WPCOM Member
Lomu
Developer
1.7.16
Latest version
1,000
Installations
Oct 29, 2025
Last updated
Vulnerability history
0 present
6 fixed
4 Mitigation rules
- Authenticated (Contributor+) Local File Inclusion via Shortcode vulnerability<= 1.7.14Nov 3, 2025
- Local File Inclusion Vulnerability<= 1.7.7Apr 16, 2025
- Unauthenticated Time-Based SQL Injection vulnerability<= 1.7.6Mar 13, 2025
- Authentication Bypass via 'user_phone' vulnerability<= 1.7.5Mar 6, 2025
- Reflected Cross Site Scripting (XSS) vulnerability<= 1.5.4Sep 30, 2024
- Unauthenticated Privilege Escalation via User Meta vulnerability<= 1.5.2.1Sep 6, 2024