CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Ovatheme Events Manager (Unauthenticated Arbitrary File Upload) < 1.8.6
PROTECTED
WP Freeio (Unauthenticated Privilege Escalation) < 1.2.22
PROTECTED
WooCommerce Designer Pro (Unauthenticated Arbitrary File Deletion) < 1.9.27
PROTECTED
GSheetConnector For Gravity Forms (Arbitrary Plugin Installation) < 1.3.28
PROTECTED
WP Links Page (SQL Injection) < 4.9.7
PROTECTED
Error Log Viewer by BestWebSoft (Arbitrary File Read) < 1.1.7
PROTECTED
WP JobHunt (Authorization Bypass) < 7.7
PROTECTED
Search & Go - Directory WordPress Theme (Privilege Escalation) < 2.8
PROTECTED
Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers (Unauthenticated SQL Injection) < 2.1.4
PROTECTED
Community Events (Unauthenticated SQL Injection) < 1.5.2
PROTECTED
Cookie Notice & Consent (Unauthenticated Stored Cross-Site Scripting via post_meta) < 1.6.6
PROTECTED
Lisfinity Core - Lisfinity Core plugin used for pebas Lisfinity WordPress theme (Privilege Escalation) < 1.5.0
PROTECTED
WP Travel Engine - Tour Booking Plugin Tour Operator Software (Arbitrary File Deletion via File Renaming) < 6.6.8
PROTECTED
WP Travel Engine - Tour Booking Plugin Tour Operator Software (Unauthenticated Local File Inclusion) < 6.6.8
PROTECTED
Community Events (Unauthenticated SQL Injection) < 1.5.2
PROTECTED
Motors - Car Dealership & Classified Listings Plugin (Arbitrary File Deletion) < 1.4.90
PROTECTED
RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login (SQL Injection) < 6.0.6.3
PROTECTED
Progress Planner (Missing Authorization to Arbitrary Options Update) < 1.8.1
PROTECTED
Cost Calculator Builder (Missing Authorization) < 3.5.33
PROTECTED
OAuth Single Sign On - SSO [OAuth Client] (Authentication Bypass) < 6.26.13
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.