20170310 Vulnerable Plugins/Themes Report
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXYZAAABAC
1
NameVersion(s) Affected
Fixed in Version
Plugin DirectoryVulnerabilityLink/Plugin StatusSuggested ActionPlugin/ThemeHistorical informationOther Notes
2
Mobile Friendly App Builder by EasyTouchAll versionsunfixedmobile-friendly-app-builder-by-easytouchUnauthenticated Arbitrary File UploadPlugin removed from repositoryRemove IMMEDIATELYPlugin
https://wordpress.org/plugins-wp/mobile-friendly-app-builder-by-easytouch/
3
Mobile App Builder by WappressAll versionsunfixedmobile-app-builder-by-wappressUnauthenticated Arbitrary File UploadPlugin removed from repositoryRemove IMMEDIATELYPlugin
https://wordpress.org/plugins-wp/mobile-app-builder-by-wappress/
4
Wp2Android Turn WP Site into Android AppAll versionsunfixedwp2android-turn-wp-site-into-android-appUnauthenticated Arbitrary File UploadPlugin removed from repositoryRemove IMMEDIATELYPlugin
https://wordpress.org/plugins-wp/wp2android-turn-wp-site-into-android-app/
5
Webapp builderAll versionsunfixedwebapp-builderUnauthenticated Arbitrary File UploadPlugin removed from repositoryRemove IMMEDIATELYPlugin
https://wordpress.org/plugins-wp/webapp-builder/
6
DTrackerAll versionsunfixeddtrackerUnauthenticated Blind SQL Injections, multiplePlugin removed from repositoryRemove IMMEDIATELYPluginhttps://wordpress.org/plugins-wp/dtracker/
7
DTrackerAll versionsunfixeddtrackerUnauthenticated Content InjectionPlugin removed from repositoryRemove IMMEDIATELYPluginhttps://wordpress.org/plugins-wp/dtracker/
8
Opti SEOAll versionsunfixedoption-seoRemote Code ExecutionPlugin removed from repositoryRemove IMMEDIATELYPlugin
9
Profile Builder2.5.8 and earlier2.5.9profile-builderAuthenticated Arbitrary File Uploadhttps://wordpress.org/plugins/profile-builder/Update IMMEDIATELYPlugin
10
Rockhoist Badges1.2.2 and earlierunfixedrockhoist-badgesAuthenticated Stored Cross-Site ScriptingPlugin removed from repositoryRemovePlugin
https://wordpress.org/plugins-wp/rockhoist-badges/
11
AnyVar0.1.1 and earlierunfixedanyvarStored Cross-Site ScriptingPlugin removed from repositoryRemovePluginhttps://wordpress.org/plugins-wp/anyvar/
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...