CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Migration, Backup, Staging - WPvivid (Arbitrary File Upload) < 0.9.113
PROTECTED
Mambo Importer (PHP Object Injection)
PROTECTED
LTL Freight Quotes - Purolator Edition (Unauthenticated SQL Injection) < 2.2.4
PROTECTED
WooCommerce Food - Restaurant Menu & Food ordering (Unauthenticated Arbitrary Shortcode Execution) < 3.3.3
PROTECTED
Post SMTP( Stored Cross-Site Scripting ) < 3.1.0
PROTECTED
CarSpot Dealership WordPress Classified Theme (Arbitrary Password Reset/Account Takeover) < 2.4.4
PROTECTED
Reset (Cross-Site Request Forgery to Database Reset)
PROTECTED
Option Editor (Cross-Site Request Forgery to Arbitrary Options Update)
PROTECTED
File Uploads Addon for WooCommerce (Unprotected Directory)
PROTECTED
GetBookingsWp Appointments & Bookings Plugin Basic Version (Privilege Escalation)
PROTECTED
LTL Freight Quotes - Estes Edition (Unauthenticated SQL Injection) < 3.3.8
PROTECTED
Campress (Unauthenticated Local File Inclusion)
PROTECTED
Puzzles | WP Magazine / Review with Store WordPress Theme + RTL (Unauthenticated PHP Object Injection)
PROTECTED
Avada Builder (Arbitrary Shortcode Execution) < 3.11.14
PROTECTED
JS Help Desk The Ultimate Help Desk & Support Plugin (Unprotected Directory) < 2.8.9
PROTECTED
Avada Theme (Unauthenticated Arbitrary Shortcode Execution) < 7.11.14
PROTECTED
Campress <= 1.35 - Unauthenticated Local File Inclusion
PROTECTED
WP Directorybox Manager (Authentication Bypass)
PROTECTED
Avada Theme (Arbitrary Shortcode Execution) < 7.11.14
PROTECTED
JS Help Desk (Unprotected Directory Access) < 2.8.9
PROTECTED