CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Contact Form by Bit Form (Arbritary File Access) < 2.13.5
PROTECTED
GiveWP - Donation Plugin and Fundraising Platform (PHP Object Injection) < 3.14.2
PROTECTED
Shopping Cart & eCommerce Store (SQL injection) < 5.7.3
PROTECTED
AdRotate - Ad manager & AdSense Ads (Double extension attack)
PROTECTED
Image Optimizer, Resizer and CDN - Sirv (Arbitrary File Upload) < 7.2.8
PROTECTED
LiteSpeed Cache (Unauthenticated Privilege Escalation) < 6.4
PROTECTED
Image Optimizer, Resizer and CDN - Sirv (Arbitrary File Upload) < 7.2.8
PROTECTED
WooCommerce Google Feed Manager (Arbitrary File Deletion) < 2.9.0
PROTECTED
Favicon Generator (Cross Site Request Forgery and Arbitrary File Deletion) < 2.1
PROTECTED
LiquidPoll (Unauthenticated Stored Cross-Site Scripting)
PROTECTED
Woo Inquiry (Unauthenticated SQL Injection)
PROTECTED
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider (Unauthenticated PHP Object Injection) < 2.0.4
PROTECTED
Login As Users (Authentication Bypass) < 1.4.3
PROTECTED
RegistrationMagic (Unauthenticated Stored Cross-Site Scripting) < 6.0.1.1
PROTECTED
Void Elementor Post Grid Addon for Elementor Page builder (Local File Inclusion) < 2.4
PROTECTED
EmbedPress (Unauthenticated Local File Inclusion) < 4.0.10
PROTECTED
Tutor LMS (SQL Injection) < 2.7.3
PROTECTED
Front End Users (SQL injection) < 3.2.29
PROTECTED
MP3 Audio Player (Arbitrary File Deletion) < 5.7.1
PROTECTED
Media Library Folders (SQL Injection) < 8.2.3
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.