This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
The Solid Security plugin for WordPress, which helps keep your passwords and accounts safe, has a vulnerability that could allow attackers to spoof or fake their IP address. This means they could pot...
Read MoreThe Solid Security plugin for WordPress is vulnerable to a security issue in all versions up to, and including, 9.0.0. This issue means that if someone has comments enabled on their website and they ...
Read MoreThe Better WP Security plugin for WordPress has a security flaw in versions up to 3.6.3. This flaw makes it possible for attackers who have already logged into the system to insert malicious web scri...
Read MoreThe iThemes Security plugin for WordPress is vulnerable to a type of attack called Cross-Site Scripting (XSS). Versions up to and including 5.3.4 of the plugin have a security flaw that does not prop...
Read MoreThe Better WP Security plugin for WordPress had multiple security flaws allowing remote attackers to put malicious code on websites using the plugin. This code could allow attackers to access or modif...
Read MoreThe iThemes Security plugin for WordPress is vulnerable to malicious code being injected into webpages. This vulnerability affects versions up to and including 3.4.3. Unauthenticated attackers can in...
Read MoreThe iThemes Security plugin for WordPress is vulnerable to a type of malicious code, called Stored Cross-Site Scripting, in versions up to and including 4.6.12. This vulnerability allows attackers to...
Read MoreThe iThemes Security plugin for WordPress
Read MoreThe iThemes Security plugin for WordPress has a security vulnerability in versions before 3.6.4 that could allow attackers to insert malicious code into pages on a website. When a user accesses an in...
Read MoreThe iThemes Security for WordPress was vulnerable to a type of attack called Stored Cross-Site Scripting. This was possible because of a lack of protection against malicious inputs and outputs in ver...
Read MoreThe iThemes Security plugin for WordPress before version 7.0.3 had a security flaw that allowed someone with Admin privileges to perform an attack called SQL Injection on the logs page.
Read MoreThe Better WP Security (iThemes) plugin for WordPress
Read MoreThe iThemes Security plugin for WordPress is not secure in versions up to 5.3.0. This means that anyone can access the backup and log files created by the plugin, without needing to be authenticated ...
Read MoreThe iThemes Security plugin for WordPress is not secure in versions up to 5.3.5. An attacker that is logged into the website can use this vulnerability to take administrative actions, such as creatin...
Read Moreby setting the ‘disable_wordpress_login_php’ option to true. It is possible to get around the login page that is hidden in iThemes Security (versions lower than 7.9.1) and iThemes Security Pro (v...
Read MoreThe Better WP Security plugin for WordPress is vulnerable to a type of security problem called Stored Cross-Site Scripting. This vulnerability affects versions of the plugin up to and including versi...
Read MoreThe iThemes Security plugin for WordPress has a vulnerability in versions up to, and including 5.6.1, that could allow attackers to gain access to sensitive information. The vulnerability works by ca...
Read MoreThe iThemes Security plugin for WordPress has a security issue in versions up to
Read More