Skip to content
Features
Pricing
Solutions
Status
API Details
CLI Scanner
Vulnerabilities
Themes
WordPress
Plugins
Stats
Submit Vulnerabilities
Leaderboard
Resources
Blog
Enterprise Features
How to Install WPScan
WPScan Glossary
2024 Website Threat Report
Search
WordPress Theme Vulnerabilities
Show Previous Letters
0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Show Next Letters
Slug
Published
Title
Slug
focusblog
Published
2021-03-24
Title
All Thrive Themes and Plugins - Unauthenticated Option Update
Slug
folo
Published
2014-08-01
Title
Folo - Cross Site Scripting
Slug
folo
Published
2025-04-01
Title
Multiple Themify Themes - Reflected Cross-Site Scripting
Slug
folo
Published
2025-04-01
Title
Multiple Themify Themes - Contributor+ Arbitrary File Upload
Slug
food-drop
Published
2026-05-26
Title
Food Drop <= 1.3 - Unauthenticated Local File Inclusion
Slug
foodbakery
Published
2020-08-05
Title
FoodBakery < 2.0 - Unauthenticated Reflected XSS
Slug
foodbakery
Published
2021-06-14
Title
FoodBakery < 2.2 - Reflected Cross-Site Scripting (XSS)
Slug
foodbook
Published
2025-09-26
Title
FoodBook < 4.7.7 - Unauthenticated Sensitive Information Exposure
Slug
fooddy
Published
2026-02-17
Title
Fooddy <= 1.3.10 - Unauthenticated Local File Inclusion
Slug
foodie
Published
2026-03-02
Title
Foodie <= 1.14 - Unauthenticated Local File Inclusion
Slug
footysquare
Published
2022-12-29
Title
Multiple themes - Unauthenticated Arbitrary File Upload
Slug
formula
Published
2024-06-07
Title
Formula < 0.5.2 - Reflected Cross-Site Scripting via ti_customizer_notify_dismiss_recommended_plugins
Slug
formula
Published
2024-06-07
Title
Formula < 0.5.2 - Reflected Cross-Site Scripting via quality_customizer_notify_dismiss_action
Slug
fortius
Published
2026-05-26
Title
Fortius <= 2.3.0 - Unauthenticated Local File Inclusion
Slug
fortune
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
forumengine
Published
2024-11-20
Title
ForumEngine < 1.9 - Reflected Cross-Site Scripting
Slug
fotawp
Published
2024-08-28
Title
Fota WP < 1.4.2 - Missing Authorization via fotawp_install_and_activate_plugins()
Slug
fotography
Published
2021-10-13
Title
Backdoored Plugins & Themes from AccessPress Themes
Slug
foton
Published
2025-04-17
Title
Foton < 2.6.1 - Unauthenticated Local File Inclusion
Slug
foxiz
Published
2024-06-27
Title
Foxiz < 2.3.6 - Unauthenticated Server-Side Request Forgery
Slug
fraction-theme
Published
2015-03-10
Title
Fraction Theme < 1.1.2 - Privilege Escalation
Slug
frame
Published
2025-08-23
Title
Frame <= 2.4.0 - Unauthenticated Local File Inclusion
Slug
frames
Published
2025-09-26
Title
Frames <= 1.5.7 - Missing Authorization
Slug
frappe
Published
2026-01-01
Title
Frappé <= 1.8 - Unauthenticated Local File Inclusion
Slug
freeagent
Published
2026-01-01
Title
FreeAgent <= 2.1.2 - Unauthenticated Local File Inclusion
Previous
1
2
3
4
5
Next
Subscribe
Subscribed
WPScan
Join 30,625 other subscribers
Sign me up
Already have a WordPress.com account?
Log in now.
WPScan
Subscribe
Subscribed
Sign up
Log in
Report this content
View site in Reader
Manage subscriptions
Collapse this bar