CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Reset (Cross-Site Request Forgery to Database Reset)
PROTECTED
Option Editor (Cross-Site Request Forgery to Arbitrary Options Update)
PROTECTED
File Uploads Addon for WooCommerce (Unprotected Directory)
PROTECTED
GetBookingsWp Appointments & Bookings Plugin Basic Version (Privilege Escalation)
PROTECTED
Keap Official Opt-in Forms (Unauthenticated Limited Local File Inclusion)
PROTECTED
s2Member Pro (Unauthenticated PHP Object Injection) < 250214
PROTECTED
Oliver POS - A WooCommerce Point of Sale (Sensitive Information Exposure to Privilege Escalation) < 2.4.2.4
PROTECTED
LTL Freight Quotes - Estes Edition (Unauthenticated SQL Injection) < 3.3.8
PROTECTED
Campress (Unauthenticated Local File Inclusion)
PROTECTED
Puzzles | WP Magazine / Review with Store WordPress Theme + RTL (Unauthenticated PHP Object Injection)
PROTECTED
Avada Builder (Arbitrary Shortcode Execution) < 3.11.14
PROTECTED
JS Help Desk The Ultimate Help Desk & Support Plugin (Unprotected Directory) < 2.8.9
PROTECTED
Avada Theme (Unauthenticated Arbitrary Shortcode Execution) < 7.11.14
PROTECTED
Campress <= 1.35 - Unauthenticated Local File Inclusion
PROTECTED
WP Directorybox Manager (Authentication Bypass)
PROTECTED
Avada Theme (Arbitrary Shortcode Execution) < 7.11.14
PROTECTED
JS Help Desk (Unprotected Directory Access) < 2.8.9
PROTECTED
Avada Builder (Arbitrary Shortcode Execution) < 3.11.14
PROTECTED
Majestic Support - The Leading-Edge Help Desk & Customer Support Plugin (Unprotected Directory) < 1.0.6
PROTECTED
Brizy - Page Builder (Arbitrary File Upload via storeUploads) < 2.6.5
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.