CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
CiyaShop - Multipurpose WooCommerce Theme (Unauthenticated PHP Object Injection) < 4.19.1
PROTECTED
WP JobHunt (Unauthenticated Privilege Escalation)
PROTECTED
Industrial (Arbitrary Options Update) < 1.7.9
PROTECTED
Civi - Job Board & Freelance Marketplace WordPress Theme (Sensitive Information Exposure)
PROTECTED
SoundRise Music (Arbitrary Options Update) < 1.7.1
PROTECTED
InstaWP Connect (Cross-Site Request Forgery to Local File Inclusion) < 0.1.0.84
PROTECTED
AnalyticsWP (Unauthenticated SQL Injection) < 2.1.0
PROTECTED
All in One WP Migration (Unauthenticated PHP Object Injection) < 7.90
PROTECTED
Workreap (Unauthenticated Privilege Escalation) < 3.2.6
PROTECTED
HUSKY - Products Filter Professional for WooCommerce (Unauthenticated Local File Inclusion) < 1.3.6.6
PROTECTED
Javo Core (Unauthenticated Privilege Escalation in ajax_signup) < 3.0.0.266
PROTECTED
Javo Core (Unauthenticated Privilege Escalation in ajax_signup) < 3.0.0.266
PROTECTED
Golo - Directory & Listing, Travel WordPress Theme (Missing Authorization to Privilege Escalation via Unauthenticated Arbitrary User Password Change) < 1.6.11
PROTECTED
InWave Jobs (Unauthenticated Privilege Escalation via Password Reset)
PROTECTED
InWave Jobs (Unauthenticated Privilege Escalation via Password Reset)
PROTECTED
Golo - Directory & Listing, Travel WordPress Theme (Missing Authorization to Privilege Escalation) < 1.6.11
PROTECTED
WP Real Estate Manager <= 2.8 - Authentication Bypass via Account Takeover
PROTECTED
Homey Login Register <= 2.4.0 - Unauthenticated Privilege Escalation in homey_register
PROTECTED
Homey (Unauthenticated Privilege Escalation)
PROTECTED
Newscrunch (Arbitrary File Upload) < 1.8.4.1
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.