Vulnerability Name CVE Severity
WordPress Plugin VKontakte API Cross-Site Scripting (2.7) CVE-2009-4168
WordPress Plugin Vmax Project Manager Arbitrary File Upload (1.1)
WordPress Plugin Vmax Project Manager Local File Inclusion (1.1)
WordPress Plugin VM Backups Cross-Site Request Forgery (1.0) CVE-2021-24172 CVE-2021-24173
WordPress Plugin VN-Calendar Multiple Cross-Site Scripting Vulnerabilities (1.0) CVE-2014-4571
WordPress Plugin Vodpod Video Gallery 'gid' Parameter Cross-Site Scripting (3.1.5) CVE-2010-4875
WordPress Plugin Vospari Forms Cross-Site Scripting (1.3)
WordPress Plugin VO Store Locator-WP Store Locator Unspecified Vulnerability (3.2.14)
WordPress Plugin Votecount for Balatarin Cross-Site Scripting (0.1.1) CVE-2014-4572
WordPress Plugin VR Calendar Cross-Site Request Forgery (2.3.3) CVE-2022-3852
WordPress Plugin VRView Cross-Site Scripting (1.1.3)
WordPress Plugin vSlider Multi Image Slider for WordPress Arbitrary File Upload (4.1.2)
WordPress Plugin vSlider Multi Image Slider for WordPress Multiple Vulnerabilities (4.1.2) CVE-2023-25797
WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue Cross-Site Request Forgery (3.4.31)
WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue Unspecified Vulnerability (4.0.2)
WordPress Plugin W3 Total Cache Arbitrary File Disclosure (0.9.3) CVE-2019-6715
WordPress Plugin W3 Total Cache Backdoor (0.9.2.2)
WordPress Plugin W3 Total Cache Information Disclosure (0.9.2.4)
WordPress Plugin W3 Total Cache Multiple Unspecified Vulnerabilities (0.9.5.1)
WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4) CVE-2014-8724 CVE-2014-9414
WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4.1)
WordPress Plugin W3 Total Cache PHP Code Injection (0.9.2.8) CVE-2013-2010
WordPress Plugin W3 Total Cache Server-Side Request Forgery (0.9.7.3)
WordPress Plugin W3SCloud Contact Form 7 to Zoho CRM Cross-Site Scripting (1.1.2) CVE-2021-24435
WordPress Plugin W4 Post List Cross-Site Scripting (2.4.4) CVE-2023-27413
WordPress Plugin W4 Post List Multiple Vulnerabilities (2.4.5) CVE-2023-0374 CVE-2023-1371 CVE-2023-1373
WordPress Plugin WA Form Builder SQL Injection (1.1)
WordPress Plugin Waitlist Woocommerce (Back in stock notifier) Cross-Site Request Forgery (2.5.1) CVE-2022-0215
WordPress Plugin Walk Score Multiple Cross-Site Scripting Vulnerabilities (0.5.5) CVE-2014-4573
WordPress Plugin Wallable-Social Networking Arbitrary File Upload (1.1)
WordPress Plugin WangGuard Cross-Site Scripting (1.7.1)
WordPress Plugin WangGuard Multiple Vulnerabilities (1.7.2)
WordPress Plugin WappPress-Create Mobile App for any WordPress site with our Mobile App Builder in just 1 minute Arbitrary File Upload (5.0.3) CVE-2023-49815
WordPress Plugin Warranties and Returns for WooCommerce Security Bypass (5.2.1)
WordPress Plugin WassUp Real Time Analytics 'spy.php' SQL Injection (1.4.3) CVE-2008-0520
WordPress Plugin WassUp Real Time Analytics Cross-Site Scripting (1.8.3) CVE-2012-2633
WordPress Plugin WassUp Real Time Analytics Cross-Site Scripting (1.9)
WordPress Plugin WassUp Real Time Analytics Unspecified Vulnerability (1.7.2)
WordPress Plugin WatchMan-Site7 Cross-Site Request Forgery (3.0.2)
WordPress Plugin WatchTowerHQ Privilege Escalation (3.6.16) CVE-2023-25701
WordPress Plugin WatchTowerHQ Security Bypass (3.6.15) CVE-2022-44583 CVE-2022-44584
WordPress Plugin WatuPRO Multiple Vulnerabilities (4.8.8.4)
WordPress Plugin WatuPRO SQL Injection (5.5.3.6) CVE-2017-9834
WordPress Plugin Watu Quiz Cross-Site Scripting (2.4.9) CVE-2014-8804
WordPress Plugin Watu Quiz Cross-Site Scripting (3.1.2.4)
WordPress Plugin Watu Quiz Cross-Site Scripting (3.1.2.5)
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.8.1) CVE-2023-0428
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.8.2) CVE-2023-0429
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9) CVE-2023-0968
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9.2) CVE-2023-30483
WordPress Plugin Watu Quiz Unspecified Vulnerability (2.6)
WordPress Plugin Wbcom Designs-BuddyPress Group Reviews Security Bypass (2.8.3) CVE-2022-2108
WordPress Plugin WBW Currency Switcher for WooCommerce Cross-Site Scripting (1.6.5) CVE-2022-2575
WordPress Plugin WC Duplicate Order Security Bypass (1.5)
WordPress Plugin WC Duplicate Order Unspecified Vulnerability (1.3)
WordPress Plugin WCFM-Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible SQL Injection (6.5.11) CVE-2021-24835
WordPress Plugin WCFM-Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible Unspecified Vulnerability (6.5.12)
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Cross-Site Request Forgery (2.9.10) CVE-2022-4941
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Insecure Direct Object Reference (2.10.7) CVE-2023-2276
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Privilege Escalation (2.10.0) CVE-2022-4939
WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Request Forgery (1.3.3) CVE-2021-24683
WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Scripting (1.3.5) CVE-2021-24709
WordPress Plugin Weather for us-animated weather widget Crypto Mining (1.8)
WordPress Plugin Weaver Show Posts Cross-Site Scripting (1.6) CVE-2023-1404
WordPress Plugin Weaver Xtreme Theme Support Cross-Site Scripting (6.2.6) CVE-2023-0276
WordPress Plugin Webapp builder (Free mobile apps native iPhone iOS & Android Winphone mobile apps) Arbitrary File Upload (2.0) CVE-2017-1002002
WordPress Plugin Web Application Firewall-website security Privilege Escalation (2.1.1) CVE-2024-2172
WordPress Plugin Web Application Firewall-website security Unspecified Vulnerability (2.1.2)
WordPress Plugin WebARX Cross-Site Scripting (1.3.0) CVE-2019-17213
WordPress Plugin Web Directory Free SQL Injection (1.6.9) CVE-2024-3552
WordPress Plugin WebEngage Feedback, Survey and Notification Cross-Site Scripting (2.0.0) CVE-2014-4574
WordPress Plugin Web Forms for Vtiger wordpress Lead capture and Contacts Sync Unspecified Vulnerability (1.0.0)
WordPress Plugin WebHotelier for WordPress Cross-Site Scripting (1.5) CVE-2021-24435
WordPress Plugin Web Invoice-Invoicing and billing for WordPress Multiple SQL Injection Vulnerabilities (2.1.3) CVE-2022-4371 CVE-2022-4372
WordPress Plugin WebLibrarian Cross-Site Scripting (3.4.8.6)