WordPress Plugin Vulnerabilities | Page 17 | WPScan

0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z

Slug

Published

2024-10-30

Title

Gift Cards < 4.4.5 - Author+ Stored Cross-Site Scripting via SVG File Upload

Slug

Published

2025-02-19

Title

Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) < 4.5.0 - Missing Authorization to Unauthenticated Price, Date, and Note Updates

Slug

giga-messenger-bots

Published

2025-01-14

Title

Giga Messenger Bots <= 2.3.1 - Reflected XSS

Slug

Published

2014-08-01

Title

GigPress 2.1.10 - Stored Cross-Site Scripting (XSS)

Slug

Published

2015-05-25

Title

GigPress <= 2.3.8 - Authenticated SQL Injection

Slug

Published

2015-08-24

Title

GigPress <= 2.3.10 - Authenticated XSS & Blind SQLi

Slug

Published

2023-01-18

Title

GigPress < 2.3.28 - Contributor+ Stored XSS via Shortcode

Slug

Published

2023-02-06

Title

GigPress <= 2.3.28 - Subscriber+ SQLi

Slug

Published

2024-01-19

Title

GigPress <= 2.3.29 - Admin+ Stored Cross Site Scripting

Slug

Published

2024-04-29

Title

Giphypress <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Slug

Published

2020-01-31

Title

GistPress < 3.0.2 - Authenticated Stored XSS

Slug

Published

2024-12-11

Title

GitSync <= 1.1.0 - Cross-Site Request Forgery to Remote Code Execution

Slug

github-gist-shortcode

Published

2025-11-10

Title

GitHub Gist Shortcode Plugin <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Slug

Published

2015-04-20

Title

Give - Cross-Site Scripting (XSS)

Slug

Published

2019-02-05

Title

Give <= 2.3.0 - Cross-Site Scripting (XSS)

Slug

Published

2019-08-12

Title

Give <= 2.5.0 - SQL Injection

Slug

Published

2019-05-15

Title

Give < 2.4.7 - Stored XSS

Slug

Published

2019-09-26

Title

GiveWp < 2.5.5 - Authentication Bypass

Slug

Published

2019-10-30

Title

Give WP < 2.5.10 - Multiple Issues

Slug

Published

2021-03-23

Title

GiveWP < 2.10.0 - Reflected Cross Site Scripting (XSS)

Slug

Published

2021-04-30

Title

Give WP < 2.10.4 - Authenticated Stored Cross-Site Scripting (XSS)

Slug

Published

2021-07-26

Title

GiveWP < 2.12.0 - Admin+ Stored XSS

Slug

Published

2022-01-18

Title

Give < 2.17.3 - Reflected Cross-Site Scripting via Donation Forms Dashboard

Slug

Published

2022-01-18

Title

Give < 2.17.3 - Reflected Cross-Site Scripting via Import Tool

Slug

Published

2022-01-18

Title

Give < 2.17.3 - Unauthenticated Reflected Cross-Site Scripting