CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
FileBird - WordPress Media Library Folders & File Manager (SQL Injection) < 6.4.9
PROTECTED
GiveWP - Donation Plugin and Fundraising Platform (Missing Authorization) < 4.6.1
PROTECTED
Request a Quote Form Plugin (Remote Code Execution) < 2.5.3
PROTECTED
Use-your-Drive | Google Drive plugin for WordPress (Stored Cross-Site Scripting) < 3.3.2
PROTECTED
WP Import Export Lite (Arbitrary File Upload) < 3.9.30
PROTECTED
SEO Metrics (Privilege Escalation)
PROTECTED
Woffice Core (Arbitrary File Deletion) < 5.4.27
PROTECTED
Brave Conversion Engine - PRO (Authentication Bypass) < 0.8.0
PROTECTED
WP CTA - Call To Action Plugin, Sticky CTA, Sticky Buttons (Missing Authorization) < 1.7.1
PROTECTED
WP CTA - Call To Action Plugin, Sticky CTA, Sticky Buttons (Missing Authorization) < 1.7.1
PROTECTED
BerqWP (Arbitrary File Upload) < 2.2.44
PROTECTED
Service Finder Bookings (Authentication Bypass) < 6.1
PROTECTED
Service Finder SMS System (Unauthenticated Privilege Escalation) < 3.0.0
PROTECTED
AI Engine (Arbitrary File Upload) < 2.9.5
PROTECTED
NinjaScanner - Virus & Malware scan (Arbitrary File Deletion) < 3.2.6
PROTECTED
Bricks Builder (SQL Injection) < 2.0
PROTECTED
Bonanza - WooCommerce Free Gifts Lite (Missing Authorization)
PROTECTED
Kallyas (Arbitrary Folder Deletion) < 4.22.0
PROTECTED
MinimogWP - The High Converting eCommerce WordPress Theme (Unauthenticated Price Manipulation) < 3.9.1
PROTECTED
Kallyas (Local File Inclusion) < 4.22.0
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.