CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Player Leaderboard (Local File Inclusion) < 1.0.3
PROTECTED
Multi Uploader for Gravity Forms (Unauthenticated Arbitrary File Deletion) < 1.1.8
PROTECTED
LazyTasks - Project & Task Management with Collaboration, Kanban and Gantt Chart (Privilege Escalation) < 1.2.30
PROTECTED
Blaze Demo Importer (Missing Authorization to Database Reset and File Deletion) < 1.0.14
PROTECTED
WPNakama (Unauthenticated SQL Injection) < 0.6.4
PROTECTED
FunnelKit - Funnel Builder for WooCommerce Checkout (Unauthenticated SQL Injection) < 3.13.1.6
PROTECTED
WP CarDealer (Unauthenticated Privilege Escalation) < 1.2.17
PROTECTED
Video Merchant (Cross-Site Request Forgery to Arbitrary File Upload) < 5.0.5
PROTECTED
Hippoo Mobile App for WooCommerce (Unauthenticated Arbitrary File Read) < 1.7.2
PROTECTED
Social Reviews & Recommendations (Unauthenticated Stored Cross-Site Scripting via Social Media Reviews) < 2.6
PROTECTED
Login Security, FireWall, Malware removal by CleanTalk (Unauthenticated Stored Cross-Site Scripting) < 2.169
PROTECTED
Flex QR Code Generator (Unauthenticated Arbitrary File Upload) < 1.2.8
PROTECTED
10Web Booster (Arbitrary Folder Deletion) < 2.32.11
PROTECTED
Rich Shortcodes for Google Reviews (Stored Cross-Site Scripting via Google Review) < 6.8.1
PROTECTED
Starter Templates (Arbitrary File Upload via WXR Upload Bypass) < 4.4.42
PROTECTED
All-in-One Video Gallery (Arbitrary File Upload via Import ZIP) < 4.6.4
PROTECTED
PostGallery (Arbitrary File Upload)
PROTECTED
Demo Importer Plus (Arbitrary File Upload) < 2.0.7
PROTECTED
CRM Memberships (Privilege Escalation) < 2.6
PROTECTED
Auto Thumbnailer (Arbitrary File Upload)
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.