CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
BoomBox Theme Extensions (Privilege Escalation) < 1.8.1
PROTECTED
s2Member Pro (Local File Inclusion)
PROTECTED
MinimogWP - Theme (Unauthenticated Local PHP File Inclusion) < 3.8.0
PROTECTED
Altair (Unauthenticated Arbitrary Options Update) < 5.2.5
PROTECTED
Service Finder Bookings (Unauthenticated Privilege Escalation via Account Takeover) < 5.1
PROTECTED
CozyStay (Unauthenticated PHP Object Injection) < 1.7.1
PROTECTED
GetShop ecommerce (Unauthenticated Local File Inclusion)
PROTECTED
LinkedIn Lite (Unauthenticated Local File Inclusion)
PROTECTED
Custom Field List Widget (Unauthenticated Local File Inclusion)
PROTECTED
Realteo - Real Estate Plugin by Purethemes (Authentication Bypass via 'do_register_user') < 1.2.9
PROTECTED
CiyaShop - Multipurpose WooCommerce Theme (Unauthenticated PHP Object Injection) < 4.19.1
PROTECTED
WP JobHunt (Unauthenticated Privilege Escalation)
PROTECTED
Industrial (Arbitrary Options Update) < 1.7.9
PROTECTED
Civi - Job Board & Freelance Marketplace WordPress Theme (Sensitive Information Exposure)
PROTECTED
SoundRise Music (Arbitrary Options Update) < 1.7.1
PROTECTED
InstaWP Connect (Cross-Site Request Forgery to Local File Inclusion) < 0.1.0.84
PROTECTED
AnalyticsWP (Unauthenticated SQL Injection) < 2.1.0
PROTECTED
All in One WP Migration (Unauthenticated PHP Object Injection) < 7.90
PROTECTED
Workreap (Unauthenticated Privilege Escalation) < 3.2.6
PROTECTED
HUSKY - Products Filter Professional for WooCommerce (Unauthenticated Local File Inclusion) < 1.3.6.6
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2025. All rights reserved.