| 2023-09-20 | WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection | Published |
| 2023-09-20 | WordPress Theme My Login 2FA Brute Force | Published |
| 2023-09-13 | WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection | Published |
| 2023-09-09 | Wordpress Sonaar Music Plugin 4.7 - Stored XSS | Published |
| 2023-08-24 | WordPress Plugin Forminator 1.24.6 Unauthenticated Remote Command Execution | Published |
| 2023-08-13 | WordPress Core 5.6.2 - Xpath Injection | Published |
| 2023-08-11 | WordPress WP Project Manager 2.6.4 Privilege Escalation | Published |
| 2023-08-08 | WordPress Ninja Forms 3.6.25 Cross Site Scripting | Published |
| 2023-08-06 | WordPress EventON Calendar 4.4 Insecure Direct Object Reference | Published |
| 2023-08-03 | WordPress adivaha Travel Plugin 2.3 - SQL Injection | Published |
| 2023-08-03 | WordPress adivaha Travel Plugin 2.3 - Reflected XSS | Published |
| 2023-07-27 | WordPress File Manager Advanced Shortcode 2.3.2 Remote Code Execution | Published |
| 2023-07-27 | WordPress PrePost SEO 3.0 Cross Site Scripting | Published |
| 2023-07-27 | WordPress Tablesome Cross Site Scripting | Published |
| 2023-07-27 | WordPress Login Configurator 2.1 Cross Site Scripting | Published |
| 2023-07-25 | WordPress SEO Alert 1.59 Cross Site Scripting | Published |
| 2023-07-13 | WordPress User Registration 3.0.2 Arbitrary File Upload | Published |
| 2023-07-05 | WordPress WP AutoComplete Search 1.0.4 SQL Injection | Published |
| 2023-07-01 | WordPress Social Login And Register 7.6.4 Authentication Bypass | Published |
| 2023-06-30 | WordPress Ultimate Member 2.6.6 Privilege Escalation | Published |
| 2023-06-22 | WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting | Published |
| 2023-06-19 | WordPress Theme Medic v1.0.0 Weak Password Recovery Mechanism for Forgotten Password | Published |
| 2023-06-17 | WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass | Published |
| 2023-06-10 | WordPress Theme Workreap 2.2.2 Unauthenticated Upload Leading to Remote Code Execution | Published |
| 2023-06-06 | WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF | Published |
| 2023-05-20 | WordPress Elementor Lite 5.7.1 Arbitrary Password Reset | Published |
| 2023-05-17 | WordPress Core 6.2 XSS / CSRF / Directory Traversal | Published |
| 2023-04-25 | WordPress Shield Security 17.0.17 Cross Site Scripting / Missing Authorization | Published |
| 2023-03-15 | WordPress Profile Builder 3.9.0 Missing Authorization | Published |
| 2023-03-09 | WordPress Real Estate 7 Theme < = 3.3.4 - Abuse of Functionality | Published |
| 2023-03-08 | WordPress WoodMart Theme < = 7.1.0 - Unauthenticated Arbitrary Shortcodes Injection | Published |
| 2023-03-05 | WordPress Real Estate 7 Theme < = 3.3.4 - Multiple Cross-Site Request Forgery CSRF Vulnerabilit | Published |
| 2023-03-05 | WordPress Real Estate 7 Theme < = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSS | Published |
| 2023-03-05 | WordPress WoodMart Theme < = 7.1.1 - Theme License Options Change via CSRF | Published |
| 2023-03-01 | WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting | Published |
| 2023-03-01 | WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery | Published |
| 2023-02-12 | Wordpress Multiple themes - Unauthenticated Arbitrary File Upload | Published |