CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Post Grid Gutenberg Blocks for News, Magazines, Blog Websites - PostX (Unauthenticated Sensitive Information Exposure) < 5.0.4
PROTECTED
Redirection for Contact Form 7 (Arbitrary File Copy) < 3.2.8
PROTECTED
SureForms (Unauthenticated Stored Cross-Site Scripting) < 2.2.1
PROTECTED
File Uploader for WooCommerce (Arbitrary File Upload via add-image-data) < 1.0.4
PROTECTED
Flex Store Users (Unauthenticated Privilege Escalation) < 1.1.1
PROTECTED
HTML5 Audio Player - The Ultimate No-Code Podcast, MP3 & Audio Player (Unauthenticated Server-Side Request Forgery) < 2.5.2
PROTECTED
Photo Gallery, Sliders, Proofing and Themes - NextGEN Gallery (Local File Inclusion) < 4.0.0
PROTECTED
Demo Importer Plus (Privilege Escalation) < 2.0.9
PROTECTED
Hummingbird (Unauthenticated Sensitive Information Exposure via Log File) < 3.18.1
PROTECTED
Ninja Forms - The Contact Form Builder That Grows With You (Unauthenticated Sensitive Information Exposure) < 3.13.3
PROTECTED
WPCOM Member (Authentication Bypass via Weak OTP) < 1.7.17
PROTECTED
Fox LMS - WordPress LMS Plugin (Unauthenticated Privilege Escalation) < 1.0.5.2
PROTECTED
Booking Calendar (Unauthenticated SQL Injection via dates_to_check) < 10.14.9
PROTECTED
WP Directory Kit (Unauthenticated SQL Injection) < 1.4.8
PROTECTED
Export WP Page to Static HTML & PDF (Unauthenticated Cookie Exposure via Log File) < 5.0.0
PROTECTED
Extensive VC Addons for WPBakery page builder <= 1.9.1 - Unauthenticated Local File Inclusion via 'shortcode_name' Parameter
PROTECTED
WP3D Model Import Viewer <= 1.0.7 - Authenticated (Contributor+) Arbitrary File Upload
PROTECTED
JAY Login & Register <= 2.4.01 - Authentication Bypass via Cookie
PROTECTED
LT Unleashed (Local File Inclusion via 'template' Parameter)
PROTECTED
Visitor Logic Lite (PHP Object Injection via Cookie) < 1.0.4
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.