Is your site up to date?
Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable!
Pinterest Automatic
Plugin:Â WordPress Automatic
Vulnerability: Unauthenticated Arbitrary Options Update
Patched in Version: 3.53.3
ELEX WooCommerce Google Shopping
Plugin:Â ELEX WooCommerce Google ShoppingÂ
Vulnerability: Reflected Cross-Site Scripting (XSS)
Patched in Version: 1.2.4
User Registration
Plugin:Â User Registration
Vulnerability: Low Privilege Stored Cross-Site Scripting
Patched in Version: 2.0.2
Severity Score: Medium
uListing
Plugin:Â uListing
Vulnerability: Arbitrary Blog Option Update via CSRF
Patched in Version: 2.0.9
Appointment Hour Booking
Plugin:Â Appointment Hour BookingÂ
Vulnerability: Authenticated Stored Cross-Site Scripting
Patched in Version: 1.3.16
UsersWP
Plugin:Â UsersWP
Vulnerability: Reflected Cross-Site Scripting
Patched in Version: 1.2.2.29
PublishPress Editorial Calendar
Plugin:Â PublishPress Editorial Calendar
Vulnerability: Reflected Cross-Site Scripting
Patched in Version: 3.5.1
Better Find and Replace
Plugin:Â Better Find and Replace
Vulnerability: Reflected Cross-Site Scripting
Patched in Version: 1.2.9
CM Tooltip Glossary
Plugin:Â CM Tooltip Glossary
Vulnerability: Contributor+ Stored Cross-Site Scripting
Patched in Version: 3.9.21
Bitcoin / AltCoin Payment Gateway for WooCommerce
Plugin:Â Bitcoin / AltCoin Payment Gateway for WooCommerce
Vulnerability: Reflected Cross-Site Scripting
Patched in Version: 1.6.1
Modern Events Calendar Lite
Plugin:Â Modern Events Calendar Lite
Vulnerability: Admin+ Stored Cross-Site Scripting
Patched in Version: 5.22.2
My Chatbot
Theme:Â My ChatbotÂ
Vulnerability: Reflected Cross-Site Scripting (XSS)
Patched in Version:Â No known fix
Duplicate Page
Plugin:Â Duplicate Page
Vulnerability: Admin+ Stored Cross-Site Scripting
Patched in Version: 4.4.3
Weather Effect
Plugin:Â Weather Effect
Vulnerability: Admin+ Stored Cross-Site Scripting
Patched in Version: 1.3.6
Chained Quiz
Plugin:Â Chained Quiz
Vulnerability: Authenticated Stored Cross Site Scripting
Patched in Version: 1.2.7.2
WP Academic People List
Plugin:Â WP Academic People ListÂ
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Konnichiwa! Membership
Plugin:Â Konnichiwa! Membership
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
3D Cover Carousel
Plugin:Â 3D Cover Carousel
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
More From Google
Plugin:Â More From GoogleÂ
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
simpleSAMLphp Authentication
Plugin:Â simpleSAMLphp Authentication
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Custom Menu Plugin
Plugin:Â Custom Menu Plugin
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Twitter Friends Widget
Plugin:Â Twitter Friends Widget
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
RentPress
Plugin:Â RentPress
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
SP Rental Manager
Plugin:Â SP Rental Manager
Vulnerability: Unauthenticated SQL Injection
Patched in Version:Â No known fix
User Activation Email
Plugin:Â User Activation Email
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
WP Google Maps
Plugin:Â WP Google Maps
Vulnerability: Multiple Admin+ Stored Cross-Site Scripting
Patched in Version: 8.1.13
GeoDirectory
Plugin:Â GeoDirectory
Vulnerability: Authenticated (admin+) Stored Cross-Site Scripting (XSS)
Patched in Version: 2.1.1.3
TranslatePress
Plugin:Â TranslatePress
Vulnerability: Authenticated Stored Cross-Site Scripting
Patched in Version: 2.0.9
Post Title Counter
Plugin:Â Post Title Counter
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
YouTube Video Inserter
Plugin:Â YouTube Video Inserter
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Notices
Plugin:Â Notices
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
DJ EmailPublish
Plugin:Â DJ EmailPublish
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Visual Link Preview
Plugin:Â Visual Link Preview
Vulnerability: Unauthorised AJAX Calls
Patched in Version: 2.2.3
Severity Score: Medium
Yet Another bol.com Plugin
Plugin:Â Yet Another bol.com Plugin
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
WP-T-Wap
Plugin:Â WP-T-Wap
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
On Page SEO + Whatsapp Chat Button
Plugin:Â On Page SEO + Whatsapp Chat Button
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
WP Scrippets
Plugin:Â WP Scrippets
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
WP Design Maps & Places
Plugin:Â WP Design Maps & Places
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Wise Agent Capture Forms
Plugin:Â Wise Agent Capture Forms
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Edit Comments XT
Plugin:Â Edit Comments XTÂ
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
RSVPMaker Excel
Plugin:Â RSVPMaker Excel
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Border Loading Bar
Plugin:Â Border Loading Bar
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Simple Matted Thumbnails
Plugin:Â Simple Matted Thumbnails
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
WordPress Simple Shop
Plugin:Â WordPress Simple Shop
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
WooCommerce Payment Gateway Per Category
Plugin:Â WooCommerce Payment Gateway Per Category
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Custom Website Data
Plugin:Â Custom Website Data
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Advance Search
Plugin:Â Advance Search
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Integration of Moneybird for WooCommerce
Plugin:Â Integration of Moneybird for WooCommerce
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Spideranalyse
Plugin:Â Integration of Moneybird for WooCommerce
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
OSD Subscribe
Plugin:Â OSD Subscribe
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Feedify Web Push Notifications
Plugin:Â Feedify Web Push Notifications
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Dropdown and scrollable Text
Plugin:Â Dropdown and scrollable Text
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
GNU-Mailman Integration
Plugin:Â GNU-Mailman Integration
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
Bug Library
Plugin:Â Bug Library
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
SMS OVH
Plugin:Â SMS OVH
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
MoolaMojo
Plugin:Â MoolaMojo
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
WordPress InviteBox Plugin
Plugin:Â WordPress InviteBox Plugin
Vulnerability: Reflected Cross-Site Scripting
Patched in Version:Â No known fix
wp-publications
Plugin:Â wp-publications
Vulnerability: Local File Inclusion
Patched in Version:Â No known fix
Timetable and Event Schedule by MotoPress
Plugin:Â Timetable and Event Schedule by MotoPress
Vulnerability: Author+ Stored Cross-Site Scripting
Patched in Version: 2.3.19
Comment Link Remove and Other Comment Tools
Plugin:Â Comment Link Remove and Other Comment Tools
Vulnerability: Arbitrary Comment Deletion via CSRF
Patched in Version: 2.1.6
WP Simple Booking Calendar
Plugin:Â WP Simple Booking Calendar
Vulnerability: Authenticated SQL Injection
Patched in Version: 2.0.6
Block and Stop Bad Bots
Plugin:Â Block and Stop Bad Bots
Vulnerability: Authenticated SQL Injections
Patched in Version: 6.60
Paid Member Subscriptions
Plugin:Â Paid Member Subscriptions
Vulnerability: Authenticated SQL Injection
Patched in Version: 2.4.2
Easy Accordion
Plugin:Â Easy Accordion
Vulnerability:Â Admin+ Stored Cross-Site Scripting
Patched in Version: 2.0.22