CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
StoryChief (Unauthenticated Arbitrary File Upload) < 1.0.45
PROTECTED
WPGYM - WordPress Gym Management System (Admin Account Creation)
PROTECTED
WPGYM - WordPress Gym Management System (Privilege Escalation)
PROTECTED
School Management System (Arbitrary File Upload)
PROTECTED
School Management System for WordPress (Unauthenticated SQL Injection)
PROTECTED
Al Pack (Missing Authorization to Unauthenticated Premium Feature Activation)
PROTECTED
WooCommerce OTP Login With Phone Number, OTP Verification <= 1.8.47 - Authentication Bypass < 1.8.48
PROTECTED
Contact Form by Bit Form - Bit Form <= 2.20.3 - Unauthenticated Arbitrary File Upload < 2.20.4
PROTECTED
BizCalendar Web (Local File Inclusion)
PROTECTED
Assistant for NextGEN Gallery (Arbitrary Directory Deletion)
PROTECTED
Icons Factory (Arbitrary File Deletion)
PROTECTED
Tutor LMS Pro - eLearning and online course solution (SQL Injection) < 3.7.1
PROTECTED
WooCommerce Purchase Orders (Arbitrary File Deletion)
PROTECTED
B Blocks (Privilege Escalation) < 2.0.7
PROTECTED
UiCore Elements (Arbitrary File Read) < 1.3.1
PROTECTED
B Slider- Gutenberg Slider Block for WP (Missing Authorization) < 2.0.0
PROTECTED
Eventin (Privilege Escalation) < 4.0.35
PROTECTED
MapSVG (Unauthenticated SQL Injection) < 8.7.4
PROTECTED
CleverReach WP (Unauthenticated SQL Injection)
PROTECTED
Zakra (Missing Authorization Demo Import) < 4.1.6
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.