012-4273
2kb Amazon Affiliates Store Cross-Site Scripting (2.1.0) CVE-2017-14622
2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (4.41)
2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (5.2.7) CVE-2021-34656
3dady real-time web stats Cross-Site Request Forgery (1.0)
3D Banner Rotator 'upload.php' Arbitrary File Upload (2.1)
3D Cover Carousel Cross-Site Scripting (1.0) CVE-2021-38318
3D Flick Slideshow 'upload.php' Arbitrary File Upload (2.1)
3DPrint Cross-Site Request Forgery (3.5.4.7) CVE-2022-3899
3DPrint Lite Arbitrary File Upload (1.9.1.4)
3DPrint Lite Cross-Site Scripting (1.9.1.5)
3D Product configurator for WooCommerce Arbitrary File Upload (1.5.531)
3D Slider Slice Box Multiple Cross-Site Scripting Vulnerabilities (1.0)
3D Tag Cloud Cross-Site Request Forgery (3.8) CVE-2022-36417
3xSocializer Cross-Site Scripting (0.98.22)
4k Icons for Visual Composer-Free Cross-Site Scripting (1.0) CVE-2021-24435
5gig Concerts Unspecified Vulnerability (1.0)
10WebAnalytics Cross-Site Request Forgery (1.2.8)
10Web Map Builder for Google Maps Cross-Site Scripting (1.0.69)
10Web Map Builder for Google Maps Cross-Site Scripting (1.0.71) CVE-2022-4758
10Web Map Builder for Google Maps Security Bypass (1.0.63)
10Web Map Builder for Google Maps SQL Injection (1.0.72)
10Web Social Feed for Instagram Multiple Cross-Site Scripting Vulnerabilities (1.3.0) CVE-2018-10300 CVE-2018-10301
10Web Social Feed for Instagram Security Bypass (1.3.18)
10Web Social Post Feed Unspecified Vulnerability (1.1.26)
123ContactForm for WordPress Multiple Vulnerabilities (1.5.6)
123devis-affiliation Cross-Site Scripting (1.0.4)
301 Redirects-Easy Redirect Manager Cross-Site Request Forgery (2.72)
301 Redirects-Easy Redirect Manager Security Bypass (2.40) CVE-2019-19915
301 Redirects-Easy Redirect Manager SQL Injection (2.50) CVE-2021-24142
360 Product Rotation Arbitrary File Upload (1.2.4)
360 Product Rotation Cross-Site Scripting (1.4.7) CVE-2019-15082
360 Product Viewer Cross-Site Scripting (2.5.1)
404 SEO Redirection Cross-Site Scripting (1.3) CVE-2021-24325
404 SEO Redirection SQL Injection (1.0)
404 to 301-Redirect, Log and Notify 404 Errors Cloaking (2.2.9)
404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Request Forgery (3.0.8) CVE-2021-24766
404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.0)
404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.1)
404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.1)
404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.7)
404 to 301-Redirect, Log and Notify 404 Errors SQL Injection (2.0.2)
404page-your smart custom 404 error page Cross-Site Request Forgery (10.3)
A. Gallery TimThumb Arbitrary File Upload (0.9rev378511) CVE-2011-4106
A.M.Y. Cross-Site Scripting (1.3.3)
A/B Test 'action' Parameter Directory Traversal (1.0.6)
A2 Optimized WP Information Disclosure (2.0.10.8)
Abandoned Cart Lite for WooCommerce Cross-Site Request Forgery (5.8.5)
Abandoned Cart Lite for WooCommerce Cross-Site Scripting (5.1.3)
Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2) CVE-2023-2986
Abandoned Cart Lite for WooCommerce SQL Injection (1.8)
Abandoned Cart Lite for WooCommerce SQL Injection (5.8.1)
Abandoned Cart Pro for WooCommerce Cross-Site Scripting (7.11.1)
Abandoned Cart Recovery for WooCommerce Cross-Site Request Forgery (1.0.4)
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141) CVE-2018-20141
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050) CVE-2021-42050
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42051) CVE-2021-42051
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10755) CVE-2016-10755
AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521) CVE-2022-26521
ABASE Multiple Vulnerabilities (2.6)
ABC Test 'id' Parameter Cross-Site Scripting (0.1)
AB Google Map Travel (AB-MAP) Multiple Vulnerabilities (3.4) CVE-2015-2755
About Author Box Cross-Site Scripting (1.0.1) CVE-2021-24745
About Author Cross-Site Scripting (1.3.9)
About Me Page Cross-Site Scripting (4.0)
AB Press Optimizer Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
Absolute Privacy 'abpr_authenticateUser()' Security Bypass (2.0.5)
Absolute Reviews Cross-Site Request Forgery (1.0.8)
Abstract Submission Local File Inclusion (0.6) CVE-2014-2383
Accept Donations with PayPal Cross-Site Request Forgery (1.3) CVE-2021-24570 CVE-2021-24572
Accept Donations with PayPal Cross-Site Request Forgery (1.3.3) CVE-2021-24989
Accept Donations with PayPal Cross-Site Scripting (1.3.1) CVE-2021-24815
Accept Signups 'email' Parameter Cross-Site Scripting (0.1)
Accept Stripe Donation-AidWP Cross-Site Request Forgery (3.1.5) CVE-2022-47422
Accept Stripe Donation-AidWP Security Bypass (2.8)
AccessAlly Information Disclosure (3.5.6) CVE-2021-24226
AccessAlly PHP Code Execution (3.3.1)
Access Demo Importer Arbitrary File Upload (1.0.6) CVE-2021-39317
Access Expiration Cross-Site Scripting (1.1)
Accessibility Suite by Online ADA SQL Injection (2.0.10)
AccessPress Anonymous Post Pro Arbitrary File Upload (3.1.9) CVE-2017-16949
AccessPress Custom CSS includes Backdoor [Only if downloaded via the vendor website] (2.0.1) CVE-2021-24867
AccessPress Custom Post Type includes Backdoor [Only if downloaded via the vendor website] (1.0.8) CVE-2021-24867
AccessPress iFeeds includes Backdoor [Only if downloaded via the vendor website] (4.0.3) CVE-2021-24867
AccessPress Social Counter Cross-Site Scripting (1.3.6)
AccessPress Social Counter includes Backdoor [Only if downloaded via the vendor website] (1.9.1) CVE-2021-24867
AccessPress Social Icons Cross-Site Scripting (1.6.6)
AccessPress Social Icons includes Backdoor [Only if downloaded via the vendor website] (1.8.2) CVE-2021-24867
AccessPress Social Icons Multiple Cross-Site Scripting Vulnerabilities (1.5.5)
AccessPress Social Icons Multiple SQL Injection Vulnerabilities (1.6.6)
AccessPress Social Icons SQL Injection (1.8.0) CVE-2021-24143
AccessPress Social Login Lite-Social Login WordPress includes Backdoor [Only if downloaded via the vendor website] (3.4.7) CVE-2021-24867
AccessPress Social Share includes Backdoor [Only if downloaded via the vendor website] (4.5.5) CVE-2021-24867
Accordion Cross-Site Scripting (2.2.8) CVE-2020-13644
Accordion Cross-Site Scripting (2.2.29) CVE-2021-24283
Accordion Shortcodes Cross-Site Scripting (2.4.2) CVE-2022-4781
AceIDE Local File Inclusion (2.6.2) CVE-2021-24549
ACF:Better Search Cross-Site Request Forgery (3.3.0) CVE-2019-14682
ACF:Better Search SQL Injection (2.0.2)
ACF Frontend display Arbitrary File Upload (2.0.5) CVE-2015-9479
ACF to REST API Information Disclosure (3.2.0) CVE-2020-13700
Acobot Live Chat & Contact Form Multiple Vulnerabilities (2.0) CVE-2015-2039
ActiveCampaign-Forms, Site Tracking, Live Chat Cross-Site Request Forgery (8.0.1) CVE-2021-24133
ActiveCampaign-Forms, Site Tracking, Live Chat Unspecified Vulnerability (5.7)
Active Directory Authentication Integration Cross-Site Scripting (0.6)
Active Directory Integration/LDAP Integration Cross-Site Scripting (3.6.94)
Active Directory Integration/LDAP Integration Unspecified Vulnerability (3.6.95)
Active Directory Integration/LDAP Integration Unspecified Vulnerability (3.7.6)
Active Directory Integration SQL Injection (1.1.8)
Active Extra Fields Cross-Site Scripting (1.0.1)
ActiveHelper LiveHelp Live Chat Multiple Cross-Site Scripting Vulnerabilities (3.1.0) CVE-2014-4513
ActiveHelper LiveHelp Live Chat Multiple Cross-Site Scripting Vulnerabilities (4.5.0)
Active Products Tables for WooCommerce. Best and Professional products tables for WooCommerce store Cross-Site Scripting (1.0.3.1)
Activity Log Cross-Site Scripting (2.3.1)
Activity Log Information Disclosure (2.2.12)
Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2)
Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.4.0) CVE-2018-8729
Acumbamail Information Disclosure (1.0.4)
Acunetix Secure WordPress Cross-Site Request Forgery (3.0.2)
Acunetix Secure WordPress Cross-Site Scripting (3.0.3)
Acunetix WP Security Cross-Site Request Forgery (4.0.4)
Acurax On Click Pop Under Multiple Unspecified Vulnerabilities (2.2.1)
Ad-Manager Open Redirect (1.1.2) CVE-2014-8754
Ad-minister Cross-Site Scripting (0.6) CVE-2013-6993
Adaptive Images for WordPress Multiple Vulnerabilities (0.6.66) CVE-2019-14205 CVE-2019-14206
Adavnced Video embed Local File Inclusion (1.0)
Adblock Blocker Arbitrary File Upload (0.0.1)
Ad Blocker Notify Lite Cross-Site Scripting (2.4.0) CVE-2021-24435
AdButler Unspecified Vulnerability (1.09)
Ad Buttons Multiple Vulnerabilities (2.3.1)
Add-on SweetAlert Contact Form 7 Unspecified Vulnerability (1.0.7)
Add Any Extension to Pages Cross-Site Scripting (1.3)
Add Comments Cross-Site Scripting (1.0.1) CVE-2022-3909
Add Custom Link to WordPress Admin Bar Cross-Site Scripting (1.0)
Add Edit Delete Listing Module SQL Injection (1.0) CVE-2017-1002025
Add From Server Cross-Site Request Forgery (3.3.1)
Add From Server Directory Traversal (3.3.3)
Additional Variation Images for WooCommerce Cross-Site Scripting (1.1.28) CVE-2019-15778
Add Link to Facebook Cross-Site Scripting (2.2.7)
Add Link to Facebook Cross-Site Scripting (2.3) CVE-2018-5214
Add Link to Facebook Multiple Cross-Site Scripting Vulnerabilities (1.215)
Add New Default Avatar [Emrikol's Fork] Multiple Unspecified Vulnerabilities (2.0.1)
Add Product Tabs for WooCommerce Security Bypass (1.4.2)
AddSearch Cross-Site Scripting (1.1.0)
Add Social Share Messenger Buttons Whatsapp and Viber Cross-Site Request Forgery (1.0.8)
AddToAny Share Buttons Cross-Site Scripting (1.6.6)
AddToAny Share Buttons Cross-Site Scripting (1.7.45) CVE-2021-24568
AddToAny Share Buttons Cross-Site Scripting (1.7.47) CVE-2021-24616
AddToAny Share Buttons Host Header Injection (1.7.14)
Adicon Server SQL Injection (1.2)
ADIF Log Search Widget Cross-Site Scripting (1.0e)
Ad Inserter-Ad Manager & AdSense Ads Cross-Site Scripting (1.5.5)
Ad Inserter-Ad Manager & AdSense Ads Directory Traversal (2.4.19) CVE-2019-15323
Ad Inserter-Ad Manager & AdSense Ads Multiple Vulnerabilities (1.5.2)
Ad Inserter-Ad Manager & AdSense Ads Remote Code Execution (2.4.21) CVE-2019-15324
Ad Inserter-Ad Manager & AdSense Ads Unspecified Vulnerability (2.6.21)
AdKlick Advertising Management Unspecified Vulnerability (1.1)
Ad Manager by WD-Advanced Ad Manager Multiple Vulnerabilities (1.0.11)
Admin Bar User Switching Cross-Site Scripting (1.0.4)
Admin Columns Cross-Site Scripting (4.3.1) CVE-2021-24365
Admin Columns CSV Injection (3.4.6) CVE-2019-17661
Admin Columns Pro Cross-Site Scripting (5.5.1) CVE-2021-24365
Admin Custom Login Cross-Site Request Forgery (3.2.7) CVE-2021-34628
Admin Custom Login Cross-Site Scripting (2.5.3.1)
Adminer 4.6.2 file disclosure vulnerability
Adminer Cross-Site Scripting (1.4.2)
Adminer Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
Adminer Security Bypass (1.4.5)
Admin Font Editor Cross-Site Scripting (1.8) CVE-2016-1000126
Adminimize 'page' Parameter Cross-Site Scripting (1.7.21) CVE-2011-4926
Admin Log Unspecified Vulnerability (1.42)
Admin Management Xtended Privilege Escalation (2.4.0)
Admin Menu Cross-Site Scripting (1.1)
Admin Menu Tree Page View Multiple Vulnerabilities (2.6.9)
Admin Pack by SITE CASEIRO Cross-Site Scripting (1.1)
AdminPad Cross-Site Request Forgery (2.1) CVE-2022-2762
Admin PHP Eval Unspecified Vulnerability (1.0)
Admin renamer extended Cross-Site Request Forgery (3.2.1) CVE-2019-14680
Admin renamer extended Cross-Site Scripting (3.2)
Admin side data storage for Contact Form 7 Cross-Site Scripting (1.1.1) CVE-2023-24420
Admin username changer Unspecified Vulnerability (1.0)
Adning Advertising-Professional, All In One Ad Manager for Wordpress Arbitrary File Upload (1.5.5)
Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872
AdPlugg WordPress Ad Cross-Site Scripting (1.1.33)
AdRoll for WooCommerce Stores Unspecified Vulnerability (2.2.5)
AdRotate-Ad manager & AdSense Ads 'adrotate-out.php' SQL Injection (3.6.6) CVE-2011-4671
AdRotate-Ad manager & AdSense Ads 'title' Parameter Multiple Cross-Site Scripting Vulnerabilities (3.7.3.5)
AdRotate-Ad manager & AdSense Ads 'track' Parameter SQL Injection (3.6.5) CVE-2011-4671
AdRotate-Ad manager & AdSense Ads SQL Injection (3.9.4) CVE-2014-1854
AdRotate-Ad manager & AdSense Ads SQL Injection (5.2) CVE-2019-13570
AdRotate-Ad manager & AdSense Ads SQL Injection (5.8.3.1) CVE-2021-24138
AdSanity Arbitrary File Upload (1.8.1)
Adsense Extreme 'adsensextreme[lang]' Parameter Remote File Include (1.0.3)
AdSense Manager Cross-Site Scripting (4.0.3)
AdServe 'id' Parameter SQL Injection (0.2) CVE-2008-0507
Ads for WP-Advanced Ads & Adsense Solution for WP & AMP Cross-Site Request Forgery (1.8)
Ads in bottom right Multiple Vulnerabilities (1.0)
Ads Pro-Multi-Purpose WordPress Advertising Manager Multiple Vulnerabilities (3.4)
Ad Swapper Cross-Site Scripting (1.0.3)
Advance Categorizer Cross-Site Scripting (0.3)
Advanced Access Manager Arbitrary Code Execution (2.8.2) CVE-2014-6059
Advanced Access Manager Cross-Site Scripting (6.7.9) CVE-2021-24830
Advanced Access Manager Multiple Vulnerabilities (6.6.1) CVE-2020-35934 CVE-2020-35935
Advanced Access Manager Security Bypass (3.2.1)
Advanced Access Manager Unspecified Vulnerability (5.9.8.1)
Advanced Ads-Ad Manager & AdSense Cross-Site Scripting (1.17.3)
Advanced Ads-Ad Manager & AdSense Unspecified Vulnerability (1.7.1.1)
Advanced ads Management by Inazo Cross-Site Scripting (1.3)
Advanced Advertising System PHP Object Injection (1.3.1)
Advanced AJAX Page Loader Arbitrary File Upload (2.7.6)
Advanced AJAX Product Filters Security Bypass (1.3.6.1)
Advanced Booking Calendar Cross-Site Scripting (1.6.6) CVE-2021-24225
Advanced Booking Calendar Cross-Site Scripting (1.6.7) CVE-2021-24232
Advanced Booking Calendar SQL Injection (1.6.1)
Advanced Classifieds & Directory Pro Cross-Site Scripting (1.7.5)
Advanced Classifieds & Directory Pro Security Bypass (1.6.2)
Advanced Classifieds & Directory Pro Unspecified Vulnerability (1.6.5)
Advanced Contact form 7 DB Arbitrary File Upload (1.4.4)
Advanced Contact form 7 DB Information Disclosure (1.1.0)
Advanced Contact form 7 DB Information Disclosure (1.6.2)
Advanced Contact form 7 DB SQL Injection (1.6.0)
Advanced Contact form 7 DB SQL Injection (1.6.1) CVE-2019-13571
Advanced Custom Fields (ACF) 'acf_abspath' Parameter Remote File Include (3.5.1)
Advanced Custom Fields (ACF) Arbitrary File Upload (5.12.2) CVE-2022-2594
Advanced Custom Fields (ACF) Cross-Site Scripting (4.4.3)
Advanced Custom Fields (ACF) Cross-Site Scripting (4.4.7)
Advanced Custom Fields (ACF) Cross-Site Scripting (5.7.7)
Advanced Custom Fields (ACF) Cross-Site Scripting (5.8.11) CVE-2020-36172
Advanced Custom Fields (ACF) Cross-Site Scripting (6.1.5) CVE-2023-30777
Advanced Custom Fields (ACF) Information Disclosure (6.0.2) CVE-2022-40696
Advanced Custom Fields (ACF) Multiple Security Bypass Vulnerabilities (5.10.2) CVE-2021-20865 CVE-2021-20866 CVE-2021-20867
Advanced Custom Fields (ACF) PHP Object Injection (5.7.10)
Advanced Custom Fields (ACF) PHP Object Injection (6.0.7) CVE-2023-1196
Advanced Custom Fields (ACF) Security Bypass (5.9.9)
Advanced Custom Fields (ACF) Security Bypass (5.12) CVE-2022-23183
Advanced Custom Fields:reCAPTCHA Field Security Bypass (1.1.1)
Advanced Custom Fields:Table Field Cross-Site Scripting (1.1.12)
Advanced Custom Fields PRO Arbitrary File Upload (5.12.2) CVE-2022-2594
Advanced Custom Fields PRO Cross-Site Scripting (5.9.0) CVE-2021-24241
Advanced Custom Fields PRO Cross-Site Scripting (6.1.5) CVE-2023-30777
Advanced Custom Fields PRO Information Disclosure (6.0.2) CVE-2022-40696
Advanced Custom Fields PRO Multiple Security Bypass Vulnerabilities (5.10) CVE-2021-20865 CVE-2021-20866 CVE-2021-20867
Advanced Custom Fields PRO PHP Object Injection (6.0.7) CVE-2023-1196
Advanced Custom Fields PRO Security Bypass (5.12) CVE-2022-23183
Advanced Database Cleaner SQL Injection (3.0.1) CVE-2021-24141
Advanced Dewplayer Directory Traversal (1.2) CVE-2013-7240
Advanced Dynamic Pricing for WooCommerce Cross-Site Request Forgery (4.1.3) CVE-2022-38095
Advanced Dynamic Pricing for WooCommerce Multiple Vulnerabilities (4.1.5) CVE-2022-40203 CVE-2022-43488 CVE-2022-43491
Advanced Forms for ACF Pro Security Bypass (1.6.8) CVE-2021-24892
Advanced Forms for ACF Security Bypass (1.6.8) CVE-2021-24892
Advanced Import:One Click Import for WordPress or Theme Demo Data Cross-Site Request Forgery (1.3.7) CVE-2022-3677
Advanced Import: One Click Import for WordPress or Theme Demo Data Security Bypass (1.0.7)
Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.3) CVE-2020-11727
Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.7) CVE-2021-24169
Advanced Order Export For WooCommerce CSV Injection (1.5.4) CVE-2018-11525
Advanced Page Manager Cross-Site Scripting (1.4.1)
Advanced Permalinks Cross-Site Scripting (0.1.19)
Advanced Popups Cross-Site Request Forgery (1.1.1)
Advanced post slider Unspecified Vulnerability (2.4.0)
Advanced Post Type Ratings Cross-Site Scripting (1.01)
Advanced Search Cross-Site Scripting (1.1.2) CVE-2021-38348
Advanced Shipment Tracking for WooCommerce Security Bypass (3.2.6)
Advanced Shipping Validation for WooCommerce Cross-Site Scripting (1.0.0)
Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0) CVE-2011-4618
Advanced User Registration and Management Cross-Site Scripting (2.3.5)
Advanced Woo Search Cross-Site Scripting (2.77) CVE-2023-2452
Advanced Woo Search Information Disclosure (1.99) CVE-2020-12070
Advanced Woo Search Unspecified Vulnerability (1.69)
Advanced WP Columns Cross-Site Scripting (2.0.6) CVE-2022-3426
Advanced XML Reader XML External Entity Information Disclosure (0.3.4)
Advance Menu Manager Cross-Site Request Forgery (2.9.6)
Advance Menu Manager Security Bypass (3.0)
Advance Search for WooCommerce Cross-Site Scripting (1.0.9)
AdVert Cross-Site Scripting (1.0.5)
Advertisement Management Multiple Vulnerabilities (1.0)
Advertizer 'id' Parameter SQL Injection (1.0)
AdWizz 'link' Parameter Cross-Site Scripting (1.0)
Aesop Story Engine Cross-Site Scripting (1.6)
Affiliate Ads for Clickbank Products Cross-Site Scripting (1.6) CVE-2017-18011
Affiliate Link Manager Cross-Site Scripting (2.1.1)
Affiliate Power-Sales Tracking for Affiliate Marketers Cross-Site Scripting (2.2.0)
Affiliate Press Multiple Cross-Site Scripting Vulnerabilities (0.3.8)
Affiliate PRO Cross-Site Scripting (1.3.1) CVE-2021-24435
Affiliates Manager Cross-Site Request Forgery (2.6.5) CVE-2019-15868
Affiliates Manager Cross-Site Scripting (2.8.9) CVE-2021-25078
Affiliates Manager Multiple Vulnerabilities (2.9.13) CVE-2022-2798 CVE-2022-2799
Affiliates Manager SQL Injection (2.8.6) CVE-2021-24844
Affiliates Manager Unspecified Vulnerability (2.7.7)
Affiliates Multiple Cross-Site Scripting Vulnerabilities (2.13.1)
AffiliateWP Cross-Site Scripting (2.0.9)
AffiliateWP SQL Injection (1.5.6)
Afterpay Gateway for WooCommerce Cross-Site Scripting (3.2.0)
afterRead Unspecified Vulnerability (0.3)
Age Gate Cross-Site Scripting (2.16.3)
Age Gate Open Redirect (2.13.4)
Age Gate Security Bypass (2.17.0)
Age Gate Unspecified Vulnerability (2.18.5)
AgentEasy Properties Cross-Site Scripting (1.0.4)
AgentPress Broker Listings Cross-Site Scripting (1.0)
Agent Storm by StormRETS Multiple Cross-Site Scripting Vulnerabilities (1.1.35)
Age Verification 'redirect_to' Parameter URI Redirection (0.4) CVE-2012-6499
Age Verify Cross-Site Scripting (0.2.8)
AGP Font Awesome Collection Cross-Site Scripting (2.7.2)
Airtight Security & Features Formerly Redirect Editor And Security Unspecified Vulnerability (1.3)
Airtight Security & Features Formerly Redirect Editor And Security Unspecified Vulnerability (2.1.7)
AIT Themes-CSV Import/Export Arbitrary File Upload (3.0.3)
Ajax BootModal Login Security Bypass (1.4.3) CVE-2018-15876
Ajax Calendar 'example.php' Cross-Site Scripting (1.0)
Ajax Category Dropdown Cross-Site Scripting and SQL Injection Vulnerabilities (0.1.5)
AJAX Comment Page Cross-Site Scripting (3.25)
Ajax Contact Form Cross-Site Scripting (1.0)
Ajax Gallery 'list.php' SQL Injection (3.0)
Ajax Multi Upload 'upload.php' Arbitrary File Upload (1.1)
Ajax Pagination (twitter Style) Local File Inclusion (1.1) CVE-2014-2674
Ajax Plugin Helper Cross-Site Scripting (1.0.5)
AJAX Post Search 'srch_txt' Parameter SQL Injection (1.2) CVE-2012-5853
AJAX Random Post Cross-Site Scripting (2.00) CVE-2016-1000127
Ajax Search Lite Remote Command Execution (3.1)
Ajax Search Lite Security Bypass (3.1)
Ajax Search Pro Security Bypass (3.5)
Ajax Store Locator Directory Traversal (1.2.0)
Ajax Store Locator SQL Injection (1.2.0)
AJS Instagram Feed Cross-Site Scripting (1.0)
Akeeba Backup CORE for WordPress Arbitrary File Upload (1.1.3) CVE-2014-7228
Akismet Cross-Site Scripting (3.1.4)
Albo Pretorio On line Multiple Vulnerabilities (3.2)
ALD-Dropshipping and Fulfillment for AliExpress and WooCommerce Multiple Vulnerabilities (1.0.21) CVE-2022-46811
Alert Before Your Post Cross-Site Scripting (0.1.1) CVE-2011-5107
AlertWire Information Disclosure (1.1.1)
All-in-One Addons for Elementor-WidgetKit Cross-Site Scripting (2.4.3) CVE-2022-4256
All-in-One Addons for Elementor-WidgetKit Multiple Cross-Site Scripting Vulnerabilities (2.3.9) CVE-2021-24267
All-in-One Custom Backgrounds Lite Unspecified Vulnerability (2.0.2)
All-in-One Event Calendar Cross-Site Scripting (2.4.0)
All-in-One Event Calendar Cross-Site Scripting (2.5.18)
All-in-One Event Calendar Cross-Site Scripting (2.5.38)
All-in-One Event Calendar Multiple Cross-Site Scripting Vulnerabilities (1.5) CVE-2012-1835
All-in-One Event Calendar Multiple Vulnerabilities (1.9)
All-in-One Event Calendar Multiple Vulnerabilities (1.10-standard)
All-in-One Event Calendar Multiple Vulnerabilities (2.3.12)
All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs-My Sticky Elements Cross-Site Scripting (2.0.3) CVE-2022-0148
All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs-My Sticky Elements SQL Injection (2.0.8) CVE-2023-0487
All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (3.8.9) CVE-2015-0895
All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (4.4.3)
All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0) CVE-2022-44737
All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.8.3)
All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.9.4)
All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.9.7)
All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.1.9)
All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.2.1)
All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.4.5) CVE-2020-29171
All-In-One Security (AIOS)-Security and Firewall Directory Traversal (5.1.4)
All-In-One Security (AIOS)-Security and Firewall Information Disclosure (5.1.2) CVE-2022-4346
All-In-One Security (AIOS)-Security and Firewall Multiple Cross-Site Scripting Vulnerabilities (4.0.7)
All-In-One Security (AIOS)-Security and Firewall Multiple SQL Injection Vulnerabilities (3.8.2) CVE-2014-6242
All-In-One Security (AIOS)-Security and Firewall Multiple Vulnerabilities (4.1.2)
All-In-One Security (AIOS)-Security and Firewall Open Redirect (4.4.1)
All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7) CVE-2015-0894
All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.9.0)
All-In-One Security (AIOS)-Security and Firewall SQL Injection (4.0.8)
All-in-One Video Gallery Local File Inclusion (2.4.9) CVE-2021-24970
All-in-One Video Gallery Multiple Vulnerabilities (2.6.0) CVE-2022-2633
All-in-One WP Migration Arbitrary File Deletion (7.58) CVE-2022-1476
All-in-One WP Migration Arbitrary File Upload (7.40) CVE-2021-24216
All-in-One WP Migration Cross-Site Scripting (6.45)
All-in-One WP Migration Cross-Site Scripting (7.62) CVE-2022-2546
All-in-One WP Migration Information Disclosure (7.0)
All-in-One WP Migration Multiple Cross-Site Request Forgery Vulnerabilities (7.1)
All-in-One WP Migration Remote Code Execution (2.0.2) CVE-2014-8794
All-in-One WP Migration Security Bypass (2.0.4)
All-in-One WP Migration Security Bypass (7.14)
All 404 Redirect to Homepage Cross-Site Scripting (1.20) CVE-2021-24326
All 404 Redirect to Homepage Cross-Site Scripting (1.21)
All Category SEO Updater Cross-Site Scripting (0.2.7)
All In One Favicon Cross-Site Scripting (4.6) CVE-2018-13832
All In One Schema.org Rich Snippets Cross-Site Scripting (1.4.4)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Request Forgery (4.2.3.1) CVE-2022-38093
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.0.3)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.2.2)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.2.6.1)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.3.6.1)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.3.7)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.9.1.1)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (3.2.6) CVE-2019-16520
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (3.6.1) CVE-2020-35946
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Information Disclosure (2.2.5.1) CVE-2015-0902
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Multiple Cross-Site Scripting Vulnerabilities (4.2.9) CVE-2023-0585 CVE-2023-0586
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Multiple Vulnerabilities (2.1.5)
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Multiple Vulnerabilities (4.1.5.2) CVE-2021-25036 CVE-2021-25037
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Remote Code Execution (4.1.0.1) CVE-2021-24307
All in One Social Lite Server-Side Request Forgery (1.0)
All in One Support Button+Callback Request. WhatsApp, Messenger, Telegram, LiveChat and more Cross-Site Scripting (1.8.7)
All in One Webmaster Cross-Site Request Forgery (8.2.3) CVE-2013-2696
All in One Webmaster Unspecified Vulnerability (11.0)
Allopass for WP Cross-Site Scripting (1.0.7)
Allow PHP in Posts and Pages 'id' Parameter SQL Injection (2.0.0.RC1)
Allow REL= and HTML in Author Bios Cross-Site Scripting (.1)
All Post Contact Form Arbitrary File Upload (1.1.4)
All Video Gallery 'vid' Parameter Multiple SQL Injection Vulnerabilities (1.1) CVE-2012-6653
All Video Gallery SQL Injection (1.2) CVE-2014-5186
AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3) CVE-2011-3981
AllWebMenus WordPress Menu 'actions.php' Arbitrary File Upload (1.1.8) CVE-2012-1010 CVE-2012-1011
ALO EasyMail Newsletter Cross-Site Request Forgery (2.6.01)
ALO EasyMail Newsletter Cross-Site Request Forgery (2.9.2)
ALO EasyMail Newsletter Cross-Site Scripting (2.8.1)
ALO EasyMail Newsletter Multiple Cross-Site Scripting Vulnerabilities (2.4.7)
ALO EasyMail Newsletter Multiple Vulnerabilities (2.6.00)
Alojapro Widget Cross-Site Scripting (1.1.15) CVE-2021-24530
Alphabetic Pagination Security Bypass (3.0.7)
Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.6.5)
Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.4)
Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.5)
Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.7)
Altos Connect Widget Cross-Site Scripting (1.3.0)
AmazonFeed Cross-Site Scripting (2.1)
Amazon JS Cross-Site Scripting (0.10) CVE-2023-0075
Amazon Product in a Post SQL Injection (3.5.2)
Amazon Tools Cross-Site Scripting (1.7.2)
Amelia-Events & Appointments Booking Calendar Cross-Site Scripting (1.0.46) CVE-2022-0834
Amelia-Events & Appointments Booking Calendar Multiple Vulnerabilities (1.0.45) CVE-2022-0616 CVE-2022-0627 CVE-2022-0687
Amministrazione Trasparente Cross-Site Request Forgery (7.1)
Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375) CVE-2017-18375
Ampache Improper Access Control Vulnerability (CVE-2021-21399) CVE-2021-21399
Ampache Improper Authentication Vulnerability (CVE-2007-4438) CVE-2007-4438
Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929) CVE-2008-3929
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386) CVE-2019-12386
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32644) CVE-2021-32644
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606) CVE-2023-0606
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385) CVE-2019-12385
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153) CVE-2020-15153
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771) CVE-2023-0771
Ampache Other Vulnerability (CVE-2006-5668) CVE-2006-5668
Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665) CVE-2022-4665
AMP extensions Cross-Site Scripting (1.1) CVE-2021-24435
AMP for WP-Accelerated Mobile Pages Multiple Unspecified Vulnerabilities (0.9.72)
AMP for WP-Accelerated Mobile Pages Security Bypass (0.9.97.19)
AMP Toolbox Cross-Site Scripting (1.9.4)
amr shortcode any widget Cross-Site Scripting (4.0) CVE-2022-4458
amtyThumb Cross-Site Scripting (4.1.2)
amtyThumb posts Cross-Site Scripting (8.1.3) CVE-2017-17059
Analyticator Cross-Site Request Forgery (6.4.9.3) CVE-2015-4697
Analyticator Multiple Cross-Site Scripting Vulnerabilities (6.4.9.5) CVE-2015-6238
Analyticator PHP Object Injection (6.5.5) CVE-2022-3425 CVE-2022-4323
Analytics-Gtag Restricted File Upload (1.8.1)
Analytics Cross-Site Scripting (1.2.3)
Analytics Remote Code Execution (1.7)
Analytics Stats Counter Statistics PHP Object Injection (1.2.2.5)
Analytics Tracker Cross-Site Scripting (1.1.0)
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768) CVE-2019-10768
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863) CVE-2019-14863
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7676) CVE-2020-7676
Animal Captcha Cross-Site Scripting (1.6.2)
Animate It! Cross-Site Request Forgery (2.3.5) CVE-2019-17386
Animate It! Cross-Site Scripting (2.3.3) CVE-2019-17384
Animate It! Cross-Site Scripting (2.3.4) CVE-2019-17385
Annonces 'abspath' Parameter Remote File Include (1.2.0.0)
Annonces 'theme.php' Arbitrary File Upload (1.2.0.1)
AnnounceME Cross-Site Scripting (0.3.3)
Another WordPress Classifieds Arbitrary File Upload (3.3.2)
Another WordPress Classifieds Cross-Site Scripting (3.3.1) CVE-2014-9313
Another WordPress Classifieds Multiple Vulnerabilities (2.2.1) CVE-2014-10012 CVE-2014-10013
Another WordPress Classifieds Unspecified Vulnerability (1.8.9.4) CVE-2012-4874
Answer My Question Cross-Site Scripting (1.3)
Answer My Question Multiple Cross-Site Scripting Vulnerabilities (1.1)
Answer My Question SQL Injection (1.3)
Anthologize Cross-Site Scripting (0.7.7)
Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (1.2.05.20)
Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.22)
Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.42)
Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.49)
Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.17.29)
Anti-Malware Security and Brute-Force Firewall Local File Inclusion (4.18.63)
Anti-Malware Security and Brute-Force Firewall Multiple Cross-Site Scripting Vulnerabilities (4.15.17)
Anti-Splog Cross-Site Scripting (2.1.7)
Anti Plagiarism Cross-Site Scripting (3.60) CVE-2016-1000128
Anti Spam Protection without CAPTCHA powered by Keypic Security Bypass (2.1.2)
AnyComment Cross-Site Scripting (0.0.32) CVE-2018-21001
AnyFont Cross-Site Scripting (2.2.3) CVE-2014-4515
AnyMind Widget Cross-Site Request Forgery (1.1) CVE-2022-2435
AnyVar Cross-Site Scripting (0.1.1) CVE-2017-6103
Aoi Tori Cross-Site Scripting (1.1) CVE-2021-24435
aoringo CAT setter Cross-Site Scripting (0.1.1)
aoringo LOG maker Cross-Site Scripting (0.1.3)
aoringo TAG upper Cross-Site Scripting (0.1.6)
Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425
Apache 2.x version equal to 2.0.51 CVE-2004-0811
Apache 2.x version older than 2.0.43 CVE-2002-0840 CVE-2002-1156
Apache 2.x version older than 2.0.45 CVE-2003-0132
Apache 2.x version older than 2.0.46 CVE-2003-0083 CVE-2003-0134 CVE-2003-0189 CVE-2003-0245
Apache 2.x version older than 2.0.47 CVE-2003-0192 CVE-2003-0253 CVE-2003-0254
Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789
Apache 2.x version older than 2.0.49 CVE-2003-0020 CVE-2004-0113 CVE-2004-0174
Apache 2.x version older than 2.0.51 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809
Apache 2.x version older than 2.0.55 CVE-2005-1268 CVE-2005-2088 CVE-2005-2491 CVE-2005-2700 CVE-2005-2728 CVE-2005-2970
Apache 2.x version older than 2.0.61 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847
Apache 2.x version older than 2.0.63 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005
Apache 2.x version older than 2.2.3 CVE-2006-3747
Apache 2.x version older than 2.2.6 CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847
Apache 2.x version older than 2.2.8 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005
Apache 2.x version older than 2.2.9 CVE-2007-6420 CVE-2008-2364
Apache 2.x version older than 2.2.10 CVE-2008-2939 CVE-2010-2791
Apache Denial of service in mod_lua r:parsebody Vulnerability (CVE-2022-29404) CVE-2022-29404
Apache error log escape sequence injection vulnerability CVE-2003-0020
Apache httpd remote denial of service CVE-2011-3192
Apache HTTP Improper Initialization Server Vulnerability (CVE-2022-22719) CVE-2022-22719
Apache HTTP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Server Vulnerability (CVE-2022-22720) CVE-2022-22720
Apache httpOnly cookie disclosure CVE-2012-0053
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2005-2970) CVE-2005-2970
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2008-2364) CVE-2008-2364
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2011-0419) CVE-2011-0419
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517) CVE-2019-9517
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-30522) CVE-2022-30522
Apache HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2004-0747) CVE-2004-0747
Apache HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-11984) CVE-2020-11984
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2007-1741) CVE-2007-1741
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0226) CVE-2014-0226
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217) CVE-2019-0217
Apache HTTP Server Configuration Vulnerability (CVE-2009-1195) CVE-2009-1195
Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6420) CVE-2007-6420
Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2009-3555) CVE-2009-3555
Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2016-0736) CVE-2016-0736
Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070) CVE-1999-0070
Apache HTTP Server CVE-2002-0392 Vulnerability (CVE-2002-0392) CVE-2002-0392
Apache HTTP Server CVE-2002-0839 Vulnerability (CVE-2002-0839) CVE-2002-0839
Apache HTTP Server CVE-2003-0789 Vulnerability (CVE-2003-0789) CVE-2003-0789
Apache HTTP Server CVE-2004-0751 Vulnerability (CVE-2004-0751) CVE-2004-0751
Apache HTTP Server CVE-2004-0786 Vulnerability (CVE-2004-0786) CVE-2004-0786
Apache HTTP Server CVE-2004-0809 Vulnerability (CVE-2004-0809) CVE-2004-0809
Apache HTTP Server CVE-2005-2088 Vulnerability (CVE-2005-2088) CVE-2005-2088
Apache HTTP Server CVE-2005-2700 Vulnerability (CVE-2005-2700) CVE-2005-2700
Apache HTTP Server CVE-2007-3304 Vulnerability (CVE-2007-3304) CVE-2007-3304
Apache HTTP Server CVE-2009-1191 Vulnerability (CVE-2009-1191) CVE-2009-1191
Apache HTTP Server CVE-2009-2699 Vulnerability (CVE-2009-2699) CVE-2009-2699
Apache HTTP Server CVE-2010-0425 Vulnerability (CVE-2010-0425) CVE-2010-0425
Apache HTTP Server CVE-2012-0031 Vulnerability (CVE-2012-0031) CVE-2012-0031
Apache HTTP Server CVE-2012-0053 Vulnerability (CVE-2012-0053) CVE-2012-0053
Apache HTTP Server CVE-2012-0883 Vulnerability (CVE-2012-0883) CVE-2012-0883
Apache HTTP Server CVE-2013-1862 Vulnerability (CVE-2013-1862) CVE-2013-1862
Apache HTTP Server CVE-2013-1896 Vulnerability (CVE-2013-1896) CVE-2013-1896
Apache HTTP Server CVE-2013-2249 Vulnerability (CVE-2013-2249) CVE-2013-2249