WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact
WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Wordfence Security – Firewall & Malware Scan

2018-10-02
Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
Fixed in version 7.1.14
2014-12-08
Wordfence <= 5.1.4 - Cross-Site Scripting (XSS)
Fixed in version 5.1.5
2014-12-01
Wordfence 5.2.2 - XSS in Referer Header
Fixed in version 5.2.3
2014-10-07
Wordfence <= 5.2.4 - Multiple Vulnerabilities (XSS & Bypasses)
Fixed in version 5.2.5
2014-09-27
Wordfence 5.2.3 - Multiple Vulnerabilities
Fixed in version 5.2.4
2014-09-22
Wordfence 5.2.3 - Banned IP Functionality Bypass
Fixed in version 5.2.4
2014-09-22
Wordfence 5.2.4 - IPTraf.php URI Request Stored XSS
Fixed in version 5.2.5
2014-09-22
Wordfence 5.2.4 - Unspecified Issue
Fixed in version 5.2.5
2014-08-01
Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS
Fixed in version 3.8.3
2014-08-01
Wordfence 3.3.5 - XSS & IAA
Fixed in version 3.3.7
2014-08-01
Wordfence 3.8.6 - lib/IPTraf.php User-Agent Header Stored XSS
Fixed in version 3.8.7
2014-08-01
Wordfence 3.8.1 - Password Creation Restriction Bypass
Fixed in version 3.8.3
WPScan

Vulnerabilities

WordPressPluginsThemesOur StatsSubmit vulnerabilities

About

How it worksPricingWordPress pluginNewsContact

For Developers

StatusAPI detailsCLI scanner

Other

PrivacyTerms of serviceSubmission termsDisclosure policyPrivacy Notice for California Users
jetpackIn partnership with Jetpack
githubtwitterfacebook
Angithubendeavor
Work With Us