Exploits found on the INTERNET

This is live excerpt from our database. Available also using API

Edit Date Name Status
2023-12-04WordPress Theme phlox-pro 5.14.0 - 'searchform' Cross-Site Scripting XSSPublished
2023-11-22WordPress UserPro 5.1.x Password Reset / Authentication Bypass / EscalationPublished
2023-10-27WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File DeletionPublished
2023-10-16WordPress WP ERP 1.12.2 SQL InjectionPublished
2023-10-13WordPress Core 6.3.1 XSS / DoS / Arbitrary Shortcode ExecutionPublished
2023-10-10WordPress Sonaar Music 4.7 Cross Site ScriptingPublished
2023-10-10WordPress Masterstudy LMS 3.0.17 Account CreationPublished
2023-10-05WordPress KiviCare 3.2.0 Cross Site ScriptingPublished
2023-10-03WordPress Contact Form Generator 2.5.5 Cross Site ScriptingPublished
2023-09-20WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object InjectionPublished
2023-09-20WordPress Theme My Login 2FA Brute ForcePublished
2023-09-13WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL InjectionPublished
2023-09-09Wordpress Sonaar Music Plugin 4.7 - Stored XSSPublished
2023-08-24WordPress Plugin Forminator 1.24.6 Unauthenticated Remote Command ExecutionPublished
2023-08-13WordPress Core 5.6.2 - Xpath InjectionPublished
2023-08-11WordPress WP Project Manager 2.6.4 Privilege EscalationPublished
2023-08-08WordPress Ninja Forms 3.6.25 Cross Site ScriptingPublished
2023-08-06WordPress EventON Calendar 4.4 Insecure Direct Object ReferencePublished
2023-08-03WordPress adivaha Travel Plugin 2.3 - SQL InjectionPublished
2023-08-03WordPress adivaha Travel Plugin 2.3 - Reflected XSSPublished
2023-07-27WordPress File Manager Advanced Shortcode 2.3.2 Remote Code ExecutionPublished
2023-07-27WordPress PrePost SEO 3.0 Cross Site ScriptingPublished
2023-07-27WordPress Tablesome Cross Site ScriptingPublished
2023-07-27WordPress Login Configurator 2.1 Cross Site ScriptingPublished
2023-07-25WordPress SEO Alert 1.59 Cross Site ScriptingPublished
2023-07-13WordPress User Registration 3.0.2 Arbitrary File UploadPublished
2023-07-05WordPress WP AutoComplete Search 1.0.4 SQL InjectionPublished
2023-07-01WordPress Social Login And Register 7.6.4 Authentication BypassPublished
2023-06-30WordPress Ultimate Member 2.6.6 Privilege EscalationPublished
2023-06-22WordPress WP Sticky Social 1.0.1 CSRF / Cross Site ScriptingPublished
2023-06-19WordPress Theme Medic v1.0.0 Weak Password Recovery Mechanism for Forgotten PasswordPublished
2023-06-17WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication BypassPublished
2023-06-10WordPress Theme Workreap 2.2.2 Unauthenticated Upload Leading to Remote Code ExecutionPublished
2023-06-06WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRFPublished
2023-05-20WordPress Elementor Lite 5.7.1 Arbitrary Password ResetPublished
2023-05-17WordPress Core 6.2 XSS / CSRF / Directory TraversalPublished
2023-04-25WordPress Shield Security 17.0.17 Cross Site Scripting / Missing AuthorizationPublished

Copyright © 2023 Exploitalert v1 BETA.
About us & Partners This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy