Last
1. 2017-10-06 [1] [FD] WordPress does not hash or expire wp_signups.activati full-disclo
2. 2017-09-26 [1] [FD] CSRF/XSS in Content Audit allowing an unauthenticated full-disclo
3. 2017-07-31 [1] [FD] Stored XSS in Salutation Responsive WordPress + Buddy full-disclo
4. 2017-07-25 [1] [FD] Stop User Enumeration allows user enumeration via the full-disclo
5. 2017-07-25 [1] [FD] CSRF in YouTube (WordPress plugin) could allow unauth full-disclo
6. 2017-06-16 [1] [FD] Reflected XSS in WordPress Download Manager could all full-disclo
7. 2017-06-16 [1] [FD] Path traversal in Photo Gallery may allow admins to r full-disclo
8. 2017-05-08 [1] [FD] =?utf-8?q?CSRF/Stored_XSS_in_MSMC_=E2=80=93_Redirect_ full-disclo
9. 2017-04-05 [1] [FD] CSRF/stored XSS in WordPress Firewall 2 allows unauth full-disclo
10. 2017-01-10 [1] [FD] CSRF/XSS in Responsive Poll allows unauthenticated at full-disclo
11. 2017-01-04 [1] [FD] Stop User Enumeration does not stop user enumeration full-disclo
12. 2016-12-23 [1] [FD] Arbitrary file deletion vulnerability in Image Slider full-disclo
13. 2016-12-21 [1] [FD] copy-me vulnerable to CSRF allowing unauthenticated a full-disclo
14. 2016-12-15 [1] [FD] CSRF/stored XSS in Quiz And Survey Master (Formerly Q full-disclo
15. 2016-12-13 [1] [FD] Reflected XSS in MailChimp for WordPress could allow full-disclo
16. 2016-12-09 [1] [FD] =?utf-8?q?Reflected_XSS_in_Social_Pug_=E2=80=93_Easy_ full-disclo
17. 2016-12-09 [1] [FD] CSRF vulnerability in Multisite Post Duplicator could full-disclo
18. 2016-11-17 [1] [FD] SQL injection and unserialization vulnerability in Re full-disclo
19. 2016-11-17 [1] [FD] Unserialization vulnerability in Relevanssi Premium c full-disclo
20. 2016-11-17 [1] [FD] Unserialisation in Post Indexer could allow man-in-th full-disclo
21. 2016-11-17 [1] [FD] SQL Injection in Post Indexer allows super admins to full-disclo
22. 2016-08-08 [1] [FD] Stored XSS in Advanced Custom Fields: Table Field all full-disclo
23. 2015-10-12 [1] [FD] Full Path Disclosure vulnerability in JM Twitter Card full-disclo
24. 2015-09-01 [1] [FD] Stored XSS in Watu PRO Play allows unauthenticated at full-disclo
25. 2015-09-01 [1] [FD] CSRF in Watu PRO allows unauthenticated attackers to full-disclo
26. 2015-09-01 [1] [FD] Stored XSS in Watu PRO allows unauthenticated attacke full-disclo
27. 2015-08-26 [1] [FD] Publicly exploitable XSS in WordPress plugin Navis Do full-disclo
28. 2015-08-26 [1] [FD] CSRF/XSS vulnerability in Private Only could allow an full-disclo
29. 2015-08-17 [2] [FD] The OAuth2 Complete plugin for WordPress uses a pseud full-disclo
30. 2015-08-12 [2] [FD] Stored XSS in Google Analytics by Yoast Premium allow full-disclo
Next Last