WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WordPress Plugin Vulnerabilities
Limit Login Attempts (Spam Protection)
2022-03-02
Limit Login Attempts (Spam Protection) < 5.1 - Unauthenticated SQLi
Fixed in version 5.1
2021-04-22
Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via Low Privilege User
Fixed in version 2.9
2021-04-22
Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via CSRF
Fixed in version 3.1
Fixed in version 2.9Fixed in version 3.1Fixed in version 2.9Fixed in version 3.1