Disclosures


Status Component Name Vulnerability Version Access Level CVE-Number
wp-plugin : unlimited-popups Injection 4.5.3 Editor CVE-2021-24631
wp-plugin : schreikasten Injection 0.14.18 Author CVE-2021-24630
wp-plugin : post-content-xmlrpc Injection 1 Administrator CVE-2021-24629
wp-plugin : mwp-forms Injection 3.1.3 Administrator CVE-2021-24628
wp-plugin : g-auto-hyperlink Injection 1.0.1 Administrator CVE-2021-24627
wp-plugin : chameleon-css Injection 1.2 Subscriber CVE-2021-24626
wp-plugin : catalog Injection 1.7.3 Administrator CVE-2021-24625
wp-plugin : wpagecontact Injection 1 Administrator CVE-2021-24403
wp-plugin : wp-icommerce Injection 1.1.1 Administrator CVE-2021-24402
wp-plugin : wp-domain-redirect Injection 1 Administrator CVE-2021-24401
wp-plugin : wp-display-users Injection 2.0.0 Administrator CVE-2021-24400
wp-plugin : wp-board Injection 1.1(Beta) Subscriber CVE-2021-24404
wp-plugin : the-sorter Injection 1.2 Administrator CVE-2021-24399
wp-plugin : purple-xmls-google-product-feed-for-woocommerce Injection 3.3.0.3 Administrator CVE-2021-24511
wp-plugin : morpheus-slider Injection 1.2 Administrator CVE-2021-24398
wp-plugin : microcopy Injection 1.1.0 Administrator CVE-2021-24397
wp-plugin : gseor Injection 1.3 Administrator CVE-2021-24396
wp-plugin : wp-paytm-pay Injection 1.3.2 Administrator CVE-2021-24554
wp-plugin : timeline-calendar Injection 1.2 Administrator CVE-2021-24553
wp-plugin : simple-events-calendar Injection 1.4.0 Administrator CVE-2021-24552
wp-plugin : project-status Cross Site Scripting ( Xss) 1.6 Subscriber CVE-2021-24558
wp-plugin : m-vslider Injection 2.1.3 Administrator CVE-2021-24557
wp-plugin : embed-youtube-video Injection 1 Administrator CVE-2021-24395
wp-plugin : email-subscriber Cross Site Scripting ( Xss) 1.1 Unauthenticated CVE-2021-24556
wp-plugin : edit-comments Injection 0.3 Unauthenticated CVE-2021-24551
wp-plugin : easy-testimonial-manager Injection 1.2.0 Administrator CVE-2021-24394
wp-plugin : diary-availability-calendar Injection 1.0.3 Subscriber CVE-2021-24555
wp-plugin : comment-highlighter Injection 0.13 Administrator CVE-2021-24393
wp-plugin : club-management-software Injection 1 Administrator CVE-2021-24392
wp-plugin : cashtomer Injection 1 Subscriber CVE-2021-24391
wp-plugin : broken-link-manager Injection 0.6.5 Administrator CVE-2021-24550
wp-plugin : alipay Injection 3.7.2 Administrator CVE-2021-24390
wp-plugin : aceide Local File Inclusion 2.6.2 Administrator CVE-2021-24549
wp-plugin : rsvpmaker Ssrf 8.6.4 Administrator CVE-2021-24371
wp-plugin : handsome-testimonials Injection 2.0.7 Subscriber CVE-2021-24492
wp-plugin : xllentech-english-islamic-calendar Injection 2.6.6 Administrator CVE-2021-24341
wp-plugin : stock-in Cross Site Scripting ( Xss) 1.0.4 Contributor CVE-2021-24346
wp-plugin : side-menu Injection 3.1.3 Administrator CVE-2021-24348
wp-plugin : sendit Injection 2.5.1 Administrator CVE-2021-24345
wp-plugin : video-embed-box Injection 1 Subscriber CVE-2021-24337
wp-plugin : flightlog Injection 3.0.2 Editor CVE-2021-24336
wp-plugin : giveasap Cross Site Scripting ( Xss) 2.35.0 Unauthenticated CVE-2021-24298
wp-plugin : cars-seller-auto-classifieds-script Injection 2.1.0 Unauthenticated CVE-2021-24285
wp-plugin : keyring Cross Site Scripting ( Xss) 1.5 Unauthenticated Not Assigned
wp-plugin : immopress Cross Site Scripting ( Xss) 0.0.4 Unauthenticated Not Assigned
wp-plugin : animal-captcha Cross Site Scripting ( Xss) 1.6.2 Unauthenticated Not Assigned
wp-plugin : wp-symposium Unvalidated Redirects and Forwards 13.12 Contributor Not Assigned
wp-plugin : hunk-external-links Cross Site Scripting ( Xss) 3.0.5 Unauthenticated Not Assigned
wp-plugin : google-maps-in-posts Cross Site Scripting ( Xss) 1.5.3 Unauthenticated Not Assigned
wp-plugin : aprils-super-functions-pack Cross Site Scripting ( Xss) 1.4.7 Unauthenticated Not Assigned
wp-plugin : google-map-generator Cross Site Scripting ( Xss) 1.3.1 Unauthenticated Not Assigned
wp-plugin : athlon-manage-calameo-publications Cross Site Scripting ( Xss) 1.1.0 Unauthenticated Not Assigned
wp-plugin : gbteamstats Cross Site Scripting ( Xss) 1.5.1 Unauthenticated Not Assigned
wp-plugin : avchat-3 Cross Site Scripting ( Xss) 1.4.1 Unauthenticated Not Assigned
wp-plugin : garees-flickr-feed Cross Site Scripting ( Xss) 0.8 Unauthenticated Not Assigned
wp-plugin : blogroll-fun Cross Site Scripting ( Xss) 0.8.4 Unauthenticated Not Assigned
wp-plugin : fixedly Cross Site Scripting ( Xss) 1.3.1 Unauthenticated Not Assigned
wp-plugin : captcha-in-thai Cross Site Scripting ( Xss) 1.1 Unauthenticated Not Assigned
wp-plugin : filtre-de-surveillance-gouvernemental Cross Site Scripting ( Xss) 1.1 Unauthenticated Not Assigned
wp-plugin : clicksold-wordpress-plugin Cross Site Scripting ( Xss) 1.48 Unauthenticated Not Assigned
wp-plugin : fancy-cats Cross Site Scripting ( Xss) 1.1 Unauthenticated Not Assigned
wp-plugin : clipta-video-informer Cross Site Scripting ( Xss) 1 Unauthenticated Not Assigned
wp-plugin : dialogs Cross Site Scripting ( Xss) 1.0.3 Unauthenticated Not Assigned
wp-plugin : contentboxes Cross Site Scripting ( Xss) 1.1 Unauthenticated Not Assigned
wp-plugin : daily-inspiration-generator Unvalidated Redirects and Forwards 2 Unauthenticated Not Assigned
wp-plugin : coupon-tab-for-directorypress-pp Cross Site Scripting ( Xss) 0.2.0 Unauthenticated Not Assigned
wp-plugin : daily-inspiration-generator Cross Site Scripting ( Xss) 2 Unauthenticated Not Assigned
wp-plugin : mywebcounter Cross Site Scripting ( Xss) 1.1 Unauthenticated Not Assigned
wp-plugin : wu-rating Cross Site Scripting ( Xss) 1.0 12319 Unauthenticated CVE-2014-4601
wp-plugin : wp-tmkm-amazon Cross Site Scripting ( Xss) 1.5b Unauthenticated CVE-2014-4598
wp-plugin : wp-restful Cross Site Scripting ( Xss) 0.1 Unauthenticated CVE-2014-4595
wp-plugin : wp-responsive-preview Cross Site Scripting ( Xss) 1.1 Unauthenticated CVE-2014-4594
wp-plugin : wp-picasa-image Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4591
wp-plugin : wp-microblogs Cross Site Scripting ( Xss) 0.4.0 Unauthenticated CVE-2014-4590
wp-plugin : wp-guestmap Cross Site Scripting ( Xss) 1.8 Unauthenticated CVE-2014-4587
wp-plugin : wp-football Cross Site Scripting ( Xss) 1.1 Unauthenticated CVE-2014-4586
wp-plugin : wp-facethumb Cross Site Scripting ( Xss) Unauthenticated CVE-2014-4585
wp-plugin : wp-consultant Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4582
wp-plugin : wp-blipbot Cross Site Scripting ( Xss) 3.0.9 Unauthenticated CVE-2014-4580
wp-plugin : wp-appointments-schedules Cross Site Scripting ( Xss) 1.5 Unauthenticated CVE-2014-4579
wp-plugin : wikipop Cross Site Scripting ( Xss) 2 Unauthenticated CVE-2014-4575
wp-plugin : walk-score Cross Site Scripting ( Xss) 0.5.5 Unauthenticated CVE-2014-4573
wp-plugin : vn-calendar Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4571
wp-plugin : videowhisper-video-presentation Cross Site Scripting ( Xss) 3.25 Unauthenticated CVE-2014-4570
wp-plugin : videowhisper-live-streaming-integration Cross Site Scripting ( Xss) 4.27.2 Unauthenticated CVE-2014-2715
wp-plugin : video-posts-webcam-recorder Cross Site Scripting ( Xss) 1.55.4 Unauthenticated CVE-2014-4568
wp-plugin : video-comments-webcam-recorder Cross Site Scripting ( Xss) 1.55 Unauthenticated CVE-2014-4567
wp-plugin : verification-code-for-comments Cross Site Scripting ( Xss) 2.1.0 Unauthenticated CVE-2014-4565
wp-plugin : ruven-toolkit Cross Site Scripting ( Xss) 1.1 Unauthenticated CVE-2014-4548
wp-plugin : wpcb Cross Site Scripting ( Xss) 2.4.8 Unauthenticated CVE-2014-4581
wp-plugin : wp-app-maker Cross Site Scripting ( Xss) 1.0.16.4 Unauthenticated CVE-2014-4578
wp-plugin : wp-amasin-the-amazon-affiliate-shop Local File Inclusion 0.9.6 Unauthenticated CVE-2014-4577
wp-plugin : cross-rss Local File Inclusion 1.7 Unauthenticated CVE-2014-4941
wp-plugin : wp-easycart Information Disclosure 2.0.5 Unauthenticated CVE-2014-4942
wp-plugin : all-in-one-social-lite Ssrf 1 Unauthenticated Not Assigned
wp-plugin : enl-newsletter Injection 1.0.1 Administrator CVE-2014-4939
wp-plugin : tom-m8te Local File Inclusion 1.5.3 Unauthenticated Not Assigned
wp-plugin : flog Ssrf 1.0beta3 Unauthenticated Not Assigned
wp-plugin : keyword-strategy-internal-links Cross Site Scripting ( Xss) 2 Unauthenticated CVE-2014-4537
wp-plugin : lastfm-rotation Local File Inclusion 1 Unauthenticated Not Assigned
wp-plugin : ultimate-product-catalogue Injection Administrator Not Assigned
wp-plugin : wp-social-invitations Cross Site Scripting ( Xss) 1.4.4.2 Unauthenticated CVE-2014-4597
wp-plugin : simple-retail-menus Injection 4.0.1 Editor Not Assigned
wp-plugin : hdw-player-video-player-video-gallery Injection 2.4.2 Administrator Not Assigned
wp-plugin : easy-career-openings Cross Site Scripting ( Xss) 0.4 Unauthenticated CVE-2014-4523
wp-plugin : conversador Cross Site Scripting ( Xss) 2.61 Unauthenticated CVE-2014-4519
wp-plugin : bookx Local File Inclusion 1.7 Unauthenticated CVE-2014-4937
wp-plugin : bic-media Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4516
wp-plugin : anyfont Cross Site Scripting ( Xss) 2.2.3 Unauthenticated CVE-2014-4515
wp-plugin : your-text-manager Cross Site Scripting ( Xss) 0.3.0 Unauthenticated CVE-2014-4604
wp-plugin : webengage Cross Site Scripting ( Xss) 2.0.0 Unauthenticated CVE-2014-4574
wp-plugin : swipe-hq-checkout-for-jigoshop Cross Site Scripting ( Xss) 3.1.0 Unauthenticated CVE-2014-4557
wp-plugin : rezgo Cross Site Scripting ( Xss) 1.4.2 Unauthenticated CVE-2014-4546
wp-plugin : fbpromotions Cross Site Scripting ( Xss) 1.3.4 Unauthenticated CVE-2014-4528
wp-plugin : easy-post-types Cross Site Scripting ( Xss) 1.4.3 Unauthenticated CVE-2014-4524
wp-plugin : all-video-gallery Injection 1.2 Administrator Not Assigned
wp-plugin : wp-rss-poster Injection 1.0.0 Unauthenticated CVE-2014-4938
wp-plugin : rezgo-online-booking Cross Site Scripting ( Xss) 1.8 Unauthenticated CVE-2014-4547
wp-plugin : efence Cross Site Scripting ( Xss) 1.3.2 Unauthenticated CVE-2014-4526
wp-plugin : oleggo-livestream Cross Site Scripting ( Xss) 0.2.6 Unauthenticated CVE-2014-4540
wp-plugin : dmca-watermarker Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4520
wp-plugin : alipay Cross Site Scripting ( Xss) 3.6.0 Unauthenticated CVE-2014-4514
wp-plugin : zelist-directory Cross Site Scripting ( Xss) 0.5.11.07 Unauthenticated Not Assigned
wp-plugin : zdstats Cross Site Scripting ( Xss) 2.0.1 Unauthenticated CVE-2014-4605
wp-plugin : yawpp Injection 1.2 Contributor Not Assigned
wp-plugin : yahoo-updates-for-wordpress Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4603
wp-plugin : xen-carousel Cross Site Scripting ( Xss) 0.12.2 Unauthenticated CVE-2014-4602
wp-plugin : swipehq-payment-gateway-woocommerce Cross Site Scripting ( Xss) 2.7.1 Unauthenticated CVE-2014-4558
wp-plugin : stripshow Injection 2.5.2 Administrator Not Assigned
wp-plugin : ss-downloads Cross Site Scripting ( Xss) 1.4.41 Unauthenticated Not Assigned
wp-plugin : omfg-mobile Cross Site Scripting ( Xss) 1.1.26 Unauthenticated CVE-2014-4541
wp-plugin : malware-finder Cross Site Scripting ( Xss) 1.1 Unauthenticated CVE-2014-4538
wp-plugin : envialosimple-email-marketing-y-newsletters-gratis Cross Site Scripting ( Xss) 1.97 Unauthenticated CVE-2014-4527
wp-plugin : activehelper-livehelp Cross Site Scripting ( Xss) 3.1.0 Unauthenticated CVE-2014-4513
wp-plugin : jrss-widget Ssrf 1.2 Unauthenticated Not Assigned
wp-plugin : quartz Injection 1.01.1 Contributor Not Assigned
wp-plugin : Tera-chart Local File Inclusion 0.1 Unauthenticated CVE-2014-4940
wp-plugin : zeenshare Cross Site Scripting ( Xss) 1.0.1 Unauthenticated CVE-2014-4606
wp-plugin : youtubefreedown Components With Known Vulnerabilities 1 Unauthenticated Not Assigned
wp-plugin : wpsnapapp Cross Site Scripting ( Xss) 1.5 Unauthenticated CVE-2014-4596
wp-plugin : wppm Cross Site Scripting ( Xss) 1.6.4.b Unauthenticated CVE-2014-4593
wp-plugin : wphotfiles Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4588
wp-plugin : wp-ultimate-email-marketer Cross Site Scripting ( Xss) 1.1.0 Unauthenticated CVE-2014-4600
wp-plugin : wp-ttisbdir Cross Site Scripting ( Xss) 1.0.2 Unauthenticated CVE-2014-4599
wp-plugin : wp-royal-gallery Components With Known Vulnerabilities 2 Unauthenticated Not Assigned
wp-plugin : wp-planet Cross Site Scripting ( Xss) 0.1 Unauthenticated CVE-2014-4592
wp-plugin : wp-media-player Cross Site Scripting ( Xss) 0.8 Unauthenticated CVE-2014-4589
wp-plugin : wp-lightpop Components With Known Vulnerabilities 0.8.5.6 Unauthenticated Not Assigned
wp-plugin : wp-easybooking Cross Site Scripting ( Xss) 1.0.3 Unauthenticated CVE-2014-4584
wp-plugin : wp-contact-sidebar-widget Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4583
wp-plugin : wordpress-social-login Cross Site Scripting ( Xss) 2.0.3 Unauthenticated CVE-2014-4576
wp-plugin : votecount-for-balatarin Cross Site Scripting ( Xss) 0.1.1 Unauthenticated CVE-2014-4572
wp-plugin : verweise-wordpress-twitter Cross Site Scripting ( Xss) 1.0.2 Unauthenticated CVE-2014-4566
wp-plugin : validated Cross Site Scripting ( Xss) 1.0.2 Unauthenticated CVE-2014-4564
wp-plugin : url-cloak-encrypt Cross Site Scripting ( Xss) 2 Unauthenticated CVE-2014-4563
wp-plugin : ultimate-weather-plugin Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4561
wp-plugin : toolpage Cross Site Scripting ( Xss) 1.6.1 Unauthenticated CVE-2014-4560
wp-plugin : swipehq-payment-gateway-wp-e-commerce Cross Site Scripting ( Xss) 3.1.0 Unauthenticated CVE-2014-4559
wp-plugin : swipe-hq-checkout-for-eshop 3.7 Unauthenticated CVE-2014-4556
wp-plugin : style-it Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4555
wp-plugin : spreadshirt-rss-3d-cube-flash-gallery Cross Site Scripting ( Xss) Unauthenticated CVE-2014-4553
wp-plugin : spotlightyour Cross Site Scripting ( Xss) 4.7 Unauthenticated CVE-2014-4552
wp-plugin : soundslides Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : social-connect Cross Site Scripting ( Xss) 1.0.4 Unauthenticated CVE-2014-4551
wp-plugin : so-audible Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : simple-flash-video Components With Known Vulnerabilities 1.7 Unauthenticated Not Assigned
wp-plugin : shortcode-ninja Cross Site Scripting ( Xss) 1.4 Unauthenticated CVE-2014-4550
wp-plugin : secure-html5-video-player Components With Known Vulnerabilities 3.3 Unauthenticated Not Assigned
wp-plugin : sagepay-direct-for-woocommerce-payment-gateway Cross Site Scripting ( Xss) 0.1.6.7 - 20140128 Unauthenticated CVE-2014-4549
wp-plugin : s3audible-amazon-s3-music-player Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : qiniu-uploader Components With Known Vulnerabilities 0.1 Unauthenticated Not Assigned
wp-plugin : proquoter Cross Site Scripting ( Xss) 1 Unauthenticated CVE-2014-4545
wp-plugin : podcasting Components With Known Vulnerabilities 3.0.8 Unauthenticated Not Assigned
wp-plugin : podcast-channels Cross Site Scripting ( Xss) 0.2.0 Unauthenticated CVE-2014-4544
wp-plugin : pb-embedflash Components With Known Vulnerabilities 1.5.1 Unauthenticated Not Assigned
wp-plugin : pay-per-media-player Cross Site Scripting ( Xss) 1.24 Unauthenticated CVE-2014-4543
wp-plugin : ooorl Cross Site Scripting ( Xss) Unauthenticated CVE-2014-4542
wp-plugin : movies Cross Site Scripting ( Xss) 0.6 Unauthenticated CVE-2014-4539
wp-plugin : microaudio Components With Known Vulnerabilities 0.6.2 Unauthenticated Not Assigned
wp-plugin : mc2-custom-help-videos Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : link2player Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : kindeditor-for-wordpress 1.3.3 Unauthenticated Not Assigned
wp-plugin : infusionsoft Cross Site Scripting ( Xss) 1.5.7 Unauthenticated CVE-2014-4536
wp-plugin : import-legacy-media Cross Site Scripting ( Xss) 0.1 Unauthenticated CVE-2014-4535
wp-plugin : html5-video-player-with-playlist Cross Site Scripting ( Xss) 2.4.0 Unauthenticated CVE-2014-4534
wp-plugin : html5-lyrics-karaoke-player Components With Known Vulnerabilities <1.07 Unauthenticated Not Assigned
wp-plugin : html5-jquery-audio-player Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : grand-media Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : global-flash-galleries Components With Known Vulnerabilities 0.13.4 Unauthenticated Not Assigned
wp-plugin : geo-redirector Cross Site Scripting ( Xss) 1.0.1 Unauthenticated CVE-2014-4533
wp-plugin : gdeslon-affiliate-shop Unvalidated Redirects and Forwards 2 Unauthenticated Not Assigned
wp-plugin : gdeslon-affiliate-shop 2 Unauthenticated Not Assigned
wp-plugin : garagesale Cross Site Scripting ( Xss) 1.2.2 Unauthenticated CVE-2014-4532
wp-plugin : game-tabs Cross Site Scripting ( Xss) 0.4.0 Unauthenticated CVE-2014-4531
wp-plugin : foliopress-wysiwyg Components With Known Vulnerabilities 2.6.8.5 Unauthenticated Not Assigned
wp-plugin : flash-photo-gallery Cross Site Scripting ( Xss) 0.7 Unauthenticated [CVE-2014-4529]
wp-plugin : ebay-feeds-for-wordpress Cross Site Scripting ( Xss) 1.1 Unauthenticated CVE-2014-4525
wp-plugin : dssearchagent-wordpress-edition Cross Site Scripting ( Xss) 1.0-beta10 Unauthenticated CVE-2014-4522
wp-plugin : dsidxpress Cross Site Scripting ( Xss) 2.1.0 Unauthenticated CVE-2014-4521
wp-plugin : cbi-referral-manager Cross Site Scripting ( Xss) 1.2.1 Unauthenticated CVE-2014-4517
wp-plugin : bookshelf Components With Known Vulnerabilities 2 Unauthenticated Not Assigned
wp-plugin : audio Components With Known Vulnerabilities Unauthenticated Not Assigned
wp-plugin : 1g-music-share Cross Site Scripting ( Xss) Unauthenticated Not Assigned
wp-plugin : flog – A3-Cross-Site Scripting (XSS) Cross Site Scripting ( Xss) [0.1] [Unauthenticated] CVE-2014-4530