WordPress Plugin Vulnerabilities

🦸 🧭 Calling all superheroes and explorers! Introducing the WordPress Superhero Challenge and WordPress XSSplorer Challenge for the Wordfence Bug Bounty Program: Earn up to $31,200 for High Impact Vulnerabilities AND XSS vulnerabilities are in scope for all researchers in plugins/themes >= 1,000 Active Installs!

Through October 7th, 2024 all Cross-Site Scripting (XSS) vulnerabilities in plugins/themes with >= 1,000 Active Installs will be in scope for all researchers regardless of researcher tier. In addition, through October 14th, 2024, all vulnerabilities reported in plugins or themes with >= 5,000,000 active installs will be 3x our highest bounty rewards making our top reward $31,200.

Check out the updated bounties here!

Wordfence Intelligence > Vulnerability Database > WordPress Plugins

Showing 2881-2900 of 8606 plugins with known vulnerabilities

Search all WordPress Plugins with known vulnerabilities

Images Asynchronous Load

1 Vulnerability

Aug 1, 2022

Lana Downloads Manager

1 Vulnerability

Aug 1, 2022

LinkWorth Plugin

1 Vulnerability

Aug 1, 2022

Ninja Job Board – Ultimate WordPress Job Board Plugin

2 Vulnerabilities

Aug 1, 2022

Profile & Dashboard fields [Modify/Disable/Remove]

1 Vulnerability

Aug 1, 2022

Redirect By Cookie

1 Vulnerability

Aug 1, 2022

Remove tabs and fields from WooCommerce

1 Vulnerability

Aug 1, 2022

Require & Limit Categories, Tags, Featured Image and taxonomies

1 Vulnerability

Aug 1, 2022

Student Result or Employee Database

3 Vulnerabilities

Aug 1, 2022

WP Edit Menu

2 Vulnerabilities

Aug 1, 2022

WP phpMyAdmin

2 Vulnerabilities

Aug 1, 2022

WP Sticky Button – Click to Chat

2 Vulnerabilities

Aug 1, 2022

Yotpo Reviews for WooCommerce (Unofficial)

1 Vulnerability

Aug 1, 2022

Banner Cycler

1 Vulnerability

Aug 2, 2022

Rich Reviews by Starfish

3 Vulnerabilities

Aug 2, 2022

WP OAuth Server ( Login with WordPress )

1 Vulnerability

Aug 2, 2022

Mailchimp for WooCommerce

2 Vulnerabilities

Aug 3, 2022

Auto Post, Auto Publish and Schedule to Twitter, LinkedIn and Social Media – WP to Buffer

1 Vulnerability

Aug 5, 2022

Contempo Real Estate Custom Posts

1 Vulnerability

Aug 5, 2022

Cyclone Slider

1 Vulnerability

Aug 5, 2022

Title	Number of Vulnerabilities	Last Vulnerability
Images Asynchronous Load	1	August 1, 2022
Lana Downloads Manager	1	August 1, 2022
LinkWorth Plugin	1	August 1, 2022
Ninja Job Board – Ultimate WordPress Job Board Plugin	2	August 1, 2022
Profile & Dashboard fields [Modify/Disable/Remove]	1	August 1, 2022
Redirect By Cookie	1	August 1, 2022
Remove tabs and fields from WooCommerce	1	August 1, 2022
Require & Limit Categories, Tags, Featured Image and taxonomies	1	August 1, 2022
Student Result or Employee Database	3	August 1, 2022
WP Edit Menu	2	August 1, 2022
WP phpMyAdmin	2	August 1, 2022
WP Sticky Button – Click to Chat	2	August 1, 2022
Yotpo Reviews for WooCommerce (Unofficial)	1	August 1, 2022
Banner Cycler	1	August 2, 2022
Rich Reviews by Starfish	3	August 2, 2022
WP OAuth Server ( Login with WordPress )	1	August 2, 2022
Mailchimp for WooCommerce	2	August 3, 2022
Auto Post, Auto Publish and Schedule to Twitter, LinkedIn and Social Media – WP to Buffer	1	August 5, 2022
Contempo Real Estate Custom Posts	1	August 5, 2022
Cyclone Slider	1	August 5, 2022

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation