CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
System Dashboard (Cross-Site Request Forgery) < 2.8.21
PROTECTED
MultiLoca - WooCommerce Multi Locations Inventory Management (Arbitrary Options Update) < 4.2.9
PROTECTED
WPCasa (Unauthenticated Code Injection) < 1.4.2
PROTECTED
Product Options and Price Calculation Formulas for WooCommerce - Uni CPO (Premium) (Arbitrary File Upload) < 4.9.55
PROTECTED
Miniorange OTP Verification with Firebase (Unauthenticated Privilege Escalation)
PROTECTED
ClickWhale (SQL injection) < 2.5.1
PROTECTED
Custom Login And Signup Widget (Cross-Site Request Forgery)
PROTECTED
Secure Passkeys (Missing Authorization to Passkey Exposure and Deletion) < 1.2.2
PROTECTED
Robcore Netatmo (SQL Injection via Shortcode) < 1.8
PROTECTED
Internal Links Manager (Cross-Site Request Forgery) < 3.0.2
PROTECTED
SureForms - Drag and Drop Form Builder for WordPress (Missing Authorization to Form Creation) < 1.12.1
PROTECTED
Service Finder SMS System (Authentication Bypass)
PROTECTED
Service Finder Bookings (Unauthenticated Privilege Escalation)
PROTECTED
Embed PDF for WPForms (Arbitrary File Upload) < 1.1.6
PROTECTED
Kubio AI Page Builder (Missing Authorization Plugin Installation) < 2.6.5
PROTECTED
Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages (Arbitrary Plugin Installation) < 3.4.4
PROTECTED
StoreEngine - Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More (Arbitrary File Upload) < 1.5.1
PROTECTED
Catch Dark Mode (Local File Inclusion) < 2.0.1
PROTECTED
WP Import - Ultimate CSV XML Importer for WordPress (Arbitrary File Deletion) < 7.28
PROTECTED
WP Import - Ultimate CSV XML Importer for WordPress (Remote Code Execution via Code Injection) < 7.29
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.