CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Better Find and Replace (Limited Code Injection) < 1.7.8
PROTECTED
Smart Auto Upload Images (Arbitrary File Upload) < 1.2.1
PROTECTED
Asgaros Forum (Unauthenticated SQL Injection) < 3.2.0
PROTECTED
Mail Mint (Arbitrary File Upload) < 1.18.11
PROTECTED
Alex Reservations: Smart Restaurant Booking (Arbitrary File Upload) < 2.2.4
PROTECTED
LC Wizard (Unauthenticated Privilege Escalation) < 1.4.0
PROTECTED
IDonate (Privilege Escalation) < 2.1.10
PROTECTED
The Events Calendar (Unauthenticated SQL Injection via s) < 6.15.10
PROTECTED
Document Embedder - Embed PDFs, Word, Excel, and Other Files (Missing Authorization to Unauthenticated Document Manipulation) < 2.0.1
PROTECTED
Premium Portfolio Features for Phlox theme (Unauthenticated Local File Inclusion) < 2.3.12
PROTECTED
Easy Upload Files During Checkout (Unauthenticated Arbitrary JavaScript File Upload) < 2.9.9
PROTECTED
CE21 Suite (Missing Authorization to Unauthenticated Privilege Escalation) < 2.3.2
PROTECTED
Crypto Payment Gateway with Payeer for WooCommerce (Unauthenticated Payment Bypass) < 1.0.4
PROTECTED
Clubmember (Stored Cross-Site Scripting)
PROTECTED
Footnotes Made Easy (Unauthenticated Stored Cross-Site Scripting) < 3.0.8
PROTECTED
Booking and Rental Manager (Unauthenticated Stored Cross-Site Scripting) < 2.5.4
PROTECTED
Advanced Ads (Unauthenticated Limited Code Execution) < 2.0.13
PROTECTED
Tablesome Table - Contact Form DB - WPForms, CF7, Gravity, Forminator, Fluent (Unauthenticated Arbitrary File Upload) < 1.3.33
PROTECTED
Kallyas (Remote Code Execution)
PROTECTED
WPCOM Member (Local File Inclusion via Shortcode) < 1.7.15
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.