CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Doccure (Unauthenticated Arbitrary File Upload) < 1.4.9
PROTECTED
Doccure (Arbitrary User Password Change)
PROTECTED
AutomatorWP - Automator plugin for no-code automations, webhooks & custom integrations in WordPress (Remote Code Execution) < 5.3.7
PROTECTED
Goza - Nonprofit Charity WordPress Theme (Unauthenticated Arbitrary File Upload) < 3.2.3
PROTECTED
AdForest (Authentication Bypass to Admin) < 6.0.10
PROTECTED
Multi Step Form (Arbitrary File Upload) < 1.7.26
PROTECTED
Cloud SAML SSO (Missing Authorization to Unauthenticated Settings Modification) < 1.0.20
PROTECTED
Cloud SAML SSO (Missing Authorization to update option) < 1.0.20
PROTECTED
Rehub (Unauthenticated Arbitrary Shortcode Execution) < 19.9.8
PROTECTED
WordPress Helpdesk Integration (Unauthenticated Local File Inclusion)
PROTECTED
atec Debug (Arbitrary File Deletion) < 1.2.23
PROTECTED
atec Debug (Remote Code Execution) < 1.2.23
PROTECTED
Easy Timer (Remote Code Execution via Shortcode) < 4.2.2
PROTECTED
Make Connector (Arbitrary File Upload)
PROTECTED
Post SMTP (Missing Authorization to Limited Plugin Option Update) < 3.4.2
PROTECTED
Related Posts Lite (Cross-Site Request Forgery)
PROTECTED
iATS Online Forms (SQL Injection via order Parameter) < 1.3
PROTECTED
Slider Revolution (Arbitrary File Read) < 6.7.37
PROTECTED
Video Share VOD - Turnkey Video Site Builder Script (Cross-Site Request Forgery to Command Injection) < 2.7.7
PROTECTED
Xagio SEO (Sensitive Information Exposure via Unprotected Back-Up Files) < 7.1.0.6
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.