CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Featured Image via URL (Arbitrary FIle Upload) < 0.2
PROTECTED
ContentStudio (Arbitrary File Upload) < 1.4.0
PROTECTED
Time Sheets (Use of Known Vulnerable Component) < 2.1.4
PROTECTED
Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login - User Verification (Authentication Bypass) < 2.0.41
PROTECTED
My auctions allegro (Unauthenticated SQL Injection) < 3.6.33
PROTECTED
Frontend Admin by DynamiApps (Unauthenticated Arbitrary Options Update) < 3.28.21
PROTECTED
WP Directory Kit (Privilege Escalation via Account Takeover) < 1.4.5
PROTECTED
Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration - Powered by Codisto (Unauthenticated Stored Cross-Site Scripting)
PROTECTED
Modula (Arbitrary File Deletion) < 2.13.3
PROTECTED
DesignThemes LMS (Unauthenticated Privilege Escalation) < 1.0.5
PROTECTED
Advanced Custom Fields: Extended (Unauthenticated Remote Code Execution in prepare_form) < 0.9.2
PROTECTED
Cost Calculator Builder <= 3.6.3 - Unauthenticated Arbitrary File Deletion < 3.6.4
PROTECTED
Kadence WooCommerce Email Designer <= 1.5.17 - Unauthenticated Stored Cross-Site Scripting < 1.5.18
PROTECTED
VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter < 1.4.5
PROTECTED
StreamTube Core <= 4.78 - Unauthenticated Arbitrary User Password Change < 4.79
PROTECTED
Blubrry PowerPress (Arbitrary File Upload) < 11.15.3
PROTECTED
FindAll Membership (Authentication Bypass via Social Login) < 1.1
PROTECTED
FindAll Listing (Privilege Escalation) < 1.1
PROTECTED
Tiger (Privilege Escalation)
PROTECTED
SKT PayPal for WooCommerce <= 1.4 - Unauthenticated Payment Bypass < 1.5
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.