Plugin: Download Manager
Vulnerability: Other Vulnerability Type
Patched Version: 3.2.39
Recommended Action: Update the WordPress Download Manager plugin to the latest available version (at least 3.2.39).
Plugin: iQ Block Country
Vulnerability: Arbitrary File Deletion
Patched Version: 1.2.13
Recommended Action: Update WordPress iQ Block Country plugin to the latest available version (at least 1.2.13).
Plugin: Responsive Menu
Vulnerability: Information Disclosure
Patched Version: 4.1.8
Recommended Action: Update the WordPress Responsive Menu plugin to the latest available version (at least 4.1.8).
Plugin: LearnPress
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 4.1.6
Recommended Action: Update the WordPress LearnPress plugin to the latest available version (at least 4.1.6).
Plugin: StopBadBots
Vulnerability: SQL Injection
Patched Version: 6.930
Recommended Action: Update the WordPress Stop Bad Bots plugin to the latest available version (at least 6.930).
Plugin: Post Grid
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 2.1.16
Recommended Action: Update the WordPress Post Grid plugin to the latest available version (at least 2.1.16).
Plugin: Post Grid
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 2.1.16
Recommended Action: Update the WordPress Post Grid plugin to the latest available version (at least 2.1.16).
Plugin: Super Socializer
Vulnerability: Cross Site Scripting (XSS)
Patched Version: None
Recommended Action: Deactivate and delete. No patched version is available.
Plugin: Sassy Social Share
Vulnerability: Cross Site Scripting (XSS)
Patched Version: None
Recommended Action: Deactivate and delete. No patched version is available.
Plugin: Rearrange Woocommerce Products
Vulnerability: SQL Injection
Patched Version: None
Recommended Action: No patched version is available.
Plugin: Grid KIT Portfolio
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 2.1.0
Recommended Action: Update the WordPress Grid Kit Portfolio plugin to the latest available version (at least 2.1.0).
Plugin: NS WooCommerce Watermark
Vulnerability: Other Vulnerability Type
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of March 15, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: Easy Social Icons
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 3.2.0
Recommended Action: Update the WordPress Easy Social Icons plugin to the latest available version (at least 3.2.0).
Plugin: Ad Inserter
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 2.7.12
Recommended Action: Update the WordPress Ad Inserter plugin to the latest available version (at least 2.7.12).
Plugin: Dropdown Menu Widget
Vulnerability: Other Vulnerability Type
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of March 7, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: File Manager
Vulnerability: Other Vulnerability Type
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of February 28, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: KingComposer
Vulnerability: Cross Site Scripting (XSS)
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of February 2, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: Stripe Payments
Vulnerability: Cross Site Request Forgery (CSRF)
Patched Version: 2.0.54
Recommended Action: Update the WordPress Accept Stripe Payments plugin to the latest available version (at least 2.0.54).
Plugin: MapPress Maps for WordPress
Vulnerability: Remote Code Execution (RCE)
Patched Version: 2.73.13
Recommended Action: Update the WordPress MapPress Maps for WordPress plugin to the latest available version (at least 2.73.13).
Plugin: Ad Inserter Pro
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 2.7.12
Recommended Action: Update the WordPress Ad Inserter Pro premium plugin to the latest available version (at least 2.7.12).
Plugin: Amelia
Vulnerability: Information Disclosure
Patched Version: 1.0.48
Recommended Action: Update the WordPress Amelia plugin to the latest available version (at least 1.0.48).
Plugin: Amelia
Vulnerability: Other Vulnerability Type
Patched Version: 1.0.49
Recommended Action: Update the WordPress Amelia plugin to the latest available version (at least 1.0.49).
Plugin: Members List
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 4.3.7
Recommended Action: Update the WordPress Members List plugin to the latest available version (at least 4.3.7).
Plugin: Mark Posts
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 2.0.1
Recommended Action: Update the WordPress Mark Posts plugin to the latest available version (at least 2.0.1).
Plugin: Material Design for Contact Form 7
Vulnerability: Other Vulnerability Type
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of February 11, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: Gutenberg
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 12.7.2
Recommended Action: Update the WordPress Gutenberg plugin to the latest available version (at least 12.7.2).
Plugin: WordPress
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 5.9.2
Recommended Action: Update the WordPress to the latest available version (at least 5.9.2).
Plugin: WooCommerce
Vulnerability: Other Vulnerability Type
Patched Version: 6.3.1
Recommended Action: Update the WordPress WooCommerce plugin to the latest available version (at least 6.3.1).
Plugin: UpdraftPlus
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 1.22.9
Recommended Action: Update the WordPress UpdraftPlus plugin to the latest available version (at least 1.22.9).
Plugin: Profile Builder
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 3.6.8
Recommended Action: Update the WordPress Profile Builder plugin to the latest available version (at least 3.6.8).
Plugin: Booking Package
Vulnerability: Information Disclosure
Patched Version: 1.5.29
Recommended Action: Update the WordPress Booking Package plugin to the latest available version (at least 1.5.29).