Wordpress Exploits - Exploitalert

Exploits found on the INTERNET

This is live excerpt from our database. Available also using API

Date	Name	Status
2023-12-04	WordPress Theme phlox-pro 5.14.0 - 'searchform' Cross-Site Scripting XSS	Published
2023-11-22	WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Escalation	Published
2023-10-27	WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion	Published
2023-10-16	WordPress WP ERP 1.12.2 SQL Injection	Published
2023-10-13	WordPress Core 6.3.1 XSS / DoS / Arbitrary Shortcode Execution	Published
2023-10-10	WordPress Sonaar Music 4.7 Cross Site Scripting	Published
2023-10-10	WordPress Masterstudy LMS 3.0.17 Account Creation	Published
2023-10-05	WordPress KiviCare 3.2.0 Cross Site Scripting	Published
2023-10-03	WordPress Contact Form Generator 2.5.5 Cross Site Scripting	Published
2023-09-20	WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection	Published
2023-09-20	WordPress Theme My Login 2FA Brute Force	Published
2023-09-13	WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection	Published
2023-09-09	Wordpress Sonaar Music Plugin 4.7 - Stored XSS	Published
2023-08-24	WordPress Plugin Forminator 1.24.6 Unauthenticated Remote Command Execution	Published
2023-08-13	WordPress Core 5.6.2 - Xpath Injection	Published
2023-08-11	WordPress WP Project Manager 2.6.4 Privilege Escalation	Published
2023-08-08	WordPress Ninja Forms 3.6.25 Cross Site Scripting	Published
2023-08-06	WordPress EventON Calendar 4.4 Insecure Direct Object Reference	Published
2023-08-03	WordPress adivaha Travel Plugin 2.3 - SQL Injection	Published
2023-08-03	WordPress adivaha Travel Plugin 2.3 - Reflected XSS	Published
2023-07-27	WordPress File Manager Advanced Shortcode 2.3.2 Remote Code Execution	Published
2023-07-27	WordPress PrePost SEO 3.0 Cross Site Scripting	Published
2023-07-27	WordPress Tablesome Cross Site Scripting	Published
2023-07-27	WordPress Login Configurator 2.1 Cross Site Scripting	Published
2023-07-25	WordPress SEO Alert 1.59 Cross Site Scripting	Published
2023-07-13	WordPress User Registration 3.0.2 Arbitrary File Upload	Published
2023-07-05	WordPress WP AutoComplete Search 1.0.4 SQL Injection	Published
2023-07-01	WordPress Social Login And Register 7.6.4 Authentication Bypass	Published
2023-06-30	WordPress Ultimate Member 2.6.6 Privilege Escalation	Published
2023-06-22	WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting	Published
2023-06-19	WordPress Theme Medic v1.0.0 Weak Password Recovery Mechanism for Forgotten Password	Published
2023-06-17	WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass	Published
2023-06-10	WordPress Theme Workreap 2.2.2 Unauthenticated Upload Leading to Remote Code Execution	Published
2023-06-06	WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF	Published
2023-05-20	WordPress Elementor Lite 5.7.1 Arbitrary Password Reset	Published
2023-05-17	WordPress Core 6.2 XSS / CSRF / Directory Traversal	Published
2023-04-25	WordPress Shield Security 17.0.17 Cross Site Scripting / Missing Authorization	Published

First
<<
1
2
3
4
5
6
7
8
>>
Last

About us & Partners This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy