WordPress Plugin Vulnerabilities

💥 Time to wrap up this year and kick-off the new year with a bang! We’re wrapping up the year with our End of Year Holiday Extravaganza, High-Risk Bonus Blitz Challenge, and Superhero Challenge for the Wordfence Bug Bounty Program.

Through January 6th, 2025, our program has an expanded scope for all researchers with a new lower active install count threshold, automatic bonuses for in-scope submissions, an extra bonus for those focusing on high-risk vulnerabilities, a minimum bounty for all submissions, increased pending report limits, and our rewards remain as high as $31,200.

Review what's in scope for your tier and updated bounties with bonuses here!

Wordfence Intelligence > Vulnerability Database > WordPress Plugins

Showing 8661-8680 of 9967 plugins with known vulnerabilities

Search all WordPress Plugins with known vulnerabilities

BuddyPress Builder for Elementor – BuddyBuilder

4 Vulnerabilities

Nov 12, 2024

Builder for WooCommerce product reviews shortcodes – ReviewShort

4 Vulnerabilities

May 16, 2024

Bulk NoIndex & NoFollow Toolkit

4 Vulnerabilities

Sep 25, 2024

Buy Me a Coffee – Button and Widget Plugin

4 Vulnerabilities

Jul 13, 2023

Calendar

4 Vulnerabilities

Apr 29, 2024

Carousel, Slider, Gallery by WP Carousel – Image Carousel with Lightbox & Photo Gallery, Video Slider, Post Carousel & Post Grid, Product Carousel & Product Grid

4 Vulnerabilities

Dec 3, 2024

CBX Bookmark & Favorite

4 Vulnerabilities

Apr 16, 2024

CE21 Suite

4 Vulnerabilities

Dec 11, 2024

Chartify – WordPress Chart Plugin

4 Vulnerabilities

Nov 13, 2024

Chatbot with ChatGPT WordPress

4 Vulnerabilities

Sep 4, 2024

Checkout Mestres do WP for WooCommerce

4 Vulnerabilities

Sep 24, 2024

Child Theme Creator by Orbisius

4 Vulnerabilities

Dec 11, 2024

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

4 Vulnerabilities

Dec 2, 2024

CM WordPress Search And Replace Plugin

4 Vulnerabilities

Nov 25, 2024

CodeBard's Patron Button and Widgets for Patreon

4 Vulnerabilities

Apr 29, 2024

Collapse-O-Matic

4 Vulnerabilities

Jun 14, 2024

Coming soon and Maintenance mode

4 Vulnerabilities

Dec 1, 2023

Conditional Fields for Contact Form 7

4 Vulnerabilities

Oct 24, 2024

Constant Contact Forms

4 Vulnerabilities

Jan 3, 2024

Consulting Elementor Widgets

4 Vulnerabilities

Jun 20, 2024

Title	Number of Vulnerabilities	Last Vulnerability
BuddyPress Builder for Elementor – BuddyBuilder	4	November 12, 2024
Builder for WooCommerce product reviews shortcodes – ReviewShort	4	May 16, 2024
Bulk NoIndex & NoFollow Toolkit	4	September 25, 2024
Buy Me a Coffee – Button and Widget Plugin	4	July 13, 2023
Calendar	4	April 29, 2024
Carousel, Slider, Gallery by WP Carousel – Image Carousel with Lightbox & Photo Gallery, Video Slider, Post Carousel & Post Grid, Product Carousel & Product Grid	4	December 3, 2024
CBX Bookmark & Favorite	4	April 16, 2024
CE21 Suite	4	December 11, 2024
Chartify – WordPress Chart Plugin	4	November 13, 2024
Chatbot with ChatGPT WordPress	4	September 4, 2024
Checkout Mestres do WP for WooCommerce	4	September 24, 2024
Child Theme Creator by Orbisius	4	December 11, 2024
Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress	4	December 2, 2024
CM WordPress Search And Replace Plugin	4	November 25, 2024
CodeBard's Patron Button and Widgets for Patreon	4	April 29, 2024
Collapse-O-Matic	4	June 14, 2024
Coming soon and Maintenance mode	4	December 1, 2023
Conditional Fields for Contact Form 7	4	October 24, 2024
Constant Contact Forms	4	January 3, 2024
Consulting Elementor Widgets	4	June 20, 2024

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation