Vulnerability Name CVE Severity
WordPress Plugin White Label CMS PHP Object Injection (2.4) CVE-2022-4302
WordPress Plugin WHIZZ Cross-Site Request Forgery (1.1) CVE-2017-8099
WordPress Plugin WHIZZ Cross-Site Scripting (1.0.7) CVE-2016-1000154
WordPress Plugin WHMCS Bridge Cross-Site Scripting (6.2) CVE-2021-4074
WordPress Plugin WHOIS 'domain' Parameter Cross-Site Scripting (1.4.2.2) CVE-2011-5194
WordPress Plugin Wholesale Market Arbitrary File Download (2.2.0) CVE-2022-4298
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.6) CVE-2022-4106
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7) CVE-2022-4108
WordPress Plugin Wholesale Market for WooCommerce Directory Traversal (1.0.8) CVE-2022-4109
WordPress Plugin WH Testimonials Cross-Site Scripting (3.0.0) CVE-2023-1372
WordPress Plugin WhyDoWork AdSense Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.2) CVE-2014-9099 CVE-2014-9100
WordPress Plugin Widget Control Powered By Everyblock Cross-Site Scripting (1.0.1)
WordPress Plugin Widget for Facebook Page Feeds Cross-Site Scripting (5.0)
WordPress Plugin Widget Logic Cross-Site Request Forgery (5.9.0) CVE-2019-12826
WordPress Plugin Widget Logic Cross-Site Request Forgery (5.10.2)
WordPress Plugin Widget Settings Importer/Exporter Cross-Site Scripting (1.5.3)
WordPress Plugin Widgets for SiteOrigin Security Bypass (1.4.2)
WordPress Plugin Widgets for SiteOrigin Unspecified Vulnerability (1.4.4)
WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7) CVE-2022-4661
WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)
WordPress Plugin Widget Shortcode Cross-Site Scripting (0.3.5) CVE-2022-4473
WordPress Plugin Widgets on Pages Cross-Site Scripting (1.6.0) CVE-2022-4488
WordPress Plugin WikiPop Cross-Site Scripting (2.0) CVE-2014-4575
WordPress Plugin Windows Desktop and iPhone Photo Uploader Arbitrary File Upload (1.8)
WordPress Plugin Windsor Strava Athlete Unspecified Vulnerability (1.3.5)
WordPress Plugin Wise Agent Lead Capture Forms Cross-Site Scripting (1.0) CVE-2021-38335
WordPress Plugin Wise Chat CSV Injection (2.8.3)
WordPress Plugin Wise Chat Open Redirect (2.6.3) CVE-2019-6780
WordPress Plugin WishList Member X Remote Code Execution (3.25.1) CVE-2024-37109
WordPress Plugin WishList Member X SQL Injection (3.25.1) CVE-2024-37112
WordPress Plugin WL Katalogsok PHP Object Injection (3.5.4)
WordPress Plugin WM Simple Captcha Security Bypass (2.0.3)
WordPress Plugin WolfNet IDX for WordPress Multiple Unspecified Vulnerabilities (1.14.7)
WordPress Plugin Wonder PDF Embed Cross-Site Scripting (1.6) CVE-2021-24541
WordPress Plugin WonderPlugin Audio Player Multiple Vulnerabilities (2.0) CVE-2015-2199 CVE-2015-2218
WordPress Plugin Wonder Video Embed Cross-Site Scripting (1.7) CVE-2021-24540
WordPress Plugin WooCommerce-GloBee Payment Gateway Security Bypass (1.1.1) CVE-2018-20782
WordPress Plugin Woocommerce-Recent Purchases Local File Inclusion (1.0.1) CVE-2024-35634
WordPress Plugin WooCommerce-Store Exporter CSV Injection (2.3.1)
WordPress Plugin WooCommerce-Store Exporter Multiple Cross-Site Scripting Vulnerabilities (1.7.5)
WordPress Plugin WooCommerce-Store Exporter Privilege Escalation (1.8.3) CVE-2016-10935
WordPress Plugin WooCommerce-Store Toolkit Privilege Escalation (1.5.6)
WordPress Plugin WooCommerce-Store Toolkit Privilege Escalation (1.5.7)
WordPress Plugin WooCommerce Address Book Cross-Site Request Forgery (1.5.6) CVE-2019-15770
WordPress Plugin WooCommerce Admin Security Bypass (2.6.3)
WordPress Plugin WooCommerce Affiliate-Coupon Affiliates Cross-Site Request Forgery (4.11.3.3)
WordPress Plugin WooCommerce Affiliate-Coupon Affiliates Cross-Site Scripting (4.11.0.1)
WordPress Plugin Woocommerce Aliexpress Dropshipping Lite PHP Object Injection (1.0.1)
WordPress Plugin WooCommerce Amazon Affiliates Multiple Vulnerabilities (8.0)
WordPress Plugin WooCommerce Anti-Fraud Security Bypass (3.2)
WordPress Plugin WooCommerce Arbitrary File Deletion (3.4.5) CVE-2018-20714
WordPress Plugin WooCommerce Arbitrary File Download (3.4.5)
WordPress Plugin WooCommerce Blocks Security Bypass (3.7.0)
WordPress Plugin WooCommerce Blocks SQL Injection (5.5.0) CVE-2021-32789
WordPress Plugin WooCommerce BuddyPress Integration Security Bypass (3.2.5)
WordPress Plugin WooCommerce BuddyPress Integration Unspecified Vulnerability (3.2.6.1)
WordPress Plugin WooCommerce Cart Expiration PHP Object Injection (0.1.0)
WordPress Plugin WooCommerce Catalog Enquiry Arbitrary File Upload (3.0.0)
WordPress Plugin Woocommerce Categories in gallery format Cross-Site Scripting (1.0.1) CVE-2021-24435
WordPress Plugin Woocommerce Category Banner Management Security Bypass (1.1.1) CVE-2018-11579
WordPress Plugin WooCommerce Checkout For Digital Goods Cross-Site Request Forgery (2.2)
WordPress Plugin WooCommerce Checkout Manager Arbitrary File Upload (4.2.6)
WordPress Plugin WooCommerce Checkout Manager Cross-Site Request Forgery (4.3)
WordPress Plugin WooCommerce Checkout Manager Multiple Unspecified Vulnerabilities (3.6.9)
WordPress Plugin WooCommerce Conversion Tracking Cross-Site Request Forgery (2.0.4)
WordPress Plugin WooCommerce Cross-Seller Unspecified Vulnerability (1.0.2)
WordPress Plugin WooCommerce Cross-Site Request Forgery (2.2.2) CVE-2014-6313
WordPress Plugin WooCommerce Cross-Site Request Forgery (3.6.4)
WordPress Plugin WooCommerce Cross-Site Scripting (2.0.12)
WordPress Plugin WooCommerce Cross-Site Scripting (2.0.17)
WordPress Plugin WooCommerce Cross-Site Scripting (2.2.10) CVE-2015-2069
WordPress Plugin WooCommerce Cross-Site Scripting (2.4.8)
WordPress Plugin WooCommerce Cross-Site Scripting (2.6.2)
WordPress Plugin WooCommerce Cross-Site Scripting (2.6.3)
WordPress Plugin WooCommerce Cross-Site Scripting (2.6.8) CVE-2016-10112