CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
RingCentral Communications (Authentication Bypass) < 1.7.0
PROTECTED
Vibes (SQL Injection via `resource` Parameter) < 2.2.1
PROTECTED
Dokan Pro (Privilege Escalation) < 4.0.6
PROTECTED
Event List (Privilege Escalation) < 2.0.5
PROTECTED
Kipso (Unauthenticated Local File Inclusion) < 1.3.5
PROTECTED
Simpler Checkout (Authentication Bypass) < 1.1.10
PROTECTED
Wptobe-memberships (Arbitrary File Deletion)
PROTECTED
Event Manager, Events Calendar, Booking, Registrations and Tickets - Eventin (Server-Side Request Forgery) < 4.0.38
PROTECTED
Case Theme User (Authentication Bypass via Social Login) < 1.0.4
PROTECTED
Bravis User (Authentication Bypass to Account Takeover) < 1.0.1
PROTECTED
Inspiro (Cross-Site Request Forgery) < 2.1.3
PROTECTED
WP Webhooks (Unauthenticated Arbitrary File Copy) < 3.3.6
PROTECTED
Redirection for Contact Form 7 (Unauthenticated Arbitrary File Deletion) < 3.2.5
PROTECTED
Redirection for Contact Form 7 (Unauthenticated PHP Object Injection) < 3.2.5
PROTECTED
Real Spaces - WordPress Properties Directory Theme (Privilege Escalation) < 3.6
PROTECTED
Cloudflare Image Resizing (Remote Code Execution) < 1.5.7
PROTECTED
JS Archive List (Unauthenticated SQL Injection) < 6.1.6
PROTECTED
ServerBuddy by PluginBuddy.com (Cross-Site Request Forgery)
PROTECTED
Soledad (Unauthenticated Arbitrary Shortcode Execution) < 8.6.8
PROTECTED
Taxi Booking Manager for Woocommerce | E-cab (Privilege Escalation) < 1.3.1
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.