WordPress Plugin Vulnerabilities

🦸 🧭 Calling all superheroes and explorers! Introducing the WordPress Superhero Challenge and WordPress XSSplorer Challenge for the Wordfence Bug Bounty Program: Earn up to $31,200 for High Impact Vulnerabilities AND XSS vulnerabilities are in scope for all researchers in plugins/themes >= 1,000 Active Installs!

Through October 7th, 2024 all Cross-Site Scripting (XSS) vulnerabilities in plugins/themes with >= 1,000 Active Installs will be in scope for all researchers regardless of researcher tier. In addition, through October 14th, 2024, all vulnerabilities reported in plugins or themes with >= 5,000,000 active installs will be 3x our highest bounty rewards making our top reward $31,200.

Check out the updated bounties here!

Wordfence Intelligence > Vulnerability Database > WordPress Plugins

Showing 3841-3860 of 8633 plugins with known vulnerabilities

Search all WordPress Plugins with known vulnerabilities

Mail logging – WP Mail Catcher

4 Vulnerabilities

Apr 11, 2024

Mail Masta

14 Vulnerabilities

Mar 9, 2017

Mail On Update

1 Vulnerability

May 16, 2013

Mail Queue

1 Vulnerability

Jun 22, 2023

Mail Subscribe List

4 Vulnerabilities

Apr 20, 2023

MailArchiver

1 Vulnerability

Jul 12, 2023

Mailchimp for WooCommerce

2 Vulnerabilities

Aug 3, 2022

MailChimp Forms by MailMunch

4 Vulnerabilities

Apr 10, 2024

MailChimp Immediate Send

1 Vulnerability

Jul 18, 2023

MailChimp Manager

2 Vulnerabilities

Mar 4, 2022

MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder

4 Vulnerabilities

Aug 9, 2024

MailCWP

2 Vulnerabilities

Jul 10, 2015

Maileon for WordPress

1 Vulnerability

Oct 16, 2023

MailerLite – Signup forms (official)

6 Vulnerabilities

Apr 29, 2024

MailerLite – WooCommerce integration

2 Vulnerabilities

Jan 8, 2024

Mailjet Email Marketing

1 Vulnerability

Jan 3, 2023

MailMunch – Grow your Email List

2 Vulnerabilities

Apr 5, 2024

MailPoet – Newsletters, Email Marketing, and Automation

1 Vulnerability

Apr 16, 2019

MailPoet Newsletters (Previous)

10 Vulnerabilities

Mar 14, 2018

MailPress

1 Vulnerability

May 31, 2022

Title	Number of Vulnerabilities	Last Vulnerability
Mail logging – WP Mail Catcher	4	April 11, 2024
Mail Masta	14	March 9, 2017
Mail On Update	1	May 16, 2013
Mail Queue	1	June 22, 2023
Mail Subscribe List	4	April 20, 2023
MailArchiver	1	July 12, 2023
Mailchimp for WooCommerce	2	August 3, 2022
MailChimp Forms by MailMunch	4	April 10, 2024
MailChimp Immediate Send	1	July 18, 2023
MailChimp Manager	2	March 4, 2022
MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder	4	August 9, 2024
MailCWP	2	July 10, 2015
Maileon for WordPress	1	October 16, 2023
MailerLite – Signup forms (official)	6	April 29, 2024
MailerLite – WooCommerce integration	2	January 8, 2024
Mailjet Email Marketing	1	January 3, 2023
MailMunch – Grow your Email List	2	April 5, 2024
MailPoet – Newsletters, Email Marketing, and Automation	1	April 16, 2019
MailPoet Newsletters (Previous)	10	March 14, 2018
MailPress	1	May 31, 2022

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation