Is your site up to date?
Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable!
Simple Banner
Plugin: Simple Banner
Vulnerability: Authenticated Stored XSS
Patched in Version: 2.10.4
Severity Score: Low
HD Quiz
Plugin: HD Quiz
Vulnerability: Authenticated Stored XSS
Patched in Version: 1.8.4
Severity Score: Low
Contact Form 7 Captcha
Plugin: Contact Form 7 Captcha
Vulnerability: CSRF to Stored XSS
Patched in Version: 0.0.9
Severity Score: High
WPFront Scroll Top
Plugin: WPFront Scroll Top
Vulnerability: Authenticated Stored XSS
Patched in Version: 2.0.6.07225
Severity Score: Medium
WP SMS
Plugin: WP SMS
Vulnerability: Authenticated Stored Cross-Site Scripting
Patched in Version: 5.4.13
Severity Score: Low
Qyrr
Plugin: Qyrr
Vulnerability: Authenticated (contributor+) Stored XSS
Patched in Version: 0.7
Severity Score: Medium
Paid Member Subscriptions
Plugin: Paid Member Subscriptions
Vulnerability: Reflected Cross-Site Scripting (XSS)
Patched in Version: 2.4.2
Severity Score: High
GiveWP
Plugin: GiveWP
Vulnerability: Authenticated Stored XSS
Patched in Version: 2.12.0
Severity Score: Medium
Slider Hero
Plugin: Slider Hero
Vulnerability: CSRF to Stored XSS
Patched in Version: 8.2.7
Severity Score: Critical
Simple Social Media Share Buttons
Plugin: Simple Social Media Share Buttons
Vulnerability: Contributor+ Stored XSS
Patched in Version: 3.2.3
Severity Score: Medium
Advanced Shipment Tracking
Plugin: Advanced Shipment Tracking for WooCommerce
Vulnerability: Authenticated Options Change
Patched in Version: 3.2.7
Severity Score: Critical
WP LMS
Plugin: WP LMS
Vulnerability: Unauthenticated Stored Cross-Site Scripting (XSS)
Patched in Version: 1.1.3
Severity Score: High
Custom Login Redirect
Plugin: Custom Login Redirect
Vulnerability: CSRF to Stored XSS
Patched in Version: no known fix
Severity Score: High
Blue Admin
Plugin: Blue Admin
Vulnerability: CSRF to Stored Cross-Site Scripting (XSS)
Patched in Version: No known fix
Severity Score: High
Favicon by RealFaviconGenerator
Plugin: Favicon by RealFaviconGenerator
Vulnerability: Reflected Cross-Site Scripting (XSS)
Patched in Version: No known fix
Severity Score: High
uListing
Plugin: uListing
Vulnerability: Unauthenticated SQL Injection
Patched in Version: 2.0.4
Severity Score: High
WooCommerce Blocks
Plugin: WooCommerce Blocks 2.5 to 5.5
Vulnerability: Unauthenticated SQL Injection
Patched in Version: 5.5.1
Severity Score: Critical
WooCommerce
Plugin: Woocommerce 3.3 to 5.5
Vulnerability: Authenticated Blind SQL Injection
Patched in Version: 5.5.1
Severity Score: High
Admin Custom Login
Plugin: Admin Custom Login
Vulnerability: CSRF to Stored XSS
Patched in Version: 3.2.8
Severity Score: High
SEO Backlinks
Plugin: SEO Backlinks
Vulnerability: CSRF to Stored XSS
Patched in Version: No known fix
Severity Score: High
Poll Maker
Plugin: Poll Maker
Vulnerability: Reflected Cross-Site Scripting
Patched in Version: 3.2.9
Severity Score: High
Post Index
Plugin: Post Index
Vulnerability: CSRF to Stored XSS
Patched in Version: No known fix
Severity Score: High
Side Menu Lite
Plugin: Side Menu Lite
Vulnerability: Authenticated SQL Injection
Patched in Version: 2.2.6
Severity Score: High
WordPress Download Manager
Plugin: WordPress Download Manager
Vulnerability: Authenticated Directory Traversal
Patched in Version: 3.1.25
Severity Score: Medium
FluentSMTP
Plugin: FluentSMTP
Vulnerability: Authenticated Stored XSS
Patched in Version: 2.0.1
Severity Score: Low
YouTube Feeder
Plugin: Youtube Feeder
Vulnerability: CSRF to Stored XSS
Patched in Version: No known fix
Severity Score: High
Nifty Newsletter
Plugin: Nifty Newsletters
Vulnerability: CSRF to Stored XSS
Patched in Version: No known fix
Severity Score: High
