Vulnerability Name CVE Severity
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Unspecified Vulnerability (3.1.6)
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution 'uploadify.php' Arbitrary File Upload (1.6.1)
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Download (2.4.0) CVE-2014-9013 CVE-2014-9014
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Upload (1.2.1)
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Upload (2.4.1)
WordPress Plugin WP Marketplace TimThumb Arbitrary File Upload (1.1.0) CVE-2011-4106
WordPress Plugin WP Mass Mail Open Email Relay (2.45)
WordPress Plugin WP Media Cleaner Multiple Cross-Site Scripting Vulnerabilities (2.2.6) CVE-2015-2195
WordPress Plugin WP Mega Menu Security Bypass (1.3.9)
WordPress Plugin WP Mega Menu Security Bypass (1.4.0)
WordPress Plugin WP Mega Menu Unspecified Vulnerability (1.4.1)
WordPress Plugin WP Membership Multiple Vulnerabilities (1.2.3) CVE-2015-4038 CVE-2015-4039
WordPress Plugin WP Meta and Date Remover Cross-Site Request Forgery (1.7.5)
WordPress Plugin WP Migrate DB Security Bypass (0.6)
WordPress Plugin WPMK Ajax Finder Cross-Site Request Forgery (1.0.1) CVE-2022-1749
WordPress Plugin WPMktgEngine Security Bypass (3.7.6)
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Request Forgery (4.3.6) CVE-2020-10568
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.2.6)
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.6.3) CVE-2018-18069
WordPress Plugin WPML (WordPress Multilingual) Multiple Vulnerabilities (3.1.8.6) CVE-2015-2314 CVE-2015-2315 CVE-2015-2791 CVE-2015-2792
WordPress Plugin WPML Translation Management PHP Object Injection (2.4.1)
WordPress Plugin WPML Unauthenticated Stored XSS CVE-2018-18069
WordPress Plugin WP Mobile Detector Arbitrary File Upload (3.5)
WordPress Plugin WP Mobile Detector Cross-Site Scripting (3.2)
WordPress Plugin WP Mobile Detector Multiple Vulnerabilities (3.8)
WordPress Plugin WP Mobile Detector Unspecified Vulnerability (2.1)
WordPress Plugin WP Mobile Edition Arbitrary File Disclosure (2.2.7)
WordPress Plugin WP Mobile Edition Multiple Vulnerabilities (2.4)
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Cross-Site Scripting (2.8.2.2) CVE-2021-24435
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Security Bypass (2.7.2)
WordPress Plugin WPMovieLibrary Multiple Cross-Site Scripting Vulnerabilities (2.1.4.1)
WordPress Plugin Wp Multiple Meta Box SQL Injection (1.0.0)
WordPress Plugin WP Munich Blocks-Gutenberg Blocks for WordPress Security Bypass (0.7.2)
WordPress Plugin WP No External Links Cross-Site Scripting (3.5.15)
WordPress Plugin WP No External Links Cross-Site Scripting (3.5.18) CVE-2017-15863
WordPress Plugin WP No External Links Spam Injection (4.2.2)
WordPress Plugin WP OAuth Server (OAuth Authentication) Cross-Site Scripting (4.2.1) CVE-2022-3892
WordPress Plugin WP OAuth Server (OAuth Authentication) Security Bypass (3.1.4)
WordPress Plugin WP Offload SES Lite Cross-Site Scripting (1.4.4) CVE-2021-24494
WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities (1.3.1)
WordPress Plugin WP Open Graph Cross-Site Request Forgery (1.6.1) CVE-2019-5960
WordPress Plugin WP Open Social Cross-Site Scripting (5.0) CVE-2023-25792
WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.6) CVE-2022-40963
WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.8) CVE-2022-3830
WordPress Plugin WP Page Builder Multiple Vulnerabilities (1.2.3) CVE-2021-24207 CVE-2021-24208
WordPress Plugin WP Page Widget Cross-Site Scripting (2.7)
WordPress Plugin WP Payeezy Pay Local File Inclusion (2.97) CVE-2018-20985
WordPress Plugin WP People 'wp-people-popup.php' SQL Injection (2.0)
WordPress Plugin WP Performance Score Booster-Optimize Speed, Enable Cache & Page Preload Cross-Site Request Forgery (2.0) CVE-2021-24776
WordPress Plugin WP Photo Album 'id' Parameter Cross-Site Scripting (1.5.1)
WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0) CVE-2008-0939
WordPress Plugin WP Photo Album Plus 'wppa-album' Parameter SQL Injection (4.1.1)
WordPress Plugin WP Photo Album Plus Cross-Site Request Forgery (4.8.11)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (4.9.2)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.2) CVE-2013-3254
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.10)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.7)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.17) CVE-2014-8814
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (6.1.2) CVE-2015-3647
WordPress Plugin WP Photo Album Plus Multiple Cross-Site Scripting Vulnerabilities (5.4.4)
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (6.5.00)
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (7.2.04)
WordPress Plugin WP PHP widget Information Disclosure (1.0.2) CVE-2013-0721
WordPress Plugin WP Pipes Unspecified Vulnerability (1.28)
WordPress Plugin WPPizza Cross-Site Scripting (2.11.8.17)
WordPress Plugin WP Planet Cross-Site Scripting (0.1) CVE-2014-4592
WordPress Plugin WP Plugin Info Card Unspecified Vulnerability (2.3.6)
WordPress Plugin WP Plugin Manager (WPPM) Cross-Site Scripting (1.6.4.b) CVE-2014-4593
WordPress Plugin WP Poll Maker-Best WordPress Poll for Voting Contest Arbitrary File Upload (3.4) CVE-2024-32514
WordPress Plugin WP Popup Banners includes Backdoor [Only if downloaded via the vendor website] (1.2.3) CVE-2021-24867
WordPress Plugin WP Popup Builder-Popup Forms, Marketing PoPuP & Newsletter Multiple Vulnerabilities (1.2.8) CVE-2022-2404 CVE-2022-2405
WordPress Plugin WP Popup Lite-Responsive popup for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.8) CVE-2021-24867
WordPress Plugin WP Popups-WordPress Popup builder Cross-Site Scripting (2.1.4.6) CVE-2022-4716
WordPress Plugin WP Portfolio Gallery Cross-Site Scripting (1.0.0)
WordPress Plugin WP Post Page Clone SQL Injection (1.0)