Advertisement

Listing of WordPress CMS Exploits

This is live excerpt from our database. Visit Main Site for more exploits.

Date Name Status Solution
2016-05-30WordPress DB Backup Plugin PublishedFix it
2016-05-28WordPress Ninja Forms Unauthenticated File UploadPublishedFix it
2016-05-27WordPress Advanced Video Plugin 1.0 PublishedFix it
2016-05-26WordPress Kento Post View Counter Plugin 2.8 CSRF/XSSPublishedFix it
2016-05-25WordPress Brafton 3.3.10 xssPublishedFix it
2016-05-21WordPress Brafton 3.3.10 Cross Site ScriptingPublishedFix it
2016-05-21WordPress Ghost Plugin 0.5.5 ghost PublishedFix it
2016-05-20Vulnerabilitie XSS in brafton WordPress PluginPublishedFix it
2016-05-18WordPress fresh page phpThumb.phpsrc PublishedFix it
2016-05-17WordPress Easyrotator Plugin File Manipulation VulnerabilityPublishedFix it
2016-05-17WordPress Recommend a friend raf form.phpcurrent url PublishedFix it
2016-05-17WordPress optinfirex /lp/index.phpid PublishedFix it
2016-05-16WordPress Photocart Link Plugin 1.6 Local File InclusionPublishedFix it
2016-05-16WordPress Plugin IMDb Profile Widget 1.0.8 Local File InclusionPublishedFix it
2016-05-16WordPress leenk.me Plugin 2.5.0 CSRF/XSSPublishedFix it
2016-05-15WordPress Seo Link Rotator pusher.phptitle PublishedFix it
2016-05-13WordPress Memphis Document Library Plugin 3.1.5 Arbitrary File DownloadPublishedFix it
2016-05-13WordPress Brandfolder v3.0 PublishedFix it
2016-05-12WordPress SOME bug in plupload.flash.swfPublishedFix it
2016-05-11WordPress Blooog v1.1 Theme jplayer.swf PublishedFix it
2016-05-11WordPress Js Multi Hotel refreshDate.php PublishedFix it
2016-05-10WordPress WP Password login.phperr PublishedFix it
2016-05-10WordPress Photocrati theme ecomm sizes.phpprod id PublishedFix it
2016-05-10WordPress SS Downloads emailform.php PublishedFix it
2016-05-10WordPress Popup Images popup.php PublishedFix it
2016-05-10WordPress Dharma booking Plugin 2.38.3 PublishedFix it
2016-05-10WordPress 4.2.0 4.5.1 XSS PublishedFix it
2016-05-09WordPress AbtestPublishedFix it
2016-05-06WordPress 3.5 /wp includes/js/plupload/plupload.flash.swf PublishedFix it
2016-05-06WordPress WP Cumulus Plugin 1.x 'tagcloud.swf' Cross Site Scripting VulnerabilityPublishedFix it
2016-05-05WordPress 4.5.1 Remote Command ExecutePublishedFix it
2016-05-04WordPress SQL PublishedFix it
2016-05-04WordPress Robo Gallery 2.0.14 Code ExecutionPublishedFix it
2016-05-04WordPress kento post view counter XSSPublishedFix it
2016-05-04WordPress spreadsheet spreadsheet.phppage PublishedFix it
2016-05-03WordPress Export to Ghost Unrestricted Export DownloadPublishedFix it
2016-05-02WordPress 3.3.1 /wp includes/js/swfupload/swfupload.swf PublishedFix it
2016-05-01WordPress Truemag Theme Cross Site ScriptingPublishedFix it
2016-04-23WordPress Memphis Document Library 3.1.5 mdocs img preview PublishedFix it
2016-04-23WordPress Community Events Plugin 1.3.5 SQL Injection VulnerabilityPublishedFix it
2016-04-23WordPress Conversionninja /lp/index.php PublishedFix it
2016-04-23WordPress EZLeadPro lp/index.phpid PublishedFix it
2016-04-22WordPress plugin HDWebplayer 1.1 /wp content/plugins/hd webplayer/config.php SQLPublishedFix it
2016-04-22WordPress iThemes Security Insecure Backup / Logfile GenerationPublishedFix it
2016-04-20WordPress force download.php PublishedFix it
2016-04-19WordPress plugin AllVideoGallery 1.1 /wp content/plugins/all video gallery/config.php SQLPublishedFix it
2016-04-19WordPress Plugins jQuery Html5 File UploadPublishedFix it
2016-04-19WordPress leenk.me Plugin 2.5.0 CSRF/XSSPublishedFix it
2016-04-19WordPress Kento Post View Counter Plugin 2.8 CSRF/XSSPublishedFix it
2016-04-17WordPress Plugin Mega stor Local File InclusionPublishedFix it
2016-04-14WordPress Abtest Plugin Local File InclusionPublishedFix it
2016-04-14WordPress Import CSV Plugin 1.0 Directory TraversalPublishedFix it
2016-04-13WordPress Site Import Plugin 1.0.1 Local and Remote File InclusionPublishedFix it
2016-04-13WordPress Robo Gallery 2.0.14 Code ExecutionPublishedFix it
2016-04-12WordPress DZS Videogallery Plugin <=8.60 Multiple VulnerabilitiesPublishedFix it
2016-04-12WordPress ScoremePublishedFix it
2016-04-11WordPress SI CAPTCHA AntiSpam test/index.php PublishedFix it
2016-04-11WordPress MyBand timthumb.php PublishedFix it
2016-04-11WordPress Spider Video Player settings.php PublishedFix it
2016-04-11WordPress Product Options for WooCommerce Plugin File UploadPublishedFix it
2016-04-10WordPress Multiple Meta Box 1.0 SQL InjectionPublishedFix it
2016-04-08WordPress Beauty & Clean Theme 1.0.8 Arbitrary File Upload VulnerabilityPublishedFix it
2016-04-05WordPress Plugin HB Audio Gallery Lite Arbitrary File DownloadPublishedFix it
2016-04-05WordPress Memphis Document Library Plugin 3.1.5 Path DisclosurePublishedFix it
2016-04-01WordPress Formcraft upload.php PublishedFix it
2016-04-01WordPress Begin go.php urlPublishedFix it
2016-04-01WordPress mTheme Unus css.php PublishedFix it
2016-04-01WordPress Category Page Icons wpdev flash uploader.php PublishedFix it
2016-04-01WordPress Music Store v1.0.14 ms submit.php URLPublishedFix it
2016-04-01WordPress FR0 theme down.php PublishedFix it
2016-04-01WordPress Goodnews PublishedFix it
2016-04-01WordPress Bonuspressx ar submit.php PublishedFix it
2016-03-31WordPress Altos Connect Widget 1.3.0 XSS PublishedFix it
2016-03-31WordPress SP Projects and Document Manager V 2.5.9.6 XSS PublishedFix it
2016-03-31WordPress HB Audio Gallery Lite Plugin 1.0.0 PublishedFix it
2016-03-30WordPress eBook Download Plugin 1.1 PublishedFix it
2016-03-30WordPressProjectTheme2.0.9.5(XSS/CSRF)PublishedFix it
2016-03-29WordPress Music Store 1.0.41 Cross Site ScriptingPublishedFix it
2016-03-29WordPress Photocart Link 1.6 Local File InclusionPublishedFix it
2016-03-29WordPress Visual Form Builder 2.8.6 Cross Site ScriptingPublishedFix it
2016-03-29WordPress IMDb Profile Widget 1.0.8 Local File InclusionPublishedFix it
2016-03-29WordPress CloudFlare 1.3.20 Cross Site ScriptingPublishedFix it
2016-03-29WordPress Claptastic Clap! Button 1.3 Cross Site ScriptingPublishedFix it
2016-03-28WordPress WP All 3.2.3 PublishedFix it
2016-03-28WordPress WPML reminder popup PublishedFix it
2016-03-28WordPress PHP Event Calendar PublishedFix it
2016-03-28WordPress Twenty Fifteen Theme DOMPublishedFix it
2016-03-27WordPress WP External Links 1.80 Cross Site ScriptingPublishedFix it
2016-03-27WordPress Cart66 Lite status PublishedFix it
2016-03-26WordPress Simple Backup 2.7.10 PublishedFix it
2016-03-26WordPress BackupBuddy db 1.sqlwp users.sql PublishedFix it
2016-03-25WordPress Booking Calendar Contact Form 1.0.23 PublishedFix it
2016-03-24WordPress Issuu Panel 1.6 Remote / Local File InclusionPublishedFix it
2016-03-24WordPress Facebook With Login 1.0 Cross Site Scripting / SQL InjectionPublishedFix it
2016-03-23WordPress Brandfolder 3.0 Remote / Local File InclusionPublishedFix it
2016-03-23WordPress Dharma Booking 2.28.3 Remote / Local File InclusionPublishedFix it
2016-03-23WordPress HB Audio Gallery Lite 1.0.0 Arbitrary File DownloadPublishedFix it
2016-03-23WordPress Memphis Document Library 3.1.5 Arbitrary File DownloadPublishedFix it
2016-03-22WordPress WP User Frontend3.4.6PublishedFix it
2016-03-22WordPress RedSteel Theme download.phpPublishedFix it
2016-03-22WordPress Abtest Local File InclusionPublishedFix it
2016-03-22WordPress Import CSV 1.1 Directory TraversalPublishedFix it
2016-03-22WordPress eBook Download 1.1 Directory TraversalPublishedFix it
2016-03-21WordPress site import V1.0.1 PublishedFix it
2016-03-21WordPress Bulk Delete Plugin 5.5.3 PublishedFix it
2016-03-18WordPress CIP4 Folder Download 1.10 PublishedFix it
2016-03-16WordPress slideoptinproxar submit.phpPublishedFix it
2016-03-16WordPress Bulletproof 0.53.2 Cross Site ScriptingPublishedFix it
2016-03-13WordPress WooCommerce 2.4.12 PublishedFix it
2016-03-13WordPress clikstatsck.phpURLPublishedFix it
2016-03-13WordPress Email Encoder Bundle 1.4.3 Stored Cross Site ScriptingPublishedFix it
2016-03-13WordPress WP Mailto Links 2.0.1 Stored Cross Site ScriptingPublishedFix it
2016-03-13WordPress Formcraft upload.phpPublishedFix it
2016-03-12WordPress Booking Calendar Contact Form<=1.1.24 cpabc appointments.phpaddslashes SQL InjePublishedFix it
2016-03-12WordPress Newsletter Prodo.php URLPublishedFix it
2016-03-12WordPress Booking Calendar Contact Form Plugin <=1.1.23 Shortcode SQLPublishedFix it
2016-03-10WordPress ProjectTheme Multiple VulnerabilitiesPublishedFix it
2016-03-08WordPress comment rating plugin edit comments.phptabPublishedFix it
2016-03-08WordPress SP Projects And Document Manager 2.5.9.6 XSS / SQL InjectionPublishedFix it
2016-03-04WordPress Bulk Delete 5.5.3 Privilege EscalationPublishedFix it
2016-03-03WordPress CP Polls 1.0.8 Malicious File DownloadPublishedFix it
2016-03-03WordPress CP Polls 1.0.8 File Upload / Cross Site ScriptingPublishedFix it
2016-03-03WordPress CP Polls 1.0.8 Cross Site Request Forgery / Cross Site ScriptingPublishedFix it
2016-03-02WordPress GravityForms 1.9.15.11 Cross Site ScriptingPublishedFix it
2016-03-01WordPress More Fields 2.1 Cross Site Request ForgeryPublishedFix it
2016-02-29WordPress appointment booking calendar <=1.1.23 Unauthenticated SQL injectionPublishedFix it
2016-02-29WordPress Goodnews Themes Reflected Cross Site ScriptingPublishedFix it
2016-02-26WordPress Ocim MP3 Plugin SQL Injection VulnerabilityPublishedFix it
2016-02-26WordPress Extra User Details Plugin 0.4.2 Privilege EscalationPublishedFix it
2016-02-26WordPress User Submitted Posts 20151113 Cross Site ScriptingPublishedFix it
2016-02-21WordPress /wp content/plugins/extredj/red.php Open RedirectionPublishedFix it
2016-02-20WordPress Extredj red.php ext URLPublishedFix it
2016-02-16WordPress Formcraft Plugin File Upload VulnerabilityPublishedFix it
2016-02-14WordPress Extredj Plugin URL PublishedFix it
2016-02-12WordPress Duplicator 1.1.0 / 1.2.0 Cross Site Request ForgeryPublishedFix it
2016-02-10WordPress 4.4.2 SSRF and open redirect vulnerabilityPublishedFix it
2016-02-10WordPress WooCommerce 1.5.5 Privilege EscalationPublishedFix it
2016-02-09WordPress Newsletter Pro Plugin Open RedirectPublishedFix it
2016-02-09WordPress clikstats plugin Open RedirectPublishedFix it
2016-02-09WordPress Smallbiz Themes Remote File Uploads VulnerabilityPublishedFix it
2016-02-08WordPress User Meta Manager 3.4.6 Privilege EscalationPublishedFix it
2016-02-08WordPress Instagram 1.1.0 Cross Site ScriptingPublishedFix it
2016-02-07WordPress User Meta Manager Plugin [Blind SQLI]PublishedFix it
2016-02-04WordPress Instagram Plugin 1.1.0 Cross Site ScriptingPublishedFix it
2016-02-03WordPress Plugin 2.5.2 XSS VulnerabilityPublishedFix it
2016-02-01WordPress Comment Rating 1.5.0 Cross Site ScriptingPublishedFix it
2016-01-31WordPress Download Manager 2.3.0 XSSPublishedFix it
2016-01-31WordPress simple add pages or posts CSRF VulnerabilityPublishedFix it
2016-01-29WordPress Appointment Booking Calendar 1.1.24 Escalation / XSSPublishedFix it
2016-01-29WordPress Appointment Booking Calendar 1.1.24 SQL InjectionPublishedFix it
2016-01-29WordPress WP Backitup Lite PublishedFix it
2016-01-29WordPress Tubepress v2.0 popup.php name XSS PublishedFix it
2016-01-28WordPressStanford themewp content/themes/stvp/jwplayer.phpXSSPublishedFix it
2016-01-28WordPress Easy Gallery 4.1.4 Cross Site ScriptingPublishedFix it
2016-01-28WordPress Tubepress Plugin V2 /wp content/plugins/tubepress/common/popup.php?name PublishedFix it
2016-01-28WordPress Feed Statistics Plugin V 1.4.3 feed statistics.php PublishedFix it
2016-01-28WordPress Feed Statistics V1.4.3 feed statistics.php url URLPublishedFix it
2016-01-26WordPress Appointment Booking Calendar 1.1.23 SQL InjectionPublishedFix it
2016-01-23WordPress AzonPop1.0.0/wp content/plugins/AzonPop/files/view/showpopup.phpSQLPublishedFix it
2016-01-21WordPress Tubepress v2.0 popup.php name XSSPublishedFix it
2016-01-21WordPress Media Library Categories plugin <= 1.0.6 SQL Injection VulnerabilityPublishedFix it
2016-01-20WordPress Extredj Open RedirectionPublishedFix it
2016-01-15WordPress Tubepress Plugin v 2 Cross Site ScriptingPublishedFix it
2016-01-15WordPress '.phtml'PublishedFix it
2016-01-14WordPress Tubepress 2 Cross Site ScriptingPublishedFix it
2016-01-14WordPress No External Links 2.6.3 / 2.7.1 Open RedirectPublishedFix it
2016-01-14WordPress Commentator 2.5.2 Cross Site ScriptingPublishedFix it
2016-01-12WordPress JS External Link Info 1.21 Open RedirectPublishedFix it
2016-01-10WordPress <4.4.1 wp admin/customize.php xssPublishedFix it
2016-01-09WordPress Symposium Pro Social 15.12 XSS / CSRFPublishedFix it
2016-01-09WordPress Feed Statistics Plugin V 1.4.3 Open RedirectPublishedFix it
2016-01-09WordPress AzonPop Plugin SQL InjectionPublishedFix it
2016-01-08WordPress Stanford Theme Cross Site ScriptingPublishedFix it
2016-01-07WordPress Revslider PublishedFix it
2015-12-31WordPress 3.1.3 SQL Injection VulnerabilitiesPublishedFix it
2015-12-31WordPress plugin mygallery <= 1.4b4 Remote File Inclusion VulnerabilityPublishedFix it
2015-12-29WordPress Cool Video GalleryPublishedFix it
2015-12-24WordPress Copperleaf Photolog 0.16 SQL injectionPublishedFix it
2015-12-24WordPress Plugin Sell Download v1.0.16 PublishedFix it
2015-12-23WordPress <= 2.3.1 Charset Remote SQL Injection VulnerabilityPublishedFix it
2015-12-23WordPress Content Text Slider On Post 6.8 Cross Site ScriptingPublishedFix it
2015-12-22WordPress Double Opt in for DownloadSQLPublishedFix it
2015-12-22WordPress Auto ThickBox PlusPublishedFix it
2015-12-21WordPress Gallery Master Persistent XSS VulnerabilityPublishedFix it
2015-12-21WordPress woocommerce plugin v2.4.12 PHP Code Injection VulnerabilityPublishedFix it
2015-12-19WordPress IBS Mappro PublishedFix it
2015-12-18WordPress Portfolio 2.27 Cross Site ScriptingPublishedFix it
2015-12-18WordPress Limit Attempts 1.0.3 Cross Site Request ForgeryPublishedFix it
2015-12-18WordPress PDF And Print 1.7.4 Cross Site ScriptingPublishedFix it
2015-12-18WordPress Social Essentials Social Stats And Sharing Buttons 1.3.1 XSSPublishedFix it
2015-12-18WordPress Quotes And Tips 1.19 Cross Site ScriptingPublishedFix it
2015-12-18WordPress Twitter 2.37 Cross Site ScriptingPublishedFix it
2015-12-18WordPress Sender 0.7 Cross Site ScriptingPublishedFix it
2015-12-18WordPress Google Adsense 1.29 Cross Site ScriptingPublishedFix it
2015-12-18WordPress User Role 1.4.1 Cross Site ScriptingPublishedFix it
2015-12-18WordPress Sender 0.7 Cross Site Request ForgeryPublishedFix it
2015-12-18WordPress Relevant Related Posts 1.0.7 Cross Site ScriptingPublishedFix it
2015-12-18WordPress Limit Attempts 1.0.3 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Symposium 14.05.02 Cross Site Request ForgeryPublishedFix it
2015-12-17WordPress Htaccess 1.4 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Simple Booking Calendar 1.3 Cross Site Request ForgeryPublishedFix it
2015-12-17WordPress Donate 2.0.1 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Gallery 4.2.1 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Google Captcha 1.05 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Google Sitemap 2.9.1 Cross Site ScriptingPublishedFix it
2015-12-17WordPress NextGEN Gallery 2.0.66.16 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Job Board 1.0.0 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Contact Form To DB 1.4.0 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Contact Form 3.81 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Email Queue 1.0.0 Cross Site Request ForgeryPublishedFix it
2015-12-17WordPress Facebook Like Button 2.32 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Google +1 1.1.6 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Captcha 4.0.2 Cross Site ScriptingPublishedFix it
2015-12-17WordPress BestWebSoft Google Maps 1.2.1 Cross Site ScriptingPublishedFix it
2015-12-17WordPress Begin Themes Open Redirect VulnerabilityPublishedFix it
2015-12-17WordPress Symposium 14.05.02 Cross Site ScriptingPublishedFix it
2015-12-16WordPress All Video Gallery 1.1 SQL Injection VulnerabilityPublishedFix it
2015-12-16WordPress Tierra Billboard Manager 1.14 SQL InjectionPublishedFix it
2015-12-15WordPress Plugin 3.2.4 404 Error Page Cross Site Scripting VulnerabilityPublishedFix it
2015-12-15WordPress Admin Management Xtended 2.4.0 Privilege EscalationPublishedFix it
2015-12-15WordPress Plugin Tierra Billboard Manager SQL Injection VulnerabilityPublishedFix it
2015-12-14WordPress Polls Widget Plugin 1.0.7 SQL PublishedFix it
2015-12-14WordPress Ad King Pro Stored XSS VulnerabilityPublishedFix it
2015-12-13WordPress 4.4 User EnumerationPublishedFix it
2015-12-11WordPress S3 Video Remote Shell UploadPublishedFix it
2015-12-10WordPress agp font awesome collection Stored XSSPublishedFix it
2015-12-09WordPress Poll Widget 1.0.7 SQL InjectionPublishedFix it
2015-12-09WordPress Content text slider on post Stored XSSPublishedFix it
2015-12-09WordPress Squirrel Theme 1.6.4 Remote File InclusionPublishedFix it
2015-12-06WordPress TheCartPress 1.4.7 Code Execution / Local File DisclosurePublishedFix it
2015-12-05WordPress Advanced Uploader 2.10 Shell UploadPublishedFix it
2015-12-05WordPress "Js Support Ticket" File Upload Bypass ExtensionsPublishedFix it
2015-12-04WordPress Ultimate Member 1.3.28 Cross Site ScriptingPublishedFix it
2015-12-04WordPress Users Ultra Plugin 1.5.50 Persistent PublishedFix it
2015-12-04WordPress Calls To Action 2.4.3 Cross Site ScriptingPublishedFix it
2015-12-04WordPress Role Scoper 1.3.66 Cross Site ScriptingPublishedFix it
2015-12-04WordPress Gwolle Guestbook 1.5.3 Remote File InclusionPublishedFix it
2015-12-04WordPress Users Ultra 1.5.50 Cross Site ScriptingPublishedFix it
2015-12-04WordPress Cool Video Gallery 1.9 Command InjectionPublishedFix it
2015-12-04WordPress Users Ultra 1.5.50 SQL InjectionPublishedFix it
2015-12-04WordPress Users Ultra Plugin 1.5.50 Blind SQL PublishedFix it
2015-11-30WordPress Neuvoo JobrollPublishedFix it
2015-11-30WordPress Auto ThickBox Plus XSS VulnerabilityPublishedFix it
2015-11-30WordPress theme parallelus salutation Arbitrary File Download VulnerabilityPublishedFix it
2015-11-24WordPress < 4.1.2 Stored XSS vulnerabilityPublishedFix it
2015-11-23WordPress Plugin E commerce <= 3.8.4 SQL Injection ExploitPublishedFix it
2015-11-22WordPress Category and Page Icons File UploadPublishedFix it
2015-11-20WordPress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilitiesPublishedFix it
2015-11-20WordPress ajax load more Authenticated Arbitrary2.8.2 File Upload VulnerabilityPublishedFix it
2015-11-18WordPress Users Ultra 1.5.50 Unrestricted File UploadPublishedFix it
2015-11-15WordPress miniaudioplayer /wp content/plugins/wp miniaudioplayer/map download.php PublishedFix it
2015-11-14WordPress i1.wp.com Functionality AbusePublishedFix it
2015-11-10WordPress Ajax Load More PHP UploadPublishedFix it
2015-11-09WordPress AdRotate plugin <= 3.6.6 SQL Injection VulnerabilityPublishedFix it
2015-11-07WordPress Plugin easy comment uploads File Upload VulendrabilityPublishedFix it
2015-11-06WordPress Neuvoo Jobroll 2.0 Cross Site ScriptingPublishedFix it
2015-10-31WordPress Plugin 4.3.0 SQL Injection VulnerabilityPublishedFix it
2015-10-27WordPress <=3.4.1 registration functions.phpPublishedFix it
2015-10-27WordPress Tune Library Plugin 1.5.4 /tune library.php SQLPublishedFix it
2015-10-24WordPress N Media Website Contact Form 1.3.4 /classes/plugin.class.php PublishedFix it
2015-10-23WordPress MiwoFTP 1.0.4 /admin/quixplorer/ include/fun down.php PublishedFix it
2015-10-22WordPress Plugin Custom Pages 0.5.0.1 LFI VulnerabilityPublishedFix it
2015-10-19WordPress Ajax Load More Plugin < 2.8.2 File Upload VulnerabilityPublishedFix it
2015-10-19WordPress Events Made Easy 1.5.49 CSRF / XSSPublishedFix it
2015-10-16WordPress HUGE IT Video Gallery 1.3.6 CSRF VulnerabilityPublishedFix it
2015-10-14WordPress 2.1.3 Akismet Plugin Unspecified VulnerabilityPublishedFix it
2015-10-13WordPress Pie Register 2.0.18 SQL InjectionPublishedFix it
2015-10-13WordPress Font 7.5 Path TraversalPublishedFix it
2015-10-13WordPress and Pyrmont 2.x SQL Injection VulnerabilityPublishedFix it
2015-10-13WordPress Pie Register 2.0.18 Cross Site ScriptingPublishedFix it
2015-10-10WordPress History Collection Plugin 1.1.1 download.php PublishedFix it
2015-10-10WordPress simplemail plugin 1.0.6 Stored XSSPublishedFix it
2015-10-08WordPress Support Ticket System 1.2 SQL InjectionPublishedFix it
2015-10-07WordPress Easy2Map 1.2.9 Cross Site ScriptingPublishedFix it
2015-10-07WordPress ResAds 1.0.1 Cross Site ScriptingPublishedFix it
2015-10-07WordPress Easy2Map 1.2.9 Local File Inclusion / Directory TraversalPublishedFix it
2015-10-07WordPress Payment Form For PayPal Pro 1.0.1 XSSPublishedFix it
2015-10-07WordPress U Design Theme 2.7.9 Cross Site ScriptingPublishedFix it
2015-10-03WordPress DB Backup Plugin 4.5 /download.php PublishedFix it
2015-10-01WordPress Better wp security Plugin Remote Code ExecutionPublishedFix it
2015-09-30WordPress mTheme Unus Local File InclusionPublishedFix it
2015-09-29WordPress popup maker Stored XSSPublishedFix it
2015-09-29WordPress Pinboard 1.1.10 Theme Reflected XSSPublishedFix it
2015-09-29WordPress Appointment Booking Calendar 1.1.7 SQL InjectionPublishedFix it
2015-09-28WordPress RevSlider 3.0.3 PublishedFix it
2015-09-28WordPress Esplanade 1.1.4 Theme Reflected XSSPublishedFix it
2015-09-27WordPress wordpress popup Reflected XSSPublishedFix it
2015-09-25WordPress 3.8.2 cookie PublishedFix it
2015-09-24WordPress StageShow Plugin 'stageshow redirect.php' PublishedFix it
2015-09-24WordPress wp downloadmanager stored XSSPublishedFix it
2015-09-22WordPress Landing Pages 1.8.4 Cross Site Scripting ( CVE 2015 4065 )PublishedFix it
2015-09-21WordPress WP Shop 3.4.3.18 Cross Site ScriptingPublishedFix it
2015-09-20WordPress Vertical Image Slider 1.0 CSRF / XSSPublishedFix it
2015-09-19WordPress <= 4.3.0 PublishedFix it
2015-09-19WordPress <=4.2.2 PublishedFix it
2015-09-19WordPress <= 4.3.0 PublishedFix it
2015-09-18WordPress CP Reservation Calendar Plugin 1.1.6 SQL InjectionPublishedFix it
2015-09-17WordPress sourceAFRICA Plugin Cross Site ScriptingPublishedFix it
2015-09-16WordPress GigPress XSSPublishedFix it
2015-09-16WordPress Widgetize pages Light XSSPublishedFix it
2015-09-15WordPress Video Player Stored XSS/CSRFPublishedFix it
2015-09-15WordPress video player stored XSSPublishedFix it
2015-09-15WordPress plugin Ultimate Addons Cross Site ScriptingPublishedFix it
2015-09-15WordPress KVS Player Stored XSS/CSRFPublishedFix it
2015-09-14WordPress White Label Framework 2.0.6 XSS VulnerabilityPublishedFix it
2015-09-14WordPress Car Rental System SQL Injection VulnerabilityPublishedFix it
2015-09-14WordPress Plugin Slider Revolution 3.0.95 PublishedFix it
2015-09-11WordPress media file manager advanced Plugin Multiple VulnerabilitesPublishedFix it
2015-09-11WordPress Plugin Slider Revolution <= 4.1.4 PublishedFix it
2015-09-10WordPress Paypal Currency Converter Basic For Woocommerce File ReadPublishedFix it
2015-09-10WordPress Crash Ultimate Addons for Visual Composer vulnerabilityPublishedFix it
2015-09-09WordPress CM Download Manager 2.0.0 /lib/controllers/CMdownloadController.php PublishedFix it
2015-09-07WordPress Really Simple Guest Post Plugin 1.0.6 /simple guest post submit.php PublishedFix it
2015-09-07WordPress WP Mobile Edition Plugin 2.2.7 /wp content/themes/mTheme Unus/css/css.php PublishedFix it
2015-09-06WordPress eShop Plugin Reflected XSSPublishedFix it
2015-09-06WordPress Easy Media Gallery Stored XSSPublishedFix it
2015-09-06WordPress LeagueManager Plugins 3.9.11 /lib/core.php SQLPublishedFix it
2015-09-06WordPress dzs zoomsounds Plugins 2.0 /admin/upload.php PublishedFix it
2015-09-04WordPress WP Symposium Plugin Cross Site ScriptingPublishedFix it
2015-09-02WordPress WP SymposiumSQLPublishedFix it
2015-09-02WordPress Responsive Thumbnail Slider Plugin 1.0 Arbitrary File UploadPublishedFix it
2015-09-01WordPress Shopping Cart 3.0.4 PublishedFix it
2015-09-01WordPress Swim Team Plugin 1.44.10777 Arbitrary File DownloadPublishedFix it
2015-09-01WordPress Testimonial Slider 1.2.1 Cross Site ScriptingPublishedFix it
2015-09-01WordPress sourceAFRICA 0.1.3 Cross Site ScriptingPublishedFix it
2015-09-01WordPress NewStatPress Plugin 0.9.8 xss+sqlPublishedFix it
2015-08-31WordPress Googmonify Plugin 0.8.1 XSS/CSRFPublishedFix it
2015-08-30WordPress Captain Slider 1.0.6 Cross Site ScriptingPublishedFix it
2015-08-29WordPress Navis DocumentCloud 0.1 Cross Site ScriptingPublishedFix it
2015-08-29NextGen Gallery WordPress Plugin LFI/Path TraversalPublishedFix it
2015-08-29WordPress Responsive Thumbnail Slider Stored XSSPublishedFix it
2015-08-29WordPress Responsive Thumbnail Slider 1.0 Shell UploadPublishedFix it
2015-08-29WordPress Private Only 3.5.1 CSRF / Cross Site ScriptingPublishedFix it
2015-08-27WordPress YouTube Embed 3.3.2 Cross Site ScriptingPublishedFix it
2015-08-26WordPress theme Dosimple XSS VulnerabilityPublishedFix it
2015-08-26WordPress Car Rental System SQL InjectionPublishedFix it
2015-08-25WordPress theme Doraa XSS VulnerabilityPublishedFix it
2015-08-24WordPress Googmonify 0.8.1 Cross Site Request Forgery / Cross Site ScriptingPublishedFix it
2015-08-21WordPress Amazonify Plug in XSS/CSRFPublishedFix it
2015-08-20WordPress WP Slider Plugin Cross Site ScriptingPublishedFix it
2015-08-20WordPress 1.5.8 Simple PopUp Plugin Cross Site ScriptingPublishedFix it
2015-08-20WordPress Maintenance Mode Cross Site ScriptingPublishedFix it
2015-08-20WordPress WP Fade in Text News Plugin Cross Site ScriptingPublishedFix it
2015-08-19WordPress Tag Miner Cross Site Request ForgeryPublishedFix it
2015-08-18Dorks Multiple WordPress passwords disclosurePublishedFix it
2015-08-17WordPress Tag Miner Cross Site ScriptingPublishedFix it
2015-08-14WordPress OAuth2 Complete 3.1.3 Insecure RandomPublishedFix it
2015-08-10WordPress 3.8.1 / 3.8.2 / 4.2.2 Cross Site Request ForgeryPublishedFix it
2015-08-08WordPress Avenir Soft Direct Download Plug in XSS/CSRFPublishedFix it
2015-08-08WordPress 4.2.3 and earlier SQL Injection Vulnerability PublishedFix it
2015-08-06WordPress example.html PublishedFix it
2015-08-05WordPress Altos Connect Widget 1.3.0 Cross Site ScriptingPublishedFix it
2015-08-05WordPress Ninja Forms 2.9.21 Cross Site ScriptingPublishedFix it
2015-08-05WordPress Database Sync 0.4 Cross Site ScriptingPublishedFix it
2015-08-05WordPress Admin Pack By Site Caseiro 1.1 Cross Site ScriptingPublishedFix it
2015-08-03WordPress 1 Click Retweet/Share/Like 5.2 Cross Site ScriptingPublishedFix it
2015-08-03WordPress Advance Categorizer 0.3 Cross Site ScriptingPublishedFix it
2015-08-03WordPress Copy Or Move Comments 1.0.0 Cross Site ScriptingPublishedFix it
2015-08-03WordPress F/T/G Social Widgets 1.3.7 Cross Site ScriptingPublishedFix it
2015-08-03WordPress Customize Youtube Videos 0.2 Cross Site ScriptingPublishedFix it
2015-08-03WordPress Advertisement Management 1.0 Cross Site ScriptingPublishedFix it
2015-08-03WordPress Chief Editor 3.6.1 Cross Site ScriptingPublishedFix it
2015-07-29WordPress Flickr Justified Gallery 3.3.6 Cross Site ScriptingPublishedFix it
2015-07-28WordPress Unite Gallery Lite 1.4.6 CSRF / SQL InjectionPublishedFix it
2015-07-28WordPress Music Store 1.0.14 Open RedirectPublishedFix it
2015-07-27Unite Gallery Lite WordPress Plugin v1.4.6 Cross Site Request Forgery & SQL InjectionPublishedFix it
2015-07-23WordPress Paid Memberships Pro 1.8.4.2 Cross Site ScriptingPublishedFix it
2015-07-22WordPress Portfolio 1.0 Cross Site Request ForgeryPublishedFix it
2015-07-21WordPress Mailcwp 1.99 Shell UploadPublishedFix it
2015-07-17WordPress BuddyPress Activity Plus 1.5 CSRF / File DeletionPublishedFix it
2015-07-17WordPress WP Attachment Export 0.2.3 Arbitrary File DownloadPublishedFix it
2015-07-17WordPress Subscribe To Comments 2.1.2 LFI / Code ExecutionPublishedFix it
2015-07-16WordPress ibs mappro Plugin Arbitrary File Download VulnerabilityPublishedFix it
2015-07-15WordPress Image Export 1.1 Arbitrary File DownloadPublishedFix it
2015-07-15WordPress Plotly 1.0.2 Cross Site ScriptingPublishedFix it
2015-07-13WordPress WP SwimTeam 1.44.10777 Arbitrary File DownloadPublishedFix it
2015-07-13WordPress GD bbPress Attachments 2.1 Local File InclusionPublishedFix it
2015-07-13WordPress GD bbPress Attachments 2.1 Cross Site ScriptingPublishedFix it
2015-07-13WordPress CP Contact Form With Paypal 1.1.5 CSRF / XSS / SQL InjectionPublishedFix it
2015-07-08WordPress MDC Youtube Downloader 2.1.0 File DisclosurePublishedFix it
2015-07-08WordPress WP Ecommerce Shop Styling 2.5 File DownloadPublishedFix it
2015-07-07WordPress easy2map 1.24 SQL InjectionPublishedFix it
2015-06-27WordPress WP Instance Rename 1.0 File DownloadPublishedFix it
2015-06-25WordPress huge it slider 2.7.5 & Persistent JS HTML Code injectionPublishedFix it
2015-06-25WordPress Nextend Twitter Connect 1.5.1 Cross Site ScriptingPublishedFix it
2015-06-24WordPress Nextend Facebook Connect 1.5.4 Cross Site ScriptingPublishedFix it
2015-06-24WordPress Google Analyticator 6.4.9.3 CSRFPublishedFix it
2015-06-24WordPress Revslider Arbitrary File Upload, Download & Cross Site ScriptingPublishedFix it
2015-06-19WordPress Revslider 4.2.2 XSS / Information DisclosurePublishedFix it
2015-06-16WordPress Yoast 2.1.1 Cross Site ScriptingPublishedFix it
2015-06-16Yoast WordPress SEO Plugin <= 2.1.1 Stored Authenticated XSSPublishedFix it
2015-06-16WordPress Users To CSV 1.4.5 Cross Site Request ForgeryPublishedFix it
2015-06-12WordPress History Collection <=1.1.1 Arbitraty File DownloadPublishedFix it
2015-06-11WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell UploadPublishedFix it
2015-06-09WordPress Plugin 'WP Mobile Edition' LFI VulnerabilityPublishedFix it
2015-06-07Xloner v3.1.2 wordpress plugin authenticated command execution and XSSPublishedFix it
2015-06-05WordPress zM Ajax Login & Register Plugin 1.0.9 Local File InclusionPublishedFix it
2015-06-02WordPress UserPro 2.33 Cross Site ScriptingPublishedFix it
2015-05-27WordPress Estrutura Basica File DisclosurePublishedFix it
2015-05-27WordPress MailChimp Subscribe Forms 1.1 Remote Code ExecutionPublishedFix it
2015-05-27WordPress Church Admin 0.800 Cross Site ScriptingPublishedFix it
2015-05-26WordPress plugin "GigPress" SQLi vulnerabilitiesPublishedFix it
2015-05-26WordPress plugin "NewStatPress" Multiple vulnerabilitiesPublishedFix it
2015-05-26WordPress plugin "WordPress Landing Pages" Multiple vulnerabilitiesPublishedFix it
2015-05-26WordPress church admin Stored XSSPublishedFix it
2015-05-23WordPress Video Gallery 2.8 Unprotected Mail Page *youtubePublishedFix it
2015-05-22WordPress FeedWordPress Plugin 2015.0426 SQL InjectionPublishedFix it
2015-05-22WordPress WP Photo Album Plus 6.1.2 Cross Site ScriptingPublishedFix it
2015-05-22WordPress WP Membership Plugin 1.2.3 Multiple VulnerabilitiesPublishedFix it
2015-05-19WordPress Simple Backup Plugin Arbitrary DownloadPublishedFix it
2015-05-19WordPress 'WP Backup Plus' Plugin Exposure Backup File to Unauthorized ControlPublishedFix it
2015-05-19WordPress 'Snapshot Pro' Plugin Exposure Backup File to Unauthorized ControlPublishedFix it
2015-05-19WordPress 'BackupBuddy' Plugin Exposure Backup File to Unauthorized ControlPublishedFix it
2015-05-18WordPress 'ALL Themes' Developed By "ThemeMakers" File Information ExposurePublishedFix it
2015-05-18WordPress 'WP Security Scan(Acunetix)' Exposure Backup File Unauthorized ControlPublishedFix it
2015-05-14WordPress Contact Form To Email Plugin CSRF / XSSPublishedFix it
2015-05-11WordPress Yet Another Related Posts 4.2.4 CSRF / XSS / Code ExecutionPublishedFix it
2015-05-08WordPress ClickBank Ads 1.7 CSRF / Cross Site ScriptingPublishedFix it
2015-05-08WordPress Freshmail Unauthenticated SQL InjectionPublishedFix it
2015-05-08WordPress Ultimate Profile Builder 2.3.3 CSRF / Cross Site ScriptingPublishedFix it
2015-05-08WordPress Ad Inserter 1.5.2 XSRF / XSSPublishedFix it
2015-05-08WordPress Embed Articles 7.0.3 XSRF / XSSPublishedFix it
2015-05-08WordPress Ad Buttons 2.3.1 CSRF / Cross Site ScriptingPublishedFix it
2015-05-08WordPress RevSlider 3.0.95 File Upload / ExecutePublishedFix it
2015-05-08WordPress Twenty Fifteen 4.2.1 Cross Site ScriptingPublishedFix it
2015-05-07WordPress eShop 6.3.11 Code ExecutionPublishedFix it
2015-05-06WordPress 4.2.1 XSS / Code ExecutionPublishedFix it
2015-05-05WordPress Ultimate Product Catalogue 3.1.2 XSS / CSRF / File UploadPublishedFix it
2015-04-30TheCartPress WordPress plugin 1.3.9 Multiple VulnsPublishedFix it
2015-04-28WordPress Exquisite Ultimate Newspaper 1.3.3 Cross Site ScriptingPublishedFix it
2015-04-28WordPress Premium SEO Pack 1.8.0 Shell Upload / File DisclosurePublishedFix it
2015-04-28WordPress WooCommerce Amazon Affiliates 7.0 Shell Upload / File DisclosurePublishedFix it
2015-04-27WordPress Ultimate Product Catalogue 3.1.4 VulnerabilityPublishedFix it
2015-04-27WordPress 4.2 Stored XSSPublishedFix it
2015-04-27WordPress InBoundio Marketing 2.0 Shell UploadPublishedFix it
2015-04-27WordPress WPshop eCommerce 1.3.9.5 Shell UploadPublishedFix it
2015-04-22WordPress Add Link To Facebook 1.215 Cross Site ScriptingPublishedFix it
2015-04-22WordPress Yoast Google Analytics Cross Site ScriptingPublishedFix it
2015-04-21WordPress SlideShow Gallery Authenticated File UploadPublishedFix it
2015-04-20WordPress Content Slide 1.4.2 CSRF / Cross Site ScriptingPublishedFix it
2015-04-20WordPress Reflex Gallery UploadPublishedFix it
2015-04-20WordPress N Media Website Contact Form UploadPublishedFix it
2015-04-20WordPress Creative Contact Form UploadPublishedFix it
2015-04-20WordPress Work The Flow UploadPublishedFix it
2015-04-20WordPress Citizen Space 1.1 Cross Site ScriptingPublishedFix it
2015-04-17WordPress Ajax Store Locator 1.2 SQL Injection VulnerabilityPublishedFix it
2015-04-17WordPress WP Statistics 9.1.2 Cross Site ScriptingPublishedFix it
2015-04-17WordPress Ajax Store Locator <= 1.2 SQL Injection VulnerabilityPublishedFix it
2015-04-15WordPress MiwoFTP Plugin 1.0.5 Multiple CSRF XSS VulnerabilitiesPublishedFix it
2015-04-15WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Creation Exploit (RCE)PublishedFix it
2015-04-15WordPress Video Gallery 2.8 SQL InjectionPublishedFix it
2015-04-15WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion ExploitPublishedFix it
2015-04-13WordPress N Media Website Contact Form with File Upload 1.3.4 Shell Upload VulnerabilityPublishedFix it
2015-04-13WordPress Work The Flow File Upload 2.5.2 Arbitrary File Upload VulnerabilityPublishedFix it
2015-04-13WordPress Plugin 'WP Mobile Edition' 2.7 Remote File Disclosure VulnerabilityPublishedFix it
2015-04-13WordPress Duplicator <= 0.5.14 SQL Injection & CSRFPublishedFix it
2015-04-11WordPress Duplicator 0.5.14 Cross Site Request Forgery / SQL InjectionPublishedFix it
2015-04-11WordPress Fusion Engage Local File DisclosurePublishedFix it
2015-04-10WordPress Windows Desktop And iPhone Photo Uploader File UploadPublishedFix it
2015-04-09WordPress All In One WP Security & Firewall 3.9.0 SQL Injection VulnerabilityPublishedFix it
2015-04-09WordPress Traffic Analyzer Plugin 3.4.2 Blind SQL InjectionPublishedFix it
2015-04-09WordPress Shareaholic 7.6.0.3 Cross Site ScriptingPublishedFix it
2015-04-09WordPress SP Project & Document Manager 2.5.3 Blind SQL InjectionPublishedFix it
2015-04-07WordPress Work The Flow 2.5.2 Shell UploadPublishedFix it
2015-04-05WordPress Video Gallery Plugin 2.8 Multiple CSRF VulnerabilitiesPublishedFix it
2015-04-05WordPress WP Easy Slideshow Plugin 1.0.3 Multiple VulnerabilitiesPublishedFix it
2015-04-04WordPress PHP Event Calendar 1.5 Arbitrary File UploadPublishedFix it
2015-04-04WordPress Simple Ads Manager 2.5.94 File UploadPublishedFix it
2015-04-04WordPress Simple Ads Manager 2.5.94 / 2.5.96 Information DisclosurePublishedFix it
2015-04-04WordPress Simple Ads Manager 2.5.94 / 2.5.96 SQL InjectionPublishedFix it
2015-04-03WordPress VideoWhisper Video Presentation 3.31.17 Shell UploadPublishedFix it
2015-04-03WordPress Simple Ads Manager 2.5.94 Arbitrary File UploadPublishedFix it
2015-04-03WordPress VideoWhisper Video Conference Integration 4.91.8 Shell UploadPublishedFix it
2015-04-03WordPress Simple Ads Manager Information DisclosurePublishedFix it
2015-04-03WordPress Better wp security Plugin Remote Code ExecutionPublishedFix it
2015-04-03WordPress VideoWhisper Video Presentation 3.31.17 Remote File UploadPublishedFix it
2015-04-03WordPress DesignFolio+ Theme File UploadPublishedFix it
2015-04-03WordPress Revolution Slider File UploadPublishedFix it
2015-04-03WordPress Simple Ads Manager Plugin Multiple SQL InjectionPublishedFix it
2015-04-01WordPress Business Intelligence Lite 1.6.1 SQL InjectionPublishedFix it
2015-03-31WordPress Plugin Slider Revolution <= 4.1.4 Arbitrary File Download vulnerabilityPublishedFix it
2015-03-31WordPress aspose doc exporter Plugin 1.0 Arbitrary File Download VulnerabilityPublishedFix it
2015-03-30WordPress aspose doc exporter Plugin Arbitrary File Download VulnerabilityPublishedFix it
2015-03-28WordPress Aspose Cloud eBook Generator Plugin Arbitrary File DownloadPublishedFix it
2015-03-27WordPress Aspose Cloud eBook Generator File DownloadPublishedFix it
2015-03-26WordPress Marketplace 2.4.0 Add AdministratorPublishedFix it
2015-03-26WordPress Theme Arbitrary File Download VulnerabilityPublishedFix it
2015-03-24WordPress Marketplace 2.4.0 Arbitrary File DownloadPublishedFix it
2015-03-24WordPress Plugin InBoundio Marketing 1.0 Shell Upload VulnerabilityPublishedFix it
2015-03-24WordPress AB Google Map Travel CSRF / XSSPublishedFix it
2015-03-24WordPress MP3 Jplayer 2.1 Local File DisclosurePublishedFix it
2015-03-17WordPress SEO by Yoast 1.7.3.3 Blind SQL InjectionPublishedFix it
2015-03-17WordPress WPML Multiple VulnerabilitiesPublishedFix it
2015-03-17WordPress Reflex Gallery 3.1.3 Shell UploadPublishedFix it
2015-03-17WordPress WPML Missing AuthenticationPublishedFix it
2015-03-13WordPress WPML XSS / Deletion / SQL InjectionPublishedFix it
2015-03-13WordPress SEO By Yoast 1.7.3.3 SQL InjectionPublishedFix it
2015-03-13WordPress Huge IT Slider 2.6.8 SQL InjectionPublishedFix it
2015-03-12WordPress Daily Edition Theme 1.6.2 Path DisclosurePublishedFix it
2015-03-12WordPress Daily Edition Theme 1.6.2 Cross Site ScriptingPublishedFix it
2015-03-11WordPress Fraction Theme 1.1.1 Privilege EscalationPublishedFix it
2015-03-10WordPress Yoast Google Analytics 5.3.2 Cross Site ScriptingPublishedFix it
2015-03-10WordPress Daily Edition 1.6.2 File UploadPublishedFix it
2015-03-07WordPress Download Manager 2.7.2 Privilege EscalationPublishedFix it
2015-03-07WordPress Download Manager 2.7.2 Privilege EscalationPublishedFix it
2015-03-05WordPress Plugin <= 1.0.10 Remote SQL Injection VulnerabilityPublishedFix it
2015-03-05WordPress Newsletter 2.6.x / 2.5.x Open RedirectPublishedFix it
2015-03-05WordPress Max Banner Ads 1.9 Cross Site ScriptingPublishedFix it
2015-03-04WordPress Webdorado Spider Event Calendar <= 1.4.9 SQL InjectionPublishedFix it
2015-03-03WordPress WP All 3.2.3 Shell UploadPublishedFix it
2015-03-03WordPress Photocrati Theme 4.x.x SQL InjectionPublishedFix it
2015-03-03WordPress Calculated Fields Form 1.0.10 SQL InjectionPublishedFix it
2015-02-28WordPress Media Cleaner 2.2.6 Cross Site ScriptingPublishedFix it
2015-02-25WordPress force download Local File DownloadPublishedFix it
2015-02-24WordPress Webdorado Spider Event Calendar 1.4.9 SQL InjectionPublishedFix it
2015-02-24WordPress Easy Social Icons 1.2.2 CSRF / XSSPublishedFix it
2015-02-24WordPress Holding Pattern Theme Arbitrary File UploadPublishedFix it
2015-02-24WordPress Easy Social Icons Plugin 1.2.2 CSRF VulnerabilityPublishedFix it
2015-02-19WordPress Duplicator 0.5.8 Privilege EscalationPublishedFix it
2015-02-18WordPress Image Metadata Cruncher CSRF / XSSPublishedFix it
2015-02-17WordPress Image Metadata Cruncher Cross Site ScriptingPublishedFix it
2015-02-17WordPress Fusion 3.1 Arbitrary File UploadPublishedFix it
2015-02-15WordPress Photo Gallery 1.2.5 Unrestricted File UploadPublishedFix it
2015-02-15WordPress Fusion 1.9.1 Arbitrary File UploadPublishedFix it
2015-02-14WordPress Survey And Poll 1.1.7 Blind SQL InjectionPublishedFix it
2015-02-14WordPress Failed Randomness on WindowsPublishedFix it
2015-02-12WordPress Video Gallery 2.7.0 SQL Injection VulnerabilityPublishedFix it
2015-02-12WordPress Survey and Poll Plugin 1.1 Blind SQL InjectionPublishedFix it
2015-02-12WordPress Video Gallery 2.7 SQL InjectionPublishedFix it
2015-02-12WordPress Ninja Forms 2.8.8 Cross Site ScriptingPublishedFix it
2015-02-10WordPress Holding Pattern 0.6 Shell UploadPublishedFix it
2015-02-10WordPress WP EasyCart Unrestricted File UploadPublishedFix it
2015-02-10WordPress Theme Divi Arbitrary File Download VulnerabilityPublishedFix it
2015-02-10WordPress Cart66 Lite 1.5.4 Cross Site ScriptingPublishedFix it
2015-02-10WordPress Contact Form DB 2.8.26 Cross Site ScriptingPublishedFix it
2015-02-10WordPress Acobot Live Chat And Contact Form 2.0 CSRF / XSSPublishedFix it
2015-02-10WordPress WPLMS 1.8.4.1 Privilege EscalationPublishedFix it
2015-02-04WordPress Pixabay Images PHP Code UploadPublishedFix it
2015-02-04WordPress Platform Theme Remote Code ExecutionPublishedFix it
2015-02-04WordPress Photo Gallery Plugin 1.2.5 Unrestricted File UploadPublishedFix it
2015-02-03WordPress Quasar Theme 1.9.1 Privilege EscalationPublishedFix it
2015-01-27WordPress Revolution Slider Local File DisclosurePublishedFix it
2015-01-26WordPress RedSteel Theme Arbitrary File Download VulnerabilityPublishedFix it
2015-01-21WordPress Pixarbay Images Plugin 2.3 Multiple VulnerabilitiesPublishedFix it
2015-01-20WordPress CIP4 Folder Download 1.10 Local File InclusionPublishedFix it
2015-01-20WordPress Pixarbay Images 2.3 XSS / Bypass / Upload / TraversalPublishedFix it
2015-01-20WordPress Bretheon Theme Arbitrary File DownloadPublishedFix it
2015-01-15WordPress Simple Security 1.1.5 Cross Site ScriptingPublishedFix it
2015-01-14WordPress Photo Gallery Unauthenticated SQL Injection User EnumerationPublishedFix it
2015-01-13WordPress Pods 2.4.3 CSRF / Cross Site ScriptingPublishedFix it
2015-01-13WordPress WP Symposium 14.11 Shell UploadPublishedFix it
2015-01-10WordPress slideoptinprox Plugin Cross site scripting vulnerabilityPublishedFix it
2015-01-09WordPress Shopping Cart 3.0.4 Unrestricted File UploadPublishedFix it
2015-01-09WordPress Shopping Cart 3.0.4 Unrestricted File UploadPublishedFix it
2015-01-06WordPress Banner Effect Header 1.2.6 XSS / CSRFPublishedFix it
2015-01-05WordPress Email newsletter 20.9 Cross Site ScriptingPublishedFix it
2015-01-05WordPress Email 1.1 Cross Site ScriptingPublishedFix it
2015-01-05WordPress WP EMail 2.64 Cross Site ScriptingPublishedFix it
2015-01-05WordPress sumome 1.6 Cross Site ScriptingPublishedFix it
2014-12-31WordPress 4.1 XSS & CSRF Web VulnerabilityPublishedFix it
2014-12-30WordPress Frontend Uploader 0.9.2 Cross Site ScriptingPublishedFix it
2014-12-30WordPress Dmsguestbook Unauthenticated Data InjectionPublishedFix it
2014-12-29WordPress RevSlider Plugin LFDPublishedFix it
2014-12-28WordPress Frontend Uploader Cross Site Scripting(XSS)PublishedFix it
2014-12-25WordPress Themes download.php File DisclosurePublishedFix it
2014-12-19WordPress PictoBrowser 0.3.1 CSRF / XSSPublishedFix it
2014-12-19WordPress twimp wp Cross Site Request Forgery / Cross Site ScriptingPublishedFix it
2014-12-19WordPress TweetScribe 1.1 CSRF / XSSPublishedFix it
2014-12-19WordPress Twitter LiveBlog 1.1.2 CSRF / XSSPublishedFix it
2014-12-19WordPress PWG Random 1.11 CSRF / XSSPublishedFix it
2014-12-19WordPress WP Limit Posts Automatically 0.7 CSRF / XSSPublishedFix it
2014-12-19WordPress iTwitter 0.04 Cross Site Request Forgery / Cross Site ScriptingPublishedFix it
2014-12-19WordPress Twitter 0.7 CSRF / XSSPublishedFix it
2014-12-19WordPress Simplelife 1.2 CSRF / XSSPublishedFix it
2014-12-19WordPress gSlideShow 0.1 CSRF / XSSPublishedFix it
2014-12-19WordPress SimpleFlickr 3.0.3 CSRF / XSSPublishedFix it
2014-12-18WordPress Bird Feeder 1.2.3 CSRF / XSSPublishedFix it
2014-12-17WordPress A.F.D. Theme Echelon Arbitrary File DownloadPublishedFix it
2014-12-16WordPress Wp Symposium 14.11 Unauthenticated Shell Upload ExploitPublishedFix it
2014-12-16WordPress O2Tweet 0.0.4 CSRF / XSSPublishedFix it
2014-12-15WordPress Wp Symposium 14.11 Unauthenticated Shell Upload ExploitPublishedFix it
2014-12-13WordPress Sliding Social Icons 1.61 CSRF / XSSPublishedFix it
2014-12-13WordPress WP Construction Mode 1.91 XSSPublishedFix it
2014-12-13WordPress Timed Popup 1.3 CSRF / XSSPublishedFix it
2014-12-11WordPress Ajax Store Locator 1.2 Arbitrary File DownloadPublishedFix it
2014-12-09WordPress Ajax Store Locator 1.2 Arbitrary File DownloadPublishedFix it
2014-12-04WordPress Ecommerce 1.5.1.17 Blind SQL InjectionPublishedFix it
2014-12-04WordPress CM Download Manager 2.0.6 XSS / CSRFPublishedFix it
2014-12-04Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL InjectionPublishedFix it
2014-12-03WordPress CM Download Manager Plugin 2.0.0 Code InjectionPublishedFix it
2014-12-03WordPress Nextend Facebook Connect Plugin 1.4.59 XSS VulnerabilityPublishedFix it
2014-12-03WordPress <= v4.0 Denial of Service ExploitPublishedFix it
2014-12-03WordPress <= v4.0 Denial of ServicePublishedFix it
2014-12-02WordPress < 4.0.1 Denial of ServicePublishedFix it
2014-12-02WordPress <=4.0 Denial of Service ExploitPublishedFix it
2014-12-01WordPress Ad Manager 1.1.2 Open RedirectPublishedFix it
2014-11-27WordPress db backup plugin File Download VulnerabilityPublishedFix it
2014-11-27WordPress HTML 5 MP3 Player with Playlist Plugin Full Path DisclosurePublishedFix it
2014-11-27WordPress Html5 Mp3 Player Full Path DisclosurePublishedFix it
2014-11-27WordPress Sexy Squeeze Pages Cross Site ScriptingPublishedFix it
2014-11-26WordPress wpDataTables Plugin 1.5.3 SQL Injection VulnerabilityPublishedFix it
2014-11-26WordPress wpDataTables Plugin 1.5.3 Unauthenticated Shell Upload VulnerabilityPublishedFix it
2014-11-26WordPress Google Document Embedder 2.5.14 SQL InjectionPublishedFix it
2014-11-25WordPress WP DB Backup 2.2.4 Backup TheftPublishedFix it
2014-11-25WordPress wpDataTables 1.5.3 Shell UploadPublishedFix it
2014-11-25WordPress wpDataTables 1.5.3 SQL InjectionPublishedFix it
2014-11-23WordPress SP Client Document Manager 2.4.1 SQL InjectionPublishedFix it
2014-11-21WordPress CM Download Manager 2.0.0 Code InjectionPublishedFix it
2014-11-21WordPress 3.9.2 Cross Site ScriptingPublishedFix it
2014-11-14WordPress SupportEzzy Ticket System 1.2.5 Cross Site ScriptingPublishedFix it
2014-11-13WordPress SupportEzzy Ticket System Plugin 1.2.5 Stored XSS VulnerabilityPublishedFix it
2014-11-11Another WordPress Classifieds Cross Site Scripting / SQL InjectionPublishedFix it
2014-11-11WordPress/Joomla! Plugin Multiple VulnerabilitiesPublishedFix it
2014-11-11WordPress Classifieds Plugin SQL InjectionPublishedFix it
2014-11-07Joomla/WordPress XCloner Command Execution / Password DisclosurePublishedFix it
2014-11-06WordPress Bulletproof Security .51 XSS / SQL Injection / SSRFPublishedFix it
2014-11-05WordPress Clean And Simple Contact Form 4.4.0 XSSPublishedFix it
2014-11-05WordPress Wordfence Firewall 5.1.2 Cross Site ScriptingPublishedFix it
2014-10-28WordPress CP Multi View Event Calendar 1.01 SQL InjectionPublishedFix it
2014-10-27WordPress Download Manager Plugin Arbitrary File DownloadPublishedFix it
2014-10-27WordPress Count per Day Plugin (notes.php) Remote Code UploadPublishedFix it
2014-10-27WordPress gallery bank Plugin Upload VulnerabilityPublishedFix it
2014-10-25WordPress 0.9.7 and Joomla 2.0.0) Shell Upload VulnerabilityPublishedFix it
2014-10-25WordPress HTML5 and FLash PLayer Plugin SQL InjectionPublishedFix it
2014-10-25WordPress HT Poi Plugin Remote File Upload (RFU)PublishedFix it
2014-10-24WordPress CP Multi View Event Calendar 1.01 SQL InjectionPublishedFix it
2014-10-24WordPress / Joomla Creative Contact Form 0.9.7 Shell UploadPublishedFix it
2014-10-22WordPress Database Manager 2.7.1 Command Injection / Credential LeakPublishedFix it
2014-10-16WordPress MaxButtons 1.26.0 Cross Site ScriptingPublishedFix it
2014-10-16WordPress WP Google Maps 6.0.26 Cross Site ScriptingPublishedFix it
2014-10-10WordPress Google Calendar Events 2.0.1 Cross Site ScriptingPublishedFix it
2014-10-10WordPress Contact Form DB 2.8.13 Cross Site ScriptingPublishedFix it
2014-10-10WordPress EWWW Image Optimizer 2.0.1 Cross Site ScriptingPublishedFix it
2014-10-10WordPress InfusionSoft Plugin Upload VulnerabilityPublishedFix it
2014-10-09WordPress InfusionSoft UploadPublishedFix it
2014-10-08WordPress Slideshow Gallery 1.4.6 Shell Upload (Python Exploit)PublishedFix it
2014-10-06WordPress BulletProof Security 50.8 Script InsertionPublishedFix it
2014-10-02WordPress Photo Gallery 1.1.30 Cross Site ScriptingPublishedFix it
2014-10-02WordPress Content Audit 1.6 Blind SQL InjectionPublishedFix it
2014-10-01WordPress All In One Security And Firewall 3.8.3 XSSPublishedFix it
2014-09-26WordPress All In One WP Security Plugin 3.8.2 SQL InjectionPublishedFix it
2014-09-25WordPress Login Widget With Shortcode 3.1.1 Multiple VulnerabilitiesPublishedFix it
2014-09-18WordPress Login Widget With Shortcode 3.1.1 CSRF / XSSPublishedFix it
2014-09-18WordPress WP Ban 1.62 BypassPublishedFix it
2014-09-16WordPress Wordfence 5.2.3 Cross Site Scripting / BypassPublishedFix it
2014-09-13WordPress Photo Album Plus 5.4.4 Cross Site ScriptingPublishedFix it
2014-09-12WordPress Trinity Theme Arbitrary File DownloadPublishedFix it
2014-09-11WordPress WP Support Plus Responsive Ticket System 2.0 Plugin Multiple VulnerabilitiesPublishedFix it
2014-09-09WordPress Authentic Theme Arbitrary File Download VulnerabilityPublishedFix it
2014-09-09WordPress Antioch Arbitrary File DownloadPublishedFix it
2014-09-09WordPress Like Dislike Counter 1.2.3 Plugin SQL Injection VulnerabilityPublishedFix it
2014-09-09WordPress Acento Theme (view pdf.php, file param) Arbitrary File DownloadPublishedFix it
2014-09-09WordPress Bulk Delete Users by Email Plugin 1.0 CSRFPublishedFix it
2014-09-09WordPress epic theme Arbitrary File Download VulnerabilityPublishedFix it
2014-09-07WordPress Like Dislike Counter Plugin SQL Injection VulnerabilityPublishedFix it
2014-09-07WordPress NativeChurch theme Arbitrary File Download VulnerabilityPublishedFix it
2014-09-07WordPress lote27 theme Arbitrary File Download VulnerabilityPublishedFix it
2014-09-07WordPress FR0 theme theme Arbitrary File Download VulnerabilityPublishedFix it
2014-09-07WordPress acento theme Arbitrary File Download VulnerabilityPublishedFix it
2014-09-06WordPress Plugins Premium Gallery Manager Unauthenticated Configuration Access VulnerabilityPublishedFix it
2014-09-04WordPress Advanced Access Manager 2.8.2 File Write / Code ExecutionPublishedFix it
2014-09-03WordPress Huge IT Image Gallery 1.0.1 Authenticated SQL InjectionPublishedFix it
2014-09-03WordPress Huge IT Image Gallery 1.0.0 SQL InjectionPublishedFix it
2014-09-02WordPress Themes (admin ajax.php, img param) Arbitrary File DownloadPublishedFix it
2014-09-02WordPress Slideshow Gallery Plugin 1.4.6 Shell Upload VulnerabilityPublishedFix it
2014-09-02WordPress CuckooTap Theme & eShop Arbitrary File DownloadPublishedFix it
2014-08-29WordPress ShortCode Plugin 1.1 Local File Inclusion VulnerabilityPublishedFix it
2014-08-28WordPress ShortCode 1.1 Local File InclusionPublishedFix it
2014-08-27WordPress WPtouch Mobile 3.4.5 Shell UploadPublishedFix it
2014-08-26WordPress KenBurner Slider Arbitrary File DownloadPublishedFix it
2014-08-21WordPress Mobile Pack 2.0.1 Information DisclosurePublishedFix it
2014-08-21WordPress All In One SEO Pack 2.2.2 Cross Site ScriptingPublishedFix it
2014-08-19WordPress 3.9.1 pluggable.php CSRF vulnerabilityPublishedFix it
2014-08-19WordPress Disqus 2.7.7 Cross Site Request ForgeryPublishedFix it
2014-08-15WordPress 2.7.5 Admin Stored CSRF and XSSPublishedFix it
2014-08-13WordPress 3.9 XMLRPC Denial of Service ExploitPublishedFix it
2014-08-13WordPress CK And SyntaxHighLighter Arbitrary File UploadPublishedFix it
2014-08-13WordPress Disqus 2.7.5 CSRF / Cross Site ScriptingPublishedFix it
2014-08-12WordPress 3.9 and Drupal 7.x Denial Of Service Vulnerability *videoPublishedFix it
2014-08-12WordPress GB Gallery Slideshow 1.5 SQL Injection *youtubePublishedFix it
2014-08-12WordPress Js plupload Cross Site ScriptingPublishedFix it
2014-08-08WordPress 3.9.2 /xmlrpc.php pocPublishedFix it
2014-08-08WordPress WPSS 0.62 SQL InjectionPublishedFix it
2014-08-08WordPress WPSS 0.62 Cross Site ScriptingPublishedFix it
2014-08-05WordPress MyBand Theme Cross Site ScriptingPublishedFix it
2014-08-04WordPress Gamespeed Theme Cross Site ScriptingPublishedFix it
2014-08-04WordPress Gmedia Gallery 1.2.1 Shell UploadPublishedFix it
2014-08-03WordPress SI CAPTCHA Anti Spam Plugin Cross site scriptingPublishedFix it
2014-08-02WordPress Spider Video Player plugin Cross site scriptingPublishedFix it
2014-07-30WordPress WhyDoWork AdSense 1.2 XSS / CSRFPublishedFix it
2014-07-29WordPress FBGorilla SQL InjectionPublishedFix it
2014-07-29WordPress Lead Octopus Power SQL InjectionPublishedFix it
2014-07-29WordPress Slider Revolution Responsive 4.1.4 File DownloadPublishedFix it
2014-07-25WordPress Video Gallery Plugin 2.5 Multiple VulnerabilitiesPublishedFix it
2014-07-25WordPress Video Gallery 2.5 Cross Site Scripting / SQL InjectionPublishedFix it
2014-07-22WordPress Gallery Objects 0.4 SQL InjectionPublishedFix it
2014-07-16WordPress WPTouch Authenticated File UploadPublishedFix it
2014-07-15WordPress Tidio Gallery 1.1 Shell Upload / XSSPublishedFix it
2014-07-15WordPress CopySafe PDF Protection 0.6 Shell UploadPublishedFix it
2014-07-14DZS Video Gallery for WordPress XSS, FPD and RCE vulnerabilitiesPublishedFix it
2014-07-13WordPress Download Manager 2.6.8 Shell UploadPublishedFix it
2014-07-10WordPress BSK PDF Manager 1.3.2 SQL InjectionPublishedFix it
2014-07-07WordPress NextGEN Gallery 2.0.63 Shell UploadPublishedFix it
2014-07-07WordPress MailPoet (wysija newsletters) Unauthenticated File UploadPublishedFix it
2014-07-02WordPress blogstand smart banner.1.0 Cross Site ScriptingPublishedFix it
2014-06-29WordPress ml slider 2.5 Cross Site ScriptingPublishedFix it
2014-06-29WordPress wp construction mode.1.8 Cross Site ScriptingPublishedFix it
2014-06-28WordPress Simple Share Buttons Adder Plugin 4.4 Multiple VulnerabilitiesPublishedFix it
2014-06-27WordPress Simple Share Buttons Adder 4.4 CSRF / XSSPublishedFix it
2014-06-26WordPress TimThumb 2.8.13 WebShot Remote Code Execution (0 day)PublishedFix it
2014-06-23WordPress 3.9.1 CSRF vulnerabilityPublishedFix it
2014-06-21WordPress 3.9.1 CSRF vulnerabilitiesPublishedFix it
2014-06-09WordPress Theme Elegance Post Local File DisclosurePublishedFix it
2014-06-09WordPress Theme Infocus Post Local File DisclosurePublishedFix it
2014-06-03WordPress Participants Database 1.5.4.8 SQL InjectionPublishedFix it
2014-06-02WordPress Participants Database 1.5.4.8 SQL InjectionPublishedFix it
2014-06-02WordPress Popup Images Cross Site ScriptingPublishedFix it
2014-06-02WordPress iMember360is 3.9.001 XSS Disclosure Code ExecutionPublishedFix it
2014-05-30WordPress DZS Video Gallery Cross Site Scripting / Content SpoofingPublishedFix it
2014-05-23WordPress bib2html 0.9.3 Cross Site ScriptingPublishedFix it
2014-05-23WordPress Conversion Ninja Cross Site ScriptingPublishedFix it
2014-05-22WordPress Booking System SQL InjectionPublishedFix it
2014-05-22WordPress Simple Popup Cross Site ScriptingPublishedFix it
2014-05-14WordPress Formidable Forms Remote Code ExecutionPublishedFix it
2014-05-13WordPress Bonuspressx Plugin Cross Site ScriptingPublishedFix it
2014-05-08WordPress Photo Gallery Cross Site Request ForgeryPublishedFix it
2014-05-02WordPress leaflet maps marker plugin SQL Injection VulnerabilityPublishedFix it
2014-05-02WordPress plugin EZPZ One Click Backup Command InjectionPublishedFix it
2014-04-29WordPress iMember360 Plugin 3.8.012 3.9.001 Multiple VulnerabilitiesPublishedFix it
2014-04-28WordPress Work The Flow 1.2.1 Shell UploadPublishedFix it
2014-04-28NextCellent Gallery 1.9.13 WordPress plugin XSSPublishedFix it
2014-04-25WordPress Work The Flow Plugin 1.2.1 Arbitrary File UploadPublishedFix it
2014-04-22WordPress Themes Theagency File Upload VulnerabilityPublishedFix it
2014-04-22WordPress JS External Link Info Cross Site ScriptingPublishedFix it
2014-04-21WordPress File Disclosure VulnerabilityPublishedFix it
2014-04-17WordPress JetpackPublishedFix it
2014-04-17WordPress Unconfirmed Plugin 's'PublishedFix it
2014-04-15WordPress Quick Page/Post Redirect Plugin 5.0.3 Multiple VulnerabilitiesPublishedFix it
2014-04-15WordPress Twitget Plugin 3.3.1 Multiple VulnerabilitiesPublishedFix it
2014-04-15WordPress LineNity Local File InclusionPublishedFix it
2014-04-15WordPress Theme LineNity 1.20 Local File InclusionPublishedFix it
2014-04-14WordPress HK Exif TagsEXIFPublishedFix it
2014-04-14WordPress Theme LineNity LFIPublishedFix it
2014-04-08WordPress Maps Marker ProPublishedFix it
2014-04-05WordPress XCloner Plugin 3.1.0 CSRF VulnerabilityPublishedFix it
2014-04-03WordPress XCloner 3.1.0 Cross Site Request ForgeryPublishedFix it
2014-04-02WordPress Disable CommentsPublishedFix it
2014-04-02WordPress GD Star RatingPublishedFix it
2014-04-01WordPress Ajax Pagination'admin ajax.php'PublishedFix it
2014-04-01WordPress HTML Sitemap'inc/AdminPage.php'PublishedFix it
2014-04-01WordPress Ajax Pagination Plugin 1.1 Local File InclusionPublishedFix it
2014-03-29WordPress Business Intelligence 1.0.6 Shell UploadPublishedFix it
2014-03-26WordPress 3.8.1 /xmlrpc.phpPublishedFix it
2014-03-21WordPress WP Filebase Download ManagerPublishedFix it
2014-03-20WordPress User Domain WhitelistPublishedFix it
2014-03-19WordPress Subscribe To Comments ReloadedPublishedFix it
2014-03-19WordPress XClonerPublishedFix it
2014-03-14WordPress LayerSliderPublishedFix it
2014-03-13WordPress WP SlimStatURLPublishedFix it
2014-03-11WordPress plugin LayerSlider WP Version 4.6.1 Directory Traversal CSRFPublishedFix it
2014-03-07WordPress Welcart e CommerceSQLPublishedFix it
2014-03-07WordPress The Cotton ThemePublishedFix it
2014-03-07WordPress Premium Gallery Manager Shell UploadPublishedFix it
2014-03-06WordPress BSK PDF ManagerPublishedFix it
2014-03-06WordPress Relevanssi"category name" SQLPublishedFix it
2014-03-06WordPress Post to PDF 'options.php'PublishedFix it
2014-03-06WordPress Barclaycart Shell UploadPublishedFix it
2014-03-06WordPress PrintFriendly'options.php'PublishedFix it
2014-03-06WordPress VideoWhisper Live Streaming IntegrationPublishedFix it
2014-03-06WordPress VideoWhisper Live Streaming IntegrationPublishedFix it
2014-03-06WordPress Alpine PhotoTile for InstagramPublishedFix it
2014-03-06WordPress VideoWhisper Live Streaming IntegrationPublishedFix it
2014-03-05WordPress Google Analytics MUPublishedFix it
2014-03-04WordPress thecotton Themes Remote File Upload VulnerabilityPublishedFix it
2014-03-04WordPress MP3 jPlayerPublishedFix it
2014-03-04WordPress plugin Google Analytics MU 2.3 CSRFPublishedFix it
2014-03-03WordPress VideoWhisper Live Streaming IntegrationPublishedFix it
2014-03-03WordPress Sixtees Shell UploadPublishedFix it
2014-03-01WordPress VideoWhisper 4.27.3 Multiple VulnerabilitiesPublishedFix it
2014-02-28WordPress Feedweb Plugin ' wp http referer'PublishedFix it
2014-02-28WordPress Easy Media GalleryPublishedFix it
2014-02-28WordPress Thank You Counter ButtonPublishedFix it
2014-02-27WordPress VideoWhisper Live Streaming 4.29.6 Cross Site ScriptingPublishedFix it
2014-02-27WordPress Alpine PhotoTile For Instagram 1.2.6.5 XSSPublishedFix it
2014-02-27WordPress BSK PDF Manager 1.3 Cross Site ScriptingPublishedFix it
2014-02-27WordPress mp3 jplayer 1.8.7 Cross Site ScriptingPublishedFix it
2014-02-27WordPress PrintFriendly 3.3.7 Cross Site ScriptingPublishedFix it
2014-02-27WordPress Widget Control 1.0.1 Cross Site ScriptingPublishedFix it
2014-02-26WordPress EasyMedia Gallery 1.2.29 Cross Site ScriptingPublishedFix it
2014-02-26WordPress Thanks You Counter Button 1.8.7 Cross Site ScriptingPublishedFix it
2014-02-26WordPress Zedity 2.4.0 Cross Site ScriptingPublishedFix it
2014-02-25WordPress Media File RenamerHTMLPublishedFix it
2014-02-24WordPress DZS VideoGalleryajax.phpPublishedFix it
2014-02-24WordPress AdRotate'clicktracker.php'SQLPublishedFix it
2014-02-24Media File Renamer V1.7.0 wordpress plugin XSSPublishedFix it
2014-02-23WordPress AdRotate Plugin 3.9.4 (clicktracker.php, track param) SQL InjectionPublishedFix it
2014-02-20WordPress BP Group Documents Plugin 1.2.1 Multiple VulnerabilitiesPublishedFix it
2014-02-19WordPress NextGEN GalleryPublishedFix it
2014-02-19WordPress BP Group DocumentsPublishedFix it
2014-02-18WordPress Buddypress'name'HTMLPublishedFix it
2014-02-17WordPress WP Password Plugin XSS VulnerabilityPublishedFix it
2014-02-15WordPress Plugin Acunetix WP Security Make Backup CSRFPublishedFix it
2014-02-15WordPress Plugin Better WP Security multiple vulnerabilityPublishedFix it
2014-02-14WordPress Buddypress 1.9.1 Privilege EscalationPublishedFix it
2014-02-14WordPress Buddypress 1.9.1 Cross Site ScriptingPublishedFix it
2014-02-13WordPress Kiddo Theme "uploadify.php"PublishedFix it
2014-02-12WordPress Frontend UploadPublishedFix it
2014-02-12WordPress Frontend Upload Plugin Arbitrary File UploadPublishedFix it
2014-02-07WordPress Dandelion Theme Shell UploadPublishedFix it
2014-02-03WordPress 3.3.1+dfsg 1 Media Library Persistent XSSPublishedFix it
2014-01-31WordPress amerisale re Remote Shell UploadPublishedFix it
2014-01-30WordPress amerisale re Arbitrary File Upload VulnerabilityPublishedFix it
2014-01-30WordPress Photocrati Cross Site ScriptingPublishedFix it
2014-01-28WordPress Infocus Theme Cross Site ScriptingPublishedFix it
2014-01-28WordPress Seo Link Rotator Cross Site ScriptingPublishedFix it
2014-01-28WordPress SS Downloads Cross Site ScriptingPublishedFix it
2014-01-26WordPress anti plagiarism Cross Site Scripting VulnerabilityPublishedFix it
2014-01-24WordPress E Commerce 3.8.9.5 File Upload / XSS / CSRF / Code ExecutionPublishedFix it
2014-01-22WordPress global flash galleriesPublishedFix it
2014-01-21WordPress Global Flash Galleries File UploadPublishedFix it
2014-01-20WordPress social ring Cross Site ScriptingPublishedFix it
2014-01-17WordPress DT ChocolatePublishedFix it
2014-01-14WordPress DT Chocolate Cross Site ScriptingPublishedFix it
2014-01-10WordPress NextGen GalleryPublishedFix it
2014-01-09WordPress WP Members 2.8.9 Cross Site ScriptingPublishedFix it
2014-01-08WordPress IntouchPublishedFix it
2014-01-07WordPress Foliopress WYSIWYGPublishedFix it
2014-01-07WordPress Page Layout Builder"layout settings id"PublishedFix it
2014-01-07WordPress Zingiri Web ShopPublishedFix it
2014-01-07WordPress WordPress ConnectPublishedFix it
2014-01-06WordPress Custom Website DataPublishedFix it
2014-01-05WordPress intouch Cross Site Scripting VulnerabilityPublishedFix it
2014-01-02WordPress 'download file.php'PublishedFix it
2014-01-02WordPress 2.0.11 CSRF in options discussion.phpPublishedFix it
2013-12-31WordPress dzs videogallery plugin Cross site scripting VulnerabilityPublishedFix it
2013-12-30WordPress formcraft Plugin Sql InjectionPublishedFix it
2013-12-27WordPress Ad ministerPublishedFix it
2013-12-27WordPress WP Cron DashboardPublishedFix it
2013-12-27WordPress Ad minister 0.6 Cross Site ScriptingPublishedFix it
2013-12-27WordPress AskApache Firefox AdsensePublishedFix it
2013-12-26WordPress Persuasion 'dl skin.php'PublishedFix it
2013-12-25WordPress Recommend to a friend plugin Cross site scriptingPublishedFix it
2013-12-23WordPress WP EZLead Pro plugin Cross site scriptingPublishedFix it
2013-12-23WordPress information leakage and backdoor in writing settingsPublishedFix it
2013-12-20WordPress cevhershare plugin Cross site scripting VulnerabilityPublishedFix it
2013-12-20WordPress URL Redirector Abuse and XSS vulnerabilitiesPublishedFix it
2013-12-17WordPress OptimizePressPublishedFix it
2013-12-12WordPress Formcraft Plugin SQL Injection VulnerabilityPublishedFix it
2013-12-09WordPress Download Manager Free & Pro 2.5.8 Persistent Cross Site ScriptingPublishedFix it
2013-12-08WordPress Page Flip Image Gallery Shell UploadPublishedFix it
2013-12-08WordPress DZS Video Gallery 3.1.3 Remote File DisclosurePublishedFix it
2013-12-07WordPress page flip image gallery plugins Remote File UploadPublishedFix it
2013-12-06WordPress Plugin DZS Video Gallery 3.1.3 Remote and Local File Disclosure VulnerabilityPublishedFix it
2013-12-06WordPress Easy Career Openings SQL InjectionPublishedFix it
2013-12-03WordPress Js Multi Hotel 2.2.1 Cross Site ScriptingPublishedFix it
2013-12-03WordPress Blooog 1.1 jplayer.swf Cross Site ScriptingPublishedFix it
2013-12-03WordPress OptimizePress Theme File UploadPublishedFix it
2013-12-02WordPress Folo Theme Cross Site ScriptingPublishedFix it
2013-12-02WordPress Orange Themes CSRF File Upload VulnerabilityPublishedFix it
2013-12-01WordPress dzs videogallery Plugins Remote File Upload VulnerabilityPublishedFix it
2013-11-28WordPress optinfirex plugin Cross site scriptingPublishedFix it
2013-11-28WordPress amerisale re plugin Cross site scriptingPublishedFix it
2013-11-26WordPress Elemin Shell UploadPublishedFix it
2013-11-26WordPress Contact Form 7 3.5.2 Shell UploadPublishedFix it
2013-11-26WordPress Blogfolio Shell UploadPublishedFix it
2013-11-26WordPress Folo Shell UploadPublishedFix it
2013-11-26WordPress Blogggie Shell UploadPublishedFix it
2013-11-26WordPress Pinboard Shell UploadPublishedFix it
2013-11-22WordPress capturapro Plugin Cross site scriptingPublishedFix it
2013-11-21WordPress iThemes2 Shell UploadPublishedFix it
2013-11-21WordPress Suco Shell UploadPublishedFix it
2013-11-21WordPress Pretty Photo Cross Site ScriptingPublishedFix it
2013-11-19WordPress Tweet Blender 4.0.1 Cross Site ScriptingPublishedFix it
2013-11-19WordPress Project 10 Themes Remote File Upload VulnerabilityPublishedFix it
2013-11-18WordPress Euclid Theme CSRF VulnerabilityPublishedFix it
2013-11-18WordPress Dimension Cross Site Request ForgeryPublishedFix it
2013-11-18WordPress Dimension Theme CSRF VulnerabilityPublishedFix it
2013-11-18WordPress Euclid Cross Site Request ForgeryPublishedFix it
2013-11-18WordPress Amplus Theme CSRF VulnerabilityPublishedFix it
2013-11-18WordPress Make A Statement (MaS) Theme CSRF VulnerabilityPublishedFix it
2013-11-18WordPress Make A Statement Cross Site Request ForgeryPublishedFix it
2013-11-18WordPress Highlight Premium Theme CSRF File Upload VulnerabilityPublishedFix it
2013-11-18WordPress Amplus Cross Site Request ForgeryPublishedFix it
2013-11-12WordPress Highlight Premium Theme CSRF / Shell UploadPublishedFix it
2013-11-12WordPress Curvo Themes Arbitrary code executionPublishedFix it
2013-11-12WordPress Theme Kernel Arbitrary code executionPublishedFix it
2013-11-10WordPress Army Knife CSRF File Upload VulnerabilityPublishedFix it
2013-11-09WordPress Theme Kernel Shell UploadPublishedFix it
2013-11-09WordPress Theme Kernel Remote File Upload VulnerabilityPublishedFix it
2013-11-07WordPress Gallery Bank 2.0.19 Cross Site ScriptingPublishedFix it
2013-11-06WordPress plugin Gallery Bank 2.0.19 Reflected Cross Site ScriptingPublishedFix it
2013-11-05LBG Zoom In/Out Effect Slider for WordPress XSS and FPD vulnerabilitiesPublishedFix it
2013-11-05WordPress ThisWay Shell UploadPublishedFix it
2013-11-04WordPress fresh page plugin site scripting VulnerabilityPublishedFix it
2013-11-03WordPress Curvo Themes CSRF File Upload VulnerabilityPublishedFix it
2013-11-03WordPress Switchblade Themes Arbitrary File Upload VulnerabilityPublishedFix it
2013-11-03WordPress Think Responsive Themes Arbitrary File Upload VulnerabilityPublishedFix it
2013-11-01WordPress Cold Fusion theme Arbitrary File Upload VulnerabilityPublishedFix it
2013-10-30WordPress Curvo Shell UploadPublishedFix it
2013-10-30WordPress MoneyTheme Cross Site Scripting / Shell UploadPublishedFix it
2013-10-28WordPress GeoPlaces 4.x Shell UploadPublishedFix it
2013-10-28WordPress TimThumb Plugin Remote Code ExecutionPublishedFix it
2013-10-27WordPress SAICO theme Arbitrary File Upload VulnerabilityPublishedFix it
2013-10-24WordPress Area53 theme Arbitrary File Upload VulnerabilityPublishedFix it
2013-10-24WordPress e Commerce Payment Gateways Caller Local File InclusionPublishedFix it
2013-10-24WordPress DailyDeal Themes Shell Upload VulnerabillityPublishedFix it
2013-10-22WordPress videowall Plugin Xss vulnerabilitiesPublishedFix it
2013-10-22WordPress Themes WPLocalPlaces Upload VulnerabilityPublishedFix it
2013-10-19WordPress spreadsheet Plugin Cross site scriptingPublishedFix it
2013-10-19WordPress WooCommerce Plugin 2.0.17 Cross Site Scripting VulnerabilityPublishedFix it
2013-10-18WordPress WP Realty Plugin Blind SQL InjectionPublishedFix it
2013-10-18WordPress WP Realty Blind SQL InjectionPublishedFix it
2013-10-17WordPress Dexs PM System Cross Site ScriptingPublishedFix it
2013-10-16WordPress Plugin Authenticated Persistent XSS (0day)PublishedFix it
2013-10-16WordPress zingiri forum Plugin SQL Injection VulnerabilityPublishedFix it
2013-10-15WordPress 3.6 Crafted String URL Redirect Restriction BypassPublishedFix it
2013-10-15WordPress Cart66 Plugin 1.5.1.14 Multiple VulnerabilitiesPublishedFix it
2013-10-15WordPress Finalist Cross Site ScriptingPublishedFix it
2013-10-12WordPress Cart66 1.5.1.14 Cross Site Request Forgery / Cross Site ScriptingPublishedFix it
2013-10-11WordPress Simple Flash Video 1.7 Cross Site ScriptingPublishedFix it
2013-10-09WordPress Woopra plugin remote PHP arbitrary code execution exploit.PublishedFix it
2013-10-08WordPress Quick Contact Form Plugin 6.0 Persistent XSSPublishedFix it
2013-10-08WordPress Woopra Remote Code ExecutionPublishedFix it
2013-10-07WordPress Zoo Realty Plugin Cross site scripting VulnerabilityPublishedFix it
2013-10-04WordPress Semper Fi Cross Site ScriptingPublishedFix it
2013-10-04WordPress SEO Watcher Remote Code ExecutionPublishedFix it
2013-10-04WordPress Slimstat Ex Code ExecutionPublishedFix it
2013-10-03WordPress Social Hashtag 2.0.0 Cross Site ScriptingPublishedFix it
2013-09-29WordPress FireStorm Professional Real Estate Plugin Cross site scriptingPublishedFix it
2013-09-25WordPress simple forum Cross site scripting VulnerabilityPublishedFix it
2013-09-25WordPress lbg zoominoutslider Plugin Cross site scripting VulnerabilityPublishedFix it
2013-09-25WordPress Miniaudioplayer Cross Site ScriptingPublishedFix it
2013-09-25WordPress Sharebar 1.2.5 Cross Site ScriptingPublishedFix it
2013-09-24WordPress fGallery Plus Cross Site ScriptingPublishedFix it
2013-09-24WordPress Bradesco Gateway Cross Site ScriptingPublishedFix it
2013-09-24WordPress NOSpamPTI Plugin Blind SQL InjectionPublishedFix it
2013-09-23WordPress Lazy SEO plugin Shell Upload VulnerabilityPublishedFix it
2013-09-22WordPress Comment Attachment 1.0 <= Cross Site ScriptingPublishedFix it
2013-09-22WordPress NOSpamPTI 2.1 Blind SQL InjectionPublishedFix it
2013-09-20WordPress RokMicroNews 1.5 XSS & DoS & Shell UploadPublishedFix it
2013-09-20WordPress Page Showcaser Boxes 1.0 Cross Site ScriptingPublishedFix it
2013-09-19WordPress Plugin Complete Gallery Manager 3.3.3 Arbitrary File Upload VulnerabilityPublishedFix it
2013-09-19WordPress Complete Gallery Manager 3.3.3 File UploadPublishedFix it
2013-09-19WordPress RokIntroScroller 1.8 XSS / DoS / Disclosure / UploadPublishedFix it
2013-09-18WordPress RokNewsPager 1.17 Disclosure / Shell Upload / XSS / DoSPublishedFix it
2013-09-18WordPress RokStories 1.25 Disclosure / Shell Upload / XSS / DoSPublishedFix it
2013-09-16WordPressURLPublishedFix it
2013-09-16WordPress 'is serialized()'(CVE 2013 4338)PublishedFix it
2013-09-16WordPress /wp admin/includes/post.php user ID PublishedFix it
2013-09-16WordPress get allowed mime types(wp includes/functions.php)PublishedFix it
2013-09-12WordPress 3.6.1 PHP unserialization & Open Redirect & Privilege EscalationPublishedFix it
2013-09-09WordPress Event Easy Calendar 1.0.0 XSS / CSRF / Input ValidationPublishedFix it
2013-09-04WordPress IndiaNIC Testimonial Plugin Multiple VulnerabilitiesPublishedFix it
2013-09-04WordPress NextGen Smooth Gallery Cross Site ScriptingPublishedFix it
2013-09-02WordPress IndiaNIC Testimonial 2.2 XSS & CSRF & SQL InjectionPublishedFix it
2013-08-29WordPress Encrypted Blog 0.0.6.2 XSS & Open RedirectPublishedFix it
2013-08-29WordPress Wordfence 3.8.1 Cross Site ScriptingPublishedFix it
2013-08-29WordPress silverOrchid Cross Site ScriptingPublishedFix it
2013-08-27WordPress Post Gallery Cross Site ScriptingPublishedFix it
2013-08-27WordPress Simple Login Registration 1.0.1 Cross Site ScriptingPublishedFix it
2013-08-24WordPress videowhisper live streaming integration Plugin XSS vulnerabilitiesPublishedFix it
2013-08-22WordPress BackWPup 3.0.12 Cross Site ScriptingPublishedFix it
2013-08-13WordPress HMS Testimonials Plugin 2.0.10 Multiple VulnerabilitiesPublishedFix it
2013-08-12WordPress HMS Testimonials 2.0.10 XSS / CSRFPublishedFix it
2013-08-11WordPress Xhanch My Twitter(CVE 2013 3253)PublishedFix it
2013-08-09WordPress HMS Testimonials 2.0.10 XSS & CSRFPublishedFix it
2013-08-09WordPress Usernoise Plugin 3.7.8 Persistent XSS VulnerabilityPublishedFix it
2013-08-07WordPress Usernoise 3.7.8 Cross Site ScriptingPublishedFix it
2013-08-04WPtouch and WPtouch Pro for WordPress XSS and FPD vulnerabilitiesPublishedFix it
2013-08-03WordPress Better WP Security Plugin Stored XSSPublishedFix it
2013-07-26WordPress Duplicator 0.4.4 Cross Site ScriptingPublishedFix it
2013-07-23WordPress FlagEm Cross Site ScriptingPublishedFix it
2013-07-19WordPress WooCommerce 2.0.12 Cross Site ScriptingPublishedFix it
2013-07-18WordPress /wp admin/users.phpsPublishedFix it
2013-07-15WordPress Plugin Spicy Blogroll File Inclusion VulnerabilityPublishedFix it
2013-07-14WordPress Spicy Blogroll Plugin File Inclusion VulnerabilityPublishedFix it
2013-07-13WordPress I Love It XSS & Content Spoofing & Path DisclosurePublishedFix it
2013-07-09WordPress JS Restaurant SQL InjectionPublishedFix it
2013-07-09WordPress Search N Save XSS & Path DisclosurePublishedFix it
2013-07-03WordPress Feed SQL InjectionPublishedFix it
2013-07-03WordPress Category Grid View Gallery XSSPublishedFix it
2013-07-03WordPress 3.5.1 Cross Site ScriptingPublishedFix it
2013-07-01Xorbin Analog Flash Clock 1.0 For WordPress XSSPublishedFix it
2013-07-01Xorbin Digital Flash Clock 1.0 For WordPress XSSPublishedFix it
2013-07-01WordPress wp private messages SQL InjectionPublishedFix it
2013-06-30WordPress 3.5.1 crypt private()(CVE 2013 2173)PublishedFix it
2013-06-30WordPress Denial of Service .py exploitPublishedFix it
2013-06-21WordPress Slash WP theme XSS and Content Spoofing vulnerabilitiesPublishedFix it
2013-06-18WordPress Auction Plugin 1.0 CSRF VulnerabilityPublishedFix it
2013-06-18Ultimate WordPress Auction v1.0 Plugin CSRF VulnerabilityPublishedFix it
2013-06-12WordPress 3.5.1 Denial of Service ExploitPublishedFix it
2013-06-12WordPress 3.5.1 Denial of ServicePublishedFix it
2013-06-12WordPress WP SendSMS 1.0 CSRF / XSSPublishedFix it
2013-06-11WordPress Content SlidePublishedFix it
2013-06-11WordPress Ambience Cross Site ScriptingPublishedFix it
2013-06-11WordPress jobroller Reflected XSSPublishedFix it
2013-06-09WordPress nextgen gallery Cross Site ScriptingPublishedFix it
2013-06-07WordPress plugin uk cookie CSRFPublishedFix it
2013-06-03WordPress AntiVirus FPD and Security bypass vulnerabilitiesPublishedFix it
2013-06-01WordPress Plugin 'Feedweb 1.8.8' Cross site Scripting vulnerabilityPublishedFix it
2013-05-29WordPress wp banners lite Plugin Cross Site ScriptingPublishedFix it
2013-05-27WordPress User Role Editor CSRFPublishedFix it
2013-05-26WordPress milano Theme Cross Site ScriptingPublishedFix it
2013-05-21WordPress ProPlayer Plugin SQL InjectionPublishedFix it
2013-05-17WordPress plugin mail on update CSRFPublishedFix it
2013-05-17WordPress plugin wp cleanfix CSRFPublishedFix it
2013-05-16WordPress wp FileManager File DownloadPublishedFix it
2013-05-15WordPress Video JS Cross Site ScriptingPublishedFix it
2013-05-15WordPress Newsletter Plugin 3.2.6 (alert) Reflected XSS VulnerabilityPublishedFix it
2013-05-13WordPress Search and Share plugin vulnerabilitiesPublishedFix it
2013-05-13WordPress Securimage WP Plugin v3.2.4 URI based XSS VulnerabilityPublishedFix it
2013-05-07WordPress Advanced XML Reader 0.3.4 Plugin XXE 0day *youtubePublishedFix it
2013-05-02WordPress W3 Total Cache 0.9.2.8 PHP Code Execution exploitPublishedFix it
2013-05-02WordPress W3 Total Cache 0.9.2.8 Remote Code ExecPublishedFix it
2013-04-21WordPress theme Colormix Multiple vulnerabilitiesPublishedFix it
2013-04-12WordPress Catalog Plugin Xss VulnerabilityPublishedFix it
2013-04-11WordPress Spider Video Player plugin SQL InjectionPublishedFix it
2013-04-11WordPress Spider Video Player 2.1 SQL InjectionPublishedFix it
2013-04-09WordPress plugins fbsurveypro XSS VulnerabilityPublishedFix it
2013-04-08WordPress plugins kioskprox XSS VulnerabilityPublishedFix it
2013-04-07WordPress Trafficanalyzer Plugin XSS VulnerabilityPublishedFix it
2013-03-27WordPress videowhisper live streaming integration Plugin XSSPublishedFix it
2013-03-27WordPress plugin v3 level four storefront SQL injection VulnerabilityPublishedFix it
2013-03-27WordPress trafficanalyzer Plugin XSSPublishedFix it
2013-03-27WordPress plugin user photo file upload arbitrary PHP code executionPublishedFix it
2013-03-26WordPress Mathjax Latex 1.1 Cross Site Request ForgeryPublishedFix it
2013-03-25WordPress wp video commando Plugin XSSPublishedFix it
2013-03-23WordPress IndiaNIC FAQS Manager 1.0 XSS & CSRFPublishedFix it
2013-03-23WordPress IndiaNIC FAQS Manager 1.0 SQL InjectionPublishedFix it
2013-03-22Joomla Component com wordpress XSS VulnerabilityPublishedFix it
2013-03-20WordPress Count Per Day 3.2.5 XSSPublishedFix it
2013-03-20WordPress Occasions 1.0.4 Cross Site Request ForgeryPublishedFix it
2013-03-19WordPress LeagueManager'league id'SQLPublishedFix it
2013-03-19WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSSPublishedFix it
2013-03-17WordPress bp gallery plugin 1.2.5 Cross Site Scripting VulnerabilityPublishedFix it
2013-03-17WordPress o2s gallery plugin Cross Site Scripting VulnerabilityPublishedFix it
2013-03-17WordPress LeagueManager Plugin 3.8 SQL InjectionPublishedFix it
2013-03-17WordPress Image News slider plugin 3.5 Cross Site Scripting VulnerabilityPublishedFix it
2013-03-17WordPress WP e Commerce plugin 3.8.9.5 Cross Site Scripting VulnerabilityPublishedFix it
2013-03-15WordPress LeagueManager Plugin 3.8 SQL InjectionPublishedFix it
2013-03-15WordPress LeagueManager 3.8 SQL InjectionPublishedFix it
2013-03-12WordPress Terillion Reviews Cross Site ScriptingPublishedFix it
2013-03-11WordPress plugin snazzy archives XSS vulnerabilityPublishedFix it
2013-03-10WordPress plugins vulnerable to CVE 2013 1808PublishedFix it
2013-03-08WordPress Events Manager 5.3.3 Cross Site ScriptingPublishedFix it
2013-03-06WordPress Count Per Day 3.2.5 Cross Site ScriptingPublishedFix it
2013-03-05WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial Of ServicePublishedFix it
2013-03-05WordPress Caulk Path DisclosurePublishedFix it
2013-02-28WordPress Comment Rating 2.9.32 SQL Injection & BypassPublishedFix it
2013-02-27WordPress Comment Rating Plugin 2.9.32 Multiple VulnerabilitiesPublishedFix it
2013-02-25WordPress plugin smart flv jwplayer.swf XSSPublishedFix it
2013-02-21WordPress Pretty Link 1.6.3 Cross Site ScriptingPublishedFix it
2013-02-13WordPress Classipress Theme 3.1.4 Cross Site ScriptingPublishedFix it
2013-02-12WordPress simple flash video v2 plugin SQL InjectionPublishedFix it
2013-02-12WordPress wp forum server v2 plugin SQL InjectionPublishedFix it
2013-02-12WordPress podpress plugin v2 Plugin SQL InjectionPublishedFix it
2013-02-12WordPress Xhanch My Prayer Time plugin v2 Plugin SQL InjectionPublishedFix it
2013-02-12WordPress image news slider v3 Plugin SQL InjectionPublishedFix it
2013-02-12WordPress newscast Theme SQL InjectionPublishedFix it
2013-02-11WordPress smart map v2 Plugin SQL InjectionPublishedFix it
2013-02-11WordPress post2pdf converter v2 Plugin SQL InjectionPublishedFix it
2013-02-10WordPress plugin myftp ftp like plugin for wordpress 2 SQL InjectionPublishedFix it
2013-02-10WordPress theme pinboard 1.0.6 XSSPublishedFix it
2013-02-08WordPress Audio Player SWF Cross Site ScriptingPublishedFix it
2013-02-07WordPress Wysija Newsletters 2.2 SQL InjectionPublishedFix it
2013-02-07WordPress CommentLuv 2.92.3 Cross Site ScriptingPublishedFix it
2013-02-06WordPress wp forum plugin SQL InjectionPublishedFix it
2013-02-03WordPress theme Flash News Multiple vulnerabilitiesPublishedFix it
2013-02-03WordPress dt chocolate Theme Image Open redirectPublishedFix it
2013-02-03WordPress Gallery'load'PublishedFix it
2013-02-02WordPressSearch plugin SQL Injection VulnerabilityPublishedFix it
2013-02-01WordPress wp table reloaded plugin cross site scripting in SWFPublishedFix it
2013-02-01WordPress portfolio slideshow pro v3 Plugin SQL InjectionPublishedFix it
2013-02-01WordPress simple shout box Plugin SQL InjectionPublishedFix it
2013-01-31WordPress RLSWordPressSearch plugin SQL InjectionPublishedFix it
2013-01-26WordPress SolveMedia 1.1.0 Cross Site Request ForgeryPublishedFix it
2013-01-25WordPress SolveMedia 1.1.0 CSRF VulnerabilityPublishedFix it
2013-01-25WordPress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS VulnerabilitiesPublishedFix it
2013-01-24WordPress Chocolate Theme XSS & Denial Of Service & Shell UploadPublishedFix it
2013-01-23Cardoza WordPress Poll 34.05 SQL InjectionPublishedFix it
2013-01-22WordPress Ripe HD FLV Player SQL Injection & Path DisclosurePublishedFix it
2013-01-22WordPress Developer Formatter CSRF VulnerabilityPublishedFix it
2013-01-15WordPress theme Daily Edition Mouss Multiple vulnerabilitiesPublishedFix it
2013-01-15WordPress Daily Edition Mouss XSS & Disclosure & Shell UploadPublishedFix it
2013-01-13WordPress Floating Tweets 1.0.1 XSS and Directory TraversalPublishedFix it
2013-01-11WordPress gallery 3.8.3 plugin Arbitrary File Read VulnerabilityPublishedFix it
2013-01-09WordPress Plugin Google Document Embedder Arbitrary File DisclosurePublishedFix it
2013-01-08WordPress Spam Free 1.9.2 Filter BypassPublishedFix it
2013-01-08WordPress OpenInviter Information DisclosurePublishedFix it
2013-01-08XML Sitemap Generator for WordPress (Google XML Sitemaps) Code InjectionPublishedFix it
2013-01-07WordPress wilderness SQL injectionPublishedFix it
2013-01-07WordPress NextGEN Gallery plugin Cross Site Scripting VulnerabilityPublishedFix it
2013-01-04WordPress Plugin Advanced Custom Fields Remote File InclusionPublishedFix it
2013-01-03WordPress Xerte Online 0.32 Shell UploadPublishedFix it
2013-01-03WordPress ReFlex Gallery 1.3 Shell UploadPublishedFix it
2013-01-03WordPress Shopping Cart 8.1.14 Shell Upload & SQL InjectionPublishedFix it
2013-01-03WordPress Advanced Custom Fields Remote File InclusionPublishedFix it
2013-01-03WordPress Uploader 1.0.4 Shell UploadPublishedFix it
2013-01-02WordPress plugins WP PHP widget Full Path Disclosure vulnerabilityPublishedFix it
2013-01-02WordPress Sahifa theme 2.4.0 CSRF and Full Path DisclosurePublishedFix it
2012-12-31WordPress SB Uploader 3.9 Shell UploadPublishedFix it
2012-12-31WordPress Photo Plus & Photo Search XSS & CSRFPublishedFix it
2012-12-31WordPress plugins NextGEN Public Uploader Full Path Disclosure VulnerabilityPublishedFix it
2012-12-30WordPress themes RocketTheme Multiple vulnerabilitiesPublishedFix it
2012-12-28WordPress Asset Manager PHP File UploadPublishedFix it
2012-12-28WordPressW3 Total PublishedFix it
2012-12-27WordPress CMSMasters'upload.php'PublishedFix it
2012-12-26WordPress WP Property PHP File Upload VulnerabilityPublishedFix it
2012-12-26WordPress Asset Manager PHP File Upload VulnerabilityPublishedFix it
2012-12-25WordPress Rokbox Themes Content Spoofing and XSSPublishedFix it
2012-12-25WordPress W3 Total Cache Data DisclosurePublishedFix it
2012-12-24WordPress 'wp login.php'(CVE 2012 5868)PublishedFix it
2012-12-23WordPress BuddyPress Cross Site Scripting & Content SpoofingPublishedFix it
2012-12-21WordPress plugin sintic gallery Path Disclosure VulnerabilityPublishedFix it
2012-12-21BuddyPress for WordPress XSS and CS vulnerabilitiesPublishedFix it
2012-12-21WordPress 3.4.2 Sessions Not Terminated Upon Explicit User LogoutPublishedFix it
2012-12-18WordPress Rokbox 2.13 Multiple VulnsPublishedFix it
2012-12-16WordPress RokBox Multiple VulnerabilitiesPublishedFix it
2012-12-14WordPress Plugin Authentication BypassPublishedFix it
2012-12-13WordPress portable phpMyAdmin 1.3.0 Authentication BypassPublishedFix it
2012-12-09WordPress Simple Gmail Login Path DisclosurePublishedFix it
2012-12-05WordPress WP Realty 'language'PublishedFix it
2012-12-04WordPress Nest SQL InjectionPublishedFix it
2012-11-30WordPress Toolbox 1.4 SQL InjectionPublishedFix it
2012-11-30WordPress TimelineJS Nuweb Local File InclusionPublishedFix it
2012-11-30WordPress Video Lead Form 0.5 Cross Site ScriptingPublishedFix it
2012-11-28WordPress Shai Saul SQL InjectionPublishedFix it
2012-11-28WordPress yaren Tema SQL InjectionPublishedFix it
2012-11-28WordPress weddingsatwork SQL InjectionPublishedFix it
2012-11-28WordPress asm theme SQL injectionPublishedFix it
2012-11-28WordPress st newsletter SQL InjectionPublishedFix it
2012-11-28WordPress starmark Theme Local File InclusionPublishedFix it
2012-11-28WordPress oberliga SQL InjectionPublishedFix it
2012-11-28WordPress myflash Local File InclusionPublishedFix it
2012-11-28WordPress cstardesign SQL InjectionPublishedFix it
2012-11-28WordPress Newstimes Package SQL InjectionPublishedFix it
2012-11-28WordPress wp imagezoon SQL InjectionPublishedFix it
2012-11-25WordPress dailyedition mouss Theme SQL injectionPublishedFix it
2012-11-24WordPress Zingiri Web Shop 2.5.0 Shell UploadPublishedFix it
2012-11-24WordPress Plg Novana SQL InjectionPublishedFix it
2012-11-24WordPress Simple Slider 1.0 Cross Site ScriptingPublishedFix it
2012-11-24WordPress Zarzadzanie Kontem Shell UploadPublishedFix it
2012-11-23WordPress plg novana plugin Sql InjectionPublishedFix it
2012-11-23WordPress magazine basic plugin/ Theme SQL InjectionPublishedFix it
2012-11-23WordPress malmonation theme SQL InjectionPublishedFix it
2012-11-22WordPress fs real estate plugin Theme SQL InjectionPublishedFix it
2012-11-22WordPress webplayer plugin Theme SQL InjectionPublishedFix it
2012-11-22WordPress hd webplayer Theme SQL InjectionPublishedFix it
2012-11-21WordPress Madebymilk SQL InjectionPublishedFix it
2012-11-21WordPress FireStorm Real Estate 2.06.08 SQL InjectionPublishedFix it
2012-11-21WordPress tdo mini forms plugin (rfu/rfd) VulnerabilitiesPublishedFix it
2012-11-20WordPress List Communities SQL InjectionPublishedFix it
2012-11-20WordPress Facebook Survey v1 SQL Injection VulnerabilityPublishedFix it
2012-11-20WordPress ArribaLaEsteban SQL InjectionPublishedFix it
2012-11-19WordPress Plugins Spotlight Your Upload VulnerabilityPublishedFix it
2012-11-18WordPress Integrator 1.32 Cross Site ScriptingPublishedFix it
2012-11-16WordPress Tagged Albums SQL InjectionPublishedFix it
2012-11-16WordPress Dailyedition mouss SQL InjectionPublishedFix it
2012-11-14WordPress WP E Commerce 3.8.9 SQL Injection / Cross Site ScriptingPublishedFix it
2012-11-13WordPress AJAX Post Search'the search function()'SQLPublishedFix it
2012-11-13WordPress Related Posts Exit Popup SQL InjectionPublishedFix it
2012-11-11WordPress Calendar Script Blind SQL InjectionPublishedFix it
2012-11-11WordPress Eco Annu SQL InjectionPublishedFix it
2012-11-10WordPress swfupload XSS vulnerabilityPublishedFix it
2012-11-09WordPress theme wilderness SQL InjectionPublishedFix it
2012-11-09WordPress theme kakao SQL InjectionPublishedFix it
2012-11-08WordPress Hitasoft FLV Player 1.1 SQL InjectionPublishedFix it
2012-11-08WordPress Cardoza Ajax Search 1.1 SQL InjectionPublishedFix it
2012-11-04WordPress Spider Catalog 1.1 HTML Code Injection and Cross Site scriptingPublishedFix it
2012-10-31WordPress FoxyPress Plugin 0.4.2.5 Multiple VulnerabilitiesPublishedFix it
2012-10-31WordPress FoxyPress Plugin Multiple VulnerabilitiesPublishedFix it
2012-10-28WordPress Easy Webinar Plugin Blind SQL Injection VulnerabilityPublishedFix it
2012-10-27WordPress Easy Webinar Blind SQL InjectionPublishedFix it
2012-10-26WordPress GRAND Flash Album Gallery SQL Injection & Disclosure & File OverwritePublishedFix it
2012-10-22WordPress Social Discussions Plugin 6.1.1 Multiple VulnerabilitiesPublishedFix it
2012-10-20WordPress Wordfence Security XSS and IAA vulnerabilitiesPublishedFix it
2012-10-18WordPress Social Discussions Plugin Multiple VulnerabilitiesPublishedFix it
2012-10-17WordPress Plugin BackWPup 1.6.1 Remote auth bypassPublishedFix it
2012-10-11WordPress Shortcode Redirect 1.0.01 Stored Cross Site ScriptingPublishedFix it
2012-10-11WordPress Mingle Forum 1.0.32.1 Cross Site Scripting / SQL InjectionPublishedFix it
2012-10-11WordPress LivePHP Cross Site ScriptingPublishedFix it
2012-10-11WordPress Slideshow Gallery 2 Cross SIte ScriptingPublishedFix it
2012-10-11WordPress Kish Guest Posting 1.0 Shell UploadPublishedFix it
2012-10-08WordPress Remote Command ExecutionPublishedFix it
2012-10-06WordPress Shopp v1.0.17 eCommerce Plugin <= XSS & LFIPublishedFix it
2012-10-04WordPress Plugin spider calendar Multiple VulnerabilitiesPublishedFix it
2012-10-04WordPress Spider 1.0.1 SQL Injection & XSSPublishedFix it
2012-10-01WordPress Theme 3.2 Unauthenticated Configuration AccessPublishedFix it
2012-10-01WordPressthemesbook Cms Cross Site Scripting VulnerabilityPublishedFix it
2012-09-28WordPress phpBAK Red Config VulnerabilityPublishedFix it
2012-09-27WordPress ABC Test 0.1 Cross Site ScriptingPublishedFix it
2012-09-20WordPress Wp TopBar 4.02 Multiple VulnerabilitiesPublishedFix it
2012-09-20MF Gig Calendar WordPress Plugin Cross Site ScriptingPublishedFix it
2012-09-19WordPress Admin name Information DisclosurePublishedFix it
2012-09-13WordPress Krea3AllMedias SQL InjectionPublishedFix it
2012-09-13WordPress Tierra Audio Path DisclosurePublishedFix it
2012-09-10WordPress Download Monitor Download Page Cross Site ScriptingPublishedFix it
2012-09-10WordPress Simple Forum Shell UploadPublishedFix it
2012-09-10WordPress AdRotate 3.7.3.5 Cross Site ScriptingPublishedFix it
2012-09-10ShopperPress WordPress Theme 2.7 Cross Site ScriptingPublishedFix it
2012-09-10WordPress Finder Cross Site ScriptingPublishedFix it
2012-09-10WordPress NextGEN Gallery 1.9.5 Cross Site ScriptingPublishedFix it
2012-09-10WordPress Count Per Day 3.2.3 Cross Site ScriptingPublishedFix it
2012-09-10WordPress Google Analytics 4.2.4 Cross Site ScriptingPublishedFix it
2012-09-10WordPress Monsters Editor Shell UploadPublishedFix it
2012-09-10WordPress TDO Mini Forms Arbitrary File UploadPublishedFix it
2012-09-10WordPress SEM WYSIWYG Arbitrary File UploadPublishedFix it
2012-09-10WordPress HD Webplayer 1.1 SQL InjectionPublishedFix it
2012-02-02WordPress <= 3.3.1 Multiple VulnerabilitiesPublishedFix it
2012-01-25WordPress Kish Guest Posting Plugin 1.0 Arbitrary File UploadPublishedFix it
2012-01-23WordPress uCan Post plugin <= 1.0.09 Stored XSSPublishedFix it
2012-01-23AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File UploadPublishedFix it
2012-01-17WordPress wp autoyoutube plugin Blind SQL Injection VulnerabilityPublishedFix it
2012-01-17WordPress Count per day plugin Multiple VulnerabilitiesPublishedFix it
2012-01-17WordPress Age Verification Plugin <= 0.4 Open RedirectPublishedFix it
2012-01-11WordPress Pay With Tweet Plugin <= 1.1 Multiple VulnerabilitiesPublishedFix it
2012-01-04WordPress Comment Rating plugin Multiple VulnerabilitiesPublishedFix it
2011-12-28WordPress Mailing List Plugin Arbitrary File DownloadPublishedFix it
2011-12-15BLIND SQL injection UPM POLLS wordpress plugin 1.0.4PublishedFix it
2011-12-08WordPress Pretty Link 1.5.2 Cross Site ScriptingPublishedFix it
2011-12-02WordPress Flash Album Gallery Cross Site ScriptingPublishedFix it
2011-11-25WordPress enable latex plugin Remote File Include VulnerabilitiesPublishedFix it
2011-11-23WordPress meenews 5.1 plugin Cross Site Scripting VulnerabilitiesPublishedFix it
2011-11-22WordPress Adminimize plugin suffers from a cross site scripting vulnerabilityPublishedFix it
2011-11-22WordPress Advanced Text Widget plugin suffers from a cross site scripting vulnerabilityPublishedFix it
2011-11-19WordPress jetpack plugin SQL Injection VulnerabilityPublishedFix it
2011-11-15WordPress AdRotate plugin <= 3.6.6 SQL Injection VulnerabilityPublishedFix it
2011-11-14WordPress Zingiri Plugin <= 2.2.3 (ajax save name.php) Remote Code ExecutionPublishedFix it
2011-11-01WordPress WP Glossary plugin SQL Injection VulnerabilityPublishedFix it
2011-10-31WordPress Classipress Theme <= 3.1.4 Stored XSSPublishedFix it
2011-10-31WordPress WP Glossary Plugin SQL InjectionPublishedFix it
2011-10-28WordPress wptouch plugin SQL Injection VulnerabilityPublishedFix it
2011-10-17WordPress Photo Album Plus <= 4.1.1 SQLPublishedFix it
2011-10-17WordPress Mailing List 1.3.2PublishedFix it
2011-10-15WordPress Photo Album Plus <= 4.1.1 SQL Injection VulnerabilityPublishedFix it
2011-10-13WordPress GD Star Rating plugin <= 1.9.10 SQL InjectionPublishedFix it
2011-10-13WordPress Pretty Link 1.4.56 Cross Site ScriptingPublishedFix it
2011-10-06Packet storm WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublishedFix it
2011-10-05WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublishedFix it
2011-09-30WordPress WP Bannerize plugin <= 2.8.7 SQL Injection VulnerabilityPublishedFix it
2011-09-25WordPress Link Library plugin <= 5.2.1 SQL Injection VulnerabilityPublishedFix it
2011-09-21WordPress WPEasyStats Plugin 1.8 Remote File InclusionPublishedFix it
2011-09-21WordPress Zingiri Web Shop Plugin 2.2.0 Remote File InclusionPublishedFix it
2011-09-21WordPress AllWebMenus Plugin 1.1.3 Remote File InclusionPublishedFix it
2011-09-21WordPress Mailing List Plugin 1.3.2 Remote File InclusionPublishedFix it
2011-09-21WordPress TheCartPress Plugin 1.1.1 Remote File InclusionPublishedFix it
2011-09-21WordPress WP e Commerce"cs1"SQLPublishedFix it
2011-09-21WordPress Disclosure Policy Plugin 1.0 Remote File InclusionPublishedFix it
2011-09-21WordPress Relocate Upload Plugin 0.14 Remote File InclusionPublishedFix it
2011-09-21WordPress Livesig Plugin 0.4 Remote File InclusionPublishedFix it
2011-09-21WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure VulnerabilityPublishedFix it
2011-09-21Multiple WordPress Plugin timthumb.php VulnerabilitesPublishedFix it
2011-09-21WordPress Annonces Plugin 1.2.0.0 Remote File InclusionPublishedFix it
2011-09-21WordPress Mini Mail Dashboard Widget Plugin 1.36 Remote File InclusionPublishedFix it
2011-09-19WordPress Count per Day plugin <= 2.17 SQL Injection VulnerabilityPublishedFix it
2011-09-18WordPress Auctions plugin <= 1.8.8 SQL Injection VulnerabilityPublishedFix it
2011-09-14WordPress WP e Commerce plugin <= 3.8.6 SQL Injection VulnerabilityPublishedFix it
2011-09-13WordPress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF)PublishedFix it
2011-09-10WordPress Couponer plugin <= 1.2 SQL InjectionPublishedFix it
2011-09-10WordPress SendIt plugin <= 1.5.9 Blind SQL Injection VulnerabilityPublishedFix it
2011-09-10WordPress Advertizer plugin <= 1.0 SQL Injection VulnerabilityPublishedFix it
2011-09-10WordPress WP Bannerize plugin <= 2.8.6 SQL InjectionPublishedFix it
2011-09-10WordPress wp audio gallery playlist plugin <= 0.12 SQL InjectionPublishedFix it
2011-09-10WordPress iCopyright(R) Article Tools plugin <= 1.1.4 SQL InjectionPublishedFix it
2011-09-10WordPress Donation plugin <= 1.0 SQL InjectionPublishedFix it
2011-09-10WordPress Crawl Rate Tracker plugin <= 2.0.2 SQL Injection VulnerabilityPublishedFix it
2011-09-10WordPress PureHTML plugin <= 1.0.0 SQL InjectionPublishedFix it
2011-09-10WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 SQL Injection VulnerabilityPublishedFix it
2011-09-10WordPress Image Gallery with Slideshow plugin <= 1.5 Multiple VulnerabilitiesPublishedFix it
2011-09-10WordPress yolink Search plugin <= 1.1.4 SQL InjectionPublishedFix it
2011-09-10WordPress VideoWhisper Video Presentation plugin <= 1.1 SQL Injection VulnerabilityPublishedFix it
2011-09-10WordPress SH Slideshow plugin <= 3.1.4 SQL Injection VulnerabilityPublishedFix it
2011-09-10WordPress grapefile plugin <= 1.1 Arbitrary File UploadPublishedFix it
2011-09-10WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection VulnerabilityPublishedFix it
2011-09-10WordPress Event Registration plugin <= 5.4.3 SQL InjectionPublishedFix it
2011-08-29WordPress TimThumb Plugin Remote Code ExecutionPublishedFix it
2011-08-29WordPress mySTAT plugin <= 2.6 SQL Injection VulnerabilityPublishedFix it
2011-08-29WordPress Block Spam By Math Reloaded Plugin BypassPublishedFix it
2011-08-29WordPress Evarisk plugin <= 5.1.3.6 SQL Injection VulnerabilityPublishedFix it
2011-08-29WordPress MM Duplicate plugin <= 1.2 SQL Injection VulnerabilityPublishedFix it
2011-08-29WordPress Profiles plugin <= 2.0 RC1 SQL Injection VulnerabilityPublishedFix it
2011-08-29WordPress Photoracer 1.0 Cross Site Scripting / SQL InjectionPublishedFix it
2011-08-28WordPress Js appointment plugin <= 1.5 SQL Injection VulnerabilityPublishedFix it
2011-08-28WordPress Super CAPTCHA plugin <= 2.2.4 SQL Injection VulnerabilityPublishedFix it
2011-08-28WordPress Collision Testimonials plugin <= 3.0 SQL Injection VulnerabilityPublishedFix it
2011-08-28WordPress oQey Headers plugin <= 0.3 SQL Injection VulnerabilityPublishedFix it
2011-08-28WordPress Photoracer plugin <= 1.0 SQL Injection VulnerabilityPublishedFix it
2011-08-28WordPress Photoracer Plugin <= 1.0 Multiple VulnerabilitiesPublishedFix it
2011-08-28WordPress MM Forms Community plugin <= 1.2.3 SQL Injection VulnerabilityPublishedFix it
2011-08-26WordPress Yoast v4.1.3 Local File Disclosure VulnerabilityPublishedFix it
2011-08-21WordPress UnGallery plugin <= 1.5.8 Local File Disclosure VulnerabilityPublishedFix it
2011-08-18WordPress Contus HD FLV Player plugin <= 1.3 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress WP Forum plugin <= 1.7.8 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress File Groups plugin <= 1.1.2 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress Easy Contact Form Lite plugin <= 1.0.7 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress Global Content Blocks plugin <= 1.2 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress WP Symposium plugin <= 0.64 SQL Injection VulnerabilityPublishedFix it
2011-08-18WordPress Ajax Gallery plugin <= 3.0 SQL Injection VulnerabilityPublishedFix it
2011-07-04WordPress 3.1.3 SQL Injection VulnerabilitiesPublishedFix it
2011-06-27WordPress Beer Recipes Plugin v.1.0 XSSPublishedFix it
2011-06-27WordPress core 3.1.3 Persistent XSS VulnerabilityPublishedFix it
2011-05-24Is human <=1.4.2 WordPress Plugin Remote Command Execution VulnerabilityPublishedFix it
2011-04-28WordPress SermonBrowser Plugin 0.43 SQL InjectionPublishedFix it
2011-04-26Ajax Category Dropdown WordPress Plugin 0.1.5 Multiple VulnerabilitiesPublishedFix it
2011-04-06WordPress WP Custom Pages Plugin 0.5.0.1 LFI VulnerabilityPublishedFix it
2011-03-29WordPress plugin BackWPup Remote and Local Code Execution VulnerabilityPublishedFix it
2011-03-10PHP Speedy <= 0.5.2 WordPress Plugin (admin container.php) Remote Code Exec ExploitPublishedFix it
2011-03-10GRAND Flash Album Gallery 0.55 WordPress Plugin Multiple VulnerabilitiesPublishedFix it
2011-02-27OPS Old Post Spinner 2.2.1 WordPress Plugin LFI VulnerabilityPublishedFix it
2011-02-27JQuery Mega Menu 1.0 WordPress Plugin Local File InclusionPublishedFix it
2011-02-26Z Vote 1.1 WordPress Plugin SQL Injection VulnerabilityPublishedFix it
2011-02-25GigPress 2.1.10 WordPress Plugin Stored XSS VulnerabilityPublishedFix it
2011-02-25Relevanssi 2.7.2 WordPress Plugin Stored XSS VulnerabilityPublishedFix it
2011-02-25IWantOneButton 3.0.1 WordPress Plugin Multiple VulnerabilitiesPublishedFix it
2011-02-25WP Forum Server 1.6.5 WordPress Plugin SQL Injection VulnerabilityPublishedFix it
2011-02-24Comment Rating 2.9.23 WordPress Plugin Multiple VulnerabilitiesPublishedFix it
2011-02-18WordPress User Photo Component Remote File Upload VulnerabilityPublishedFix it
2011-02-11Enable Media Replace WordPress Plugin Multiple VulnerabilitiesPublishedFix it
2010-12-07SQL injection vulnerability in do trackbacks() WordPress functionPublishedFix it
2010-11-14WordPress Event Registration Plugin 5.32 SQL Injection VulnerabilityPublishedFix it
2010-10-20WordPress plugin mygallerybrowser.php Remote File Upload VulnerabilityPublishedFix it
2010-09-07WordPress Events Manager Extended Plugin Persistent XSS VulnerabilityPublishedFix it
2010-08-05WordPress NextGEN Smooth Gallery Blind SQL Injection VulnerabilityPublishedFix it
2010-07-23WordPress Plugin myLDlinker SQL Injection VulnerabilityPublishedFix it
2010-07-10WordPress Firestats Remote Configuration File DownloadPublishedFix it
2010-06-25Vulnerabilities in Cimy Counter for WordPressPublishedFix it
2010-06-08WordPress Gigya Socialize Plugin Cross Site Scripting VulnerabilitiesPublishedFix it
2010-04-06XSS Vulnerability in NextGEN Gallery WordPress PluginPublishedFix it
2010-03-02WordPress 2.9.1 wp admin Cross Site Scripting VulnerabilityPublishedFix it
2010-02-23WordPress Copperleaf Photolog SQL Injection VulnerabilityPublishedFix it
2010-02-19WordPress 2.9 plugin wp wall (XSS) Cross Site Scripting VulnerabilityPublishedFix it
2010-02-19Joomla JD WordPress Remote File Include ExploitPublishedFix it
2010-02-19WordPress Resource exhaustion ExploitPublishedFix it
2010-02-19WordPress Pyrmont V2. SQL Injection VulnerabilityPublishedFix it
2010-02-19WordPress <= 2.9 Denial of ServicePublishedFix it
2010-02-19WordPress script <== x.x.x (Events Plugins) SQL Injection VulnerabilityPublishedFix it
2010-02-15WordPress Copperleaf Photolog SQL injectionPublishedFix it
2010-02-13WordPress >= 2.9 Failure to Restrict URL AccessPublishedFix it
2010-01-02WordPress Events Plugin SQL Injection VulnerabilityPublishedFix it
2009-12-310day WordPress DOS <= 2.9PublishedFix it
2009-12-18WordPress and Pyrmont V2. SQL Injection VulnerabilityPublishedFix it
2009-12-07Vulnerabilities in WP Cumulus for WordPressPublishedFix it
2009-12-05WordPress Image Manager Plugins Shell Upload VulnerabilityPublishedFix it
2009-11-25Vulnerabilities in WP Cumulus <= 1.20 for WordPressPublishedFix it
2009-11-13WordPress Plugin WP Syntax <= 0.9.1 Remote Command Execution PoCPublishedFix it
2009-11-13WordPress Arbitrary File Upload and Cross Site Scripting VulnerabilitiesPublishedFix it
2009-11-11WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublishedFix it
2009-11-11Fedora Security Update Fixes WordPress MU Denial of Service IssuePublishedFix it
2009-11-10WordPress 2.0 2.7.1 admin.php Module Configuration Security Bypass VulnerabilityPublishedFix it
2009-11-10WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublishedFix it
2009-11-10WordPress MU 1.2.2 1.3.1 'wp includes/wpmu functions.php' Cross Site Scripting VulnerabilityPublishedFix it
2009-10-27Fedora Security Update Fixes WordPress Denial of Service VulnerabilityPublishedFix it
2009-10-23DM Albums for WordPress "delete album" Directory Traversal IssuePublishedFix it
2009-10-22WordPress < 2.8.1 Security Bypass 0dayPublishedFix it
2009-10-21WordPress Trackback Remote Denial of Service VulnerabilityPublishedFix it
2009-10-20JD WordPress for Joomla "mosConfig absolute path" Inclusion IssuePublishedFix it
2009-10-19Joomla JD WordPress 2.0 RC2 remote file icnlusionPublishedFix it
2009-09-02WordPress Privileges Unchecked in admin.php and Multiple Information DisclosuresPublishedFix it
2009-08-28WP Syntax for WordPress "test filter[wp head]" Code Injection VulnerabilityPublishedFix it
2009-08-27WordPress Plugin WP Syntax <= 0.9.1 Remote Command ExecutionPublishedFix it
2009-08-24Debian Security Update Fixes WordPress Security Bypass VulnerabilitiesPublishedFix it
2009-08-17Fedora Security Update Fixes WordPress MU Multiple VulnerabilitiesPublishedFix it
2009-08-12Fedora Security Update Fixes WordPress Admin Pass Reset VulnerabilityPublishedFix it
2009-08-11WordPress <= 2.8.3 Remote Admin Reset Password VulnerabilityPublishedFix it
2009-08-07Fedora Security Update Fixes WordPress Privilege Escalation IssuesPublishedFix it
2009-07-30Fedora Security Update Fixes WordPress Cross Site Scripting IssuePublishedFix it
2009-07-27WordPress Plugin FireStats <= 1.6.1(fs javascript) RFI VulnerabilityPublishedFix it
2009-07-24WordPress 2.8.1 (url) Remote Cross Site Scripting ExploitPublishedFix it
2009-07-20Fedora Security Update Fixes WordPress Security Bypass VulnerabilitiesPublishedFix it
2009-07-15WordPress Plugin My Category Order <= 2.8 SQL Injection VulnerabilityPublishedFix it
2009-07-10WordPress Privileges Unchecked in admin.php and Multiple InformationPublishedFix it
2009-07-09WordPress Media Holder (mediaHolder.php id) SQL Injection vulnerabilityPublishedFix it
2009-07-09WordPress Multiple Security Bypass and Information Disclosure IssuesPublishedFix it
2009-07-02WordPress Plugin st newsletter (stnl iframe.php) SQL Injection VulnerabilityPublishedFix it
2009-06-30WordPress Plugin Related Sites 2.1 Blind SQL Injection VulnerabilityPublishedFix it
2009-06-30WordPress Plugin DM Albums 1.9.2 Remote File Disclosure VulnerabilityPublishedFix it
2009-06-29WordPress Plugin DM Albums 1.9.2 Remote File Inclusion VulnPublishedFix it
2009-06-15WordPress Plugin Photoracer 1.0 (id) SQL Injection VulnerabilityPublishedFix it
2009-05-26WordPress Plugin Lytebox (wp lytebox) Local File Inclusion VulnerabilityPublishedFix it
2009-04-15Fedora Security Update Fixes WordPress mu Cross Site Scripting IssuePublishedFix it
2009-03-18FMoblog Plugin for WordPress "id" Remote SQL Injection VulnerabilityPublishedFix it
2009-03-17WordPress Plugin fMoblog 2.1 (id) SQL Injection VulnerabilityPublishedFix it
2009-03-10WordPress MU < 2.7 'HOST' HTTP Header XSS VulnerabilityPublishedFix it
2009-01-12WordPress plugin WP Forum 1.7.8 Remote SQL Injection VulnerabilityPublishedFix it
2008-12-22WordPress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD VulnPublishedFix it
2008-11-07Fedora Security Update Fixes WordPress Snoopy Code ExecutionPublishedFix it
2008-10-29WordPress Plugin e Commerce <= 3.4 Arbitrary File Upload ExploitPublishedFix it
2008-10-26WordPress Media Holder (mediaHolder.php id) SQL Injection VulnPublishedFix it
2008-10-17WordPress Plugin st newsletter (stnl iframe.php) SQL Injection VulnPublishedFix it
2008-09-15WordPress "user login" Column SQL Truncation VulnerabilityPublishedFix it
2008-09-10WordPress 2.6.1 (SQL Column Truncation) Admin Takeover ExploitPublishedFix it
2008-09-10Fedora Security Update Fixes WordPress SSL Enforcement WeaknessPublishedFix it
2008-09-07WordPress 2.6.1 SQL Column Truncation VulnerabilityPublishedFix it
2008-07-24WordPress Plugin Download Manager 0.2 Arbitrary File Upload ExploitPublishedFix it
2008-07-07Debian Security Update Fixes WordPress Security Bypass IssuesPublishedFix it
2008-05-05Fedora Security Update Fixes WordPress Privilege Escalation IssuePublishedFix it
2008-04-28WordPress Cookie Integrity Protection Privilege Escalation VulnerabilityPublishedFix it
2008-04-24Spreadsheet for WordPress "ss id" Remote SQL Injection VulnerabilityPublishedFix it
2008-04-22WordPress Plugin Spreadsheet <= 0.6 SQL Injection VulnerabilityPublishedFix it
2008-03-31WordPress Plugin Download (dl id) SQL Injection VulnerabilityPublishedFix it
2008-02-26WordPress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple VulnerabilitiesPublishedFix it
2008-02-18Photo Album Plugin for WordPress Multiple SQL Injection VulnerabilitiesPublishedFix it
2008-02-16WordPress Photo album Remote SQL Injection VulnerabilityPublishedFix it
2008-02-15WordPress Plugin Simple Forum 2.0 2.1 SQL Injection VulnerabilityPublishedFix it
2008-02-15WordPress Plugin Simple Forum 1.10 1.11 SQL Injection VulnerabilityPublishedFix it
2008-02-13Fedora Security Update Fixes WordPress XML RPC Post Editing IssuePublishedFix it
2008-02-07WordPress XML RPC Implementation Arbitrary Post Editing VulnerabilityPublishedFix it
2008-02-05WordPress MU < 1.3.2 active plugins option Code Execution ExploitPublishedFix it
2008-02-03WordPress Plugin st newsletter Remote SQL Injection VulnerabilityPublishedFix it
2008-02-02WordPress Plugin dmsguestbook 1.7.0 Multiple Remote VulnerabilitiesPublishedFix it
2008-02-02WordPress Plugin Wordspew Remote SQL Injection VulnerabilityPublishedFix it
2008-01-31WassUp Plugin for WordPress "to date" SQL Injection VulnerabilityPublishedFix it
2008-01-31WP Cal Plugin for WordPress "id" SQL Query Injection VulnerabilityPublishedFix it
2008-01-31FGallery Plugin for WordPress "album" SQL Query Injection VulnerabilityPublishedFix it
2008-01-31AdServe Plugin for WordPress "id" Parameter SQL Injection VulnerabilityPublishedFix it
2008-01-30WordPress Plugin Adserve 0.2 adclick.php SQL Injection ExploitPublishedFix it
2008-01-30WordPress Plugin WassUp 1.4.3 (spy.php to date) SQL Injection ExploitPublishedFix it
2008-01-27WordPress Plugin WP Cal 0.3 editevent.php SQL Injection VulnerabilityPublishedFix it
2008-01-27WordPress plugin fGallery 2.4.1 fimrss.php SQL Injection VulnerabilityPublishedFix it
2008-01-25Permalinks Migration Plugin for WordPress Cross Site Request ForgeryPublishedFix it
2008-01-22WP Forum Plugin for WordPress "user" SQL Query Injection VulnerabilityPublishedFix it
2008-01-19WordPress plugin WP Forum 1.7.4 Remote SQL Injection VulnerabilityPublishedFix it
2008-01-06WordPress Plugin Wp FileManager 1.2 Remote Upload VulnerabilityPublishedFix it
2008-01-03Fedora Security Update Fixes WordPress Multiple Remote VulnerabilitiesPublishedFix it
2007-12-11WordPress <= 2.3.1 Charset Remote SQL Injection VulnerabilityPublishedFix it
2007-12-11WordPress "s" Parameter Handling Remote SQL Injection VulnerabilityPublishedFix it
2007-12-05WordPress Plugin PictPress <= 0.91 Remote File Disclosure VulnerabilityPublishedFix it
2007-11-21WordPress Cookies Processing Authentication Bypass WeaknessPublishedFix it
2007-11-06BackUpWordPress "bkpwp plugin path" PHP File Inclusion VulnerabilitiesPublishedFix it
2007-11-01WordPress Plugin BackUpWordPress <= 0.4.2b RFI VulnerabilityPublishedFix it
2007-10-29WordPress "posts columns" Parameter Cross Site Scripting VulnerabilityPublishedFix it
2007-09-14WordPress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)PublishedFix it
2007-09-13WordPress Multiple Parameter Cross Site Scripting and SQL Injection IssuesPublishedFix it
2007-08-31Fedora Security Update Fixes WordPress Cross Site Scripting VulnerabilityPublishedFix it
2007-08-01WordPress "style" Parameter Processing Cross Site Scripting VulnerabilityPublishedFix it
2007-06-26WordPress Security Update Fixes Code Execution and SQL Injection VulnerabilitiesPublishedFix it
2007-06-26WordPress 2.2 (wp app.php) Arbitrary File Upload ExploitPublishedFix it
2007-06-11OpenPKG Security Update Fixes WordPress XML RPC SQL Injection VulnerabilityPublishedFix it
2007-06-07WordPress XML RPC Interface "wp suggestCategories()" SQL Injection VulnerabilityPublishedFix it
2007-06-06WordPress 2.2 (xmlrpc.php) Remote SQL Injection ExploitPublishedFix it
2007-05-21WordPress 2.1.3 admin ajax.php SQL Injection Blind Fishing ExploitPublishedFix it
2007-05-21WordPress "cookie" Parameter Handling Remote SQL Query Injection VulnerabilityPublishedFix it
2007-05-02Debian Security Update Fixes WordPress Cross Site Scripting and Security Bypass IssuesPublishedFix it
2007-05-02WP Table Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublishedFix it
2007-05-02WordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublishedFix it
2007-05-02MyFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublishedFix it
2007-05-01WordPress plugin myflash <= 1.00 (wppath) RFI VulnerabilityPublishedFix it
2007-05-01WordPress plugin wp Table <= 1.43 (inc dir) RFI VulnerabilityPublishedFix it
2007-05-01WordPress plugin wordTube <= 1.43 (wpPATH) RFI VulnerabilityPublishedFix it
2007-04-30MyGallery Plugin for WordPress "myPath" Parameter Remote File Inclusion VulnerabilityPublishedFix it
2007-04-29WordPress Plugin myGallery <= 1.4b4 Remote File Inclusion VulnerabilityPublishedFix it
2007-04-04WordPress "XML RPC" Module Remote SQL Injection and Security Bypass VulnerabilitiesPublishedFix it
2007-04-03WordPress 2.1.2 (xmlrpc) Remote SQL Injection ExploitPublishedFix it
2007-03-21Gentoo Security Update Fixes Multiple WordPress Cross Site Scripting VulnerabilitiesPublishedFix it
2007-03-19WordPress "PHP SELF" Variable Handling Client Side Cross Site Scripting VulnerabilityPublishedFix it
2007-03-13WordPress "wp title()" and "single month title()" Cross Site Scripting VulnerabilityPublishedFix it
2007-03-05WordPress "comment text phpfilter()" and "get theme mcommand()" VulnerabilitiesPublishedFix it
2007-02-27WordPress "wp includes/functions.php" Client Side Cross Site Scripting VulnerabilityPublishedFix it
2007-02-26NoMoKeTo Module for phpBB "phpbb root path" Remote File Inclusion VulnerabilityPublishedFix it
2007-02-26WordPress "wp explain nonce()" Function Client Side Cross Site Scripting VulnerabilityPublishedFix it
2007-01-17Gentoo Security Update Fixes WordPress SQL Injection and Cross Site Scripting IssuesPublishedFix it
2007-01-10WordPress <= 2.0.6 wp trackback.php Remote SQL Injection ExploitPublishedFix it
2007-01-09OpenPKG Security Update Fixes WordPress Trackback Charset SQL Injection IssuePublishedFix it
2007-01-07WordPress 2.0.5 Trackback UTF 7 Remote SQL Injection ExploitPublishedFix it
2007-01-06WordPress Trackback Charset SQL Injection and Admin Cross Site Scripting VulnerabilitiesPublishedFix it
2007-01-06WordPress "wp login.php" Authentication Process Information Disclosure VulnerabilityPublishedFix it
2006-12-30Enigma 2 WordPress Bridge (boarddir) Remote File Include VulnerabilityPublishedFix it
2006-12-27WordPress "get file description()" Function Client Side Cross Site Scripting VulnerabilityPublishedFix it
2006-11-21Gentoo Security Update Fixes WordPress Directory Traversal and Security BypassPublishedFix it
2006-11-03OpenPKG Security Update Fixes WordPress Multiple Security Bypass VulnerabilitiesPublishedFix it
2006-11-02WordPress Remote Directory Traversal and Security Bypass VulnerabilitiesPublishedFix it
2006-08-16WP DB Backup Plugin for WordPress "backup" Parameter Directory Traversal VulnerabilityPublishedFix it
2006-07-31WordPress Unspecified Parameter Handling Multiple VulnerabilitiesPublishedFix it
2006-07-17Rocks "mount loop" and "umount loop" Arguments Handling Privilege Escalation VulnerabilityPublishedFix it
2006-07-04WordPress "paged" Parameter Table Prefix and Full Path Disclosure VulnerabilitiesPublishedFix it
2006-06-12Gentoo Security Update Fixes WordPress Remote Command Injection VulnerabilityPublishedFix it
2006-05-26WordPress User Profile Handling Remote PHP Command Injection VulnerabilityPublishedFix it
2006-05-25WordPress <= 2.0.2 (cache) Remote Shell Injection ExploitPublishedFix it
2006-03-05Gentoo Security Update Fixes WordPress SQL Injection VulnerabilityPublishedFix it
2006-03-01WordPress Cross Site Scripting And Full Path Disclosure VulnerabilitiesPublishedFix it
2006-01-16WP Stats WordPress Plug in "author" Remote SQL Injection VulnerabilityPublishedFix it
2005-11-25PhpWordPress Multiple Parameters Remote SQL Injection VulnerabilityPublishedFix it
2005-08-10WordPress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)PublishedFix it
2005-08-10WordPress "cache lastpostdate" Remote Code Execution IssuePublishedFix it
2005-08-09WordPress <= 1.5.1.3 Remote Code Execution 0 Day ExploitPublishedFix it
2005-07-04Gentoo Security Update Fixes Multiple WordPress VulnerabilitiesPublishedFix it
2005-06-30WordPress <= 1.5.1.2 xmlrpc Interface SQL Injection ExploitPublishedFix it
2005-06-30WordPress SQL Injection and Cross Site Scripting VulnerabilitiesPublishedFix it
2005-06-22WordPress <= 1.5.1.1 SQL Injection ExploitPublishedFix it
2005-06-21WordPress <= 1.5.1.1 "add new admin" SQL Injection ExploitPublishedFix it
2005-06-21WordPress <= 1.5.1.1 ""add new admin"" SQL Injection ExploitPublishedFix it
2005-05-30WordPress "cat ID" Remote SQL Injection VulnerabilityPublishedFix it
2004-10-10WordPress Blog HTTP Splitting VulnerabilityPublishedFix it




Copyright © 2016 WordpressExploit v1 BETA
Member of public Joomla Exploit, WordPress Exploit, phpBB Exploit, Drupal Exploit, TYPO3 Exploit, Magento Exploit, Virtuemart Exploit, osCommerce Exploit, Windows Exploits, Mac Exploit Intelligent Exploit Aggregation Network.
This information is provided for TESTING and LEGAL RESEARCH purposes only. Vulnerability information source(s): exploit-db.com, 0day.today, sebug.net, cxsecurity.com and others. Use at your own risk.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.