wordpress历史插件漏洞集合

date:2018-08-18,name:WordPress Dreamsmiths Themes 0.0.1 Arbitrary File Download  
date:2018-07-28,name:WordPress Plugin Responsive Thumbnail Sltrary File Upload (Metasploit)  
date:2018-07-27,name:WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting  
date:2018-07-27,name:WordPress Strong Testimonials 2.31.4 Cross Site Scripting  
date:2018-07-27,name:WordPress Snazzy Maps 1.1.3 Cross Site Scripting  
date:2018-07-09,name:wordpress file-away plugin - File Disclosure  
date:2018-06-28,name:WordPress 4.9.6 Arbitrary File Deletion  
date:2018-06-27,name:WordPress Plugin Advanced Order Export For WooCommerce <  1.5.4 CSV Injection  
date:2018-06-26,name:WordPress Comments Import And Export CSV Injection  
date:2018-06-26,name:WordPress iThemes Security SQL Injection  
date:2018-06-26,name:WordPress Plugin iThemes Security <  7.0.3 SQL Injection  
date:2018-06-25,name:WordPress Plugin weixin robot advanced 4.4 Cross-Site-Scripting  
date:2018-06-23,name:WordPress Design By SmartCat.Net ImageManager Plugin Remote File Upload Vulnerability  
date:2018-06-23,name:WordPress Design By SmartCatDesign.Net ImageManager Plugin Remote File Upload Vulnerability  
date:2018-06-21,name:WordPress DrcSystems EthicSolutions Jssor-Slary Plugin Arbitrary File Upload Vulnerability  
date:2018-06-13,name:WordPress Tooltipy 5.0 Cross Site Scripting  
date:2018-06-13,name:WordPress Redirection 2.7.3 Remote File Inclusion  
date:2018-06-13,name:WordPress Tooltipy 5.0 Cross Site Request Forgery  
date:2018-06-08,name:WordPress Theme Sydney by aThemes 2018 GravityForms Input Remote File Upload Vulnerability  
date:2018-05-30,name:Wordpress Plugin Events Calendar SQL Injection  
date:2018-05-30,name:WordPress Headway Theme The Drag and Drop SQL Injection Vulnerability  
date:2018-05-25,name:WordPress Peugeot Music 1.0 Shell Upload \/ Cross Site Request Forgery  
date:2018-05-24,name:WordPress Plugin Peugeot Music Arbitrary File Upload  
date:2018-05-23,name:WordPress Muller Design Studio DiyThemes Rich-Wtor Arbitrary File Upload  
date:2018-05-12,name:WordPress WP User Groups 2.0.0 Cross Site Request Forgery  
date:2018-05-09,name:Wordpress wp-js-external-link-info redirect  
date:2018-05-07,name:WordPress Plugin User Role Editor <  4.25 Privilege Escalation  
date:2018-05-06,name:Wordpress Hestia 1.1.73 Theme XSS Vuln  
date:2018-04-29,name:WordPress UK Cookie Consent 2.3.9 Cross Site Scripting  
date:2018-04-27,name:WordPress WP With Spritz 1.0 File Inclusion  
date:2018-04-26,name:WordPress Woo Import Export 1.0 Arbitrary File Deletion  
date:2018-04-14,name:Nielsen Wordpress Theme Xss Stored Exploit  
date:2018-04-12,name:WordPress Content Injection and Deface  
date:2018-04-11,name:WordPress Google Drive 2.2 Remote Code Execution  
date:2018-04-11,name:WordPress Plugin WordPress File Upload 4.3.3 Stored XSS  
date:2018-04-11,name:WordPress Activity Logs 2.4.0 Cross Site Scripting  
date:2018-04-10,name:WordPress Plugin Google Drive 2.2 Remote Code Execution  
date:2018-04-10,name:WordPress Plugin Gratifikasi 1.3 Cross Site Scripting (XSS)  
date:2018-04-10,name:WordPress Viral Optins Plugin Exploit and File Upload  
date:2018-04-01,name:Wordpress Plugin Contact Form 7 to Database Extension 2.10.32 CSV Injection  
date:2018-03-28,name:Wordpress Plugin Site Editor 1.1.1 Local File Inclusion  
date:2018-03-27,name:WordPress Event Manager 5.8.1.1 Cross Site Scripting  
date:2018-03-20,name:WordPress Site Editor 1.1.1 Local File Inclusion  
date:2018-03-16,name:WordPress Plugin Duplicator 1.2.32 Cross-Site Scripting  
date:2018-03-10,name:Wordpress Theme Distributel SQLi  
date:2018-02-16,name:WordPress UltimateMember 2.0 Cross Site Scripting  
date:2018-02-16,name:Wordpress 4.9.4 Username Enumeration (perl version)  
date:2018-01-31,name:WordPress Propertyhive 1.4.14 Cross Site Scripting  
date:2018-01-30,name:WordPress Splashing Images 2.1 Cross Site Scripting \/ PHP Object Injection  
date:2018-01-22,name:Wordpress Tips Wp-Config Setup Vulnerable  
date:2018-01-22,name:Wordpress linenity theme - Arbitrary file download  
date:2018-01-21,name:Wordpress newspro2891 theme - Arbitrary file download  
date:2018-01-21,name:Wordpress endlesshorizon theme - Arbitrary file download  
date:2018-01-21,name:Wordpress duena theme - Arbitrary file download  
date:2018-01-21,name:Wordpress cafesalivation theme - Arbitrary file download  
date:2018-01-21,name:Wordpress File Manager plugin Version 5.0.1 SSRF\/XSPA Vulnerability  
date:2018-01-21,name:Wordpress liberator theme - Arbitrary file download  
date:2018-01-21,name:Wordpress oxygen theme - Arbitrary file download  
date:2018-01-20,name:wordpress kap theme arbitrary file download  
date:2018-01-15,name:Wordpress wp-File-Manager plugin Version 1.9 SSRF\/XSPA Vulnerability  
date:2018-01-11,name:WordPress Smooth Sl6 SQL Injection  
date:2018-01-11,name:WordPress Dbox 3D Sl 1.2.2 SQL Injection  
date:2018-01-11,name:WordPress MQ ReLinks 1.8 XSS \/ Open Redirection  
date:2018-01-11,name:WordPress Download Manager 2.9.60 Cross Site Request Forgery  
date:2018-01-11,name:WordPress Testimonial Sl4 SQL Injection  
date:2018-01-10,name:WordPress Social Media WAcurax 3.2.5 Cross Site Request Forgery  
date:2018-01-10,name:WordPress Plugin Events Calendar event_jection  
date:2018-01-09,name:WordPress CMS Tree Page View 1.4 CSRF \/ Privilege Escalation  
date:2018-01-08,name:WordPress Plugin LearnDash 2.5.3 Arbitrary File Upload  
date:2018-01-07,name:WordPress WpJobBoard 4.4.4 SQL Injection  
date:2018-01-04,name:WordPress Smart Google Code Inserter SQL Injection  
date:2018-01-03,name:WordPress Plugin Smart Google Code Inserter <  3.5 Authentication Bypass  \/ SQL Injection  
date:2017-12-22,name:WordPress Feed-Statistics 4.1 Open Redirect  
date:2017-12-22,name:WordPress Grifus 4.0.1 Cross Site Scripting  
date:2017-12-22,name:WordPress mgl-instagram-gallery Plugin Cross Site Scripting  
date:2017-12-21,name:WordPress feed-statistics Plugin Open Redirect Vulnerability  
date:2017-12-21,name:WordPress WebConnex Form Management 1.6.3 Cross Site Scripting  
date:2017-12-21,name:WordPress Itinerary 1.0.0 Cross Site Scripting  
date:2017-12-20,name:WordPress Concours 1.1 Cross Site Scripting  
date:2017-12-20,name:WordPress Clean Up Optimizer 4.0.0 SQL Injection  
date:2017-12-20,name:WordPress Custom Map 1.1 Cross Site Scripting  
date:2017-12-20,name:WordPress Booking Calendar 7.0 \/ 7.1 SQL Injection \/ Local File Inclusion  
date:2017-12-20,name:WordPress CSV Import-Export 1.1 Cross Site Scripting  
date:2017-12-20,name:WordPress Top-10 2.4.2 SQL Injection  
date:2017-12-19,name:WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS  
date:2017-12-18,name:WordPress Sagepay Server Gateway For WooCommerce 1.0.7 XSS  
date:2017-12-17,name:WordPress Plugins FormCraft - Cross-Site Scripting Image type  
date:2017-12-15,name:WordPress Wunderbar Basic 1.1.3 Cross Site Scripting  
date:2017-12-15,name:WordPress Pinterest Badge 1.8.0 Cross Site Scripting  
date:2017-12-14,name:WordPress WooPay Inicis 1.1.3 Cross Site Scripting  
date:2017-12-14,name:WordPress Qiniu Cloudtuchuang 1.8 Cross Site Scripting  
date:2017-12-14,name:WordPress WordApp Mobile 2.0.3 Cross Site Scripting  
date:2017-12-11,name:Wordpress UserPro 4.9.17 Authentication Bypass  
date:2017-12-06,name:WordPress Z-URL Preview 1.6.1 Cross Site Scripting  
date:2017-12-06,name:WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting  
date:2017-12-06,name:WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS  
date:2017-12-06,name:WordPress WP Mailster 1.5.4.0 Cross Site Scripting  
date:2017-12-01,name:WordPress WooCommerce 2.0 \/ 3.0 Directory Traversal  
date:2017-11-22,name:WordPress Emag Marketplace Connector 1.0 Cross Site Scripting  
date:2017-11-22,name:WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting  
date:2017-11-22,name:WordPress In Link 1.0 SQL Injection  
date:2017-11-22,name:WordPress Breezing Forms 1.2.7.42 Cross Site Scripting  
date:2017-11-15,name:WordPress Affiliate Ads For Clickbank Products 1.3 XSS  
date:2017-11-15,name:WordPress AMP Toolbox 1.9.4 Cross Site Scripting  
date:2017-11-15,name:WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting  
date:2017-11-14,name:WordPress Boozang 1.0.0 Cross Site Scripting  
date:2017-11-14,name:WordPress Cartogiraffe Map 1.0 Cross Site Scripting  
date:2017-11-14,name:WordPress Appointments 2.2.2.2 Cross Site Scripting  
date:2017-11-13,name:Wordpress < = 4.8.2 SQL Injection POC  
date:2017-11-10,name:WordPress Secure HTML5 Ver 3.14 Cross Site Scripting  
date:2017-11-09,name:WordPress Ultimate Instagram Feed 1.2 Cross Site Scripting  
date:2017-11-07,name:WordPress Duplicator Migration 1.2.28 Cross Site Scripting  
date:2017-11-06,name:WordPress Plugin Userpro <  4.9.17.1 Authentication Bypass  
date:2017-11-05,name:WordPress Plugins ImageManager- Arbitrary File Upload  
date:2017-11-04,name:WordPress Plugin JTRT Responsive Tables 4.1 SQL Injection  
date:2017-11-01,name:WordPress User Login History 1.5.2 Cross Site Scripting  
date:2017-11-01,name:WordPress SmoothGallery for NextGen Gallery XSS  
date:2017-11-01,name:WPBounce WordPress plugin Open Redirect  
date:2017-10-20,name:WordPress Car Park Booking SQL Injection  
date:2017-10-17,name:WordPress Influencer Marketing And Press Release System 2.2 XSS  
date:2017-10-13,name:WordPress Pootle Button 1.1.1 Cross Site Scripting  
date:2017-10-12,name:WordPress WP-Contact-W4.1 Cross Site Scripting  
date:2017-10-12,name:WordPress PopCash.Net Publisher Code Integration 1.0 Cross Site Scripting  
date:2017-10-11,name:WordPress TR Easy Google Analytics 1.0.0 Cross Site Scripting  
date:2017-10-11,name:WordPress Simple Login Log 1.1.1 SQL Injection  
date:2017-10-11,name:WordPress Ad W0.0 Local File Inclusion  
date:2017-10-08,name:WordPress 4.8.2 Activation Key Failed Expiry  
date:2017-10-08,name:Gallery by BestWebSoft wordpress \/ FILE UPLOAD  
date:2017-10-07,name:WordPress does not hash wp_signups.activation_key SQL injection to create accounts  
date:2017-10-05,name:WordPress Smush Image 2.7.4.1 Directory Traversal  
date:2017-09-28,name:WordPress Content Audit 1.9.1 Cross Site Request Forgery \/ Cross Site Scripting  
date:2017-09-28,name:WordPress Church SQL Injection  
date:2017-09-23,name:WordPress Responsive Image Gallery 1.1.8 SQL Injection  
date:2017-09-21,name:WordPress 2kb Amazon Affiliates Store 2.1.0 Cross Site Scripting  
date:2017-09-09,name:WordPress SB Uploader 4.9 Arbitrary File Upload Vulnerability  
date:2017-09-09,name:WordPress Training Membership 1.0.8 Cross Site Scripting  
date:2017-09-08,name:Stanford University ( Longevity ) Wordpress Website BruteForce Attack  
date:2017-09-07,name:Wordpress cool-flickr-sllugin Cross Site Scripting(xss)  
date:2017-09-07,name:Wordpress Contact Form 7 International Sms Integration Plugin Cross Site Scripting  
date:2017-09-05,name:WordPress Plugin Participants Database <  1.7.5.10 Cross-Site Scripting  
date:2017-08-25,name:WordPress Plugins woocommerce-product-options - Arbitrary File Upload  
date:2017-08-19,name:Wordpress MoneyTheme Themes XSS \/ Arbitrary File Upload  
date:2017-08-18,name:WordPress share-on-diaspora Plugin Cross Site Scripting (XSS)  
date:2017-08-13,name:WordPress FAdvertisement Plugin Sql Injection Vulnerability  
date:2017-08-11,name:WordPress Easy Modal 2.0.17 SQL Injection  
date:2017-08-11,name:WordPress PressForward 4.3.0 Cross Site Scripting  
date:2017-08-11,name:WordPress Podlove Podcast Publisher 2.5.3 SQL Injection  
date:2017-08-08,name:WordPress Plugin Easy Modal 2.0.17 SQL Injection  
date:2017-08-06,name:WordPress GamePlan Event And Gym Fitness Theme 1.5.13.2 Cross Site Scripting  
date:2017-08-01,name:WordPress Logosware Suite Uploader 1.1.6 File Upload  
date:2017-07-31,name:WordPress Plugin Logosware Suite Uploader 1.1.6 Remote File Upload  
date:2017-07-26,name:WordPress Ultimate Affiliate Pro 3.6 Cross Site Scripting  
date:2017-07-26,name:WordPress FormCraft Form Builder 3.2.31 Cross Site Scripting  
date:2017-07-21,name:WordPress Task Manager Pro 1.31 Cross Site Scripting  
date:2017-07-11,name:Wordpress Plugin How-Interest Cross-Site Scripting  
date:2017-06-28,name:WordPress Plugin Ultimate Product Catalogue 4.2.2 SQL Injection  
date:2017-06-26,name:WordPress FormCraft Basic 1.0.5 SQL Injection  
date:2017-06-21,name:WordPress Download Manager 2.9.46 \/ 2.9.51 Cross Site Scripting  
date:2017-06-21,name:WordPress Photo Gallery 1.3.34 \/ 1.3.42 Path Traversal  
date:2017-06-13,name:WordPress Plugins WP Checkout - Arbitrary File Upload  
date:2017-06-13,name:WordPress Plugins Viral Optins - Arbitrary File Upload  
date:2017-06-13,name:WordPress Themes Awake - Cross-Site Scripting  
date:2017-06-08,name:WordPress Plugins console contact form - Arbitrary File Upload  
date:2017-06-04,name:WordPress Plugins WP Job Manager Locations - Arbitrary File Upload  
date:2017-06-03,name:WordPress No External Links 3.5.17 Cross Site Scripting  
date:2017-06-03,name:WordPress Tribulant Newsletters 4.6.4.2 XSS \/ File Disclosure  
date:2017-06-02,name:WordPress Plugins WP Job Manager - Arbitrary File Upload  
date:2017-06-01,name:WordPress Themes U-design File Upload  
date:2017-05-31,name:WordPress Simple Slanager 2.2 Cross Site Scripting  
date:2017-05-29,name:WordPress Themes Purevision - Arbitrary File Upload  
date:2017-05-28,name:WordPress AffiliateWP 2.0.8 Cross Site Scripting  
date:2017-05-28,name:WordPress Social-Stream 1.6.0 Twitter API Secret Disclosure  
date:2017-05-28,name:WordPress Huge-IT Very 2.0.4 SQL Injection  
date:2017-05-28,name:WordPress All In One Schema.org Rich Snippets 1.4.1 XSS  
date:2017-05-25,name:Wordpress plugins dopts upload File Vulnerability  
date:2017-05-24,name:WordPress Newsletter Supsystic 1.1.7 Cross Site Scripting  
date:2017-05-23,name:WordPress rehber Themes  File Upload Vulnerability  
date:2017-05-22,name:Wordpress plugins wp-mailinglist upload File Vulnerability | CSRF  
date:2017-05-18,name:WordPress Revsloit and Mass Shell Upload  
date:2017-05-17,name:WordPress EELV Newsletter 4.5 XSS \/ CSRF  
date:2017-05-17,name:WordPress PHPMailer Host Header Command Injection  
date:2017-05-14,name:Wordpress plugins wpdm-filemanager upload File Vulnerability  
date:2017-05-10,name:WordPress Clean Login Cross Site Request Forgery  
date:2017-05-10,name:Wordpress Plugin Organizer File 6.x Upload Vulnerability  
date:2017-05-05,name:Wordpress Plugins Art Picture Shop File Upload Vulnerability  
date:2017-05-05,name:WordPress Core 4.6 Unauthenticated Remote Code Execution Full Advisory  
date:2017-05-04,name:WordPress FancyProductDesigner 3.4.2 Stored XSS  
date:2017-05-04,name:Wordpress Theme Sehf File Upload Vulnerability | CSRF  
date:2017-05-03,name:Wordpress Theme Ebs File Upload Vulnerability | CSRF  
date:2017-05-03,name:WordPress 4.6 Unauthenticated Remote Code Execution (RCE) PoC Exploit  
date:2017-04-27,name:WordPress Wow Forms 2.1 SQL Injection  
date:2017-04-27,name:WordPress KittyCatfish 2.2 SQL Injection  
date:2017-04-27,name:WordPress Wow Viral Signups 2.1 SQL Injection  
date:2017-04-27,name:WordPress Car Rental System 2.5 SQL Injection  
date:2017-04-23,name:Wordpress flash album gallery Plugins SQL Vulnerability.  
date:2017-04-22,name:Wordpress newsletter Plugins SQL Vulnerability.  
date:2017-04-21,name:WordPress Connection Information Cross Site Request Forgery  
date:2017-04-19,name:Wordpress theme 'boldial' - Full Path Disclosure  
date:2017-04-13,name:Wordpress pdfjs-viewer-shortcode Plugins  Xss \/ Code Execution Vulnerability  
date:2017-04-10,name:Wordpress webplayer Plugins SQL Injection Vulnerability  
date:2017-04-09,name:Wordpress salient Themes SQL Injection Vulnerability  
date:2017-04-08,name:WordPress Gravity Forms Plugin Exploit and File Upload  
date:2017-04-05,name:Wordpress dreamwork_manage File Upload Vulnerability  
date:2017-03-31,name:Wordpress wp-dreamworkgallery File Upload Vulnerability  
date:2017-03-29,name:Wordpress plugins team-admin upload File Vulnerability  
date:2017-03-28,name:Wordpress Themes betheme Sh3ll Upload Vulnerability | CSRF  
date:2017-03-27,name:Wordpress Themes Multimedia1 Shell Upload Vulnerability | CSRF  
date:2017-03-21,name:WordPress Multiple Plugin File Upload  
date:2017-03-20,name:Wordpress plugin Sports Rankings and Lists directory  
date:2017-03-17,name:WordPress Membership Simplified 1.58 Arbitrary File Download  
date:2017-03-16,name:Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download  
date:2017-03-15,name:Wordpress Themes Nunace Shell Upload Vulnerability | CSRF  
date:2017-03-14,name:WordPress Print Money v4.91 Plugin Persistent Cross Site Scripting  
date:2017-03-13,name:WordPress Chat-Room plugin v0.1.2 directory traversal\/arbitrary file write  
date:2017-03-13,name:WordPress plugin Flash Rotator Gallery SQL injection  
date:2017-03-11,name:Wordpress Themes Synoptic Shell Upload Vulnerability | CSRF  
date:2017-03-10,name:WordPress PICA Photo Gallery 1.0 SQL Injection  
date:2017-03-09,name:Unlock Wordpress Admin Login Disable Protection  
date:2017-03-09,name:Wordpress Themes Qualifire File Upload Vulnerabilty CSRF  
date:2017-03-07,name:WordPress 4.5.3 Audio Playlist Cross Site Scripting  
date:2017-03-07,name:WordPress 4.5.3 Press This Function CSRF \/ Denial Of Service  
date:2017-03-06,name:WordPress Multiple Plugins - Remote File Upload  
date:2017-03-05,name:WordPress VaultPress 1.8.4 Remote Code Execution \/ Man-In-The-Mdate:2017-03-04,name:WordPress Username Enumeration  
date:2017-03-03,name:WordPress Global Content Blocks 2.1.5 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Magic Fields 1 1.7.1 Cross Site Scripting  
date:2017-03-03,name:WordPress Popup By Supsystic 1.7.6 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Download Manager 2.8.99 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Gwolle Guestbook 1.7.4 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Tribulant Slalleries 1.6.3 Cross Site Scripting  
date:2017-03-03,name:WordPress Contact Form Manager CSRF \/ XSS  
date:2017-03-03,name:WordPress Alpine PhotoTile For Instagram 1.2.7.7 XSS  
date:2017-03-03,name:WordPress Atahualpa Theme Cross Site Request Forgery  
date:2017-03-03,name:WordPress File Manager 3.0.1 Cross Site Request Forgery  
date:2017-03-03,name:WordPress User Login Log 2.2.1 Cross Site Scripting  
date:2017-03-03,name:WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting  
date:2017-03-03,name:WordPress Atahualpa Theme Cross Site Scripting  
date:2017-03-03,name:WordPress Contact Form 4.0.0 Cross Site Scripting  
date:2017-03-03,name:WordPress Simple Ads Manager 2.9.8.125 PHP Object Injection  
date:2017-03-03,name:WordPress NewStatPress 1.2.4 Cross Site Scripting  
date:2017-03-03,name:WordPress Gwolle Guestbook 1.7.4 Cross Site Scripting  
date:2017-03-03,name:WordPress Adminer 1.4.4 Interface Exposure  
date:2017-02-28,name:WordPress Kama Click Counter 3.4.9 SQL Injection  
date:2017-02-25,name:MyMag wordpress theme Unrestricted File Upload  
date:2017-02-24,name:WordPress Mail Masta 1.0 SQL Injection  
date:2017-02-17,name:WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting  
date:2017-02-15,name:WordPress Easy Table 1.6 Cross Site Scripting  
date:2017-02-13,name:WordPress 4.7 \/ 4.7.1 Content Injection Gui Exploit  
date:2017-02-13,name:Wordpress Themes dance studio 1.0.0 - Arbitrary Shell Upload vulnerbility  
date:2017-02-12,name:WordPress 4.7.0\/4.7.1 Plugin Insert PHP -  PHP Code Injection  
date:2017-02-09,name:WordPress wp-json Content Injection  
date:2017-02-02,name:WordPress 4.7.0 \/ 4.7.1 REST API Privilege Escalation  
date:2017-02-02,name:WordPress 4.7.0\/4.7.1 Unauthenticated Content Injection  
date:2017-01-30,name:WordPress FormBuilder 1.05 Cross Site Request Forgery  
date:2017-01-27,name:WordPress InfiniteWP Client 1.5.1.3 \/ 1.6.0 PHP Object Injection  
date:2017-01-26,name:CMS Commander Client WordPress Plugin unauthenticated PHP Object injection vulnerability  
date:2017-01-26,name:Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability  
date:2017-01-26,name:Wordpress >=4.7 User Enumeration Exploit  
date:2017-01-18,name:WordPress WooCommerce Direct Download Local File Inclusion  
date:2017-01-14,name:Wordpress cmw-speakers Plugin  SQL injection Vulnerability  
date:2017-01-11,name:WordPress WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation  
date:2017-01-07,name:Wordpress Plugin slo Arbitrary File Upload  
date:2017-01-05,name:WordPress Stop User Enumeration 1.3.4 User Enumeration  
date:2016-12-31,name:WordPress Templatic 2.3.6 File Upload  
date:2016-12-29,name:WordPress Simply Poll 1.4.1 SQL Injection  
date:2016-12-28,name:WordPress Image Sl41 \/ 1.1.89 Arbitrary File Deletion  
date:2016-12-23,name:WordPress Copy-Me 1.0.0 Cross Site Request Forgery  
date:2016-12-20,name:WordPress Support Plus Responsive Ticket System 7.1.3 SQL Injection  
date:2016-12-20,name:WordPress 404 1.0 SQL Injection  
date:2016-12-20,name:WordPress Private Messages 1.0.1 SQL Injection  
date:2016-12-17,name:WordPress Quiz And Survey Master 4.7.8 \/ 4.5.4 XSS \/ CSRF  
date:2016-12-15,name:WordPress MailChimp 3.1.5 \/ 4.0.10 Cross Site Scripting  
date:2016-12-13,name:WordPress Google Analytics Counter Tracker 3.1.5 PHP Object Injection  
date:2016-12-12,name:WordPress Multisite Post Duplicator 0.9.5.1 Cross Site Request Forgery  
date:2016-12-06,name:WordPress Single Personal Message 1.0.3 SQL Injection  
date:2016-12-02,name:WordPress WP Vault 0.8.6.6 Local File Inclusion  
date:2016-11-30,name:WordPress Insert Html Snippet 1.2 Cross Site Request Forgery  
date:2016-11-29,name:WordPress Olimometer 2.56 SQL Injection  
date:2016-11-28,name:WordPress Image Gallery 1.9.65 Cross Site Scripting  
date:2016-11-26,name:Wordpress Twentyfourteen Theme (Default Theme) Full Path Disclosure  
date:2016-11-22,name:WordPress Canvas - Shortcodes 1.92 Cross Site Scripting  
date:2016-11-22,name:WordPress Easy Facebook Like Box 4.3.0 CSRF \/ XSS  
date:2016-11-22,name:WordPress Check Email 0.3 Cross Site Scripting  
date:2016-11-22,name:WordPress Instagram Feed 1.4.6.2 Cross Site Scripting \/ Cross Site Request Forgery  
date:2016-11-22,name:WordPress MailChimp 4.0.7 Cross Site Request Forgery \/ Cross Site Scripting  
date:2016-11-22,name:Wordpress FancyBox For Wordpress Plugin Full Path Disclosure  
date:2016-11-20,name:WordPress Plugin MailChimp 4.0.7 - Cross-Site Request Forgery \/ XSS  
date:2016-11-20,name:WordPress Plugin Easy Facebook Like Box 4.3.0- Cross-Site Request Forgery \/ XSS  
date:2016-11-19,name:Wordpress Plugin  N-Media 1.4 Arbitrary File Download Vulnerability  
date:2016-11-19,name:Wordpress ThemeRush Theme Cross Site Scripting  
date:2016-11-18,name:WordPress Answer My Question 1.3 SQL Injection  
date:2016-11-18,name:WordPress Sirv 1.3.1 SQL Injection  
date:2016-11-17,name:WordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting  
date:2016-11-12,name:WordPress Google Maps 6.3.14 Cross Site Request Forgery  
date:2016-11-12,name:WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting  
date:2016-11-12,name:WordPress W3 Total Cache 0.9.4.1 Race Condition  
date:2016-11-12,name:WordPress W3 Total Cache Amazon SNS Push Messages Weak Valdate:2016-11-09,name:WordPress XCloner 3.1.5 Denial Of Service \/ Code Execution  
date:2016-11-09,name:WordPress Calendar 1.3.7 Cross Site Scripting  
date:2016-11-09,name:WordPress 404 To 301 2.2.8 Cross Site Scripting  
date:2016-10-20,name:Wordpress Userpro Remote File Upload  
date:2016-10-14,name:WordPress Newsletter 4.6.0 Cross Site Request Forgery \/ Cross Site Scripting  
date:2016-10-01,name:WordPress Plugin KBoard - Cross Site Scripting  
date:2016-10-01,name:WordPress Plugin KBoard 2.7 - SQL Injection  
date:2016-09-22,name:Wordpress W3 Total Cache < = 0.9.4.1 XSS  
date:2016-09-20,name:WordPress Neosense Theme 1.7 Shell Upload  
date:2016-09-17,name:Wordpress pulgin bordeaux theme upload shell Vulnerability  
date:2016-09-11,name:WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass  
date:2016-09-11,name:WordPress InfiniteWP Admin Panel 2.8.0 Command Injection  
date:2016-09-11,name:WordPress Woocommerce 2.6.2 API Cross Site Scripting  
date:2016-09-11,name:WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting  
date:2016-09-11,name:Image Export WordPress Plugin - Local File Disclosure  
date:2016-09-11,name:Meteogalicia Wordpress Wocal File Disclosure  
date:2016-09-09,name:WordPress 4.5.3 Cross Site Scripting  
date:2016-09-08,name:WordPress Theme cubed_v1.2 CSRF File Upload Vulnerability  
date:2016-09-06,name:WordPress RB Agency Plugin 2.4.7 - Local File Disclosure  
date:2016-08-29,name:Wordpress Themes Arbitrary File Download  timthumb-config.php Vulnerability  
date:2016-08-23,name:Wordpress Multi Themes Arbitrary File Download Vulnerability  
date:2016-08-22,name:WordPress 4.5.3 Core Ajax Handlers Path Traversal  
date:2016-08-16,name:Wordpress Tevolution Plugin 2.3.1 Arbitrary Shell Upload Vulnerability  
date:2016-08-16,name:Wordpress Theme Directory Arbitrary Shell Upload Vulnerability  
date:2016-08-16,name:WordPress Ajax Load More 2.11.1 Local File Inclusion  
date:2016-08-16,name:WordPress Photo Gallery 1.8.5 Cross Site Scripting  
date:2016-08-16,name:WordPress Link Library 5.9.12.29 Cross Site Scripting  
date:2016-08-16,name:WordPress Email Users 4.8.3 Cross Site Request Forgery  
date:2016-08-16,name:WordPress Google Maps 2.1.2 Cross Site Scripting  
date:2016-08-16,name:WordPress Photo Gallery 1.8.5 Cross Site Request Forgery  
date:2016-08-16,name:WordPress Peters Login Redirect 2.9.0 XSS \/ CSRF  
date:2016-08-10,name:WordPress Add From Server 6.2 Cross Site Request Forgery  
date:2016-08-08,name:Wordpress force download Arbitrary File Download  
date:2016-08-07,name:WordPress Selected Text Sharer 1.0 CSRF \/ XSS  
date:2016-08-07,name:WordPress Welcome Announcement 1.0.5 Cross Site Scripting  
date:2016-08-07,name:WordPress Store Locator Plus 4.5.09 Cross Site Scripting  
date:2016-08-07,name:WordPress Ecwrce Shopping Cart 4.4 \/ 4.4.3 PHP Object Injection  
date:2016-08-06,name:WordPress Activity Log 2.3.2 Cross Site Scripting  
date:2016-08-06,name:WordPress Landing Pages 2.2.4 Cross Site Scripting  
date:2016-08-06,name:WordPress Yoast SEO Cross Site Scripting  
date:2016-08-03,name:WordPress Uji Countdown 2.0.6 Cross Site Scripting  
date:2016-08-02,name:WordPress ALO EasyMail Newsletter Plugin 2.9.2 CSRF  
date:2016-08-02,name:WordPress Booking Calendar Plugin 6.2 - SQL Injection  
date:2016-07-31,name:Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP  
date:2016-07-31,name:Easy Testimonials WordPress Plugin Stored Cross-Site Scripting  
date:2016-07-29,name:WordPress Ultimate Product Catalog 3.9.8 SQL Injection  
date:2016-07-27,name:WordPress ColorWay 3.4.1 Cross Site Scripting  
date:2016-07-26,name:WordPress Code Snippets 2.6.1 Cross Site Scripting  
date:2016-07-26,name:WordPress Contact Form To Email 1.1.47 Cross Site Scripting  
date:2016-07-22,name:WordPress WooCommerce 2.6.2 Cross Site Scripting  
date:2016-07-22,name:WordPress Paships Pro 1.8.9.3 Cross Site Scripting  
date:2016-07-20,name:WordPress Icegram 1.9.18 Cross Site Request Forgery  
date:2016-07-20,name:WordPress Ninja Forms 2.9.51 Cross Site Scripting  
date:2016-07-20,name:WordPress Ver 1.5.16 SQL Injection  
date:2016-07-14,name:WordPress WP No External Links 3.5.15 Cross Site Scripting  
date:2016-07-14,name:WordPress Top 10 Popular Posts 2.3.0 Cross Site Scripting  
date:2016-07-14,name:WordPress Simple Membership 3.2.8 Cross Site Scripting  
date:2016-07-14,name:WordPress Google Forms 0.84 Cross Site Scripting  
date:2016-07-13,name:WordPress Easy Forms For MailChimp 6.0.5.5 Local File Inclusion  
date:2016-07-13,name:WordPress WP Fastest Cache 0.8.5.9 Local File Inclusion  
date:2016-07-13,name:WordPress Email Users 4.8.2 Cross Site Scripting  
date:2016-07-13,name:WordPress Master Sl1 Cross Site Scripting  
date:2016-07-13,name:WordPress Profile Builder 2.4.0 Cross Site Scripting  
date:2016-07-12,name:Wordpress WP Job Manager 1.25 Arbitrary File Upload Vulnerability  
date:2016-07-12,name:WordPress Ultimate Member 1.3.64 Local File Inclusion  
date:2016-07-12,name:WordPress Live Chat Support 6.2.00 Cross Site Scripting  
date:2016-07-12,name:WordPress Activity Log 2.3.1 Persistent Cross Site Scripting  
date:2016-07-10,name:WordPress All in One SEO Pack Plugin Persistent Cross-Site Scripting  
date:2016-07-09,name:WordPress Lazy Content SlCross Site Request Forgery  
date:2016-07-06,name:WordPress CodeCanyon Real3D FlipBook 2.18.8 File Deletion \/ Upload \/ XSS  
date:2016-06-30,name:WordPress Ultimate Membership Pro 3.3 SQL Injection  
date:2016-06-24,name:WordPress Ultimate Product Catalog 3.8.6 Shell Upload  
date:2016-06-23,name:WordPress Contus Vents 1.0 File Upload  
date:2016-06-21,name:WordPress Premium SEO Pack 1.9.1.3 wp_options Overwrite  
date:2016-06-18,name:WordPress Ultimate Product Catalog 3.8.1 Privilege Escalation  
date:2016-06-18,name:WordPress Gravity Forms 1.8.19 Shell Upload  
date:2016-06-16,name:WordPress Social Stream 1.5.15 wp_options Overwrite  
date:2016-06-08,name:Wordpress Levo-Sl2.3 - Persistent Vulnerability  
date:2016-06-08,name:Wordpress Levo-Sl.3 - Arbitrary File Upload Vulnerability  
date:2016-06-08,name:WordPress ADS PRO 2.9.22 \u2013 Multi-Purpose Ad Manager Exploit  
date:2016-06-08,name:\tWordPress UserPro 2.62 \u2013 User Profiles with Social Login Exploit  
date:2016-06-08,name:WordPress Br3 Theme Exploit  
date:2016-06-06,name:Levo Sl.3 Stored XSS Wordpress Plugin *youtube  
date:2016-06-06,name:Wordpress Levo-Sl.3 Shell Upload by Unprivileged user  
date:2016-06-05,name:WordPress Realia 0.8.5 Cross Site Scripting  
date:2016-06-05,name:WordPress WP Mobile Detector 3.5 Shell Upload *youtube  
date:2016-05-27,name:WordPress Ninja Forms Unauthenticated File Upload  
date:2016-05-21,name:WordPress Brafton 3.3.10 Cross Site Scripting  
date:2016-05-20,name:Vulnerabilitie XSS in brafton WordPress Plugin  
date:2016-05-16,name:Wordpress Easyrotator Plugin File Manipulation Vulnerability  
date:2016-05-02,name:WordPress Export to Ghost Unrestricted Export Download  
date:2016-04-30,name:WordPress Truemag Theme Cross Site Scripting  
date:2016-04-22,name:WordPress iThemes Security Insecure Backup \/ Logfile Generation  
date:2016-04-19,name:WordPress Kento Post View Counter Plugin 2.8 - CSRF\/XSS  
date:2016-04-19,name:WordPress leenk.me Plugin 2.5.0 - CSRF\/XSS  
date:2016-04-18,name:Wordpress Plugins jQuery Html5 File Upload  
date:2016-04-17,name:Wordpress Plugin Mega stor  - Local File Inclusion  
date:2016-04-13,name:WordPress Robo Gallery 2.0.14 Code Execution  
date:2016-04-11,name:Wordpress Product Options for WooCommerce Plugin File Upload  
date:2016-04-10,name:WordPress Multiple Meta Box 1.0 SQL Injection  
date:2016-04-04,name:WordPress Memphis Document Library Plugin 3.1.5 Path Disclosure  
date:2016-04-04,name:Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Download  
date:2016-03-28,name:WordPress Music Store 1.0.41 Cross Site Scripting  
date:2016-03-28,name:WordPress Claptastic Clap! Button 1.3 Cross Site Scripting  
date:2016-03-28,name:WordPress CloudFlare 1.3.20 Cross Site Scripting  
date:2016-03-28,name:WordPress IMDb Profile W.8 Local File Inclusion  
date:2016-03-28,name:WordPress Visual Form Builder 2.8.6 Cross Site Scripting  
date:2016-03-28,name:WordPress Photocart Link 1.6 Local File Inclusion  
date:2016-03-26,name:WordPress WP External Links 1.80 Cross Site Scripting  
date:2016-03-24,name:WordPress Issuu Panel 1.6 Remote \/ Local File Inclusion  
date:2016-03-24,name:WordPress Facebook With Login 1.0 Cross Site Scripting \/ SQL Injection  
date:2016-03-23,name:WordPress Memphis Document Library 3.1.5 Arbitrary File Download  
date:2016-03-23,name:WordPress HB Audio Gallery Lite 1.0.0 Arbitrary File Download  
date:2016-03-23,name:WordPress Dharma Booking 2.28.3 Remote \/ Local File Inclusion  
date:2016-03-23,name:WordPress Brandfolder 3.0 Remote \/ Local File Inclusion  
date:2016-03-22,name:WordPress eBook Download 1.1 Directory Traversal  
date:2016-03-22,name:WordPress Import CSV 1.1 Directory Traversal  
date:2016-03-22,name:WordPress Abtest Local File Inclusion  
date:2016-03-16,name:WordPress Bulletproof 0.53.2 Cross Site Scripting  
date:2016-03-12,name:WordPress Email Encoder Bundle 1.4.3 - Stored Cross Site Scripting  
date:2016-03-12,name:WordPress WP Mailto Links 2.0.1 - Stored Cross Site Scripting  
date:2016-03-09,name:Wordpress ProjectTheme Multiple Vulnerabilities  
date:2016-03-08,name:WordPress SP Projects And Document Manager 2.5.9.6 XSS \/ SQL Injection  
date:2016-03-04,name:WordPress Bulk Delete 5.5.3 Privilege Escalation  
date:2016-03-03,name:WordPress CP Polls 1.0.8 Cross Site Request Forgery \/ Cross Site Scripting  
date:2016-03-03,name:WordPress CP Polls 1.0.8 File Upload \/ Cross Site Scripting  
date:2016-03-03,name:WordPress CP Polls 1.0.8 Malicious File Download  
date:2016-03-02,name:WordPress GravityForms 1.9.15.11 Cross Site Scripting  
date:2016-03-01,name:WordPress More Fields 2.1 Cross Site Request Forgery  
date:2016-02-28,name:Wordpress Goodnews Themes Reflected Cross Site Scripting  
date:2016-02-26,name:Wordpress Ocim MP3 Plugin SQL Injection Vulnerability  
date:2016-02-25,name:WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation  
date:2016-02-25,name:WordPress User Submitted Posts 20151113 Cross Site Scripting  
date:2016-02-15,name:Wordpress Formcraft Plugin File Upload Vulnerability  
date:2016-02-12,name:WordPress Duplicator 1.1.0 \/ 1.2.0 Cross Site Request Forgery  
date:2016-02-10,name:WordPress WooCommerce 1.5.5 Privilege Escalation  
date:2016-02-09,name:WordPress 4.4.2 SSRF and open redirect vulnerability  
date:2016-02-08,name:WordPress User Meta Manager 3.4.6 Privilege Escalation  
date:2016-02-08,name:Wordpress clikstats plugin Open Redirect  
date:2016-02-08,name:Wordpress Newsletter Pro Plugin Open Redirect  
date:2016-02-08,name:Wordpress Smallbiz Themes Remote File Uploads Vulnerability  
date:2016-02-07,name:WordPress Instagram 1.1.0 Cross Site Scripting  
date:2016-02-06,name:WordPress User Meta Manager Plugin [Blind SQLI]  
date:2016-02-04,name:WordPress Instagram Plugin 1.1.0 Cross Site Scripting  
date:2016-02-01,name:WordPress Comment Rating 1.5.0 Cross Site Scripting  
date:2016-01-31,name:Wordpress Download Manager 2.3.0 XSS  
date:2016-01-31,name:Wordpress simple add pages or posts CSRF Vulnerability  
date:2016-01-29,name:WordPress Appointment Booking Calendar 1.1.24 SQL Injection  
date:2016-01-29,name:WordPress Appointment Booking Calendar 1.1.24 Escalation \/ XSS  
date:2016-01-27,name:WordPress Easy Gallery 4.1.4 Cross Site Scripting  
date:2016-01-26,name:WordPress Appointment Booking Calendar 1.1.23 SQL Injection  
date:2016-01-20,name:WordPress Extredj Open Redirection  
date:2016-01-15,name:Wordpress Tubepress Plugin v 2 Cross Site Scripting  
date:2016-01-14,name:WordPress Commentator 2.5.2 Cross Site Scripting  
date:2016-01-14,name:WordPress No External Links 2.6.3 \/ 2.7.1 Open Redirect  
date:2016-01-14,name:WordPress Tubepress 2 Cross Site Scripting  
date:2016-01-12,name:WordPress JS External Link Info 1.21 Open Redirect  
date:2016-01-09,name:WordPress Symposium Pro Social 15.12 XSS \/ CSRF  
date:2016-01-09,name:Wordpress AzonPop Plugin SQL Injection  
date:2016-01-09,name:Wordpress Feed Statistics Plugin V 1.4.3 Open Redirect  
date:2016-01-08,name:WordPress Stanford Theme Cross Site Scripting  
date:2015-12-23,name:WordPress Content Text Slost 6.8 Cross Site Scripting  
date:2015-12-21,name:WordPress woocommerce plugin v2.4.12 PHP Code Injection Vulnerability  
date:2015-12-21,name:Wordpress Gallery Master Persistent XSS Vulnerability  
date:2015-12-18,name:WordPress Google Adsense 1.29 Cross Site Scripting  
date:2015-12-18,name:WordPress Quotes And Tips 1.19 Cross Site Scripting  
date:2015-12-18,name:WordPress PDF And Print 1.7.4 Cross Site Scripting  
date:2015-12-18,name:WordPress Portfolio 2.27 Cross Site Scripting  
date:2015-12-18,name:WordPress Relevant Related Posts 1.0.7 Cross Site Scripting  
date:2015-12-18,name:WordPress User Role 1.4.1 Cross Site Scripting  
date:2015-12-18,name:WordPress Twitter 2.37 Cross Site Scripting  
date:2015-12-18,name:WordPress Social Essentials Social Stats And Sharing Buttons 1.3.1 XSS  
date:2015-12-18,name:WordPress Limit Attempts 1.0.3 Cross Site Request Forgery  
date:2015-12-18,name:WordPress Limit Attempts 1.0.3 Cross Site Scripting  
date:2015-12-18,name:WordPress Sender 0.7 Cross Site Request Forgery  
date:2015-12-18,name:WordPress Sender 0.7 Cross Site Scripting  
date:2015-12-17,name:WordPress Google Captcha 1.05 Cross Site Scripting  
date:2015-12-17,name:WordPress Simple Booking Calendar 1.3 Cross Site Request Forgery  
date:2015-12-17,name:WordPress Symposium 14.05.02 Cross Site Scripting  
date:2015-12-17,name:WordPress Google +1 1.1.6 Cross Site Scripting  
date:2015-12-17,name:WordPress Facebook Like Button 2.32 Cross Site Scripting  
date:2015-12-17,name:WordPress Contact Form To DB 1.4.0 Cross Site Scripting  
date:2015-12-17,name:WordPress Google Sitemap 2.9.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Donate 2.0.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Symposium 14.05.02 Cross Site Request Forgery  
date:2015-12-17,name:WordPress Captcha 4.0.2 Cross Site Scripting  
date:2015-12-17,name:WordPress Contact Form 3.81 Cross Site Scripting  
date:2015-12-17,name:WordPress NextGEN Gallery 2.0.66.16 Cross Site Scripting  
date:2015-12-17,name:WordPress Gallery 4.2.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Htaccess 1.4 Cross Site Scripting  
date:2015-12-17,name:WordPress BestWebSoft Google Maps 1.2.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Email Queue 1.0.0 Cross Site Request Forgery  
date:2015-12-17,name:WordPress Job Board 1.0.0 Cross Site Scripting  
date:2015-12-17,name:Wordpress Begin Themes Open Redirect Vulnerability  
date:2015-12-16,name:WordPress Tierra Billboard Manager 1.14 SQL Injection  
date:2015-12-15,name:WordPress Admin Management Xtended 2.4.0 Privilege Escalation  
date:2015-12-15,name:Wordpress Plugin Tierra Billboard Manager SQL Injection Vulnerability  
date:2015-12-14,name:Wordpress Ad King Pro Stored XSS Vulnerability  
date:2015-12-12,name:WordPress 4.4 User Enumeration  
date:2015-12-11,name:WordPress S3 Vte Shell Upload  
date:2015-12-10,name:Wordpress agp font awesome collection Stored XSS  
date:2015-12-08,name:WordPress Poll W.7 SQL Injection  
date:2015-12-08,name:WordPress Squirrel Theme 1.6.4 Remote File Inclusion  
date:2015-12-08,name:Wordpress Content text slost Stored XSS  
date:2015-12-06,name:WordPress TheCartPress 1.4.7 Code Execution \/ Local File Disclosure  
date:2015-12-05,name:WordPress Advanced Uploader 2.10 Shell Upload  
date:2015-12-05,name:Wordpress "Js Support Ticket" File Upload Bypass Extensions  
date:2015-12-04,name:WordPress Cool Very 1.9 Command Injection  
date:2015-12-03,name:WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion  
date:2015-12-03,name:WordPress Role Scoper 1.3.66 Cross Site Scripting  
date:2015-12-03,name:WordPress Calls To Action 2.4.3 Cross Site Scripting  
date:2015-12-03,name:WordPress Ultimate Member 1.3.28 Cross Site Scripting  
date:2015-12-03,name:WordPress Users Ultra 1.5.50 SQL Injection  
date:2015-12-03,name:WordPress Users Ultra 1.5.50 Cross Site Scripting  
date:2015-11-29,name:WordPress Auto-ThickBox-Plus XSS Vulnerability  
date:2015-11-29,name:WordPress theme parallelus-salutation Arbitrary File Download Vulnerability  
date:2015-11-21,name:WordPress Category and Page Icons File Upload  
date:2015-11-19,name:Wordpress ajax-load-more Authenticated Arbitrary2.8.2 File Upload Vulnerability  
date:2015-11-18,name:WordPress Users Ultra 1.5.50 Unrestricted File Upload  
date:2015-11-14,name:WordPress i1.wp.com Functionality Abuse  
date:2015-11-10,name:WordPress Ajax Load More PHP Upload  
date:2015-11-06,name:WordPress Neuvoo-Jobroll 2.0 Cross Site Scripting  
date:2015-11-06,name:Wordpress Plugin easy-comment-uploads File Upload Vulendrability  
date:2015-10-19,name:WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability  
date:2015-10-19,name:WordPress Events Made Easy 1.5.49 CSRF \/ XSS  
date:2015-10-16,name:WordPress HUGE IT Very 1.3.6 CSRF Vulnerability  
date:2015-10-13,name:WordPress Pie Register 2.0.18 SQL Injection  
date:2015-10-13,name:WordPress Pie Register 2.0.18 Cross Site Scripting  
date:2015-10-13,name:WordPress Font 7.5 Path Traversal  
date:2015-10-08,name:WordPress Support Ticket System 1.2 SQL Injection  
date:2015-10-07,name:WordPress U-Design Theme 2.7.9 Cross Site Scripting  
date:2015-10-06,name:WordPress ResAds 1.0.1 Cross Site Scripting  
date:2015-10-06,name:WordPress Easy2Map 1.2.9 Cross Site Scripting  
date:2015-10-06,name:WordPress Payment Form For PayPal Pro 1.0.1 XSS  
date:2015-10-06,name:WordPress Easy2Map 1.2.9 Local File Inclusion \/ Directory Traversal  
date:2015-09-30,name:WordPress mTheme-Unus Local File Inclusion  
date:2015-09-30,name:Wordpress Better-wp-security  Plugin Remote Code Execution  
date:2015-09-29,name:WordPress Appointment Booking Calendar 1.1.7 SQL Injection  
date:2015-09-29,name:Wordpress popup-maker Stored XSS  
date:2015-09-26,name:Wordpress wordpress-popup Reflected XSS  
date:2015-09-24,name:Wordpress wp-downloadmanager stored XSS  
date:2015-09-20,name:WordPress Vertical Image SlCSRF \/ XSS  
date:2015-09-15,name:Wordpress Wpages Light XSS  
date:2015-09-15,name:Wordpress GigPress XSS  
date:2015-09-14,name:Wordpress ver stored XSS  
date:2015-09-14,name:Wordpress Ver Stored XSS\/CSRF  
date:2015-09-14,name:Wordpress plugin Ultimate Addons Cross Site Scripting  
date:2015-09-14,name:Wordpress KVS Player Stored XSS\/CSRF  
date:2015-09-10,name:Wordpress Crash Ultimate Addons for Visual Composer vulnerability  
date:2015-09-06,name:WordPress eShop Plugin Reflected XSS  
date:2015-09-06,name:Wordpress Easy Media Gallery Stored XSS  
date:2015-09-03,name:WordPress WP Symposium Plugin Cross Site Scripting  
date:2015-09-01,name:WordPress Testimonial Sl1 Cross Site Scripting  
date:2015-09-01,name:WordPress sourceAFRICA 0.1.3 Cross Site Scripting  
date:2015-08-30,name:WordPress Captain Sl6 Cross Site Scripting  
date:2015-08-28,name:Wordpress Responsive Thumbnail Sled XSS  
date:2015-08-28,name:NextGen Gallery WordPress Plugin LFI\/Path Traversal  
date:2015-08-28,name:WordPress Navis DocumentCloud 0.1 Cross Site Scripting  
date:2015-08-28,name:WordPress Private Only 3.5.1 CSRF \/ Cross Site Scripting  
date:2015-08-28,name:WordPress Responsive Thumbnail SlShell Upload  
date:2015-08-27,name:WordPress YouTube Embed 3.3.2 Cross Site Scripting  
date:2015-08-26,name:WordPress Car Rental System SQL Injection  
date:2015-08-25,name:Wordpress theme Doraa XSS Vulnerability  
date:2015-08-25,name:Wordpress theme Dosimple XSS Vulnerability  
date:2015-08-24,name:WordPress Googmonify 0.8.1 Cross Site Request Forgery \/ Cross Site Scripting  
date:2015-08-21,name:Wordpress Amazonify Plug-in XSS\/CSRF  
date:2015-08-20,name:Wordpress WP Fade in Text News Plugin Cross Site Scripting  
date:2015-08-19,name:Wordpress Tag Miner Cross Site Request Forgery  
date:2015-08-19,name:Wordpress Maintenance Mode Cross Site Scripting  
date:2015-08-19,name:Wordpress 1.5.8 Simple PopUp Plugin Cross Site Scripting  
date:2015-08-19,name:Wordpress WP Slin Cross Site Scripting  
date:2015-08-18,name:Dorks Multiple Wordpress passwords disclosure  
date:2015-08-17,name:Wordpress Tag Miner Cross Site Scripting  
date:2015-08-13,name:WordPress OAuth2 Complete 3.1.3 Insecure Random  
date:2015-08-09,name:WordPress 3.8.1 \/ 3.8.2 \/ 4.2.2 Cross Site Request Forgery  
date:2015-08-08,name:Wordpress Avenir-Soft Direct Download Plug-in XSS\/CSRF  
date:2015-08-08,name:WordPress 4.2.3 and earlier SQL Injection Vulnerability  
date:2015-08-04,name:WordPress Altos Connect W.0 Cross Site Scripting  
date:2015-08-04,name:WordPress Admin Pack By Site Caseiro 1.1 Cross Site Scripting  
date:2015-08-04,name:WordPress Database Sync 0.4 Cross Site Scripting  
date:2015-08-04,name:WordPress Ninja Forms 2.9.21 Cross Site Scripting  
date:2015-08-03,name:WordPress Advance Categorizer 0.3 Cross Site Scripting  
date:2015-08-03,name:WordPress 1-Click Retweet\/Share\/Like 5.2 Cross Site Scripting  
date:2015-08-03,name:WordPress Chief Editor 3.6.1 Cross Site Scripting  
date:2015-08-03,name:WordPress Advertisement Management 1.0 Cross Site Scripting  
date:2015-08-03,name:WordPress Customize Youtube V Cross Site Scripting  
date:2015-08-03,name:WordPress Copy Or Move Comments 1.0.0 Cross Site Scripting  
date:2015-08-03,name:WordPress F\/T\/G Social W3.7 Cross Site Scripting  
date:2015-07-29,name:WordPress Flickr Justified Gallery 3.3.6 Cross Site Scripting  
date:2015-07-29,name:XSS vulnerability in Wordpress plugin The Holndar  
date:2015-07-28,name:WordPress Unite Gallery Lite 1.4.6 CSRF \/ SQL Injection  
date:2015-07-28,name:WordPress Music Store 1.0.14 Open Redirect  
date:2015-07-27,name:Unite Gallery Lite Wordpress Plugin v1.4.6 Cross-Site Request Forgery & SQL Injection  
date:2015-07-25,name:Open Redirect Vulnerability in Music Store Wordpress Plugin v1.0.14  
date:2015-07-25,name:Cross-Site Request Forgery & SQL Injection Vulnerabilities in Unite Gallery Lite Wordpress Plugi  
date:2015-07-23,name:WordPress Paships Pro 1.8.4.2 Cross Site Scripting  
date:2015-07-22,name:WordPress Portfolio 1.0 Cross Site Request Forgery  
date:2015-07-21,name:WordPress Mailcwp 1.99 Shell Upload  
date:2015-07-17,name:WordPress WP Attachment Export 0.2.3 Arbitrary File Download  
date:2015-07-17,name:WordPress BuddyPress Activity Plus 1.5 CSRF \/ File Deletion  
date:2015-07-17,name:WordPress Subscribe To Comments 2.1.2 LFI \/ Code Execution  
date:2015-07-16,name:Wordpress ibs-mappro Plugin Arbitrary File Download Vulnerability  
date:2015-07-15,name:WordPress Plotly 1.0.2 Cross Site Scripting  
date:2015-07-15,name:WordPress Image Export 1.1 Arbitrary File Download  
date:2015-07-13,name:WordPress CP Contact Form With Paypal 1.1.5 CSRF \/ XSS \/ SQL Injection  
date:2015-07-13,name:WordPress GD bbPress Attachments 2.1 Cross Site Scripting  
date:2015-07-13,name:WordPress GD bbPress Attachments 2.1 Local File Inclusion  
date:2015-07-13,name:WordPress WP-SwimTeam 1.44.10777 Arbitrary File Download  
date:2015-07-08,name:WordPress MDC-Youtube-Downloader 2.1.0 File Disclosure  
date:2015-07-08,name:WordPress WP-Ecommerce-Shop-Styling 2.5 File Download  
date:2015-07-07,name:WordPress easy2map 1.24 SQL Injection  
date:2015-06-27,name:WordPress WP-Instance-Rename 1.0 File Download  
date:2015-06-25,name:WordPress Nextend Twitter Connect 1.5.1 Cross Site Scripting  
date:2015-06-25,name:Wordpress huge-it-sl5 & Persistent JS-HTML Code injection  
date:2015-06-24,name:WordPress Nextend Facebook Connect 1.5.4 Cross Site Scripting  
date:2015-06-24,name:WordPress Revsltrary File Upload, Download & Cross Site Scripting  
date:2015-06-24,name:WordPress Google Analyticator 6.4.9.3 CSRF  
date:2015-06-19,name:WordPress Revsl2 XSS \/ Information Disclosure  
date:2015-06-16,name:WordPress Yoast 2.1.1 Cross Site Scripting  
date:2015-06-16,name:WordPress Users To CSV 1.4.5 Cross Site Request Forgery  
date:2015-06-15,name:Yoast Wordpress SEO Plugin <= 2.1.1 Stored Authenticated XSS  
date:2015-06-11,name:WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload  
date:2015-06-11,name:Wordpress History Collection <=1.1.1 Arbitraty File Download  
date:2015-06-09,name:Wordpress Plugin 'WP Mobile Edition' LFI Vulnerability  
date:2015-06-06,name:Xloner v3.1.2 wordpress plugin authenticated command execution and XSS  
date:2015-06-05,name:WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion  
date:2015-06-02,name:WordPress UserPro 2.33 Cross Site Scripting  
date:2015-05-27,name:WordPress Church Admin 0.800 Cross Site Scripting  
date:2015-05-27,name:WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution  
date:2015-05-27,name:WordPress Estrutura-Basica File Disclosure  
date:2015-05-26,name:WordPress plugin "GigPress" SQLi vulnerabilities  
date:2015-05-26,name:Wordpress church_admin Stored XSS  
date:2015-05-26,name:WordPress plugin "WordPress Landing Pages" Multiple vulnerabilities  
date:2015-05-26,name:WordPress plugin "NewStatPress" Multiple vulnerabilities  
date:2015-05-23,name:WordPress Very 2.8 Unprotected Mail Page *youtube  
date:2015-05-22,name:WordPress WP Photo Album Plus 6.1.2 Cross Site Scripting  
date:2015-05-21,name:WordPress FeedWordPress Plugin 2015.0426 SQL Injection  
date:2015-05-21,name:WordPress WP Membership Plugin 1.2.3 Multiple Vulnerabilities  
date:2015-05-19,name:WordPress Simple Backup Plugin Arbitrary Download  
date:2015-05-18,name:WordPress 'WP Security Scan(Acunetix)' Exposure Backup File Unauthorized Control  
date:2015-05-18,name:WordPress 'ALL Themes' Developed By "ThemeMakers" File Information Exposure  
date:2015-05-18,name:WordPress 'Snapshot Pro' Plugin Exposure Backup File to Unauthorized Control  
date:2015-05-18,name:WordPress 'WP Backup Plus' Plugin Exposure Backup File to Unauthorized Control  
date:2015-05-18,name:WordPress 'BackupBuddy' Plugin Exposure Backup File to Unauthorized Control  
date:2015-05-14,name:WordPress Contact Form To Email Plugin CSRF \/ XSS  
date:2015-05-11,name:WordPress Yet Another Related Posts 4.2.4 CSRF \/ XSS \/ Code Execution  
date:2015-05-08,name:WordPress Ultimate Profile Builder 2.3.3 CSRF \/ Cross Site Scripting  
date:2015-05-08,name:WordPress ClickBank Ads 1.7 CSRF \/ Cross Site Scripting  
date:2015-05-08,name:WordPress RevSl95 File Upload \/ Execute  
date:2015-05-08,name:WordPress Ad Buttons 2.3.1 CSRF \/ Cross Site Scripting  
date:2015-05-08,name:WordPress Twenty Fifteen 4.2.1 Cross Site Scripting  
date:2015-05-07,name:Wordpress Freshmail Unauthenticated SQL Injection  
date:2015-05-07,name:WordPress Embed-Articles 7.0.3 XSRF \/ XSS  
date:2015-05-07,name:WordPress Ad Inserter 1.5.2 XSRF \/ XSS  
date:2015-05-06,name:WordPress 4.2.1 XSS \/ Code Execution  
date:2015-05-06,name:WordPress eShop 6.3.11 Code Execution  
date:2015-05-05,name:WordPress Ultimate Product Catalogue 3.1.2 XSS \/ CSRF \/ File Upload  
date:2015-04-29,name:TheCartPress WordPress plugin 1.3.9 Multiple Vulns  
date:2015-04-28,name:WordPress Exquisite Ultimate Newspaper 1.3.3 Cross Site Scripting  
date:2015-04-28,name:WordPress WooCommerce Amazon Affiliates 7.0 Shell Upload \/ File Disclosure  
date:2015-04-28,name:WordPress Premium SEO Pack 1.8.0 Shell Upload \/ File Disclosure  
date:2015-04-27,name:WordPress 4.2 Stored XSS  
date:2015-04-27,name:WordPress WPshop eCommerce 1.3.9.5 Shell Upload  
date:2015-04-27,name:WordPress InBoundio Marketing 2.0 Shell Upload  
date:2015-04-27,name:WordPress Ultimate Product Catalogue 3.1.4 Vulnerability  
date:2015-04-22,name:WordPress Yoast Google Analytics Cross Site Scripting  
date:2015-04-22,name:WordPress Add Link To Facebook 1.215 Cross Site Scripting  
date:2015-04-21,name:WordPress Slallery Authenticated File Upload  
date:2015-04-20,name:WordPress Creative Contact Form Upload  
date:2015-04-20,name:WordPress N-Media Website Contact Form Upload  
date:2015-04-20,name:WordPress Reflex Gallery Upload  
date:2015-04-20,name:WordPress Citizen Space 1.1 Cross Site Scripting  
date:2015-04-20,name:WordPress Content Sl CSRF \/ Cross Site Scripting  
date:2015-04-20,name:WordPress Work The Flow Upload  
date:2015-04-17,name:Wordpress Ajax Store Locator <= 1.2 SQL Injection Vulnerability  
date:2015-04-16,name:WordPress WP Statistics 9.1.2 Cross Site Scripting  
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit  
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Creation Exploit (RCE)  
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 Multiple CSRF XSS Vulnerabilities  
date:2015-04-11,name:WordPress Fusion Engage Local File Disclosure  
date:2015-04-11,name:WordPress Duplicator 0.5.14 Cross Site Request Forgery \/ SQL Injection  
date:2015-04-09,name:WordPress Windows Desktop And iPhone Photo Uploader File Upload  
date:2015-04-08,name:WordPress Shareaholic 7.6.0.3 Cross Site Scripting  
date:2015-04-07,name:WordPress Work The Flow 2.5.2 Shell Upload  
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 \/ 2.5.96 SQL Injection  
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 \/ 2.5.96 Information Disclosure  
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 File Upload  
date:2015-04-04,name:WordPress PHP Event Calendar 1.5 Arbitrary File Upload  
date:2015-04-02,name:WordPress DesignFolio+ Theme File Upload  
date:2015-04-02,name:WordPress Ver Verence Integration 4.91.8 Shell Upload  
date:2015-04-02,name:WordPress Ver Ventation 3.31.17 Shell Upload  
date:2015-04-02,name:WordPress Revolution Sl Upload  
date:2015-04-02,name:Wordpress Better-wp-security Plugin Remote Code Execution  
date:2015-04-01,name:WordPress Business Intelligence Lite 1.6.1 SQL Injection  
date:2015-03-30,name:Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability  
date:2015-03-27,name:WordPress Aspose Cloud eBook Generator File Download  
date:2015-03-27,name:Wordpress Aspose-Cloud-eBook-Generator Plugin Arbitrary File Download  
date:2015-03-26,name:WordPress Marketplace 2.4.0 Add Administrator  
date:2015-03-25,name:Wordpress Theme Arbitrary File Download Vulnerability  
date:2015-03-24,name:WordPress MP3-Jplayer 2.1 Local File Disclosure  
date:2015-03-24,name:WordPress InBoundio Marketing Shell Upload  
date:2015-03-24,name:WordPress AB Google Map Travel CSRF \/ XSS  
date:2015-03-17,name:WordPress Reflex Gallery 3.1.3 Shell Upload  
date:2015-03-17,name:WordPress WPML Missing Authentication  
date:2015-03-13,name:WordPress SEO By Yoast 1.7.3.3 SQL Injection  
date:2015-03-13,name:WordPress WPML XSS \/ Deletion \/ SQL Injection  
date:2015-03-13,name:WordPress Huge IT Sl8 SQL Injection  
date:2015-03-12,name:WordPress Daily Edition Theme 1.6.2 Cross Site Scripting  
date:2015-03-12,name:WordPress Daily Edition Theme 1.6.2 Path Disclosure  
date:2015-03-11,name:WordPress Fraction Theme 1.1.1 Privilege Escalation  
date:2015-03-10,name:WordPress Daily Edition 1.6.2 File Upload  
date:2015-03-10,name:WordPress Yoast Google Analytics 5.3.2 Cross Site Scripting  
date:2015-03-06,name:WordPress Download Manager 2.7.2 Privilege Escalation  
date:2015-03-05,name:WordPress Max Banner Ads 1.9 Cross Site Scripting  
date:2015-03-05,name:WordPress Newsletter 2.6.x \/ 2.5.x Open Redirect  
date:2015-03-04,name:WordPress: Webdorado Spt Calendar <= 1.4.9  SQL Injection  
date:2015-03-03,name:WordPress Photocrati Theme 4.x.x SQL Injection  
date:2015-03-03,name:WordPress WP All 3.2.3 Shell Upload  
date:2015-03-03,name:WordPress Calculated Fields Form 1.0.10 SQL Injection  
date:2015-02-28,name:WordPress Media Cleaner 2.2.6 Cross Site Scripting  
date:2015-02-25,name:Wordpress force download  Local File Download  
date:2015-02-24,name:WordPress Easy Social Icons 1.2.2 CSRF \/ XSS  
date:2015-02-24,name:WordPress Holding Pattern Theme Arbitrary File Upload  
date:2015-02-19,name:WordPress Duplicator 0.5.8 Privilege Escalation  
date:2015-02-18,name:WordPress Image Metadata Cruncher CSRF \/ XSS  
date:2015-02-17,name:WordPress Fusion 3.1 Arbitrary File Upload  
date:2015-02-17,name:WordPress Image Metadata Cruncher Cross Site Scripting  
date:2015-02-14,name:WordPress Photo Gallery 1.2.5 Unrestricted File Upload  
date:2015-02-14,name:WordPress Fusion 1.9.1 Arbitrary File Upload  
date:2015-02-13,name:WordPress Failed Randomness on Windows  
date:2015-02-13,name:WordPress Survey And Poll 1.1.7 Blind SQL Injection  
date:2015-02-12,name:WordPress Very 2.7 SQL Injection  
date:2015-02-12,name:WordPress Ninja Forms 2.8.8 Cross Site Scripting  
date:2015-02-10,name:WordPress Contact Form DB 2.8.26 Cross Site Scripting  
date:2015-02-10,name:WordPress Cart66 Lite 1.5.4 Cross Site Scripting  
date:2015-02-10,name:WordPress Holding Pattern 0.6 Shell Upload  
date:2015-02-10,name:WordPress WPLMS 1.8.4.1 Privilege Escalation  
date:2015-02-10,name:WordPress WP EasyCart Unrestricted File Upload  
date:2015-02-10,name:WordPress Acobot Live Chat And Contact Form 2.0 CSRF \/ XSS  
date:2015-02-04,name:WordPress Platform Theme Remote Code Execution  
date:2015-02-04,name:WordPress Pixabay Images PHP Code Upload  
date:2015-02-03,name:WordPress Quasar Theme 1.9.1 Privilege Escalation  
date:2015-01-27,name:WordPress Revolution Sll File Disclosure  
date:2015-01-26,name:Wordpress RedSteel Theme Arbitrary File Download Vulnerability  
date:2015-01-20,name:WordPress Bretheon Theme Arbitrary File Download  
date:2015-01-20,name:WordPress CIP4 Folder Download 1.10 Local File Inclusion  
date:2015-01-20,name:WordPress Pixarbay Images 2.3 XSS \/ Bypass \/ Upload \/ Traversal  
date:2015-01-18,name:Wordpress Theme Bretheon Arbitrary File Download Vulnerability  
date:2015-01-15,name:WordPress Simple Security 1.1.5 Cross Site Scripting  
date:2015-01-14,name:Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration  
date:2015-01-13,name:WordPress Pods 2.4.3 CSRF \/ Cross Site Scripting  
date:2015-01-13,name:WordPress WP Symposium 14.11 Shell Upload  
date:2015-01-09,name:WordPress Shopping Cart 3.0.4 Unrestricted File Upload  
date:2015-01-09,name:Wordpress slrox Plugin Cross site scripting vulnerability  
date:2015-01-06,name:WordPress Banner Effect Header 1.2.6 XSS \/ CSRF  
date:2015-01-05,name:Wordpress Email newsletter 20.9 Cross Site Scripting  
date:2015-01-05,name:Wordpress sumome 1.6 Cross Site Scripting  
date:2015-01-05,name:Wordpress WP-EMail 2.64 Cross Site Scripting  
date:2015-01-05,name:Wordpress Email 1.1 Cross Site Scripting  
date:2014-12-31,name:Wordpress 4.1 XSS & CSRF Web Vulnerability  
date:2014-12-30,name:WordPress Frontend Uploader 0.9.2 Cross Site Scripting  
date:2014-12-30,name:WordPress Dmsguestbook Unauthenticated Data Injection  
date:2014-12-29,name:Wordpress RevSlin LFD  
date:2014-12-28,name:Wordpress Frontend Uploader Cross Site Scripting(XSS)  
date:2014-12-25,name:WordPress Themes download.php File Disclosure  
date:2014-12-19,name:WordPress Simplelife 1.2 CSRF \/ XSS  
date:2014-12-19,name:WordPress SimpleFlickr 3.0.3 CSRF \/ XSS  
date:2014-12-19,name:WordPress PWG Random 1.11 CSRF \/ XSS  
date:2014-12-19,name:WordPress iTwitter 0.04 Cross Site Request Forgery \/ Cross Site Scripting  
date:2014-12-19,name:WordPress TweetScribe 1.1 CSRF \/ XSS  
date:2014-12-19,name:WordPress PictoBrowser 0.3.1 CSRF \/ XSS  
date:2014-12-19,name:WordPress gSl.1 CSRF \/ XSS  
date:2014-12-19,name:WordPress Twitter 0.7 CSRF \/ XSS  
date:2014-12-19,name:WordPress WP Limit Posts Automatically 0.7 CSRF \/ XSS  
date:2014-12-19,name:WordPress Twitter LiveBlog 1.1.2 CSRF \/ XSS  
date:2014-12-19,name:WordPress twimp-wp Cross Site Request Forgery \/ Cross Site Scripting  
date:2014-12-18,name:WordPress Bird Feeder 1.2.3 CSRF \/ XSS  
date:2014-12-17,name:WordPress A.F.D. Theme Echelon Arbitrary File Download  
date:2014-12-16,name:WordPress O2Tweet 0.0.4 CSRF \/ XSS  
date:2014-12-15,name:Wordpress Wp Symposium 14.11 Unauthenticated Shell Upload Exploit  
date:2014-12-13,name:WordPress Slial Icons 1.61 CSRF \/ XSS  
date:2014-12-13,name:WordPress Timed Popup 1.3 CSRF \/ XSS  
date:2014-12-13,name:WordPress WP Construction Mode 1.91 XSS  
date:2014-12-09,name:WordPress Ajax Store Locator 1.2 Arbitrary File Download  
date:2014-12-04,name:Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection  
date:2014-12-04,name:WordPress CM Download Manager 2.0.6 XSS \/ CSRF  
date:2014-12-02,name:Wordpress <= v4.0 - Denial of Service  
date:2014-12-02,name:WordPress <= v4.0 Denial of Service Exploit  
date:2014-12-01,name:WordPress Ad-Manager 1.1.2 Open Redirect  
date:2014-11-27,name:Wordpress db-backup plugin File Download Vulnerability  
date:2014-11-27,name:WordPress Sexy Squeeze Pages Cross Site Scripting  
date:2014-11-27,name:WordPress Html5 Mp3 Player Full Path Disclosure  
date:2014-11-25,name:WordPress WP-DB-Backup 2.2.4 Backup Theft  
date:2014-11-25,name:WordPress wpDataTables 1.5.3 SQL Injection  
date:2014-11-25,name:WordPress wpDataTables 1.5.3 Shell Upload  
date:2014-11-23,name:WordPress SP Client Document Manager 2.4.1 SQL Injection  
date:2014-11-21,name:WordPress CM Download Manager 2.0.0 Code Injection  
date:2014-11-21,name:WordPress 3.9.2 Cross Site Scripting  
date:2014-11-14,name:WordPress SupportEzzy Ticket System 1.2.5 Cross Site Scripting  
date:2014-11-11,name:Another WordPress Classifieds Cross Site Scripting \/ SQL Injection  
date:2014-11-07,name:Joomla\/WordPress XCloner Command Execution \/ Password Disclosure  
date:2014-11-06,name:WordPress Bulletproof-Security .51 XSS \/ SQL Injection \/ SSRF  
date:2014-11-05,name:WordPress Wordfence Firewall 5.1.2 Cross Site Scripting  
date:2014-11-05,name:WordPress Clean And Simple Contact Form 4.4.0 XSS  
date:2014-10-27,name:WordPress Count-per-Day Plugin (notes.php) Remote Code Upload  
date:2014-10-27,name:WordPress Download Manager Plugin Arbitrary File Download  
date:2014-10-27,name:Wordpress gallery-bank Plugin Upload Vulnerability  
date:2014-10-25,name:WordPress HT-Poi Plugin Remote File Upload (RFU)  
date:2014-10-25,name:WordPress HTML5 and FLash PLayer Plugin SQL Injection  
date:2014-10-24,name:WordPress CP Multi View Event Calendar 1.01 SQL Injection  
date:2014-10-24,name:WordPress \/ Joomla Creative Contact Form 0.9.7 Shell Upload  
date:2014-10-22,name:WordPress Database Manager 2.7.1 Command Injection \/ Credential Leak  
date:2014-10-16,name:WordPress WP Google Maps 6.0.26 Cross Site Scripting  
date:2014-10-16,name:WordPress MaxButtons 1.26.0 Cross Site Scripting  
date:2014-10-10,name:WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting  
date:2014-10-10,name:WordPress Contact Form DB 2.8.13 Cross Site Scripting  
date:2014-10-10,name:WordPress Google Calendar Events 2.0.1 Cross Site Scripting  
date:2014-10-09,name:Wordpress InfusionSoft Upload  
date:2014-10-06,name:WordPress BulletProof Security 50.8 Script Insertion  
date:2014-10-02,name:WordPress Content Audit 1.6 Blind SQL Injection  
date:2014-10-02,name:WordPress Photo Gallery 1.1.30 Cross Site Scripting  
date:2014-10-01,name:WordPress All In One Security And Firewall 3.8.3 XSS  
date:2014-09-18,name:WordPress WP-Ban 1.62 Bypass  
date:2014-09-18,name:WordPress Login Wh Shortcode 3.1.1 CSRF \/ XSS  
date:2014-09-16,name:WordPress Wordfence 5.2.3 Cross Site Scripting \/ Bypass  
date:2014-09-13,name:WordPress Photo Album Plus 5.4.4 Cross Site Scripting  
date:2014-09-12,name:WordPress Trinity Theme Arbitrary File Download  
date:2014-09-09,name:WordPress Antioch Arbitrary File Download  
date:2014-09-08,name:Wordpress Authentic Theme Arbitrary File Download Vulnerability  
date:2014-09-08,name:Wordpress epic theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:Wordpress Like Dislike Counter Plugin SQL Injection Vulnerability  
date:2014-09-07,name:WordPress acento theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:WordPress FR0_theme theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:WordPress lote27 theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:WordPress NativeChurch theme Arbitrary File Download Vulnerability  
date:2014-09-04,name:WordPress Advanced Access Manager 2.8.2 File Write \/ Code Execution  
date:2014-09-03,name:WordPress Huge IT Image Gallery 1.0.0 SQL Injection  
date:2014-09-02,name:WordPress CuckooTap Theme & eShop Arbitrary File Download  
date:2014-08-28,name:WordPress ShortCode 1.1 Local File Inclusion  
date:2014-08-27,name:WordPress WPtouch Mobile 3.4.5 Shell Upload  
date:2014-08-26,name:WordPress KenBurner Sltrary File Download  
date:2014-08-21,name:WordPress All In One SEO Pack 2.2.2 Cross Site Scripting  
date:2014-08-21,name:WordPress Mobile Pack 2.0.1 Information Disclosure  
date:2014-08-19,name:WordPress Disqus 2.7.7 Cross Site Request Forgery  
date:2014-08-19,name:Wordpress 3.9.1 pluggable.php CSRF vulnerability  
date:2014-08-13,name:WordPress Disqus 2.7.5 CSRF \/ Cross Site Scripting  
date:2014-08-13,name:WordPress CK-And-SyntaxHighLighter Arbitrary File Upload  
date:2014-08-13,name:WordPress 3.9 XMLRPC Denial of Service Exploit  
date:2014-08-12,name:WordPress GB Gallery Sl.5 SQL Injection *youtube  
date:2014-08-11,name:WordPress 3.9 and Drupal 7.x Denial Of Service Vulnerability *vdate:2014-08-11,name:Wordpress Js plupload Cross Site Scripting  
date:2014-08-08,name:WordPress WPSS 0.62 Cross Site Scripting  
date:2014-08-08,name:WordPress WPSS 0.62 SQL Injection  
date:2014-08-05,name:WordPress MyBand Theme Cross Site Scripting  
date:2014-08-04,name:WordPress Gmedia Gallery 1.2.1 Shell Upload  
date:2014-08-04,name:WordPress Gamespeed Theme Cross Site Scripting  
date:2014-08-03,name:Wordpress SI CAPTCHA Anti-Spam Plugin Cross site scripting  
date:2014-08-02,name:Wordpress Sper plugin Cross site scripting  
date:2014-07-30,name:WordPress WhyDoWork AdSense 1.2 XSS \/ CSRF  
date:2014-07-29,name:WordPress Sllution Responsive 4.1.4 File Download  
date:2014-07-29,name:WordPress Lead Octopus Power SQL Injection  
date:2014-07-29,name:WordPress FBGorilla SQL Injection  
date:2014-07-25,name:WordPress Very 2.5 Cross Site Scripting \/ SQL Injection  
date:2014-07-22,name:WordPress Gallery Objects 0.4 SQL Injection  
date:2014-07-16,name:Wordpress WPTouch Authenticated File Upload  
date:2014-07-15,name:WordPress CopySafe PDF Protection 0.6 Shell Upload  
date:2014-07-15,name:WordPress Tery 1.1 Shell Upload \/ XSS  
date:2014-07-14,name:DZS Very for WordPress XSS, FPD and RCE vulnerabilities  
date:2014-07-13,name:WordPress Download Manager 2.6.8 Shell Upload  
date:2014-07-10,name:WordPress BSK PDF Manager 1.3.2 SQL Injection  
date:2014-07-07,name:Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload  
date:2014-07-07,name:WordPress NextGEN Gallery 2.0.63 Shell Upload  
date:2014-07-02,name:Wordpress blogstand-smart-banner.1.0 Cross Site Scripting  
date:2014-06-29,name:Wordpress ml-slCross Site Scripting  
date:2014-06-29,name:Wordpress wp-construction-mode.1.8 Cross Site Scripting  
date:2014-06-27,name:WordPress Simple Share Buttons Adder 4.4 CSRF \/ XSS  
date:2014-06-23,name:Wordpress 3.9.1-CSRF vulnerability  
date:2014-06-02,name:WordPress Popup Images Cross Site Scripting  
date:2014-06-02,name:WordPress Participants Database 1.5.4.8 SQL Injection  
date:2014-06-02,name:WordPress iMember360is 3.9.001 XSS Disclosure Code Execution  
date:2014-05-30,name:WordPress DZS Very Cross Site Scripting \/ Content Spoofing  
date:2014-05-23,name:WordPress Conversion Ninja Cross Site Scripting  
date:2014-05-23,name:WordPress bib2html 0.9.3 Cross Site Scripting  
date:2014-05-22,name:WordPress Booking System SQL Injection  
date:2014-05-22,name:WordPress Simple Popup Cross Site Scripting  
date:2014-05-14,name:WordPress Formrms Remote Code Execution  
date:2014-05-13,name:Wordpress Bonuspressx Plugin Cross Site Scripting  
date:2014-05-08,name:WordPress Photo-Gallery Cross Site Request Forgery  
date:2014-05-02,name:WordPress leaflet maps marker plugin SQL Injection Vulnerability  
date:2014-05-02,name:WordPress plugin EZPZ One Click Backup Command Injection  
date:2014-04-28,name:NextCellent Gallery 1.9.13 WordPress plugin XSS  
date:2014-04-28,name:WordPress Work-The-Flow 1.2.1 Shell Upload  
date:2014-04-22,name:WordPress JS External Link Info Cross Site Scripting  
date:2014-04-22,name:Wordpress Themes Theagency File Upload Vulnerability  
date:2014-04-21,name:WordPress File Disclosure Vulnerability  
date:2014-04-15,name:WordPress LineNity Local File Inclusion  
date:2014-04-14,name:WordPress Theme LineNity LFI  
date:2014-04-03,name:WordPress XCloner 3.1.0 Cross Site Request Forgery  
date:2014-03-29,name:WordPress Business Intelligence 1.0.6 Shell Upload  
date:2014-03-11,name:Wordpress plugin LayerSlersion 4.6.1 Directory Traversal CSRF  
date:2014-03-07,name:WordPress Premium Gallery Manager Shell Upload  
date:2014-03-06,name:WordPress Barclaycart Shell Upload  
date:2014-03-04,name:WordPress thecotton Themes Remote File Upload Vulnerability  
date:2014-03-04,name:WordPress plugin Google Analytics MU 2.3 CSRF  
date:2014-03-03,name:WordPress Sixtees Shell Upload  
date:2014-02-27,name:WordPress Alpine PhotoTile For Instagram 1.2.6.5 XSS  
date:2014-02-27,name:WordPress Ver Live Streaming 4.29.6 Cross Site Scripting  
date:2014-02-27,name:WordPress Wtrol 1.0.1 Cross Site Scripting  
date:2014-02-27,name:WordPress PrintFriendly 3.3.7 Cross Site Scripting  
date:2014-02-27,name:WordPress mp3-jplayer 1.8.7 Cross Site Scripting  
date:2014-02-27,name:WordPress BSK PDF Manager 1.3 Cross Site Scripting  
date:2014-02-26,name:WordPress Zedity 2.4.0 Cross Site Scripting  
date:2014-02-26,name:WordPress Thanks You Counter Button 1.8.7 Cross Site Scripting  
date:2014-02-26,name:WordPress EasyMedia Gallery 1.2.29 Cross Site Scripting  
date:2014-02-24,name:Media File Renamer V1.7.0 wordpress plugin XSS  
date:2014-02-16,name:WordPress WP-Password Plugin XSS Vulnerability  
date:2014-02-15,name:Wordpress Plugin Acunetix WP Security Make Backup CSRF  
date:2014-02-15,name:Wordpress Plugin Better WP Security multiple vulnerability  
date:2014-02-14,name:WordPress Buddypress 1.9.1 Cross Site Scripting  
date:2014-02-14,name:WordPress Buddypress 1.9.1 Privilege Escalation  
date:2014-02-13,name:Wordpress dzs-vry plugin Cross site scripting Vulnerability  
date:2014-02-07,name:WordPress Dandelion Theme Shell Upload  
date:2014-02-02,name:Wordpress 3.3.1+dfsg-1 Media Library Persistent XSS  
date:2014-01-30,name:Wordpress amerisale-re Arbitrary File Upload Vulnerability  
date:2014-01-30,name:WordPress Photocrati Cross Site Scripting  
date:2014-01-30,name:Wordpress amerisale-re Remote Shell Upload  
date:2014-01-28,name:WordPress SS Downloads Cross Site Scripting  
date:2014-01-28,name:WordPress Seo Link Rotator Cross Site Scripting  
date:2014-01-28,name:WordPress Infocus Theme Cross Site Scripting  
date:2014-01-26,name:Wordpress anti-plagiarism Cross Site Scripting Vulnerability  
date:2014-01-24,name:WordPress E-Commerce 3.8.9.5 File Upload \/ XSS \/ CSRF \/ Code Execution  
date:2014-01-21,name:WordPress Global Flash Galleries File Upload  
date:2014-01-20,name:Wordpress social ring Cross Site Scripting  
date:2014-01-14,name:WordPress DT Chocolate Cross Site Scripting  
date:2014-01-09,name:WordPress WP-Members 2.8.9 Cross Site Scripting  
date:2014-01-04,name:Wordpress intouch Cross Site Scripting Vulnerability  
date:2014-01-01,name:WordPress 2.0.11 CSRF in options-discussion.php  
date:2013-12-31,name:Wordpress dzs-vry plugin Cross site scripting Vulnerability  
date:2013-12-30,name:Wordpress formcraft Plugin Sql Injection  
date:2013-12-27,name:WordPress Ad-minister 0.6 Cross Site Scripting  
date:2013-12-24,name:Wordpress Recommend to a friend plugin Cross site scripting  
date:2013-12-23,name:Wordpress information leakage and backdoor in writing settings  
date:2013-12-23,name:Wordpress WP EZLead Pro plugin Cross site scripting  
date:2013-12-20,name:Wordpress cevhershare plugin Cross site scripting Vulnerability  
date:2013-12-20,name:WordPress URL Redirector Abuse and XSS vulnerabilities  
date:2013-12-08,name:WordPress DZS Very 3.1.3 Remote File Disclosure  
date:2013-12-08,name:WordPress Page Flip Image Gallery Shell Upload  
date:2013-12-06,name:WordPress Easy Career Openings SQL Injection  
date:2013-12-03,name:WordPress OptimizePress Theme File Upload  
date:2013-12-03,name:WordPress Blooog 1.1 jplayer.swf Cross Site Scripting  
date:2013-12-03,name:WordPress Js-Multi-Hotel 2.2.1 Cross Site Scripting  
date:2013-12-02,name:WordPress dzs-vry Plugins Remote File Upload Vulnerability  
date:2013-12-01,name:Wordpress Orange Themes CSRF File Upload Vulnerability  
date:2013-12-01,name:WordPress Folo Theme Cross Site Scripting  
date:2013-11-28,name:Wordpress amerisale-re plugin Cross site scripting  
date:2013-11-28,name:Wordpress optinfirex plugin Cross site scripting  
date:2013-11-26,name:WordPress Blogfolio Shell Upload  
date:2013-11-26,name:WordPress Contact Form 7 3.5.2 Shell Upload  
date:2013-11-26,name:WordPress Elemin Shell Upload  
date:2013-11-26,name:WordPress Pinboard Shell Upload  
date:2013-11-26,name:WordPress Blogggie Shell Upload  
date:2013-11-26,name:WordPress Folo Shell Upload  
date:2013-11-22,name:Wordpress capturapro Plugin Cross site scripting  
date:2013-11-21,name:WordPress Suco Shell Upload  
date:2013-11-21,name:WordPress iThemes2 Shell Upload  
date:2013-11-21,name:WordPress Pretty Photo Cross Site Scripting  
date:2013-11-19,name:WordPress Project 10 Themes Remote File Upload Vulnerability  
date:2013-11-19,name:WordPress Tweet Blender 4.0.1 Cross Site Scripting  
date:2013-11-18,name:WordPress EuclSite Request Forgery  
date:2013-11-18,name:WordPress Dimension Cross Site Request Forgery  
date:2013-11-18,name:WordPress Amplus Cross Site Request Forgery  
date:2013-11-18,name:WordPress Make A Statement Cross Site Request Forgery  
date:2013-11-12,name:WordPress Theme Kernel - Arbitrary code execution  
date:2013-11-12,name:WordPress Curvo Themes - Arbitrary code execution  
date:2013-11-12,name:WordPress Highlight Premium Theme CSRF \/ Shell Upload  
date:2013-11-10,name:WordPress Army Knife CSRF File Upload Vulnerability  
date:2013-11-09,name:WordPress Theme Kernel Shell Upload  
date:2013-11-07,name:WordPress Gallery Bank 2.0.19 Cross Site Scripting  
date:2013-11-06,name:Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting  
date:2013-11-05,name:LBG Zoom In\/Out Effect SlWordPress XSS and FPD vulnerabilities  
date:2013-11-05,name:WordPress ThisWay Shell Upload  
date:2013-11-04,name:Wordpress fresh-page plugin site scripting Vulnerability  
date:2013-11-02,name:WordPress Think Responsive Themes Arbitrary File Upload Vulnerability  
date:2013-11-02,name:WordPress Switchblade Themes Arbitrary File Upload Vulnerability  
date:2013-11-01,name:WordPress Cold Fusion theme Arbitrary File Upload Vulnerability  
date:2013-10-30,name:WordPress MoneyTheme Cross Site Scripting \/ Shell Upload  
date:2013-10-30,name:WordPress Curvo Shell Upload  
date:2013-10-27,name:WordPress TimThumb Plugin Remote Code Execution  
date:2013-10-27,name:WordPress GeoPlaces 4.x Shell Upload  
date:2013-10-24,name:WordPress DailyDeal Themes Shell Upload Vulnerabillity  
date:2013-10-24,name:WordPress e-Commerce Payment Gateways Caller Local File Inclusion  
date:2013-10-22,name:Wordpress Themes WPLocalPlaces Upload Vulnerability  
date:2013-10-22,name:Wordpress vPlugin Xss vulnerabilities  
date:2013-10-19,name:Wordpress WooCommerce Plugin 2.0.17 Cross-Site Scripting Vulnerability  
date:2013-10-19,name:Wordpress spreadsheet Plugin Cross site scripting  
date:2013-10-18,name:WordPress WP Realty Blind SQL Injection  
date:2013-10-17,name:WordPress Dexs PM System Cross Site Scripting  
date:2013-10-16,name:Wordpress zingiri-forum Plugin SQL Injection Vulnerability  
date:2013-10-15,name:WordPress Finalist Cross Site Scripting  
date:2013-10-12,name:WordPress Cart66 1.5.1.14 Cross Site Request Forgery \/ Cross Site Scripting  
date:2013-10-11,name:WordPress Simple Flash VCross Site Scripting  
date:2013-10-08,name:WordPress Woopra Remote Code Execution  
date:2013-10-07,name:Wordpress Zoo Realty Plugin Cross site scripting Vulnerability  
date:2013-10-04,name:WordPress Slimstat Ex Code Execution  
date:2013-10-04,name:WordPress SEO Watcher Remote Code Execution  
date:2013-10-04,name:WordPress Semper Fi Cross Site Scripting  
date:2013-10-03,name:WordPress Social Hashtag 2.0.0 Cross Site Scripting  
date:2013-09-29,name:Wordpress FireStorm Professional Real Estate Plugin Cross site scripting  
date:2013-09-25,name:WordPress Sharebar 1.2.5 Cross Site Scripting  
date:2013-09-25,name:WordPress Miniaudioplayer Cross Site Scripting  
date:2013-09-25,name:Wordpress lbg zoominoutslin Cross site scripting Vulnerability  
date:2013-09-25,name:Wordpress simple forum Cross site scripting Vulnerability  
date:2013-09-24,name:WordPress Bradesco Gateway Cross Site Scripting  
date:2013-09-24,name:WordPress fGallery_Plus Cross Site Scripting  
date:2013-09-24,name:Wordpress Lazy SEO plugin Shell Upload Vulnerability  
date:2013-09-21,name:WordPress NOSpamPTI 2.1 Blind SQL Injection  
date:2013-09-21,name:WordPress Comment Attachment 1.0 <= Cross Site Scripting  
date:2013-09-20,name:WordPress RokMicroNews 1.5 XSS & DoS & Shell Upload  
date:2013-09-20,name:WordPress Page Showcaser Boxes 1.0 Cross Site Scripting  
date:2013-09-19,name:WordPress RokIntroScroller 1.8 XSS \/ DoS \/ Disclosure \/ Upload  
date:2013-09-19,name:WordPress Complete Gallery Manager 3.3.3 File Upload  
date:2013-09-18,name:WordPress RokNewsPager 1.17 Disclosure \/ Shell Upload \/ XSS \/ DoS  
date:2013-09-18,name:WordPress RokStories 1.25 Disclosure \/ Shell Upload \/ XSS \/ DoS  
date:2013-09-12,name:WordPress 3.6.1 PHP unserialization & Open Redirect & Privilege Escalation  
date:2013-09-09,name:WordPress Event Easy Calendar 1.0.0 XSS \/ CSRF \/ Input Valdate:2013-09-04,name:WordPress NextGen Smooth Gallery Cross Site Scripting  
date:2013-09-02,name:WordPress IndiaNIC Testimonial 2.2 XSS & CSRF & SQL Injection  
date:2013-08-29,name:WordPress Wordfence 3.8.1 Cross Site Scripting  
date:2013-08-29,name:WordPress Encrypted Blog 0.0.6.2 XSS & Open Redirect  
date:2013-08-29,name:WordPress silverOrchSite Scripting  
date:2013-08-27,name:WordPress Simple Login Registration 1.0.1 Cross Site Scripting  
date:2013-08-27,name:WordPress Post-Gallery Cross Site Scripting  
date:2013-08-24,name:Wordpress ver-live-streaming-integration Plugin XSS vulnerabilities  
date:2013-08-22,name:WordPress BackWPup 3.0.12 Cross Site Scripting  
date:2013-08-12,name:WordPress HMS Testimonials 2.0.10 XSS \/ CSRF  
date:2013-08-09,name:WordPress HMS Testimonials 2.0.10 XSS & CSRF  
date:2013-08-07,name:WordPress Usernoise 3.7.8 Cross Site Scripting  
date:2013-08-04,name:WPtouch and WPtouch Pro for WordPress XSS and FPD vulnerabilities  
date:2013-07-26,name:WordPress Duplicator 0.4.4 Cross Site Scripting  
date:2013-07-23,name:WordPress FlagEm Cross Site Scripting  
date:2013-07-19,name:WordPress WooCommerce 2.0.12 Cross Site Scripting  
date:2013-07-15,name:Wordpress Plugin Spicy Blogroll File Inclusion Vulnerability  
date:2013-07-13,name:WordPress I Love It XSS & Content Spoofing & Path Disclosure  
date:2013-07-09,name:WordPress Search N Save XSS & Path Disclosure  
date:2013-07-09,name:WordPress JS Restaurant SQL Injection  
date:2013-07-03,name:WordPress 3.5.1 Cross Site Scripting  
date:2013-07-03,name:WordPress Category-Grallery XSS  
date:2013-07-03,name:WordPress Feed SQL Injection  
date:2013-07-01,name:WordPress wp-private-messages SQL Injection  
date:2013-07-01,name:Xorbin Digital Flash Clock 1.0 For WordPress XSS  
date:2013-07-01,name:Xorbin Analog Flash Clock 1.0 For WordPress XSS  
date:2013-06-30,name:WordPress Denial of Service .py exploit  
date:2013-06-21,name:WordPress Slash WP theme XSS and Content Spoofing vulnerabilities  
date:2013-06-18,name:Ultimate WordPress Auction v1.0 Plugin CSRF Vulnerability  
date:2013-06-12,name:WordPress WP-SendSMS 1.0 CSRF \/ XSS  
date:2013-06-12,name:WordPress 3.5.1 Denial of Service Exploit  
date:2013-06-12,name:WordPress 3.5.1 Denial of Service  
date:2013-06-11,name:WordPress jobroller Reflected XSS  
date:2013-06-11,name:WordPress Ambience Cross Site Scripting  
date:2013-06-09,name:WordPress nextgen-gallery Cross Site Scripting  
date:2013-06-07,name:WordPress plugin uk-cookie CSRF  
date:2013-06-03,name:WordPress AntiVirus FPD and Security bypass vulnerabilities  
date:2013-06-01,name:WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability  
date:2013-05-28,name:WordPress wp-banners-lite Plugin Cross Site Scripting  
date:2013-05-27,name:WordPress User Role Editor CSRF  
date:2013-05-26,name:WordPress milano Theme Cross Site Scripting  
date:2013-05-21,name:WordPress ProPlayer Plugin SQL Injection  
date:2013-05-17,name:WordPress plugin wp-cleanfix CSRF  
date:2013-05-17,name:WordPress plugin mail-on-update CSRF  
date:2013-05-16,name:WordPress wp-FileManager File Download  
date:2013-05-15,name:WordPress Newsletter Plugin 3.2.6 (alert) Reflected XSS Vulnerability  
date:2013-05-15,name:WordPress Vross Site Scripting  
date:2013-05-13,name:WordPress Securimage-WP Plugin v3.2.4 URI-based XSS Vulnerability  
date:2013-05-13,name:WordPress Search and Share plugin vulnerabilities  
date:2013-05-07,name:WordPress Advanced XML Reader 0.3.4 Plugin XXE 0day *youtube  
date:2013-05-02,name:Wordpress W3 Total Cache 0.9.2.8 PHP Code Execution exploit  
date:2013-04-21,name:WordPress theme Colormix Multiple vulnerabilities  
date:2013-04-12,name:Wordpress Catalog Plugin Xss Vulnerability  
date:2013-04-11,name:WordPress Sper 2.1 SQL Injection  
date:2013-04-09,name:Wordpress plugins kioskprox XSS Vulnerability  
date:2013-04-09,name:Wordpress plugins fbsurveypro XSS Vulnerability  
date:2013-04-08,name:Wordpress plugins kioskprox XSS Vulnerability  
date:2013-04-07,name:WordPress Trafficanalyzer Plugin XSS Vulnerability  
date:2013-03-27,name:WordPress plugin user-photo file upload arbitrary PHP code execution  
date:2013-03-27,name:Wordpress trafficanalyzer Plugin XSS  
date:2013-03-27,name:Wordpress wp-vando Plugin XSS  
date:2013-03-27,name:Wordpress plugin v3 level four storefront SQL injection Vulnerability  
date:2013-03-27,name:Wordpress ver-live-streaming-integration Plugin XSS  
date:2013-03-26,name:WordPress Mathjax Latex 1.1 Cross Site Request Forgery  
date:2013-03-25,name:Wordpress wp-vando Plugin XSS  
date:2013-03-23,name:WordPress IndiaNIC FAQS Manager 1.0 SQL Injection  
date:2013-03-23,name:WordPress IndiaNIC FAQS Manager 1.0 XSS & CSRF  
date:2013-03-22,name:Joomla Component com_wordpress XSS Vulnerability  
date:2013-03-20,name:WordPress Occasions 1.0.4 Cross Site Request Forgery  
date:2013-03-20,name:WordPress Count Per Day 3.2.5 XSS  
date:2013-03-19,name:WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSS  
date:2013-03-17,name:WordPress LeagueManager Plugin 3.8 SQL Injection  
date:2013-03-17,name:Wordpress o2s-gallery plugin Cross Site Scripting Vulnerability  
date:2013-03-17,name:Wordpress bp-gallery plugin 1.2.5 Cross Site Scripting Vulnerability  
date:2013-03-17,name:Wordpress WP-e-Commerce plugin 3.8.9.5 Cross Site Scripting Vulnerability  
date:2013-03-17,name:Wordpress Image News slin 3.5 Cross Site Scripting Vulnerability  
date:2013-03-15,name:WordPress LeagueManager 3.8 SQL Injection  
date:2013-03-12,name:WordPress Terillion Reviews Cross Site Scripting  
date:2013-03-11,name:WordPress plugin snazzy-archives XSS vulnerability  
date:2013-03-10,name:WordPress plugins vulnerable to CVE-2013-1808  
date:2013-03-08,name:WordPress Events Manager 5.3.3 Cross Site Scripting  
date:2013-03-06,name:WordPress Count-Per-Day 3.2.5 Cross Site Scripting  
date:2013-03-05,name:WordPress Caulk Path Disclosure  
date:2013-03-05,name:WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-Service  
date:2013-02-28,name:WordPress Comment Rating 2.9.32 SQL Injection & Bypass  
date:2013-02-25,name:WordPress plugin smart-flv jwplayer.swf XSS  
date:2013-02-21,name:WordPress Pretty Link 1.6.3 Cross Site Scripting  
date:2013-02-12,name:Wordpress wp forum server v2 plugin SQL Injection  
date:2013-02-12,name:Wordpress simple flash vlugin SQL Injection  
date:2013-02-12,name:Wordpress newscast Theme SQL Injection  
date:2013-02-12,name:Wordpress image news sllugin SQL Injection  
date:2013-02-12,name:Wordpress Xhanch My Prayer Time plugin v2 Plugin SQL Injection  
date:2013-02-12,name:Wordpress podpress plugin v2 Plugin SQL Injection  
date:2013-02-11,name:Wordpress post2pdf-converter v2 Plugin SQL Injection  
date:2013-02-11,name:Wordpress smart-map v2 Plugin SQL Injection  
date:2013-02-10,name:Wordpress plugin myftp-ftp-like-plugin-for-wordpress 2 SQL Injection  
date:2013-02-10,name:Wordpress theme pinboard 1.0.6 XSS  
date:2013-02-08,name:WordPress Audio Player SWF Cross Site Scripting  
date:2013-02-07,name:WordPress CommentLuv 2.92.3 Cross Site Scripting  
date:2013-02-07,name:WordPress Wysija Newsletters 2.2 SQL Injection  
date:2013-02-06,name:Wordpress wp-forum plugin SQL Injection  
date:2013-02-03,name:Wordpress dt-chocolate Theme Image Open redirect  
date:2013-02-03,name:WordPress theme Flash News Multiple vulnerabilities  
date:2013-02-02,name:WordPressSearch plugin SQL Injection Vulnerability  
date:2013-02-01,name:Wordpress wp-table-reloaded plugin cross-site scripting in SWF  
date:2013-02-01,name:Wordpress simple-shout-box Plugin SQL Injection  
date:2013-02-01,name:Wordpress portfolio-slro v3 Plugin SQL Injection  
date:2013-01-31,name:Wordpress RLSWordPressSearch plugin SQL Injection  
date:2013-01-26,name:WordPress SolveMedia 1.1.0 Cross Site Request Forgery  
date:2013-01-25,name:Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities  
date:2013-01-24,name:WordPress Chocolate Theme XSS & Denial Of Service & Shell Upload  
date:2013-01-23,name:Cardoza WordPress Poll 34.05 SQL Injection  
date:2013-01-22,name:Wordpress Developer Formatter CSRF Vulnerability  
date:2013-01-21,name:WordPress Ripe HD FLV Player SQL Injection & Path Disclosure  
date:2013-01-15,name:WordPress Daily Edition Mouss XSS & Disclosure & Shell Upload  
date:2013-01-15,name:WordPress theme Daily Edition Mouss Multiple vulnerabilities  
date:2013-01-14,name:WordPress Floating Tweets 1.0.1 XSS and Directory Traversal  
date:2013-01-10,name:Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability  
date:2013-01-09,name:WordPress Plugin Google Document Embedder Arbitrary File Disclosure  
date:2013-01-08,name:WordPress Spam Free 1.9.2 Filter Bypass  
date:2013-01-08,name:XML Sitemap Generator for Wordpress (Google XML Sitemaps) Code Injection  
date:2013-01-08,name:WordPress OpenInviter Information Disclosure  
date:2013-01-07,name:Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability  
date:2013-01-07,name:Wordpress wilderness SQL injection  
date:2013-01-03,name:WordPress Advanced Custom Fields Remote File Inclusion  
date:2013-01-03,name:WordPress Shopping Cart 8.1.14 Shell Upload & SQL Injection  
date:2013-01-03,name:WordPress ReFlex Gallery 1.3 Shell Upload  
date:2013-01-03,name:WordPress Xerte Online 0.32 Shell Upload  
date:2013-01-03,name:WordPress Uploader 1.0.4 Shell Upload  
date:2013-01-02,name:Wordpress Sahifa theme 2.4.0 CSRF and Full Path Disclosure  
date:2013-01-01,name:Wordpress plugins WP PHP wl Path Disclosure vulnerability  
date:2012-12-31,name:Wordpress plugins NextGEN Public Uploader Full Path Disclosure Vulnerability  
date:2012-12-31,name:WordPress Photo Plus & Photo Search XSS & CSRF  
date:2012-12-31,name:WordPress SB Uploader 3.9 Shell Upload  
date:2012-12-30,name:WordPress themes RocketTheme Multiple vulnerabilities  
date:2012-12-28,name:WordPress Asset-Manager PHP File Upload  
date:2012-12-25,name:WordPress W3 Total Cache Data Disclosure  
date:2012-12-25,name:WordPress Rokbox Themes Content Spoofing and XSS  
date:2012-12-23,name:WordPress BuddyPress Cross Site Scripting & Content Spoofing  
date:2012-12-21,name:WordPress 3.4.2 Sessions Not Terminated Upon Explicit User Logout  
date:2012-12-21,name:BuddyPress for WordPress XSS and CS vulnerabilities  
date:2012-12-21,name:Wordpress plugin sintic_gallery Path Disclosure Vulnerability  
date:2012-12-18,name:WordPress Rokbox 2.13 Multiple Vulns  
date:2012-12-16,name:WordPress RokBox Multiple Vulnerabilities  
date:2012-12-13,name:WordPress portable-phpMyAdmin 1.3.0 Authentication Bypass  
date:2012-12-09,name:WordPress Simple Gmail Login Path Disclosure  
date:2012-12-04,name:WordPress Nest SQL Injection  
date:2012-11-30,name:WordPress V Form 0.5 Cross Site Scripting  
date:2012-11-30,name:WordPress TimelineJS_Nuweb Local File Inclusion  
date:2012-11-30,name:WordPress Toolbox 1.4 SQL Injection  
date:2012-11-28,name:WordPress Newstimes Package SQL Injection  
date:2012-11-28,name:WordPress myflash Local File Inclusion  
date:2012-11-28,name:WordPress starmark Theme Local File Inclusion  
date:2012-11-28,name:Wordpress asm theme SQL injection  
date:2012-11-28,name:WordPress yaren Tema SQL Injection  
date:2012-11-27,name:WordPress wp-imagezoon SQL Injection  
date:2012-11-27,name:WordPress cstardesign SQL Injection  
date:2012-11-27,name:WordPress oberliga SQL Injection  
date:2012-11-27,name:WordPress st_newsletter SQL Injection  
date:2012-11-27,name:WordPress weddingsatwork SQL Injection  
date:2012-11-27,name:WordPress Shai-Saul SQL Injection  
date:2012-11-25,name:Wordpress dailyedition-mouss Theme  SQL injection  
date:2012-11-24,name:WordPress Zarzadzanie Kontem Shell Upload  
date:2012-11-24,name:WordPress Simple SlCross Site Scripting  
date:2012-11-24,name:WordPress Plg Novana SQL Injection  
date:2012-11-24,name:WordPress Zingiri Web Shop 2.5.0 Shell Upload  
date:2012-11-23,name:Wordpress malmonation theme SQL Injection  
date:2012-11-23,name:Wordpress magazine-basic-plugin\/ Theme SQL Injection  
date:2012-11-23,name:Wordpress plg_novana plugin Sql Injection  
date:2012-11-22,name:Wordpress hd-webplayer Theme SQL Injection  
date:2012-11-22,name:Wordpress webplayer-plugin Theme SQL Injection  
date:2012-11-22,name:Wordpress fs-real-estate-plugin Theme SQL Injection  
date:2012-11-21,name:wordpress tdo-mini-forms plugin (rfu\/rfd) Vulnerabilities  
date:2012-11-21,name:WordPress FireStorm Real Estate 2.06.08 SQL Injection  
date:2012-11-21,name:WordPress Madebymilk SQL Injection  
date:2012-11-20,name:Wordpress Facebook Survey v1 SQL Injection Vulnerability  
date:2012-11-20,name:WordPress List Communities SQL Injection  
date:2012-11-20,name:WordPress ArribaLaEsteban SQL Injection  
date:2012-11-19,name:Wordpress Plugins Spotlight Your Upload Vulnerability  
date:2012-11-16,name:WordPress Dailyedition-mouss SQL Injection  
date:2012-11-16,name:WordPress Tagged Albums SQL Injection  
date:2012-11-14,name:WordPress WP E-Commerce 3.8.9 SQL Injection \/ Cross Site Scripting  
date:2012-11-13,name:WordPress Related Posts Exit Popup SQL Injection  
date:2012-11-10,name:WordPress Eco-Annu SQL Injection  
date:2012-11-10,name:WordPress Calendar-Script Blind SQL Injection  
date:2012-11-10,name:WordPress swfupload XSS vulnerability  
date:2012-11-09,name:Wordpress theme kakao SQL Injection  
date:2012-11-09,name:Wordpress theme wilderness SQL Injection  
date:2012-11-08,name:WordPress Cardoza Ajax Search 1.1 SQL Injection  
date:2012-11-07,name:WordPress Hitasoft FLV Player 1.1 SQL Injection  
date:2012-10-31,name:Wordpress FoxyPress Plugin Multiple Vulnerabilities  
date:2012-10-27,name:WordPress Easy Webinar Blind SQL Injection  
date:2012-10-26,name:WordPress GRAND Flash Album Gallery SQL Injection & Disclosure & File Overwrite  
date:2012-10-20,name:WordPress Wordfence Security XSS and IAA vulnerabilities  
date:2012-10-18,name:Wordpress Social Discussions Plugin Multiple Vulnerabilities  
date:2012-10-17,name:Wordpress Pay With Tweet plugin <= 1.1 Multiple Vulnerabilities  
date:2012-10-17,name:Wordpress Plugin BackWPup 1.6.1 Remote auth bypass  
date:2012-10-06,name:WordPress Shopp v1.0.17 eCommerce Plugin <= XSS & LFI  
date:2012-10-04,name:WordPress Sp1 SQL Injection & XSS  
date:2012-10-01,name:wordpressthemesbook Cms Cross-Site Scripting Vulnerability  
date:2012-09-28,name:Wordpress phpBAK Red Config Vulnerability  
date:2012-09-27,name:WordPress ABC-Test 0.1 Cross Site Scripting  
e:2012-09-23,name:MF Gig Calendar Wordpress Plugin Cross-Site Scripting  
e:2012-09-23,name:Wordpress Admin name Information Disclosure  
te:2012-09-22,name:WordPress Tierra Audio Path Disclosure  
te:2012-09-22,name:WordPress Krea3AllMedias SQL Injection  
te:2012-09-21,name:Wordpress Download Monitor Download Page Cross-Site Scripting  
te:2012-09-20,name:WordPress AdRotate 3.7.3.5 Cross Site Scripting  
te:2012-09-20,name:WordPress NextGEN Gallery 1.9.5 Cross Site Scripting  
te:2012-09-20,name:WordPress Google Analytics 4.2.4 Cross Site Scripting  
te:2012-09-19,name:WordPress TDO Mini Forms Arbitrary File Upload  
te:2012-09-18,name:WordPress HD Webplayer 1.1 SQL Injection  
te:2012-08-29,name:WordPress Simple Forum Shell Upload  
te:2012-08-28,name:WordPress Finder Cross Site Scripting  
te:2012-08-28,name:WordPress Count Per Day 3.2.3 Cross Site Scripting  
te:2012-08-25,name:WordPress Monsters Editor Shell Upload  
te:2012-08-25,name:WordPress SEM WYSIWYG Arbitrary File Upload  
te:2012-08-21,name:ShopperPress WordPress Theme 2.7 Cross Site Scripting  
te:2012-07-31,name:WordPress Front End Upload 0.5.4.4 Shell Upload  
te:2012-07-24,name:Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability  
te:2012-07-23,name:WordPress Cimy User Extra Fields 2.3.7 Shell Upload  
te:2012-07-17,name:WordPress Count Per Day 3.1.1 Cross Site Scripting  
te:2012-07-16,name:WordPress Resume Submissions \/ Job Postings 2.5.1 Shell Upload  
te:2012-07-16,name:WordPress WP-Predict 1.0 Blind SQL Injection  
te:2012-07-10,name:Wordpress (wp-insert Plugin) Arbitrary File Upload Vulnerability  
te:2012-07-10,name:WordPress MoodThingy W.7 SQL Injection  
te:2012-07-10,name:Wordpress (editormonkey) [FCKeditor] Arbitrary File Upload Vulnerability  
te:2012-06-30,name:WordPress Website FAQ 1.0 SQL Injection  
te:2012-06-26,name:WordPress Fancy Gallery 1.2.4 Shell Upload  
te:2012-06-26,name:WordPress Flip Book 1.0 Shell Upload  
te:2012-06-26,name:WordPress Ajax Multi Upload 1.1 Shell Upload  
te:2012-06-26,name:WordPress Schreikasten 0.14.13 Cross Site Scripting  
te:2012-06-20,name:WordPress Organizer 1.2.1 Cross Site Scripting \/ Directory Traversal  
te:2012-06-20,name:WordPress Lim4wp 1.1.1 Shell Upload  
te:2012-06-20,name:WordPress Wp-ImageZoom 1.0.3 File Disclosure  
te:2012-06-20,name:WordPress LB Mixed Sl.0 Shell Upload  
te:2012-06-20,name:WordPress Famous 2.0.5 Shell Upload  
te:2012-06-20,name:WordPress Deep-Blue 1.9.2 Shell Upload  
te:2012-06-17,name:WordPress Automatic 2.0.3 Cross Site Request Forgery  
ate:2012-06-15,name:WordPress Annonces 1.2.0.1 Shell Upload  
ate:2012-06-15,name:WordPress Evarisk 5.1.5.4 Shell Upload  
ate:2012-06-15,name:WordPress Invit0r 0.22 Shell Upload  
ate:2012-06-13,name:WordPress Foxypress Arbitrary Code Execution  
ate:2012-06-13,name:WordPress Top Quark Architecture 2.10 Shell Upload  
ate:2012-06-13,name:WordPress Wp-Gpx-Map 1.1.21 Shell Upload  
ate:2012-06-13,name:WordPress User Meta 1.1.1 Shell Upload  
ate:2012-06-13,name:WordPress Custom Content Type Manager 0.9.5.13-pl Shell Upload  
ate:2012-06-13,name:WordPress Front End Upload 0.5.3 Shell Upload  
ate:2012-06-13,name:WordPress Omni Secure Files 0.1.13 Shell Upload  
ate:2012-06-13,name:WordPress Front File Manager 0.1 Shell Upload  
ate:2012-06-13,name:WordPress Easy Contact Forms Export 1.1.0 File Disclosure  
ate:2012-06-12,name:WordPress Hungred Post Thumbnail 2.1.9 Shell Upload  
ate:2012-06-12,name:WordPress PICA Photo Gallery 1.0 File Disclosure  
ate:2012-06-12,name:WordPress PDW File Browser 1.1 Shell Upload  
ate:2012-06-12,name:WordPress Picturesurf Gallery 1.2 Shell Upload  
ate:2012-06-12,name:WordPress Tinymce Thumbnail Gallery 1.0.7 File Disclosure  
ate:2012-06-12,name:WordPress Newsletter 1.5 File Disclosure  
ate:2012-06-12,name:WordPress wpStoreCart 2.5.29 Shell Upload  
ate:2012-06-12,name:WordPress Simple Download Button Shortcode 1.0 File Disclosure  
ate:2012-06-12,name:WordPress RBX Gallery 2.1 Shell Upload  
ate:2012-06-12,name:WordPress Thinkun Remind 1.1.3 File Disclosure  
ate:2012-06-08,name:WordPress Gallery 3.06 Shell Upload  
ate:2012-06-08,name:WordPress MM Forms Community 2.2.5 \/ 2.2.6 Shell Upload  
ate:2012-06-08,name:WordPress Ver Ventation 3.17 Shell Upload  
ate:2012-06-08,name:WordPress WP-Property 1.35.0 Shell Upload  
ate:2012-06-08,name:WordPress Google Maps Via Store Locator Plus Email Spool \/ SQL Injection  
ate:2012-06-08,name:WordPress WP Marketplace Shell Upload  
ate:2012-06-08,name:WordPress HTML5 AV Manager 0.2.7 Shell Upload  
ate:2012-06-08,name:WordPress HT-Poi Shell Upload  
ate:2012-06-08,name:WordPress Asset Manager 0.2 Shell Upload  
ate:2012-06-08,name:WordPress WP Mass Mail Spoofing  
ate:2012-06-08,name:WordPress Comment Extra Fields Shell Upload  
ate:2012-06-08,name:WordPress Nmedia WP Member Conversation 1.35.0 Shell Upload  
ate:2012-06-08,name:WordPress Nmedia User File Uploader Shell Upload  
ate:2012-06-08,name:WordPress Foxypress Shell Upload  
ate:2012-06-08,name:WordPress 3.3.2 Cross Site Scripting  
ate:2012-05-19,name:WordPress Track That Stat 1.0.8 Cross Site Scripting  
ate:2012-05-19,name:WordPress WP-FaceThumb Gallery 0.1 Cross Site Scripting  
ate:2012-05-13,name:WordPress 2-Click-Socialmedia-Buttons Cross Site Scripting  
ate:2012-05-13,name:WordPress Custom Contact Forms Cross Site Scripting  
ate:2012-05-13,name:WordPress Better WP Security Cross Site Scripting  
ate:2012-05-13,name:WordPress BulletProof Security Cross Site Scripting  
ate:2012-05-13,name:WordPress Bad Behavior Cross Site Scripting  
ate:2012-05-04,name:Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities  
ate:2012-04-28,name:WordPress 3.3.1 Cross Site Request Forgery  
ate:2012-04-28,name:WordPress Organizer 1.2.1 XSS \/ CSRF \/ Shell Upload  
ate:2012-04-28,name:WordPress Organizer 1.2.1 Cross Site Scripting \/ Path Disclosure  
ate:2012-04-21,name:WordPress Zingiri Tickets File Disclosure  
ate:2012-04-21,name:Yahoo Answer Wordpress Auto Poster Cross Site Scripting  
ate:2012-04-21,name:WordPress DoS Vulnerability  
ate:2012-04-16,name:WordPress All-In-One Event Calendar 1.4 Cross Site Scripting  
ate:2012-04-15,name:Wordpress taggator plugin Sql Injection Vulnerabilities  
ate:2012-04-01,name:WordPress Deans With Pwwangs Code Shell Upload  
ate:2012-04-01,name:WordPress Integrator 1.32 Cross Site Scripting  
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth Cross Site Scripting  
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth Information Disclosure  
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth SQL Injection  
ate:2012-03-14,name:WordPress 3.3.1 User Count Enumeration  
ate:2012-01-29,name:WordPress Slallery 2 Cross SIte Scripting  
ate:2012-01-29,name:WordPress <= 3.3.1 Multiple Vulnerabilities  
ate:2012-01-29,name:WordPress Kish Guest Posting 1.0 Shell Upload  
ate:2012-01-28,name:AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload  
ate:2012-01-22,name:WordPress Shortcode Redirect 1.0.01 Stored Cross Site Scripting  
ate:2012-01-22,name:WordPress Mingle Forum 1.0.32.1 Cross Site Scripting \/ SQL Injection  
ate:2012-01-22,name:Wordpress uCan Post plugin <= 1.0.09 Stored XSS  
ate:2012-01-22,name:WordPress uCan Post 1.0.09 Cross Site Scripting  
ate:2012-01-18,name:WordPress myEASYbackup 1.0.8.1 Directory Traversal  
ate:2012-01-17,name:WordPress wp-autoyoutube plugin Blind SQL Injection Vulnerability  
ate:2012-01-17,name:WordPress Yousaytoo Auto Publishing Cross Site Scripting  
ate:2012-01-17,name:Wordpress Age Verification Plugin <= 0.4 Open Redirect  
ate:2012-01-10,name:Wordpress Pay With Tweet Plugin <= 1.1 Multiple Vulnerabilities  
ate:2012-01-09,name:WordPress Comment Rating Cross Site Scripting \/ SQL Injection  
ate:2012-01-03,name:WordPress CartPress 1.6 Cross Site Scripting  
ate:2012-01-03,name:WordPress LivePHP Cross Site Scripting  
ate:2012-01-02,name:WordPress Facebook Page Promoter Lightbox Cross Site Scripting  
ate:2012-01-02,name:WordPress Whois Search Cross Site Scripting  
ate:2011-12-19,name:WordPress Jetpack SQL Injection  
ate:2011-12-19,name:WordPress Flexible Custom Post Type Cross Site Scripting  
ate:2011-12-19,name:WordPress AdRotate 3.6.6 SQL Injection  
ate:2011-11-21,name:WordPress Zingiri 2.2.3 Code Execution  
ate:2011-11-01,name:WordPress Classipress Theme 3.1.4 Cross Site Scripting  
ate:2011-10-29,name:WordPress Contact Form 2.7.5 SQL Injection \/ Patch  
ate:2011-10-15,name:WordPress Photo Album Plus 4.1.1 SQL Injection  
ate:2011-10-15,name:WordPress Pretty Link 1.4.56 Cross Site Scripting  
ate:2011-10-15,name:WordPress GD Star Rating 1.9.10 SQL Injection  
ate:2011-10-15,name:WordPress WP-SpamFree SQL Injection  
ate:2011-10-13,name:WordPress Vodpod Very 3.1.5 Cross-site Scripting  
ate:2011-10-02,name:WordPress WP Bannerize 2.8.7 SQL Injection  
ate:2011-10-02,name:WordPress Mingle Forum 1.0.31 SQL Injection  
ate:2011-10-02,name:WordPress + Buddypress + Blogs Mu Theme Cross Site Scripting  
ate:2011-10-02,name:WordPress CevherShare 2.0 SQL Injection  
ate:2011-10-02,name:WordPress Link Library 5.2.1 SQL Injection  
ate:2011-10-02,name:WordPress AdRotate 3.6.5 SQL Injection  
ate:2011-10-02,name:WordPress Mailing List 1.3.2 Remote File Inclusion  
ate:2011-10-02,name:WordPress Relocate Upload 0.14 Remote File Inclusion  
ate:2011-09-22,name:WordPress Zingiri Web Shop 2.2.0 Remote File Inclusion  
ate:2011-09-22,name:WordPress AllWebMenus 1.1.3 Remote File Inclusion  
ate:2011-09-22,name:WordPress Filedownload 0.1 File Disclosure  
ate:2011-09-22,name:WordPress Count Per Day 2.17 SQL Injection  
ate:2011-09-20,name:WordPress WP e-Commerce 3.8.6 SQL Injection  
ate:2011-09-20,name:WordPress 3.0.4 Blind SQL Injection  
ate:2011-09-20,name:WordPress 3.0.4 comment_post_SQL Injection  
ate:2011-09-12,name:WordPress SCORM Cloud 1.0.6.6 SQL Injection  
ate:2011-09-12,name:WordPress Eventify Simple Events 1.7.f SQL Injection  
ate:2011-09-12,name:WordPress Tweet Old Post 3.2.5 SQL Injection  
ate:2011-09-12,name:WordPress Community Events 1.2.1 SQL Injection  
ate:2011-09-12,name:WordPress Post Highlights 2.2 SQL Injection  
ate:2011-09-12,name:WordPress KNR Author List W.0 SQL Injection  
ate:2011-09-09,name:WordPress Zotpress 4.4 SQL Injection  
ate:2011-09-09,name:WordPress oQey Gallery 0.4.8 SQL Injection  
ate:2011-09-09,name:WordPress Donation 1.0 SQL Injection  
ate:2011-09-02,name:WordPress Evarisk 5.1.3.6 SQL Injection  
ate:2011-09-02,name:WordPress iCopyright Article Tools 1.1.4 SQL Injection  
ate:2011-09-02,name:WordPress Profiles 2.0 RC1 SQL Injection  
ate:2011-09-02,name:WordPress mySTAT 2.6 SQL Injection  
ate:2011-09-02,name:WordPress Facebook Promotions 1.3.3 SQL Injection  
ate:2011-09-02,name:WordPress Collision Testimonials 3.0 SQL Injection  
ate:2011-09-02,name:WordPress oQey Headers 0.3 SQL Injection  
ate:2011-09-02,name:WordPress SH Sl.1.4 SQL Injection  
ate:2011-09-02,name:WordPress Super CAPTCHA 2.2.4 SQL Injection  
ate:2011-09-01,name:WordPress MM Forms Community 1.2.3 SQL Injection  
ate:2011-09-01,name:WordPress 3.1 \/ 3.2.1 Cross Site Scripting  
ate:2011-09-01,name:WordPress SendIt 1.5.9 Blind SQL Injection  
ate:2011-08-26,name:WordPress MM Duplicate 1.2 SQL Injection  
ate:2011-08-24,name:WordPress Allow PHP In Posts And Pages 2.0.0.RC1 SQL Injection  
ate:2011-08-19,name:WordPress WP DS FAQ 1.3.2 SQL Injection  
ate:2011-08-19,name:WordPress WP Forum 1.7.8 SQL Injection  
ate:2011-08-19,name:WordPress Global Content Blocks 1.2 SQL Injection  
ate:2011-08-19,name:WordPress Menu Creator 1.1.7 SQL Injection  
ate:2011-08-19,name:WordPress Ajax Gallery 3.0 SQL Injection  
ate:2011-08-12,name:eShop 6.2.8 For WordPress Cross Site Scripting  
ate:2011-08-06,name:WordPress e-Commerce 3.8.5 Cross Site Scripting  
ate:2011-07-27,name:WordPress WPtouch 1.9.32 URL Redirect  
ate:2011-07-25,name:WordPress e-Commerce 3.8.4 SQL Injection  
ate:2011-07-25,name:WordPress bSuite 4.0.7 Cross Site Scripting  
ate:2011-07-03,name:WordPress Pretty Link Like 1.4.56 SQL Injection  
ate:2011-07-03,name:WordPress Beer Recipes 1.0 Cross Site Scripting  
ate:2011-06-22,name:WordPress Wysi 0.0.2 Shell Upload  
ate:2011-06-16,name:WordPress Events Manager 3.1.2 SQL Injection  
ate:2011-06-16,name:WordPress Star Rating SQL Injection  
ate:2011-06-16,name:Multiple WordPress Themes Cross Site Scripting  
ate:2011-05-23,name:WordPress EditorMonkey (FCKeditor) Remote File Upload  
ate:2011-05-08,name:Daily Maui Photo WdPress Plugin 0.2 Cross Site Scripting  
ate:2011-04-29,name:WP Photo Album WordPress Plugin 1.5.1 Cross Site Scripting  
ate:2011-04-29,name:Wordpress Insufficient Anti-automation Vulnerability  
ate:2011-04-29,name:Wordpress Abuse of Functionality Vulnerability  
ate:2011-04-29,name:Universal Post Manager WordPress Plugin 1.0.9 XSS \/ Path Disclosure  
ate:2011-04-29,name:WP-StarsRateBox WordPress Plugin 1.1 XSS \/ SQL Injection  
ate:2011-04-29,name:SocialGress Plugin 2.3 Cross Site Scripting  
ate:2011-04-20,name:Universal Post Manager WordPress Plugin 1.0.9 SQL Injection  
ate:2011-04-20,name:WordPress Spellchecker Local File Inclusion \/ Remote File Inclusion  
ate:2011-04-13,name:Live Wire 2.0 For WordPress Cross Site Scripting \/ Denial Of Service  
ate:2011-04-07,name:WordPress AdWizz 1.0 Cross Site Scripting  
ate:2011-03-18,name:Cool Very 1.3 WordPress Plugin Path Disclosure  
ate:2011-03-10,name:WP Forum WordPress Plugin 1.7.8 SQL Injection  
ate:2011-03-10,name:NextGEN Gallery WordPress Plugin 1.7.3 Path Disclosure  
ate:2011-03-10,name:Mingle Forum WordPress Plugin 1.0.28 Cross Site Scripting \/ Path Disclosure  
ate:2011-03-02,name:WordPress IGIT Posts Sl Cross Site Scripting  
ate:2011-03-02,name:WordPress PG Flash Gallery 4.1.1 Cross Site Scripting  
ate:2011-03-02,name:WordPress YT-Audio 1.7 Cross Site Scripting  
ate:2011-03-02,name:WordPress WPhone 1.5.2 Cross Site Scripting  
ate:2011-03-02,name:WordPress PhotoSmash 1.0.2 Cross Site Scripting  
ate:2011-03-01,name:WordPress jQuery Mega Menu 1.0 Local File Inclusion  
ate:2011-03-01,name:WordPress OPS Old Post Spinner 2.2 Local File Inclusion  
ate:2011-03-01,name:WordPress ComicPress Manager 1.4.9.9 Cross Site Scripting  
ate:2011-03-01,name:WordPress Zotpress 2.6 Cross Site Scripting  
ate:2011-03-01,name:WordPress Uploadify 1.0 Shell Upload  
ate:2011-03-01,name:SQL Injection in WP Forum Server wordpress plugin  
ate:2011-02-22,name:WordPress User Photo Component Shell Upload  
ate:2011-02-03,name:WordPress TagNinja 1.0 Cross Site Scripting  
ate:2011-02-03,name:WordPress RSS Feed Reader For WordPress 0.1 Cross Site Scripting  
ate:2011-02-03,name:WordPress WP Featured Post With Thumbnail 3.0 Cross Site Scripting  
ate:2011-02-03,name:WordPress WP Publication Archive 2.0.1 Local File Inclusion  
ate:2011-01-11,name:WordPress Feed List 2.61.01 Cross Site Scripting  
ate:2011-01-04,name:WordPress Survery And Quiz Tool 1.2.1 XSS  
ate:2011-01-02,name:Embedded VPress Plugin Cross Site Vulnerability (XSS)  
ate:2011-01-01,name:WordPress Accept Signups 0.1 Cross Site Scripting  
ate:2010-12-23,name:Embedded VPress Plugin Cross Site Scripting  
ate:2010-12-13,name:Vulnerabilities in Register Plus for WordPress  
ate:2010-11-05,name:cforms WordPress Plugin Cross Site Scripting Vulnerability  
ate:2010-10-29,name:WordPress 3.0.1 plugin myLDlinker ( SQL Injection Vulnerability )  
ate:2010-08-18,name:WordPress 3.0.1 - Cross Site Scripting Issue  
ate:2010-07-05,name:WP-UserOnline 2.62 for WordPress cross site scripting and path disclosure  
ate:2010-06-30,name:Cimy Counter for WordPress Vulnerabilities  
ate:2010-06-13,name:Gigya Socializes 1.1.8 and below for WordPress cross site scripting  
ate:2010-05-14,name:Events Manager Wordpress plugins 2.1 remote blind SQL injection  
ate:2010-04-03,name:WordPress Plugin: My Category Order <= 2.8 SQL Injection  
ate:2010-02-28,name:WordPress 0.16 Copperleaf Photolog SQL injection  
ate:2010-02-06,name:The Wordpress Calendar remote SQL injection  
ate:2009-12-30,name:WordPress and Pyrmont V2. SQL Injection Vulnerability  
ate:2009-12-10,name:WP-Cumulus for WordPress - XSS, FPD  
ate:2009-11-27,name:WordPress 2.7.1 security bypass vulnerability admin  
ate:2009-11-16,name:WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution  
ate:2009-10-28,name:Wordpress Resource Exhaustion - Denial of Service Vulnerability  
ate:2009-09-12,name:Nextgen gallery 0.96 wordpress plugin XSS Vulnerability  
ate:2009-08-27,name:WordPress SQL Injection(wp-content-simple-forum)  
ate:2009-08-24,name:Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution  
ate:2009-08-14,name:WordPress <= 2.8.3 Remote Admin Reset Password Vulnerability  
ate:2009-07-16,name:WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures  
ate:2009-07-15,name:WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability  
ate:2009-07-11,name:WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln  
ate:2009-07-11,name:WordPress Privileges Unchecked in admin.php and Multiple Information  
ate:2009-06-23,name:WordPress Plugin Photoracer 1.0 (njection Vulnerability  
ate:2009-05-20,name:Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit  
ate:2009-03-23,name:WordPress MU HTTP Header XSS Vulnerability  
ate:2009-03-23,name:Wordpress Plugin fMoblog 2.1 (njection Vulnerability  
ate:2009-01-03,name:Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln  
ate:2008-12-23,name:Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit  
ate:2008-12-02,name:WordPress XSS vulnerability in RSS Feed Generator  
date:2008-10-25,name:Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln  
date:2008-10-22,name:Exploiting the SpamBam plugin for wordpress  
date:2008-10-06,name:WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability  
date:2008-10-05,name:WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability  
date:2008-09-18,name:Wordpress user_login Column SQL Truncation Vulnerability  
date:2008-08-02,name:Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit  
date:2008-06-15,name:XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN  
date:2008-06-02,name:vuln in WordPress plugin Upload File(UP)  
date:2008-06-02,name:Wordpress Malicious File Execution Vulnerability  
date:2008-03-25,name:WordPress Multiple Cross-Site Scripting Vulnerabilities  
date:2008-03-10,name:Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities  
date:2008-03-09,name:WordPress album PHOTO SQL Injection  
date:2008-03-06,name:Search Unleashed 0.2.10 JavaScript injection (Wordpress plugin)  
date:2008-03-06,name:Wordpress Plugin (wp-people) SQL Injection  
date:2008-02-19,name:Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites  
date:2008-02-15,name:Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities  
date:2008-01-21,name:Multiple Vulnerabilities in Wordpress and other Web applications  
date:2007-12-16,name:WordPress Charset SQL injection vulnerability (re-resend)  
date:2007-11-24,name:Wordpress Cookie Authentication Vulnerability  
date:2007-10-12,name:2 vanilla XSS on Wordpress \wp-register.php\  
date:2007-07-17,name:Redirection Vulnerability in wp-pass.php, WordPress 2.2.1  
date:2007-06-28,name:Persistent cross-site scripting in wordpress.com dashboard  
date:2007-06-27,name:Wordpress default theme XSS (admin) and other problems  
date:2007-05-20,name:Wordpress All versions XSS  
date:2007-05-12,name:wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability  
date:2007-04-13,name:WordPress XSS under function wp_title()  
date:2007-02-05,name:Multiple Remote Vulnerabilities in Wordpress  
date:2007-01-19,name:WordPress CSRF Protection XSS Vulnerability  
date:2007-01-19,name:Wordpress <= 2.x dictionnary & Bruteforce attack  
date:2007-01-19,name:WordPress Trackback Charset Decoding SQL Injection Vulnerability  
date:2007-01-07,name:Enigma WordPress Brrddir) Remote File Include  
date:2006-08-23,name:Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability  
date:2006-07-13,name:WordPress 2.0.3 SQL Error and Full Path Disclosure  
date:2006-01-05,name:Full path disclosure on WordPress < 1.5.2}  

zhutougg

继续阅读此作者的更多文章