Skip to content
Features
Pricing
Solutions
Status
API Details
CLI Scanner
Vulnerabilities
Themes
WordPress
Plugins
Stats
Submit Vulnerabilities
Leaderboard
Resources
Blog
Enterprise Features
How to Install WPScan
WPScan Glossary
2024 Website Threat Report
Search
WordPress Theme Vulnerabilities
Show Previous Letters
0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Show Next Letters
Slug
Published
Title
Slug
bacola
Published
2023-12-07
Title
Multiple Themes by KlbTheme - Cross-Site Request Forgery
Slug
balkon
Published
2023-06-23
Title
Balkon < 1.3.3 - Reflected Cross-Site Scripting
Slug
bani
Published
2022-02-28
Title
Unauthorised AJAX Calls via Freemius
Slug
bani
Published
2019-02-26
Title
Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update
Slug
bani
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
baton
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
bazaar-lite
Published
2023-08-14
Title
Multiple Themes - Reflected XSS
Slug
bbe
Published
2018-05-10
Title
BBE Theme < 1.53 - Direct Object Reference
Slug
beach_apollo
Published
2015-02-11
Title
WordPress Slider Revolution - Local File Disclosure
Slug
beach_apollo
Published
2014-11-30
Title
WordPress Slider Revolution Shell Upload
Slug
beauty-premium
Published
2016-03-11
Title
Beauty & Clean Theme 1.0.8 - Arbitrary File Upload
Slug
bello
Published
2021-05-16
Title
Bello < 1.6.0 - Authenticated Cross-Site Scripting (XSS) and XFS
Slug
bello
Published
2021-05-16
Title
Bello < 1.6.0 - Unauthenticated Reflected XSS & XFS
Slug
bello
Published
2021-05-16
Title
Bello < 1.6.0 - Unauthenticated Blind SQL Injection
Slug
betheme
Published
2022-11-17
Title
Betheme < 26.6 - Subscriber+ PHP Object Injection
Slug
betheme
Published
2022-11-22
Title
BeTheme < 26.6.3 - Subscriber+ Stored XSS
Slug
betheme
Published
2022-11-21
Title
Betheme < 26.6.3 - Subscriber+ Unauthorised Action
Slug
betheme
Published
2023-04-13
Title
Betheme < 26.8 - Reflected XSS
Slug
betheme
Published
2022-11-21
Title
Betheme < 26.6.3 - Missing Authorization
Slug
betheme
Published
2022-11-21
Title
Betheme < 26.6 - Contributor+ PHP Object Injection
Slug
betheme
Published
2023-11-14
Title
Betheme < 27.1.2 - Missing Authorization
Slug
bingle
Published
2021-10-13
Title
Backdoored Plugins & Themes from AccessPress Themes
Slug
bingopress
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
bizpress
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
black-letterhead
Published
2011-09-27
Title
Black Letterhead < 1.6 - XSS
Previous
1
2
3
4
Next
Subscribe
Subscribed
WPScan
Join 30,702 other subscribers
Sign me up
Already have a WordPress.com account?
Log in now.
WPScan
Edit Site
Subscribe
Subscribed
Sign up
Log in
Report this content
View site in Reader
Manage subscriptions
Collapse this bar
WPScan 