CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Kalrav AI Agent (Unauthenticated Arbitrary File Upload)
PROTECTED
Frontis Blocks (Unauthenticated Server-Side Request Forgery) < 1.1.7
PROTECTED
Administrative Shortcodes (Local File Inclusion via Shortcode Attribute) < 0.3.5
PROTECTED
User Submitted Posts - Enable Users to Submit Posts from the Front End (Unauthenticated Stored Cross-Site Scripting via Custom Field) < 20260110
PROTECTED
Melapress Role Editor (Privilege Escalation via Secondary Role Assignment) < 1.2.0
PROTECTED
LA-Studio Element Kit for Elementor (Unauthenticated Privilege Escalation to Administrative User Creation via lakit_bkrole parameter) < 1.6.0
PROTECTED
Creator LMS - The LMS for Creators, Coaches, and Trainers (Arbitrary Options Update) < 1.1.13
PROTECTED
NotificationX (Cross-Site Scripting via 'nx-preview') < 3.2.1
PROTECTED
Nexter Extension - Site Enhancements Toolkit (Unauthenticated PHP Object Injection) < 4.4.7
PROTECTED
Academy LMS - WordPress LMS Plugin for Complete eLearning Solution (Privilege Escalation via Account Takeover) < 3.5.1
PROTECTED
Poll, Survey & Quiz Maker Plugin by Opinion Stage (Cross-Site Scripting) < 19.6.25
PROTECTED
Dokan: AI Powered WooCommerce Multivendor Marketplace Solution - Build Your Own Amazon, eBay, Etsy (Insecure Direct Object Reference to PayPal Account Takeover) < 4.2.5
PROTECTED
Antideo Email Validator (Unauthenticated SQL Injection)
PROTECTED
Powerlift (Unauthenticated Local File Inclusion) < 3.2.1
PROTECTED
The Aisle (Unauthenticated Local File Inclusion) < 2.9.1
PROTECTED
Demo Importer Plus (Blind XML External Entity Injection via SVG File Upload) < 2.0.10
PROTECTED
Modular DS (Unauthenticated Privilege Escalation) < 2.6.0
PROTECTED
Registration & Login with Mobile Phone Number for WooCommerce (Authentication Bypass) < 1.3.2
PROTECTED
RegistrationMagic (Privilege Escalation via admin_order) < 6.0.7.2
PROTECTED
g-FFL Checkout (Unauthenticated Arbitrary File Upload) < 2.1.1
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.