CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Metform Elementor Contact Form Builder - Double Extension attack < 3.3.0
PROTECTED
Zephyr Project Manager - Privilege Escalation < 3.3.102
PROTECTED
Zephyr Project Manager - Privilege Escalation < 3.3.102
PROTECTED
Slider & Popup Builder by Depicter - Arbitrary File Upload < 3.1.2
PROTECTED
Contact Form by Bit Form (SQL injection) < 2.13.10
PROTECTED
Contact Form by Bit Form (Arbritary File Access) < 2.13.5
PROTECTED
GiveWP - Donation Plugin and Fundraising Platform (PHP Object Injection) < 3.14.2
PROTECTED
Shopping Cart & eCommerce Store (SQL injection) < 5.7.3
PROTECTED
AdRotate - Ad manager & AdSense Ads (Double extension attack)
PROTECTED
Image Optimizer, Resizer and CDN - Sirv (Arbitrary File Upload) < 7.2.8
PROTECTED
LiteSpeed Cache (Unauthenticated Privilege Escalation) < 6.4
PROTECTED
Image Optimizer, Resizer and CDN - Sirv (Arbitrary File Upload) < 7.2.8
PROTECTED
WooCommerce Google Feed Manager (Arbitrary File Deletion) < 2.9.0
PROTECTED
Favicon Generator (Cross Site Request Forgery and Arbitrary File Deletion) < 2.1
PROTECTED
LiquidPoll (Unauthenticated Stored Cross-Site Scripting)
PROTECTED
Woo Inquiry (Unauthenticated SQL Injection)
PROTECTED
Funnelforms Free (Arbitrary File Upload) < 3.7.4.1
PROTECTED
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider (Unauthenticated PHP Object Injection) < 2.0.4
PROTECTED
Login As Users (Authentication Bypass) < 1.4.3
PROTECTED
RegistrationMagic (Unauthenticated Stored Cross-Site Scripting) < 6.0.1.1
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.