Vulnerability Name CVE Severity
WordPress Plugin WebLibrarian Multiple Unspecified Vulnerabilities (2.6.3.1)
WordPress Plugin WebLibrarian SQL Injection (3.5.4) CVE-2019-1010034
WordPress Plugin Webmention Cross-Site Scripting (4.0.8)
WordPress Plugin WebP Converter for Media Cross-Site Request Forgery (1.0.2) CVE-2019-15834
WordPress Plugin WebP Express Arbitrary File Disclosure (0.14.10) CVE-2019-15330
WordPress Plugin WebP Express Cross-Site Scripting (0.14.4) CVE-2019-15837
WordPress Plugin WebP Express Unspecified Vulnerability (0.14.21)
WordPress Plugin Websimon Tables Cross-Site Scripting (1.3.4)
WordPress Plugin Website FAQ 'website-faq-widget.php' SQL Injection (1.0)
WordPress Plugin Web Stories Server-Side Request Forgery (1.24.0) CVE-2022-3708
WordPress Plugin Web to Print Online Designer Security Bypass (2.3.0)
WordPress Plugin Web Tripwire Arbitrary File Upload (0.1.1)
WordPress Plugin Wechat Broadcast Local/Remote File Inclusion (1.2.0) CVE-2018-16283
WordPress Plugin Wechat Reward Cross-Site Request Forgery (1.7) CVE-2021-24615
WordPress Plugin Weekly Schedule Cross-Site Scripting (3.4.2) CVE-2021-24309
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress CSV Injection (1.4.7) CVE-2020-22276
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress CSV Injection (1.6.3)
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress Supply Chain Attack [Polyfill.io] (1.6.23)
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress Unspecified Vulnerability (1.5.3)
WordPress Plugin Welcart e-Commerce Cross-Site Scripting (2.2.3) CVE-2021-20734
WordPress Plugin Welcart e-Commerce Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.2.1) CVE-2012-5177 CVE-2012-5178
WordPress Plugin Welcart e-Commerce Information Disclosure (2.2.7)
WordPress Plugin Welcart e-Commerce Multiple SQL Injection Vulnerabilities (1.5.2) CVE-2015-7791
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.3.12) CVE-2014-10016 CVE-2014-10017
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.4.17)
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.8.2) CVE-2016-4825 CVE-2016-4826 CVE-2016-4827 CVE-2016-4828
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.3)
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.9)
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.35) CVE-2020-28339
WordPress Plugin Welcart e-Commerce SQL Injection (2.0.0)
WordPress Plugin Welcome Announcement Multiple Cross-Site Scripting Vulnerabilities (1.0.5)
WordPress Plugin We�re Open! Cross-Site Scripting (1.41) CVE-2022-3139
WordPress Plugin WF Cookie Consent Cross-Site Scripting (1.1.3) CVE-2018-10371
WordPress Plugin White Label CMS Cross-Site Request Forgery (1.5) CVE-2012-5387 CVE-2012-5388
WordPress Plugin White Label CMS Cross-Site Scripting (1.5.2)
WordPress Plugin White Label CMS Cross-Site Scripting (2.2.8) CVE-2022-0422
WordPress Plugin White Label CMS PHP Object Injection (2.4) CVE-2022-4302
WordPress Plugin WHIZZ Cross-Site Request Forgery (1.1) CVE-2017-8099
WordPress Plugin WHIZZ Cross-Site Scripting (1.0.7) CVE-2016-1000154
WordPress Plugin WHMCS Bridge Cross-Site Scripting (6.2) CVE-2021-4074
WordPress Plugin WHOIS 'domain' Parameter Cross-Site Scripting (1.4.2.2) CVE-2011-5194
WordPress Plugin Wholesale Market Arbitrary File Download (2.2.0) CVE-2022-4298
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.6) CVE-2022-4106
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7) CVE-2022-4108
WordPress Plugin Wholesale Market for WooCommerce Directory Traversal (1.0.8) CVE-2022-4109
WordPress Plugin WH Testimonials Cross-Site Scripting (3.0.0) CVE-2023-1372
WordPress Plugin WhyDoWork AdSense Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.2) CVE-2014-9099 CVE-2014-9100
WordPress Plugin Widget Control Powered By Everyblock Cross-Site Scripting (1.0.1)
WordPress Plugin Widget for Facebook Page Feeds Cross-Site Scripting (5.0)
WordPress Plugin Widget Logic Cross-Site Request Forgery (5.9.0) CVE-2019-12826
WordPress Plugin Widget Logic Cross-Site Request Forgery (5.10.2)
WordPress Plugin Widget Settings Importer/Exporter Cross-Site Scripting (1.5.3)
WordPress Plugin Widgets for SiteOrigin Security Bypass (1.4.2)
WordPress Plugin Widgets for SiteOrigin Unspecified Vulnerability (1.4.4)
WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7) CVE-2022-4661
WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)
WordPress Plugin Widget Shortcode Cross-Site Scripting (0.3.5) CVE-2022-4473
WordPress Plugin Widgets on Pages Cross-Site Scripting (1.6.0) CVE-2022-4488
WordPress Plugin WikiPop Cross-Site Scripting (2.0) CVE-2014-4575
WordPress Plugin Windows Desktop and iPhone Photo Uploader Arbitrary File Upload (1.8)
WordPress Plugin Windsor Strava Athlete Unspecified Vulnerability (1.3.5)
WordPress Plugin Wise Agent Lead Capture Forms Cross-Site Scripting (1.0) CVE-2021-38335
WordPress Plugin Wise Chat CSV Injection (2.8.3)
WordPress Plugin Wise Chat Open Redirect (2.6.3) CVE-2019-6780
WordPress Plugin WishList Member X Remote Code Execution (3.25.1) CVE-2024-37109
WordPress Plugin WishList Member X SQL Injection (3.25.1) CVE-2024-37112
WordPress Plugin WL Katalogsok PHP Object Injection (3.5.4)
WordPress Plugin WM Simple Captcha Security Bypass (2.0.3)
WordPress Plugin WolfNet IDX for WordPress Multiple Unspecified Vulnerabilities (1.14.7)
WordPress Plugin Wonder PDF Embed Cross-Site Scripting (1.6) CVE-2021-24541
WordPress Plugin WonderPlugin Audio Player Multiple Vulnerabilities (2.0) CVE-2015-2199 CVE-2015-2218
WordPress Plugin Wonder Video Embed Cross-Site Scripting (1.7) CVE-2021-24540
WordPress Plugin WooCommerce-GloBee Payment Gateway Security Bypass (1.1.1) CVE-2018-20782
WordPress Plugin Woocommerce-Recent Purchases Local File Inclusion (1.0.1) CVE-2024-35634
WordPress Plugin WooCommerce-Store Exporter CSV Injection (2.3.1)