Pricing
Solutions
WordPress security
Instantly fix and mitigate vulnerabilities
Plugin auditing
Paid auditing for WordPress vendors
Managed VDP
Start a security program for your plugins
Bug Bounty
Join the community and earn bounties
Enterprise API
At scale monitoring and vPatching for hosts
Vulnerability database
The latest WordPress security intelligence
Login
Start trial
Yudistira Arya
Say thanks
1115.84
XP
83
Reports
0
Reports, last 90 days
#31
18 Nov, 2025
Lvl 4
0
1
0
1
Website
X
GitHub
Sort by
Priority
Severity
Exploited
Search
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Tockify Events Calendar
<= 2.2.13
Cross Site Scripting (XSS)
4.88
6.5
Jan 31, 2025
Moloni
<= 4.7.4
Cross Site Scripting (XSS)
24.85
7.1
Feb 13, 2024
ARForms Form Builder
<= 1.6.7
Cross Site Scripting (XSS)
14.2
7.1
May 27, 2024
ARI Fancy Lightbox
<= 1.3.14
Cross Site Scripting (XSS)
N/A
4
Jun 3, 2024
BSK PDF Manager
<= 3.6
Cross Site Scripting (XSS)
N/A
4
Jun 3, 2024
e2pdf
<= 1.24.00
Cross Site Scripting (XSS)
2.3
4
Jun 3, 2024
EmbedPress
<= 4.0.2
Cross Site Scripting (XSS)
N/A
4
Jun 3, 2024
Wonder PDF Embed
<= 2.7
Cross Site Scripting (XSS)
N/A
4
Jun 3, 2024
PDF Viewer
<= 1.1.0
Cross Site Scripting (XSS)
N/A
4
Jun 3, 2024
PDF Poster
<= 2.1.21
Cross Site Scripting (XSS)
N/A
4
Jun 3, 2024
PDF Viewer for Elementor
<= 2.9.3
Cross Site Scripting (XSS)
N/A
4
Jun 3, 2024
PDF.js Viewer
<= 2.1.8.1
Cross Site Scripting (XSS)
N/A
6.5
Jun 3, 2024
Tainacan
<= 0.21.5
Cross Site Scripting (XSS)
N/A
6.5
Jun 3, 2024
The Ultimate WordPress Toolkit – WP Extended
<= 2.4.7
Cross Site Scripting (XSS)
14.2
7.1
May 27, 2024
Optinly
<= 1.0.18
Broken Access Control
10.6
5.3
Feb 1, 2024
Ibtana
<= 1.2.3.3
Broken Access Control
10.6
5.3
Feb 1, 2024
Newsletters
<= 4.9.5
Cross Site Scripting (XSS)
14.2
7.1
Jan 18, 2024
WPvivid Backup for MainWP
<= 0.9.32
Cross Site Scripting (XSS)
14.2
7.1
Jan 16, 2024
AdFoxly – Ad Manager, AdSense Ads & Ads.txt
<= 1.8.5
Broken Access Control
10.6
5.3
Jan 12, 2024
Crafthemes Demo Import
<= 3.3
Broken Access Control
7.6
7.6
Jan 9, 2024
Post Grid Master
<= 3.4.11
Cross Site Scripting (XSS)
4.88
6.5
Dec 27, 2023
Knowledge Base documentation & wiki plugin – BasePress
<= 2.16.1
Server Side Request Forgery (SSRF)
5
5
Dec 6, 2023
KB Support
<= 1.6.0
Broken Access Control
6.5
6.5
Dec 5, 2023
Knowledge Base documentation & wiki plugin – BasePress
<= 2.16.1
Broken Access Control
5.4
5.4
Dec 6, 2023
BuddyForms
<= 2.8.8
Arbitrary File Download
25.8
8.6
Jan 11, 2024
Sendinblue for WooCommerce
<= 4.0.17
Arbitrary File Download
6.38
8.5
Jan 31, 2024
FG Joomla to WordPress
<= 4.20.2
Sensitive Data Exposure
10.6
5.3
Dec 22, 2023
Conversational Forms for ChatBot
<= 1.1.8
Arbitrary File Download
22.5
7.5
Jan 29, 2024
Olive One Click Demo Import
<= 1.1.1
Arbitrary File Download
22.5
7.5
Jan 31, 2024
HUSKY
<= 1.3.5.2
Remote Code Execution (RCE)
70.4
8.8
Jan 11, 2024
Support Genix
<= 1.2.3
Broken Access Control
N/A
9.9
Dec 2, 2023
WP Dummy Content Generator
<= 3.2.1
Arbitrary Code Execution
20
10
Jan 30, 2024
EnvíaloSimple
<= 2.2
Cross Site Scripting (XSS)
11.6
5.8
Jan 18, 2024
Import Content in WordPress & WooCommerce with Excel
<= 4.2
Cross Site Scripting (XSS)
11.8
5.9
Jan 19, 2024
DirectoryPress
<= 3.6.7
Cross Site Scripting (XSS)
24.85
7.1
Feb 13, 2024
WP File Download Light
<= 1.3.3
Cross Site Scripting (XSS)
3.25
6.5
Jan 11, 2024
WP Poll Maker
<= 3.4
Arbitrary File Upload
19.8
9.9
Dec 25, 2023
Product Feed PRO for WooCommerce
<= 13.3.1
Sensitive Data Exposure
31.8
5.3
Dec 29, 2023
Amelia
<= 1.0.95
Cross Site Request Forgery (CSRF)
8.1
5.4
Jan 4, 2024
MP3 Audio Player for Music, Radio & Podcast by Sonaar
<= 4.10.1
Arbitrary File Download
22.5
7.5
Jan 14, 2024
App Builder
<= 3.8.7
Open Redirection
9.4
4.7
Feb 1, 2024
Product Designer
<= 1.0.32
PHP Object Injection
17.4
8.7
Dec 29, 2023
ARForms Form Builder
<= 1.6.1
Cross Site Request Forgery (CSRF)
3.15
6.3
Jan 9, 2024
ARForms Form Builder
<= 1.6.1
Broken Access Control
7.6
7.6
Jan 9, 2024
FG Drupal to WordPress
<= 3.70.3
Sensitive Data Exposure
10.6
5.3
Dec 22, 2023
WP Poll Maker
<= 3.1
Arbitrary File Deletion
11.55
7.7
Dec 25, 2023
User Rights Access Manager
<= 1.1.4
Cross Site Scripting (XSS)
11.6
5.8
Jan 18, 2024
Kanban Boards for WordPress
<= 2.5.21
Cross Site Scripting (XSS)
14.2
7.1
Jan 18, 2024
New Order Notification for Woocommerce
<= 2.0.2
Broken Access Control
8.1
7.1
Jan 12, 2024
WP Hotel Booking
<= 2.0.9.2
Broken Access Control
13
6.5
Jan 31, 2024
WP Travel Engine
<= 5.7.9
SQL Injection
N/A
7.6
Dec 18, 2023
WP Travel Engine
<= 5.7.9
SQL Injection
27.9
9.3
Dec 18, 2023
FG PrestaShop to WooCommerce
<= 4.45.1
Sensitive Data Exposure
10.6
5.3
Dec 22, 2023
Finale Lite
<= 2.18.0
Remote Code Execution (RCE)
17.6
8.8
Dec 26, 2023
WordPress Tooltips
< 9.4.5
SQL Injection
9.56
8.5
Dec 24, 2023
PDF Invoices and Packing Slips For WooCommerce
<= 1.3.7
PHP Object Injection
8.2
8.2
Dec 29, 2023
WP-Lister Lite for Amazon
<= 2.6.8
Cross Site Scripting (XSS)
14.2
7.1
Jan 18, 2024
PropertyHive
<= 2.0.8
Cross Site Scripting (XSS)
14.2
7.1
Jan 18, 2024
WPDM – Premium Packages
<= 5.8.2
Cross Site Scripting (XSS)
14.2
7.1
Jan 19, 2024
Crypto Converter Widget
<= 1.8.4
Cross Site Scripting (XSS)
4.88
6.5
Jan 12, 2024
MDTF
<= 1.3.2
Cross Site Scripting (XSS)
4.88
6.5
Jan 12, 2024
Co-marquage service-public.fr
<= 0.5.72
Cross Site Scripting (XSS)
24.85
7.1
Feb 13, 2024
Olive One Click Demo Import
<= 1.1.1
Broken Access Control
16.4
8.2
Jan 31, 2024
Restrict User Access – Membership Plugin with Force
<= 2.5
Cross Site Scripting (XSS)
24.85
7.1
Feb 13, 2024
RegistrationMagic
<= 5.2.5.9
Cross Site Scripting (XSS)
14.2
7.1
Jan 16, 2024
HT Easy GA4 ( Google Analytics 4 )
<= 1.1.7
Cross Site Scripting (XSS)
24.85
7.1
Feb 1, 2024
YITH WooCommerce Product Add-Ons
<= 4.5.0
Cross Site Scripting (XSS)
14.2
7.1
Jan 19, 2024
Defender Security
<= 4.4.1
Bypass Vulnerability
36.57
5.3
Dec 13, 2023
NextMove Lite
<= 2.17.0
Remote Code Execution (RCE)
17.6
8.8
Dec 26, 2023
Link Library
<= 7.5.13
Cross Site Scripting (XSS)
14.2
7.1
Jan 16, 2024
Total Upkeep
<= 1.15.8
Arbitrary File Download
67.5
7.5
Jan 15, 2024
SP Project & Document Manager
<= 4.69
SQL Injection
9.56
8.5
Dec 24, 2023
WP Visitor Statistics (Real Time Traffic)
<= 6.9.4
Sensitive Data Exposure
10.6
5.3
Dec 21, 2023
Mighty Addons for Elementor
<= 1.9.3
Cross Site Scripting (XSS)
14.2
7.1
Jan 16, 2024
ERE Recently Viewed
<= 1.3
PHP Object Injection
19.6
9.8
Dec 25, 2023
PropertyHive
<= 2.0.6
Broken Access Control
3.25
4.3
Dec 28, 2023
PropertyHive
<= 2.0.5
PHP Object Injection
17.4
8.7
Dec 28, 2023
WowStore
<= 3.1.4
PHP Object Injection
17.4
8.7
Dec 28, 2023
Delhivery Logistics Courier
<= 1.0.107
SQL Injection
12.75
8.5
Dec 23, 2023
Shield Security
<= 18.5.7
Cross Site Scripting (XSS)
42.6
7.1
Dec 13, 2023
WooCommerce PDF Invoices & Packing Slips
<= 3.7.5
SQL Injection
14.25
7.6
Jan 3, 2024
Fluent Support
<= 1.7.6
SQL Injection
N/A
7.6
Nov 28, 2023
Participants Database
<= 2.5.5
Broken Access Control
4.3
4.3
Nov 23, 2023
Report vulnerabilities to earn bounties and rewards!
Read more
Include pending
Back to top