Skip to content
Features
Pricing
Solutions
Status
API Details
CLI Scanner
Vulnerabilities
Themes
WordPress
Plugins
Stats
Submit Vulnerabilities
Leaderboard
Resources
Blog
Enterprise Features
How to Install WPScan
WPScan Glossary
2024 Website Threat Report
Search
WordPress Theme Vulnerabilities
Show Previous Letters
0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Show Next Letters
Slug
Published
Title
Slug
fooddy
Published
2026-02-17
Title
Fooddy <= 1.3.10 - Unauthenticated Local File Inclusion
Slug
foodie
Published
2026-03-02
Title
Foodie <= 1.14 - Unauthenticated Local File Inclusion
Slug
footysquare
Published
2022-12-29
Title
Multiple themes - Unauthenticated Arbitrary File Upload
Slug
formula
Published
2024-06-07
Title
Formula < 0.5.2 - Reflected Cross-Site Scripting via ti_customizer_notify_dismiss_recommended_plugins
Slug
formula
Published
2024-06-07
Title
Formula < 0.5.2 - Reflected Cross-Site Scripting via quality_customizer_notify_dismiss_action
Slug
fortune
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
forumengine
Published
2024-11-20
Title
ForumEngine < 1.9 - Reflected Cross-Site Scripting
Slug
fotawp
Published
2024-08-28
Title
Fota WP < 1.4.2 - Missing Authorization via fotawp_install_and_activate_plugins()
Slug
fotography
Published
2021-10-13
Title
Backdoored Plugins & Themes from AccessPress Themes
Slug
foton
Published
2025-04-17
Title
Foton < 2.6.1 - Unauthenticated Local File Inclusion
Slug
foxiz
Published
2024-06-27
Title
Foxiz < 2.3.6 - Unauthenticated Server-Side Request Forgery
Slug
fraction-theme
Published
2015-03-10
Title
Fraction Theme < 1.1.2 - Privilege Escalation
Slug
frame
Published
2025-08-23
Title
Frame <= 2.4.0 - Unauthenticated Local File Inclusion
Slug
frames
Published
2025-09-26
Title
Frames <= 1.5.7 - Missing Authorization
Slug
frappe
Published
2026-01-01
Title
Frappé <= 1.8 - Unauthenticated Local File Inclusion
Slug
freeagent
Published
2026-01-01
Title
FreeAgent <= 2.1.2 - Unauthenticated Local File Inclusion
Slug
freeio
Published
2026-02-21
Title
Freeio <= 1.3.21 - Authenticated (Contributor+) Local File Inclusion
Slug
freely
Published
2015-05-15
Title
ThemeMakers Themes - Information Disclosure
Slug
freesia-empire
Published
2024-04-30
Title
Freesia Empire < 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Slug
freightco
Published
2026-02-11
Title
FreightCo <= 1.1.7 - Unauthenticated Local File Inclusion
Slug
freshio
Published
2026-01-01
Title
Freshio <= 2.4.2 - Authenticated (Contributor+) Local File Inclusion
Slug
fribbo
Published
2025-08-23
Title
Fribbo <= 1.1.0 - Unauthenticated Local File Inclusion
Slug
fruitful
Published
2020-02-17
Title
Fruitful Theme < 3.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
Slug
fruitful
Published
2020-03-13
Title
Fruitful < 3.8.2 - Authenticated Stored XSS & Theme Options Deletion
Slug
fude
Published
2025-01-06
Title
Multiple Themes by gavias - Reflected XSS
Previous
1
2
3
4
5
Next
Subscribe
Subscribed
WPScan
Join 30,895 other subscribers
Sign me up
Already have a WordPress.com account?
Log in now.
WPScan
Subscribe
Subscribed
Sign up
Log in
Report this content
View site in Reader
Manage subscriptions
Collapse this bar
WPScan 