CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Tumult Hype Animations (Missing Authorization) < 1.9.15
PROTECTED
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery - Upload, Vote, Sell via PayPal, Social Share Buttons (Unauthenticated SQL Injection) < 24.0.4
PROTECTED
WooCommerce Report (Cross-Site Request Forgery) < 1.5.2
PROTECTED
Loginizer Security and Loginizer (Authentication Bypass) < 1.9.3
PROTECTED
Media Library Assistant (Remote Code Execution) < 3.20
PROTECTED
Lodgix.com Vacation Rental Website Builder (SQL Injection)
PROTECTED
Porsline (SQL Injection)
PROTECTED
WP Hotel Booking (Local File Inclusion)
PROTECTED
AI Power: Complete AI Pack (Unauthenticated Arbitrary File Upload) < 1.8.90
PROTECTED
FileOrganizer (Arbitrary File Upload) < 1.1.0
PROTECTED
WPAdverts - Classifieds Plugin (Cross-Site Scripting) < 2.1.7
PROTECTED
WPC Smart Messages for WooCommerce (Local File Inclusion) < 4.2.2
PROTECTED
Masteriyo LMS - eLearning and Online Course Builder for WordPress (Privilege Escalation) < 1.13.4
PROTECTED
Crypto (Authentication Bypass)
PROTECTED
All-in-One WP Migration and Backup (PHP Code Injection) < 7.87
PROTECTED
Test Plugin - RevShortcode < 1.2.0
PROTECTED
WatchTowerHQ (Authentication Bypass)
PROTECTED
User Toolkit (Authentication Bypass) < 1.2.4
PROTECTED
BuddyPress (Directory Traversal) < 14.2.1
PROTECTED
AMP for WP - Accelerated Mobile Pages (Privilege Escalation) < 1.0.99.2
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.