Exploits found on the INTERNET

This is live excerpt from our database. Available also using API

Edit Date Name Status
2021-06-09WordPress Visitors-App 0.3 Cross Site ScriptingPublished
2021-06-08WordPress wpDiscuz 7.0.4 Remote Code ExecutionPublished
2021-06-07Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload UnauthenticatedPublished
2021-06-01WordPress WP Prayer 1.6.1 Cross Site ScriptingPublished
2021-05-28WordPress LifterLMS 4.21.0 Cross Site ScriptingPublished
2021-05-25WordPress WP Statistics 13.0.7 SQL InjectionPublished
2021-05-25WordPress ReDi Restaurant Reservation 21.0307 Cross Site ScriptingPublished
2021-05-25WordPress Cookie Law Bar 1.2.1 Cross Site ScriptingPublished
2021-05-23WordPress Plugin Stop Spammers 2021.8 log Reflected Cross-site Scripting XSSPublished
2021-05-17Goto WordPress Theme 2.0 - Unauthenticated Blind SQL InjectionPublished
2021-05-17Mediumish WordPress Theme < = 1.0.47 - Unauthenticated Reflected XSS & XFSPublished
2021-05-17Listeo WordPress Theme < = 1.6.10 - Multiple XSS & XFS vulnerabilitiesPublished
2021-05-17Bello WordPress Theme < = 1.5.9 - Unauthenticated Reflected XSS & XFSPublished
2021-05-17WP-DB-Backup WordPress Plugin < = 2.3.3 - Authenticated Persistent XSSPublished
2021-05-17Listeo WordPress Theme < = 1.6.10 - Multiple Authenticated IDOR VulnerabilitiesPublished
2021-05-17GiveWP WordPress Plugin < = 2.10.3 - Authenticated Persistent XSSPublished
2021-05-17Bello WordPress Theme < = 1.5.9 - Authenticated XFSPublished
2021-05-17Bello WordPress Theme < = 1.5.9 - Unauthenticated Blind SQL InjectionPublished
2021-05-17GA Google Analytics WordPress Plugin < = 20210211 - Multiple Authenticated Persistent XSSPublished
2021-05-06WordPress WP Super Edit 2.5.4 Arbitrary File UploadPublished
2021-04-28WordPress Plugin WPGraphQL 1.3.5 Denial of ServicePublished
2021-04-27WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting XSSPublished
2021-04-27WordPress WPGraphQL 1.3.5 Denial Of ServicePublished
2021-04-23WordPress Plugin RSS for Yandex Turbo 1.29 Stored Cross-Site Scripting XSSPublished
2021-04-21WordPress RSS For Yandex Turbo 1.29 Cross Site ScriptingPublished
2021-04-12Wordpress Websites Remote File Upload ExploitPublished
2021-04-02Realteo WordPress Plugin < = 1.2.3 - Improper Access ControlPublished
2021-04-02Realteo WordPress Plugin < = 1.2.3 - Unauthenticated Reflected XSSPublished
2021-04-01Goto WordPress Theme < = 1.9 - Unauthenticated Reflected XSSPublished
2021-03-24WordPress GiveWP 2.9.7 Cross Site ScriptingPublished
2021-03-23Controlled Admin Access WordPress Plugin < = 1.4.0 - Improper Access Control & Privilege EscaPublished
2021-03-22WordPress Delightful Downloads Jquery File Tree 1.6.6 Path TraversalPublished
2021-03-19WP Super Cache WordPress Plugin < = 1.7.1 - Authenticated RCE / XSS -> RCEPublished
2021-02-24WordPress Plugin Supsystic Data Tables Generator 1.9.96 Multiple VulnerabilitiesPublished
2021-02-24WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote CodePublished
2021-02-21WordPress Plugin Supsystic Ultimate Maps 1.1.12 sidx SQL injectionPublished
2021-02-18WordPress Plugin Supsystic Digital Publications 1.6.9 Multiple VulnerabilitiesPublished
2021-02-13WordPress Plugin Supsystic Contact Form 1.7.5 Multiple VulnerabilitiesPublished
2021-02-08WordPress Supsystic Data Tables Generator 1.9.96 XSS / SQL InjectionPublished




Copyright © 2021 Exploitalert v1 BETA.
About us & Partners This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy