Pricing
Solutions
WordPress security
Instantly fix and mitigate vulnerabilities
Plugin auditing
Paid auditing for WordPress vendors
Managed VDP
Start a security program for your plugins
Bug Bounty
Join the community and earn bounties
Enterprise API
At scale monitoring and vPatching for hosts
Vulnerability database
The latest WordPress security intelligence
Login
Start trial
ch4r0n
1061.28
XP
85
Reports
0
Reports, last 90 days
#23
17 Nov, 2025
Lvl 4
0
0
0
0
Website
X
GitHub
Sort by
Priority
Severity
Exploited
Search
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Image Hover Effects – Elementor Addon
<= 1.4.4
Broken Access Control
N/A
5.3
Jul 18, 2025
AfterShip Tracking
<= 1.17.17
Broken Access Control
10.6
5.3
Jul 15, 2025
Premium Age Verification / Restriction for WordPress
<= 3.0.2
Arbitrary File Download
33.75
7.5
Jun 27, 2025
Pro Bulk Watermark Plugin for WordPress
<= 2.0
Path Traversal
3.23
4.3
Jun 26, 2025
Templately
<= 3.2.7
Sensitive Data Exposure
14.7
4.9
Jun 24, 2025
Captcha.eu
<= 1.0.61
Server Side Request Forgery (SSRF)
N/A
5.4
No date
Thank You Page Customizer for WooCommerce – Increase Your Sales
<= 1.1.7
Broken Access Control
6.5
6.5
Apr 23, 2025
Premium Age Verification / Restriction for WordPress
<= 3.0.2
SQL Injection
12.75
8.5
Jun 26, 2025
The E-Commerce ERP
<= 2.1.1.3
Broken Access Control
10.95
7.3
May 21, 2025
Maya Business
<= 1.2.0
Insecure Direct Object References (IDOR)
15
7.5
Apr 25, 2025
URL Shortener
<= 3.0.7
Broken Access Control
12.9
8.6
Jun 2, 2025
URL Shortener
<= 3.0.7
SQL Injection
27.9
9.3
Jun 2, 2025
The E-Commerce ERP
<= 2.1.1.3
Privilege Escalation
44.1
9.8
May 21, 2025
URL Shortener
<= 3.0.7
PHP Object Injection
29.4
9.8
Jun 2, 2025
Wishlist for WooCommerce
<= 3.2.3
Broken Access Control
13
6.5
May 9, 2025
Profiler - What Slowing Down Your WP
<= 1.0.0
Broken Access Control
9.75
6.5
May 23, 2025
Multi-language Responsive Contact Form
<= 2.8
Broken Access Control
15
7.5
Apr 26, 2025
Gallery Widget
<= 1.2.1
SQL Injection
9.56
8.5
Jun 2, 2025
Contact Us page - Contact people LITE
<= 3.7.4
SQL Injection
9.56
8.5
Jun 2, 2025
URL Shortener
<= 3.0.7
Server Side Request Forgery (SSRF)
8.1
5.4
Jun 2, 2025
bSecure – Your Universal Checkout
<= 1.7.9
SQL Injection
18.6
9.3
May 8, 2025
NGG Smart Image Search
<= 3.4.1
SQL Injection
27.9
9.3
May 19, 2025
MobiLoud
<= 4.6.6
Broken Access Control
6.08
8.1
May 15, 2025
iCount Payment Gateway
<= 2.0.7
Broken Access Control
7.95
5.3
May 20, 2025
Spreadconnect
<= 2.1.5
Broken Access Control
4.05
5.4
May 27, 2025
HurryTimer
<= 2.13.1
Broken Access Control
10.6
5.3
May 28, 2025
GG Bought Together for WooCommerce
<= 1.0.2
SQL Injection
37.2
9.3
Apr 27, 2025
Image Shadow
<= 1.1.0
Arbitrary File Deletion
23.1
7.7
Apr 29, 2025
Selling Commander for WooCommerce
<= 1.2.46
Privilege Escalation
29.4
9.8
May 20, 2025
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes
<= 1.0.10
Broken Access Control
3.23
4.3
May 21, 2025
Auto Upload Images
<= 3.3.2
Server Side Request Forgery (SSRF)
7.35
4.9
Apr 28, 2025
CRM ERP Business Solution
<= 1.13
Broken Access Control
N/A
5.3
May 13, 2025
Zapier for WordPress
<= 1.5.2
Broken Access Control
16.2
5.4
Apr 26, 2025
DELUCKS SEO
<= 2.5.9
Broken Access Control
12.19
5.3
No date
Widget Logic
<= 6.0.5
Remote Code Execution (RCE)
89.1
9.9
Apr 28, 2025
TicketBAI Facturas para WooCommerce
<= 3.38
Broken Access Control
N/A
5.4
Apr 29, 2025
bbPress API
<= 1.0.14
Broken Access Control
N/A
5.3
Apr 29, 2025
Responsive Flipbooks
<= 1.0
Broken Access Control
N/A
5.4
Apr 23, 2025
No Spam At All
<= 1.3
Broken Access Control
N/A
5.4
Apr 23, 2025
Viral Loops WP Integration
<= 3.8.1
Broken Access Control
N/A
4.3
Apr 26, 2025
Viral Loops WP Integration
<= 3.8.1
Broken Access Control
N/A
5.3
Apr 26, 2025
Payment QR WooCommerce
<= 1.1.6
Broken Access Control
10.6
5.3
Apr 23, 2025
FraudLabs Pro for WooCommerce
<= 2.22.11
Broken Access Control
7.95
5.3
May 27, 2025
Icegram Collect
<= 1.3.18
Broken Access Control
7.1
7.1
Apr 21, 2025
Multi CryptoCurrency Payments
<= 2.0.7
SQL Injection
37.2
9.3
Apr 17, 2025
Recover abandoned cart for WooCommerce
<= 2.5
SQL Injection
37.2
9.3
Apr 5, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
SQL Injection
37.2
9.3
Apr 14, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
Arbitrary File Download
22.5
7.5
Apr 14, 2025
CryptoCloud - Crypto Payment Gateway
<= 2.1.2
Broken Access Control
13
6.5
Apr 18, 2025
StyleAI
<= 1.0.4
Broken Access Control
13
6.5
Apr 16, 2025
MetalpriceAPI
<= 1.1.4
Remote Code Execution (RCE)
N/A
9.9
Apr 17, 2025
TableOn
<= 1.0.4.2
Content Injection
24.5
7.1
Apr 22, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
Remote Code Execution (RCE)
60
10
Apr 14, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
Privilege Escalation
58.8
9.8
Apr 14, 2025
Embed and Integrate Etsy Shop
<= 1.0.4
Broken Access Control
N/A
5.3
Apr 20, 2025
Bot for Telegram on WooCommerce
<= 1.2.6
Broken Access Control
N/A
4.3
Apr 26, 2025
Bux Woocommerce
<= 1.2.3
Broken Access Control
13
6.5
Apr 18, 2025
Sharespine Woocommerce Connector
<= 4.7.55
Broken Access Control
3.23
4.3
Apr 14, 2025
Push notification for Mobile and Web app
<= 2.0.3
Broken Access Control
13
6.5
Apr 14, 2025
ValidateCertify
<= 1.6.4
Cross Site Request Forgery (CSRF)
2.15
4.3
Apr 11, 2025
Experto CTA Widget – Call To Action, Sticky CTA, Floating Button Plugin
<= 1.1.1
Settings Change
13
6.5
Apr 29, 2025
Awin – Advertiser Tracking for WooCommerce
<= 2.0.0
Cross Site Request Forgery (CSRF)
2.15
4.3
Apr 1, 2025
Calculate Prices based on Distance For WooCommerce
<= 1.3.5
Broken Access Control
N/A
5.4
Apr 7, 2025
WP Podcasts Manager
<= 1.2
Cross Site Request Forgery (CSRF)
N/A
4.3
Apr 8, 2025
Soccer Live Scores
<= 1.0.5
Cross Site Request Forgery (CSRF)
N/A
4.3
Apr 8, 2025
Ovation Elements
<= 1.1.2
Broken Access Control
4.3
4.3
Apr 23, 2025
GS Variation Swatches for WooCommerce
<= 3.0.4
Broken Access Control
N/A
5.4
Apr 7, 2025
Crossword Compiler Puzzles
<= 5.4
Cross Site Scripting (XSS)
6.5
6.5
Apr 9, 2025
Web3Press
<= 3.2.0
Arbitrary File Download
7.31
6.5
Apr 14, 2025
Custom PC Builder Lite for WooCommerce
<= 1.0.1
Settings Change
13
6.5
Apr 20, 2025
WP AVCL Automation Helper (formerly WPFlyLeads)
<= 3.4
Server Side Request Forgery (SSRF)
4.9
4.9
Apr 15, 2025
Media Library Downloader
<= 1.3.1
Broken Access Control
4.3
4.3
Apr 13, 2025
BeerXML Shortcode
<= 0.7.1
Server Side Request Forgery (SSRF)
N/A
6.4
Apr 13, 2025
Simple Google Photos Grid
<= 1.5
Server Side Request Forgery (SSRF)
3.68
4.9
Apr 11, 2025
Bulk Assign Linked Products For WooCommerce
<= 2.1
Broken Access Control
N/A
5.3
Apr 7, 2025
CM Answers
<= 3.3.3
Cross Site Request Forgery (CSRF)
N/A
4.3
Apr 9, 2025
CM Ad Changer
<= 2.0.5
Cross Site Request Forgery (CSRF)
N/A
4.3
Apr 8, 2025
Advanced Linked Variations for Woocommerce
<= 1.0.3
Broken Access Control
N/A
5.3
Apr 5, 2025
Recover abandoned cart for WooCommerce
<= 2.2
Cross Site Request Forgery (CSRF)
N/A
4.3
Apr 5, 2025
Theme Changer
<= 1.4
Cross Site Request Forgery (CSRF)
N/A
4.3
Apr 2, 2025
wpLike2Get
<= 1.2.9
Sensitive Data Exposure
N/A
5.3
Apr 2, 2025
BP Email Assign Templates
<= 1.6
Cross Site Scripting (XSS)
N/A
5.9
Feb 26, 2025
BP Email Assign Templates
<= 1.7
Other Vulnerability Type
N/A
6.5
Feb 26, 2025
Report vulnerabilities to earn bounties and rewards!
Read more
Include pending
Back to top