Download Free

CROWD-SOURCED
VULNERABILITIES DATABASE

Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –

Spirit Framework (Privilege Escalation) < 1.2.15
2 Oct 2025
PROTECTED
AP Background (Arbitrary File Upload) < 3.8.3
2 Oct 2025
PROTECTED
TextBuilder (Cross-Site Request Forgery to Privilege Escalation) < 1.2.0
2 Oct 2025
PROTECTED
RestroPress - Online Food Ordering System (Unauthenticated Information Exposure to Authentication Bypass) < 3.1.9.2
2 Oct 2025
PROTECTED
JoomSport (Local File Inclusion) < 5.7.4
2 Oct 2025
PROTECTED
WP Dispatcher (SQL Injection via Shortcode)
2 Oct 2025
PROTECTED
Appy Pie Connect for WooCommerce (Missing Authorization to Unauthenticated Privilege Escalation) < 1.1.3
2 Oct 2025
PROTECTED
WPRecovery (Unauthenticated SQL Injection)
2 Oct 2025
PROTECTED
Copypress Rest API (Unauthenticated Remote Code Execution) < 1.2.1
29 Sep 2025
PROTECTED
Tiny Bootstrap Elements Light (Unauthenticated Local File Inclusion)
29 Sep 2025
PROTECTED
Bei Fen - WordPress Backup Plugin (Local File Inclusion)
29 Sep 2025
PROTECTED
AffiliateWP (Unauthenticated SQL Injection) < 2.29.0
29 Sep 2025
PROTECTED
HidePost (Cross-Site Request Forgery)
26 Sep 2025
PROTECTED
Sync Feedly (Cross-Site Request Forgery to Sync Trigger)
26 Sep 2025
PROTECTED
Professional Contact Form (Cross-Site Request Forgery to Test Email Sending)
26 Sep 2025
PROTECTED
WP Statistics (Unauthenticated Stored Cross-Site Scripting) < 14.15.5
26 Sep 2025
PROTECTED
cForms - Light speed fast Form Builder (Cross-Site Request Forgery)
26 Sep 2025
PROTECTED
WP-DownloadManager (Arbitrary File Upload) < 1.69
25 Sep 2025
PROTECTED
Featured Image from URL (FIFU) (Unauthenticated Information Exposure via Log File) < 5.2.8
25 Sep 2025
PROTECTED
Featured Image from URL (FIFU) (SQL Injection) < 5.2.8
25 Sep 2025
PROTECTED

Crowdsourced Patches for Crowdsourced Vulnerabilities.

© 2026. All rights reserved.