CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
PROTECTED
ZoloBlocks (Missing Authorization to Unauthenticated Popup Enable) < 2.3.12
PROTECTED
Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers (Unauthenticated Server-Side Request Forgery) < 2.1.5
PROTECTED
LLM Hubspot Blog Import (Missing Authorization Hubspot Import)
PROTECTED
Originality.ai AI Checker (Arbritary Log Deletion) < 1.0.13
PROTECTED
Quickcreator - AI Blog Writer (Unauthenticated API Key Exposure)
PROTECTED
RapidResult (SQL Injection)
PROTECTED
Email Tracker <= 5.3.12 - Authenticated (Admin+) SQL Injection
PROTECTED
Event Tickets and Registration (Unauthenticated Ticket Payment Bypass) < 5.26.6
PROTECTED
PPOM - Product Addons & Custom Fields for WooCommerce (Unauthenticated Arbitrary File Upload) < 33.0.16
PROTECTED
PPOM - Product Addons & Custom Fields for WooCommerce (Unauthenticated SQL Injection) < 33.0.16
PROTECTED
Theme Editor (Remote Code Execution) < 3.1
PROTECTED
Classified Pro <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation
PROTECTED
Truelysell Core (Unauthenticated Arbitrary User Password Change via Shortcode)
PROTECTED
Felan Framework (Hardcoded Credentials) < 1.1.5
PROTECTED
XStore | Multipurpose WooCommerce Theme (Local File Inclusion) < 9.6
PROTECTED
Lisfinity Core - Lisfinity Core plugin used for pebas Lisfinity WordPress theme (Privilege Escalation) < 1.5.0
PROTECTED
Dynamically Display Posts (Unauthenticated SQL Injection) < 1.2
PROTECTED
Flex QR Code Generator (Arbitrary File Upload)
PROTECTED
Demo Import Kit (Arbitrary File Upload)
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.