Vulnerability Name CVE Severity
WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Unspecified Vulnerability (1.2.3)
WordPress Plugin Manage Notification E-mails Cross-Site Request Forgery (1.8.2) CVE-2022-34654
WordPress Plugin ManageWP Worker Unspecified Vulnerability (4.1.7)
WordPress Plugin Mang Board WP SQL Injection (1.9.9) CVE-2021-26609
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.3)
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.5)
WordPress Plugin Manual Image Crop Cross-Site Scripting (1.10)
WordPress Plugin Map Block for Google Maps Unspecified Vulnerability (1.31)
WordPress Plugin MapifyLite (by MapifyPro) Cross-Site Scripting (3.3)
WordPress Plugin Mapplic-Custom Interactive Map Server-Side Request Forgery (6.1)
WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0)
WordPress Plugin MapPress Maps for WordPress Cross-Site Request Forgery (2.53.8) CVE-2020-12077
WordPress Plugin MapPress Maps for WordPress Security Bypass (2.54.5) CVE-2020-12675
WordPress Plugin MapSVG Lite Arbitrary File Disclosure (4.2.3.1)
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.0.5)
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.2.4)
WordPress Plugin MapSVG Lite Cross-Site Request Forgery (4.2.4)
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Cross-Site Scripting (2.30)
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Open Redirect (4.0)
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Security Bypass (4.16)
WordPress Plugin Mapwiz SQL Injection (1.0.1) CVE-2022-4546
WordPress Plugin Marekkis Watermark Cross-Site Scripting (0.9.1) CVE-2013-1758
WordPress Plugin Markdown on Save Improved Cross-Site Scripting (2.5) CVE-2016-4812
WordPress Plugin Marketo Forms and Tracking Cross-Site Request Forgery (1.0.2) CVE-2020-6849
WordPress Plugin MarketPress-WordPress eCommerce PHP Object Injection (3.2.6)
WordPress Plugin Markup (JSON-LD) structured in schema.org Cross-Site Scripting (4.8.1) CVE-2022-4666
WordPress Plugin Mashshare-Social Media Icons SEO Share Buttons for Facebook, Twitter, Subscribe Information Disclosure (2.3.0)
WordPress Plugin Mass Delete Taxonomies Cross-Site Request Forgery (3.0.0)
WordPress Plugin Mass Delete Unused Tags Cross-Site Request Forgery (2.0.0) CVE-2023-27430
WordPress Plugin Mass Pages/Posts Creator Cross-Site Scripting (1.2.2) CVE-2018-11580
WordPress Plugin Master Popups Remote Code Execution (1.0.0)
WordPress Plugin Master Slider-Responsive Touch Slider Cross-Site Scripting (2.7.1)
WordPress Plugin Master Slider-Responsive Touch Slider SQL Injection (2.5.1)
WordPress Plugin Master Slider-WordPress Responsive Touch Slider Unspecified Vulnerability (2.18.2)
WordPress Plugin MasterStudy LMS-for Online Courses and Education Information Disclosure (3.2.10) CVE-2024-2106
WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.0) CVE-2024-2411
WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.3) CVE-2024-3136
WordPress Plugin MasterStudy LMS-for Online Courses and Education Privilege Escalation (3.3.1) CVE-2024-2409
WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.2.13) CVE-2024-1904
WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.3.8) CVE-2024-3942
WordPress Plugin MasterStudy LMS-for Online Courses and Education SQL Injection (3.2.5) CVE-2024-1512
WordPress Plugin MathJax-LaTeX Cross-Site Request Forgery (1.1)
WordPress Plugin MATRIX 3D Cross-Site Scripting (1.2)
WordPress Plugin Matrix Gallery 'upload.php' Arbitrary File Upload (2.1)
WordPress Plugin MaxBlogPress Max Banner Ads Cross-Site Scripting (1.9)
WordPress Plugin MaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles Arbitrary File Deletion (1.9.2) CVE-2024-6885
WordPress Plugin Max Mega Menu Cross-Site Scripting (2.3.8)
WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0) CVE-2021-24668
WordPress Plugin MAZ Loader-Preloader Builder for WordPress SQL Injection (1.3.2) CVE-2021-24669
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Cross-Site Scripting Vulnerabilities (1.3.8)
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.6.0)
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.7.6) CVE-2016-0796
WordPress Plugin mb.YTPlayer for background videos Unspecified Vulnerability (1.7.2)
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Request Forgery (4.8.4)
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (2.2.7)
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.0.10)
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.1.6)
WordPress Plugin McAvoy Cross-Site Scripting (0.1.0)
WordPress Plugin MContact Button includes Backdoor [Only if downloaded via the vendor website] (2.0.6) CVE-2021-24867
WordPress Plugin MDC Private Message Cross-Site Scripting (1.0.0) CVE-2015-6805
WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0) CVE-2015-5469
WordPress Plugin MDTF-Wordpress Meta Data & Taxonomies Filter Cross-Site Request Forgery (2.2.7.2) CVE-2021-20781
WordPress Plugin Media.net Ads Manager Arbitrary File Upload (2.10.13) CVE-2024-6431
WordPress Plugin MediaElement.js-HTML5 Video & Audio Player Cross-Site Scripting (4.2.8) CVE-2022-4699
WordPress Plugin Media File Manager Advanced Multiple Vulnerabilities (1.1.5)
WordPress Plugin Media File Manager Multiple Vulnerabilities (1.4.2)
WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Request Forgery (5.2.5) CVE-2021-36850
WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Scripting (1.7.0) CVE-2014-2040
WordPress Plugin Media from FTP Cross-Site Scripting (9.89)
WordPress Plugin Media from FTP Directory Traversal (9.85) CVE-2018-5310
WordPress Plugin Media from FTP PHP Object Injection (9.79)
WordPress Plugin Media Library Assistant Information Disclosure (3.00) CVE-2022-41618
WordPress Plugin Media Library Assistant Multiple Cross-Site Scripting Vulnerabilities (2.73)
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.65)
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81) CVE-2020-11731 CVE-2020-11732 CVE-2020-11928