CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
WordPress User Extra Fields (Arbitrary File Deletion) < 16.8
PROTECTED
Jobmonster - Job Board WordPress Theme (Authentication Bypass) < 4.8.2
PROTECTED
WooCommerce Designer Pro (Unauthenticated Arbitrary File Read)
PROTECTED
IDonate < 2.1.13 - Missing Authorization < 2.1.13
PROTECTED
Easy Testimonial Slider and Form (SQL injection) < 1.0.3
PROTECTED
Thumbnail Slider With Lightbox (SQL Injection) < 1.0.5
PROTECTED
Call Now Button (Limited Plugin Settings Update) < 1.5.4
PROTECTED
Auto Featured Image (Auto Post Thumbnail) (Server-Side Request Forgery) < 4.2.0
PROTECTED
HUSKY - Products Filter Professional for WooCommerce (Unauthenticated SQL Injection) < 1.3.7.2
PROTECTED
wpForo Forum (Unauthenticated SQL Injection) < 2.4.9
PROTECTED
Simple Registration for WooCommerce (Cross-Site Request Forgery to Privilege Escalation) < 1.5.9
PROTECTED
Watu Quiz (Unauthenticated Stored Cross-Site Scripting) < 3.4.5
PROTECTED
Charitable - Donation Plugin for WordPress Fundraising with Recurring Donations & More (SQL Injection) < 1.8.8.5
PROTECTED
Stripe Payment Forms (Unauthenticated SQL Injection) < 8.3.2
PROTECTED
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
PROTECTED
ZoloBlocks (Missing Authorization to Unauthenticated Popup Enable) < 2.3.12
PROTECTED
Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers (Unauthenticated Server-Side Request Forgery) < 2.1.5
PROTECTED
LLM Hubspot Blog Import (Missing Authorization Hubspot Import)
PROTECTED
Originality.ai AI Checker (Arbritary Log Deletion) < 1.0.13
PROTECTED
Quickcreator - AI Blog Writer (Unauthenticated API Key Exposure)
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.