WordPress Plugin Vulnerabilities

🦸 🧭 Calling all superheroes and explorers! Introducing the WordPress Superhero Challenge and WordPress XSSplorer Challenge for the Wordfence Bug Bounty Program: Earn up to $31,200 for High Impact Vulnerabilities AND XSS vulnerabilities are in scope for all researchers in plugins/themes >= 1,000 Active Installs!

Through October 7th, 2024 all Cross-Site Scripting (XSS) vulnerabilities in plugins/themes with >= 1,000 Active Installs will be in scope for all researchers regardless of researcher tier. In addition, through October 14th, 2024, all vulnerabilities reported in plugins or themes with >= 5,000,000 active installs will be 3x our highest bounty rewards making our top reward $31,200.

Check out the updated bounties here!

Wordfence Intelligence > Vulnerability Database > WordPress Plugins

Showing 2721-2740 of 8606 plugins with known vulnerabilities

Search all WordPress Plugins with known vulnerabilities

core plugin for kitestudio themes

1 Vulnerability

Jun 2, 2022

HTML2WP

3 Vulnerabilities

Jun 2, 2022

Trade Runner

2 Vulnerabilities

Jun 2, 2022

Ultimate WooCommerce CSV Importer

1 Vulnerability

Jun 2, 2022

Currency Switcher for WordPress

1 Vulnerability

Jun 3, 2022

Image Gallery – Grid Gallery

1 Vulnerability

Jun 3, 2022

Simple Single Sign On

1 Vulnerability

Jun 4, 2022

Limit Login Attempts

2 Vulnerabilities

Jun 6, 2022

1 Vulnerability

Jun 6, 2022

2 Vulnerabilities

Jun 6, 2022

MyCSS

1 Vulnerability

Jun 6, 2022

NextCellent Gallery – NextGEN Legacy

2 Vulnerabilities

Jun 6, 2022

SAML Single Sign On – SSO Login

4 Vulnerabilities

Jun 6, 2022

Site Offline or Coming Soon

1 Vulnerability

Jun 6, 2022

WordPress Security – Firewall, Malware Scanner, Secure Login and Backup

1 Vulnerability

Jun 6, 2022

Co-Authors Plus

1 Vulnerability

Jun 7, 2022

Menu Cart for WooCommerce

1 Vulnerability

Jun 7, 2022

Skitter Slideshow

1 Vulnerability

Jun 7, 2022

WP Menu Cart

1 Vulnerability

Jun 7, 2022

wp-championship

2 Vulnerabilities

Jun 7, 2022

Title	Number of Vulnerabilities	Last Vulnerability
core plugin for kitestudio themes	1	June 2, 2022
HTML2WP	3	June 2, 2022
Trade Runner	2	June 2, 2022
Ultimate WooCommerce CSV Importer	1	June 2, 2022
Currency Switcher for WordPress	1	June 3, 2022
Image Gallery – Grid Gallery	1	June 3, 2022
Simple Single Sign On	1	June 4, 2022
Limit Login Attempts	2	June 6, 2022
Login using WordPress Users ( WP as SAML IDP )	1	June 6, 2022
Login with TOTP (Google Authenticator, Microsoft Authenticator)	2	June 6, 2022
MyCSS	1	June 6, 2022
NextCellent Gallery – NextGEN Legacy	2	June 6, 2022
SAML Single Sign On – SSO Login	4	June 6, 2022
Site Offline or Coming Soon	1	June 6, 2022
WordPress Security – Firewall, Malware Scanner, Secure Login and Backup	1	June 6, 2022
Co-Authors Plus	1	June 7, 2022
Menu Cart for WooCommerce	1	June 7, 2022
Skitter Slideshow	1	June 7, 2022
WP Menu Cart	1	June 7, 2022
wp-championship	2	June 7, 2022

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation