CROWD-SOURCED
VULNERABILITIES DATABASE
Vulnerabilities Crowdsourced from WordPress security researchers and the amazing public databases of –
Post SMTP - Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App (Missing Authorization to Account Takeover) < 3.6.1
PROTECTED
Community Events (Unauthenticated Stored Cross-Site Scripting) < 1.5.3
PROTECTED
Service Finder Bookings (Privilege Escalation via change_candidate_password) < 6.1
PROTECTED
Delicious Recipes (Arbitrary File Upload) < 1.9.1
PROTECTED
Doccure Core (Unauthenticated Privilege Escalation) < 1.5.4
PROTECTED
King Addons for Elementor - Free Elements, Widgets, Templates, and Features for Elementor (Unauthenticated Privilege Escalation) < 51.1.35
PROTECTED
WordPress User Extra Fields (Arbitrary File Deletion) < 16.8
PROTECTED
Jobmonster - Job Board WordPress Theme (Authentication Bypass) < 4.8.2
PROTECTED
WooCommerce Designer Pro (Unauthenticated Arbitrary File Read)
PROTECTED
IDonate < 2.1.13 - Missing Authorization < 2.1.13
PROTECTED
Easy Testimonial Slider and Form (SQL injection) < 1.0.3
PROTECTED
Thumbnail Slider With Lightbox (SQL Injection) < 1.0.5
PROTECTED
Call Now Button (Limited Plugin Settings Update) < 1.5.4
PROTECTED
Auto Featured Image (Auto Post Thumbnail) (Server-Side Request Forgery) < 4.2.0
PROTECTED
HUSKY - Products Filter Professional for WooCommerce (Unauthenticated SQL Injection) < 1.3.7.2
PROTECTED
wpForo Forum (Unauthenticated SQL Injection) < 2.4.9
PROTECTED
Simple Registration for WooCommerce (Cross-Site Request Forgery to Privilege Escalation) < 1.5.9
PROTECTED
Watu Quiz (Unauthenticated Stored Cross-Site Scripting) < 3.4.5
PROTECTED
Charitable - Donation Plugin for WordPress Fundraising with Recurring Donations & More (SQL Injection) < 1.8.8.5
PROTECTED
Stripe Payment Forms (Unauthenticated SQL Injection) < 8.3.2
PROTECTED
Crowdsourced Patches for Crowdsourced Vulnerabilities.
© 2026. All rights reserved.