CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Cookie Notice & Consent (Unauthenticated Stored Cross-Site Scripting via post_meta) < 1.6.6
PROTECTED
Community Events (Unauthenticated SQL Injection) < 1.5.2
PROTECTED
Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers (Unauthenticated SQL Injection) < 2.1.4
PROTECTED
Search & Go - Directory WordPress Theme (Privilege Escalation) < 2.8
PROTECTED
RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login (SQL Injection) < 6.0.6.3
PROTECTED
Motors - Car Dealership & Classified Listings Plugin (Arbitrary File Deletion) < 1.4.90
PROTECTED
Community Events (Unauthenticated SQL Injection) < 1.5.2
PROTECTED
Progress Planner (Missing Authorization to Arbitrary Options Update) < 1.8.1
PROTECTED
OAuth Single Sign On - SSO [OAuth Client] (Authentication Bypass) < 6.26.13
PROTECTED
Cost Calculator Builder (Missing Authorization) < 3.5.33
PROTECTED
WP Dispatcher (SQL Injection via Shortcode)
PROTECTED
WPRecovery (Unauthenticated SQL Injection)
PROTECTED
Appy Pie Connect for WooCommerce (Missing Authorization to Unauthenticated Privilege Escalation) < 1.1.3
PROTECTED
JoomSport (Local File Inclusion) < 5.7.4
PROTECTED
RestroPress - Online Food Ordering System (Unauthenticated Information Exposure to Authentication Bypass) < 3.1.9.2
PROTECTED
TextBuilder (Cross-Site Request Forgery to Privilege Escalation) < 1.2.0
PROTECTED
AP Background (Arbitrary File Upload) < 3.8.3
PROTECTED
Spirit Framework (Privilege Escalation) < 1.2.15
PROTECTED
AffiliateWP (Unauthenticated SQL Injection) < 2.29.0
PROTECTED
Bei Fen - WordPress Backup Plugin (Local File Inclusion)
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.