CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
bSecure (Unauthenticated Privilege Escalation) < 1.7.9
PROTECTED
Shortcodes Ultimate (Cross-Site Request Forgery) < 7.4.3
PROTECTED
Vchasno Kasa (Unauthenticated Log File Clearing) < 1.0.4
PROTECTED
LoginPress Pro (Authentication Bypass via WordPress.com OAuth provider) < 5.0.2
PROTECTED
aapanel WP Toolkit (Privilege Escalation) < 1.1
PROTECTED
B1.lt for WooCommerce (Arbitrary SQL Injection) < 2.2.57
PROTECTED
Attachment Manager (Arbitrary File Deletion)
PROTECTED
Madara - Core (Arbitrary File Deletion) < 2.2.4
PROTECTED
Ultimate WP Mail (Privilege Escalation) < 1.3.7
PROTECTED
Malcure Malware Scanner Toolset for WordPress Malware Removal (Arbitrary File Deletion)
PROTECTED
WP Event Manager (Cross-Site Scripting) < 3.1.51
PROTECTED
Ultimate WP Mail (Privilege Escalation) < 1.3.7
PROTECTED
Alone - Charity Multipurpose Non-profit WordPress Theme (Arbitrary File Deletion) < 7.8.5
PROTECTED
Restrict File Access (Arbitrary File Deletion)
PROTECTED
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder (Arbitrary File Upload) < 2.2.2
PROTECTED
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder (Unauthenticated Arbitrary File Deletion) < 2.2.2
PROTECTED
WPBookit (Arbitrary File Upload) < 1.0.5
PROTECTED
WPBookit (Arbitrary File Upload) < 1.0.5
PROTECTED
Friends (PHP Object Injection) < 3.5.2
PROTECTED
Nokri - Job Board WordPress Theme (Privilege Escalation) < 1.6.4
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.