WordPress Track That Stat Plugin <= 1.0.8 Cross Site Scripting

WordPress Track That Stat Plugin <= 1.0.8 Cross Site Scripting http://packetstormsecurity.org/files/112722/ XSS WordPress WP-Facethumb Gallery Plugin <= 0.1 Reflected Cross Site Scripting http://packetstormsecurity.org/files/112658/ XSS WordPress Survey And Quiz Tool <= 2.9.2 Cross Site Scripting http://packetstormsecurity.org/files/112685/ XSS WordPress WP Statistics <= 2.2.4 Cross Site Scripting http://packetstormsecurity.org/files/112686/ XSS WordPress WP Easy Gallery <= 1.7 Cross Site Scripting http://packetstormsecurity.org/files/112687/ XSS WordPress Subscribe2 <= 8.0 Cross Site Scripting http://packetstormsecurity.org/files/112688/ XSS WordPress Soundcloud Is Gold <= 2.1 Cross Site Scripting http://packetstormsecurity.org/files/112689/ XSS WordPress Sharebar <= 1.2.1 SQL Injection / Cross Site Scripting http://packetstormsecurity.org/files/112690/ MULTI WordPress Share And Follow <= 1.80.3 Cross Site Scripting http://packetstormsecurity.org/files/112691/ XSS WordPress SABRE <= 1.2.0 Cross Site Scripting http://packetstormsecurity.org/files/112692/ XSS WordPress Pretty Link Lite <= 1.5.2 Cross Site Scripting http://packetstormsecurity.org/files/112693/ XSS WordPress Newsletter Manager <= 1.0 Cross Site Scripting http://packetstormsecurity.org/files/112694/ XSS WordPress Network Publisher <= 5.0.1 Cross Site Scripting http://packetstormsecurity.org/files/112695/ XSS WordPress LeagueManager <= 3.7 Cross Site Scripting http://packetstormsecurity.org/files/112698/ XSS WordPress Leaflet <= 0.0.1 Cross Site Scripting http://packetstormsecurity.org/files/112699/ XSS WordPress PDF And Print Button Joliprint <= 1.3.0 Cross Site Scripting http://packetstormsecurity.org/files/112700/ XSS WordPress IFrame Admin Pages <= 0.1 Cross Site Scripting http://packetstormsecurity.org/files/112701/ XSS WordPress EZPZ One Click Backup <= 12.03.10 Cross Site Scripting http://packetstormsecurity.org/files/112705/ XSS WordPress Dynamic Widgets <= 1.5.1 Cross Site Scripting http://packetstormsecurity.org/files/112706/ XSS WordPress Download Monitor <= 3.3.5.4 Cross Site Scripting http://packetstormsecurity.org/files/112707/ XSS WordPress Download Manager <= 2.2 Cross Site Scripting http://packetstormsecurity.org/files/112708/ XSS WordPress Code Styling Localization <= 1.99.16 Cross Site Scripting http://packetstormsecurity.org/files/112709/ XSS WordPress Catablog <= 1.6 Cross Site Scripting http://packetstormsecurity.org/files/112619/ XSS WordPress Bad Behavior <= 2.24 Cross Site Scripting http://packetstormsecurity.org/files/112619/ XSS WordPress BulletProof Security <= 0.47 Cross Site Scripting http://packetstormsecurity.org/files/112618/ XSS WordPress Better WP Security <= 3.2.4 Cross Site Scripting http://packetstormsecurity.org/files/112617/ XSS WordPress Custom Contact Forms <= 5.0.0.1 Cross Site Scripting http://packetstormsecurity.org/files/112616/ XSS WordPress 2-Click-Socialmedia-Buttons <= 0.34 Cross Site Scripting http://packetstormsecurity.org/files/112615/ XSS WordPress 2-Click-Socialmedia-Buttons <= 0.32.2 Cross Site Scripting http://packetstormsecurity.org/files/112711/ XSS Wordpress Login With Ajax plugin < 3.0.4.1 Cross Site Scripting http://secunia.com/advisories/49013/ XSS Wordpress Media Library Categories plugin <= 1.0.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17628/ SQLI Wordpress Media Library Categories plugin <= 1.1.1 Cross Site Scripting http://packetstormsecurity.org/files/112697/ SQLI Wordpress FCKeditor Deans With Pwwangs Code Plugin <= 1.0.0 Remote Shell Upload http://packetstormsecurity.org/files/111319/ RFI Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities http://www.exploit-db.com/exploits/18787/ XSS Wordpress Zingiri Web Shop Plugin <= 2.3.5 Cross Site Scripting http://packetstormsecurity.org/files/112684/ XSS WordPress Organizer 1.2.1 Cross Site Scripting / Path Disclosure http://packetstormsecurity.org/files/112086 MULTI Zingiri Tickets Wordpress plugin File Disclosure http://packetstormsecurity.org/files/111904 UNKNOWN XSS vulnerability in CMS Tree Page View Wordpress Plugin https://www.htbridge.com/advisory/HTB23083 XSS Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress http://seclists.org/bugtraq/2012/Apr/70 XSS Wordpress Buddypress <= 1.5.5 SQL Injection http://www.exploit-db.com/exploits/18690/ SQLI Wordpress Register Plus Redux <= 3.8.3 Cross Site Scripting http://packetstormsecurity.org/files/111367 XSS Wordpress Magn WP Drag and Drop <= 1.1.4 Upload Shell Upload Vulnerability http://packetstormsecurity.org/files/110103 UPLOAD Wordpress Kish Guest Posting Plugin 1.0 Arbitrary File Upload http://www.exploit-db.com/exploits/18412/ RFI WordPress AllWebMenus Shell Upload <= 1.1.9 Shell Upload http://packetstormsecurity.org/files/108946/ RFI Wordpress AllWebMenus Plugin 1.1.3 Remote File Inclusion http://www.exploit-db.com/exploits/17861/ RFI /wp-content/plugins/allwebmenus-wordpress-menu-plugin/actions.php abspath=XXpathXX WordPress Shortcode Redirect <= 1.0.01 Stored Cross Site Scripting http://packetstormsecurity.org/files/108914/ XSS Wordpress uCan Post plugin <= 1.0.09 Stored XSS http://www.exploit-db.com/exploits/18390/ XSS WordPress WP Cycle Playlist plugin Multiple Vulnerabilities http://1337day.com/exploits/17396 MULTI WordPress myEASYbackup 1.0.8.1 Directory Traversal http://packetstormsecurity.org/files/108711 UNKNOWN WordPress Count Per Day plugin <= 3.1.1 Multiple Vulnerabilities http://www.exploit-db.com/exploits/18355/ MULTI WordPress Count per Day plugin <= 2.17 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17857/ SQLI WordPress WP-AutoYoutube plugin <= 0.1 Blind SQL Injection Vulnerability http://1337day.com/exploits/17368 SQLI WordPress Age Verification plugin <= 0.4 Open Redirect http://www.exploit-db.com/exploits/18350 REDIRECT WordPress Yousaytoo Auto Publishing <= 1.0 Cross Site Scripting http://packetstormsecurity.org/files/108470 XSS Wordpress Pay With Tweet plugin <= 1.1 Multiple Vulnerabilities http://www.exploit-db.com/exploits/18330/ MULTI Wordpress Whois Search <= 1.4.2 Cross Site Scripting http://packetstormsecurity.org/files/108271 XSS BLIND SQL injection UPM-POLLS wordpress plugin 1.0.4 http://www.exploit-db.com/exploits/18231/ SQLI WordPress Plugin Disqus Comment System <= 2.68 Reflected Cross-Site Scripting (XSS) http://www.ethicalhack3r.co.uk/security/wordpress-plugin-disqus-comment-system-xss/ XSS Google reCAPTCHA Wordpress Plugin <= 3.1.3 Reflected XSS Vulnerability http://security-sh3ll.blogspot.com/2011/12/google-recaptcha-wordpress-plugin.html XSS WordPress Link Library plugin <= 5.2.1 SQL Injection http://www.exploit-db.com/exploits/17887/ SQLI WordPress CevherShare 2.0 plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/17891/ SQLI WordPress WP Glossary plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/18055/ SQLI WordPress jetpack plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/18126/ SQLI Wordpress meenews 5.1 plugin Cross-Site Scripting Vulnerabilities http://seclists.org/bugtraq/2011/Nov/151 XSS WordPress Click Desk Live Support Chat < 2.0 Cross Site Scripting Vulnerability http://seclists.org/bugtraq/2011/Nov/148 XSS WordPress adminimize 1.7.21 Plugin Cross-Site Scripting Vulnerabilities http://seclists.org/bugtraq/2011/Nov/135 XSS Advanced Text Widget <= 2.0.0 Cross Site Scripting Vulnerability http://seclists.org/bugtraq/2011/Nov/133 XSS WordPress MM Duplicate plugin <= 1.2 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17707/ SQLI WordPress UnGallery plugin <= 1.5.8 Local File Disclosure Vulnerability http://www.exploit-db.com/exploits/17704/ LFI WordPress Menu Creator plugin <= 1.1.7 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17689/ SQLI WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17688/ SQLI WordPress Global Content Blocks plugin <= 1.2 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17687/ SQLI WordPress Ajax Gallery plugin <= 3.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17686/ SQLI WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17683/ SQLI WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17681/ SQLI WordPress Easy Contact Form Lite plugin <= 1.0.7 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17680/ SQLI WordPress WP Symposium plugin <= 0.64 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17679/ SQLI WordPress Contus HD FLV Player plugin <= 1.3 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17678/ SQLI WordPress File Groups plugin <= 1.1.2 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17677/ SQLI WordPress IP-Logger plugin <= 3.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17673/ SQLI Wordpress Beer Recipes Plugin v.1.0 XSS http://www.exploit-db.com/exploits/17453/ SQLI WPtouch WordPress Plugin 1.9.27 URL redirection http://www.exploit-db.com/exploits/17423/ REDIRECT WordPress wptouch plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/18039/ SQLI Is-human <=1.4.2 Wordpress Plugin Remote Command Execution Vulnerability http://www.exploit-db.com/exploits/17299/ RCE EditorMonkey WordPress plugin (FCKeditor) Arbitrary File Upload http://www.exploit-db.com/exploits/17284/ UPLOAD WordPress SermonBrowser Plugin 0.43 SQL Injection http://www.exploit-db.com/exploits/17214/ SQLI Ajax Category Dropdown Wordpress Plugin 0.1.5 Multiple Vulnerabilities http://www.exploit-db.com/exploits/17207/ MULTI WordPress WP Custom Pages Plugin 0.5.0.1 LFI Vulnerability http://www.exploit-db.com/exploits/17119/ LFI GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple Vulnerabilities http://www.exploit-db.com/exploits/16947/ MULTI GRAND Flash Album Gallery <= 1.56 Wordpress Plugin XSS Vulnerability http://seclists.org/bugtraq/2011/Nov/186 XSS Wordpress Plugin GRAND Flash Album Gallery <= 1.71 XSS Vulnerability http://packetstormsecurity.org/files/112704 XSS PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec Exploit http://www.exploit-db.com/exploits/16273/ RCE OPS Old Post Spinner 2.2.1 Wordpress Plugin LFI Vulnerability http://www.exploit-db.com/exploits/16251/ LFI jQuery Mega Menu 1.0 Wordpress Plugin Local File Inclusion http://www.exploit-db.com/exploits/16250/ LFI IWantOneButton 3.0.1 Wordpress Plugin Multiple Vulnerabilities http://www.exploit-db.com/exploits/16236/ MULTI WP Forum Server 1.6.5 Wordpress Plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/16235/ SQLI WordPress WP Forum Server plugin <= 1.7 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17828/ SQLI WordPress WP Forum Server plugin <= 1.7.3 SQL Injection / XSS Vulnerabilities http://www.packetstormsecurity.org/files/112703 MULTI Relevanssi 2.7.2 Wordpress Plugin Stored XSS Vulnerability http://www.exploit-db.com/exploits/16233/ XSS GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability http://www.exploit-db.com/exploits/16232/ XSS Comment Rating 2.9.23 Wordpress Plugin Multiple Vulnerabilities http://www.exploit-db.com/exploits/16221/ MULTI Z-Vote 1.1 Wordpress Plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/16218/ SQLI WordPress User Photo Component Remote File Upload Vulnerability http://www.exploit-db.com/exploits/16181/ UPLOAD Enable Media Replace WordPress Plugin Multiple Vulnerabilities http://www.exploit-db.com/exploits/16144/ MULTI WordPress Mingle Forum <= 1.0.32.1 Cross Site Scripting / SQL Injection http://packetstormsecurity.org/files/108915/ MULTI WordPress Mingle Forum plugin <= 1.0.31 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17894/ SQLI Mingle Forum (WordPress Plugin) <= 1.0.26 Multiple Vulnerabilities http://www.exploit-db.com/exploits/15943/ MULTI Wordpress Mingle Forum <= 1.0.33 Cross Site Scripting http://packetstormsecurity.org/files/112696/ MULTI WORDPRESS Plugin Accept Signups 0.1 XSS http://www.exploit-db.com/exploits/15808/ XSS Wordpress Events Manager Extended Plugin Persistent XSS Vulnerability http://www.exploit-db.com/exploits/14923/ XSS WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability http://www.exploit-db.com/exploits/14541/ SQLI WordPress Plugin myLDlinker SQL Injection Vulnerability http://www.exploit-db.com/exploits/14441/ SQLI Wordpress Firestats Remote Configuration File Download http://www.exploit-db.com/exploits/14308/ UNKNOWN Simple:Press Wordpress Plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/14198/ SQLI Vulnerabilities in Cimy Counter for WordPress http://www.exploit-db.com/exploits/14057/ MULTI XSS Vulnerability in NextGEN Gallery Wordpress Plugin http://www.exploit-db.com/exploits/12098/ XSS WordPress Copperleaf Photolog SQL injection http://www.exploit-db.com/exploits/11458/ SQLI Wordpress Events Plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/10929/ SQLI Wordpress Image Manager Plugins Shell Upload Vulnerability http://www.exploit-db.com/exploits/10325/ UPLOAD Vulnerabilities in WP-Cumulus <= 1.20 for WordPress http://www.exploit-db.com/exploits/10228/ MULTI WP-Cumulus < 1.23 Cross Site Scripting Vulnerabily http://seclists.org/fulldisclosure/2011/Nov/340 XSS Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution http://www.exploit-db.com/exploits/9431/ RCE WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability http://www.exploit-db.com/exploits/9150/ SQLI WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability http://www.exploit-db.com/exploits/9054/ SQLI WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability http://www.exploit-db.com/exploits/9048/ LFI WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln http://www.exploit-db.com/exploits/9043/ RFI /wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=XXpathXX WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability http://www.exploit-db.com/exploits/8961/ SQLI WordPress Photoracer plugin <= 1.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17720/ SQLI WordPress Photoracer plugin <= 1.0 Multiple Vulnerabilities http://www.exploit-db.com/exploits/17731/ MULTI Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability http://www.exploit-db.com/exploits/8791/ LFI Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability http://www.exploit-db.com/exploits/8229/ SQLI Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln http://www.exploit-db.com/exploits/7543/ LFI Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit http://www.exploit-db.com/exploits/6867/ UPLOAD Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit http://www.exploit-db.com/exploits/6127/ UPLOAD Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/5486/ SQLI Wordpress Plugin Download (dl_id) SQL Injection Vulnerability http://www.exploit-db.com/exploits/5326/ SQLI Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities http://www.exploit-db.com/exploits/5194/ MULTI Wordpress Photo album Remote SQL Injection Vulnerability http://www.exploit-db.com/exploits/5135/ SQLI Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability http://www.exploit-db.com/exploits/5126/ SQLI Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability http://www.exploit-db.com/exploits/5127/ SQLI Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability http://www.exploit-db.com/exploits/5053/ SQLI Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln http://www.exploit-db.com/exploits/6777/ SQLI Wordpress Plugin Wordspew Remote SQL Injection Vulnerability http://www.exploit-db.com/exploits/5039/ SQLI Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities http://www.exploit-db.com/exploits/5035/ MULTI Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit http://www.exploit-db.com/exploits/5017/ SQLI Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit http://www.exploit-db.com/exploits/5013/ SQLI Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability http://www.exploit-db.com/exploits/4993/ SQLI Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability http://www.exploit-db.com/exploits/4992/ SQLI Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability http://www.exploit-db.com/exploits/4939/ SQLI Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability http://www.exploit-db.com/exploits/7738/ SQLI Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability http://www.exploit-db.com/exploits/4844/ UPLOAD Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability http://www.exploit-db.com/exploits/4695/ LFI WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability http://www.exploit-db.com/exploits/4593/ RFI /wp-content/plugins/BackUp/Archive.php?bkpwp_plugin_path=XXpathXX Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability http://www.exploit-db.com/exploits/3828/ RFI /wp-content/plugins/myflash/myflash-button.php?wpPATH=XXpathXX Wordpress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability http://www.exploit-db.com/exploits/3825/ RFI /wp-content/plugins/wordtube/wordtube-button.php?wpPATH=XXpathXX Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability http://www.exploit-db.com/exploits/3824/ RFI /wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=XXpathXX Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability http://www.exploit-db.com/exploits/3814/ RFI /mygallery/myfunctions/mygallerybrowser.php?myPath=XXpathXX WordPress SendIt plugin <= 1.5.9 Blind SQL Injection Vulnerability http://www.exploit-db.com/exploits/17716/ SQLI WordPress Js-appointment plugin <= 1.5 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17724/ SQLI WordPress MM Forms Community plugin <= 1.2.3 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17725/ SQLI WordPress Super CAPTCHA plugin <= 2.2.4 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17728/ SQLI WordPress Collision Testimonials plugin <= 3.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17729/ SQLI WordPress Oqey Headers plugin <= 0.3 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17730/ SQLI WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17737/ SQLI WordPress Evarisk plugin <= 5.1.3.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17738/ SQLI WordPress Profiles plugin <= 2.0 RC1 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17739/ SQLI WordPress mySTAT plugin <= 2.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17740/ SQLI WordPress SH Slideshow plugin <= 3.1.4 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17748/ SQLI WordPress iCopyright(R) Article Tools plugin <= 1.1.4 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17749/ SQLI WordPress Advertizer plugin <= 1.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17750/ SQLI WordPress Event Registration plugin <= 5.44 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17814/ SQLI WordPress Event Registration plugin <= 5.43 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17751/ SQLI Wordpress Event Registration Plugin 5.32 SQL Injection Vulnerability http://www.exploit-db.com/exploits/15513/ SQLI WordPress Craw Rate Tracker plugin <= 2.0.2 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17755/ SQLI WordPress wp audio gallery playlist plugin <= 0.12 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17756/ SQLI WordPress yolink Search plugin <= 1.1.4 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17757/ SQLI WordPress PureHTML plugin <= 1.0.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17758/ SQLI WordPress Couponer plugin <= 1.2 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17759/ SQLI WordPress grapefile plugin <= 1.1 Arbitrary File Upload http://www.exploit-db.com/exploits/17760/ UPLOAD WordPress image-gallery-with-slideshow plugin <= 1.5 Arbitrary File Upload / SQL Injection http://www.exploit-db.com/exploits/17761/ MULTI WordPress Donation plugin <= 1.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17763/ SQLI WordPress WP Bannerize plugin <= 2.8.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17764/ SQLI WordPress WP Bannerize plugin <= 2.8.7 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17906/ SQLI WordPress SearchAutocomplete plugin <= 1.0.8 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17767/ SQLI WordPress VideoWhisper Video Presentation plugin <= 1.1 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17771/ SQLI WordPress Facebook Opengraph Meta plugin <= 1.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17773/ SQLI WordPress Zotpress plugin <= 4.4 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17778/ SQLI WordPress oQey Gallery plugin <= 0.4.8 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17779/ SQLI WordPress Tweet Old Post plugin <= 3.2.5 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17789/ SQLI WordPress post highlights plugin <= 2.2 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17790/ SQLI WordPress KNR Author List Widget plugin <= 2.0.0 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17791/ SQLI WordPress SCORM Cloud plugin <= 1.0.6.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17793/ SQLI WordPress Eventify - Simple Events plugin <= 1.7.f SQL Injection Vulnerability http://www.exploit-db.com/exploits/17794/ SQLI WordPress Paid Downloads plugin <= 2.01 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17797/ SQLI WordPress Community Events plugin <= 1.2.1 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17798/ SQLI Wordpress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF) http://www.exploit-db.com/exploits/17801/ UPLOAD WordPress WP-Filebase Download Manager plugin <= 0.2.9 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17808/ SQLI WordPress A to Z Category Listing plugin <= 1.3 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17809/ SQLI WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/17832/ SQLI WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability http://www.exploit-db.com/exploits/17858/ LFI Wordpress TheCartPress Plugin <= 1.6 Cross Site Sripting http://packetstormsecurity.org/files/108272/ XSS Wordpress TheCartPress Plugin 1.1.1 Remote File Inclusion http://www.exploit-db.com/exploits/17860/ RFI /wp-content/plugins/thecartpress/checkout/CheckoutEditor.php?tcp_save_fields=true&tcp_class_name=asdf&tcp_class_path=XXpathXX Wordpress WPEasyStats Plugin 1.8 Remote File Inclusion http://www.exploit-db.com/exploits/17862/ RFI /wp-content/plugins/wpeasystats/export.php?homep=XXpathXX Wordpress Annonces Plugin 1.2.0.0 Remote File Inclusion http://www.exploit-db.com/exploits/17863/ RFI /wp-content/plugins/annonces/includes/lib/photo/uploadPhoto.php?abspath=XXpathXX Wordpress Livesig Plugin 0.4 Remote File Inclusion http://www.exploit-db.com/exploits/17864/ RFI /wp-content/plugins/livesig/livesig-ajax-backend.php wp-root=XXpathXX&action=asdf Wordpress Disclosure Policy Plugin 1.0 Remote File Inclusion http://www.exploit-db.com/exploits/17865/ RFI /wp-content/plugins/disclosure-policy-plugin/functions/action.php?delete=asdf&blogUrl=asdf&abspath=XXpathXX Wordpress Mailing List Plugin 1.3.2 Remote File Inclusion http://www.exploit-db.com/exploits/17866/ RFI /wp-content/plugins/mailz/lists/config/config.php?wpabspath=XXpathXX Wordpress Mailing List Plugin < 1.4.1 Arbitrary file download http://www.exploit-db.com/exploits/18276/ UNKNOWN Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File Inclusion http://www.exploit-db.com/exploits/17867/ RFI /wp-content/plugins/g-web-shop/fws/ajax/init.inc.php?wpabspath=XXpathXX Wordpress Zingiri Web Shop Plugin <= 2.2.3 Remote Code Execution http://www.exploit-db.com/exploits/18111/ RCE Wordpress Mini Mail Dashboard Widget Plugin 1.36 Remote File Inclusion http://www.exploit-db.com/exploits/17868/ RFI Wordpress Relocate Upload Plugin 0.14 Remote File Inclusion http://www.exploit-db.com/exploits/17869/ RFI /wp-content/plugins/relocate-upload/relocate-upload.php?ru_folder=asdf&abspath=XXpathXX Category Grid View Gallery Wordpress plugin 0.1.1 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Auto Attachments Wordpress plugin 0.2.9 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD WP Marketplace Wordpress plugin 1.1.0 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD DP Thumbnail Wordpress plugin 1.0 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Vk Gallery Wordpress plugin 1.1.0 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Rekt Slideshow Wordpress plugin 1.0.5 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD CAC Featured Content Wordpress plugin 0.8 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Rent A Car Wordpress plugin 1.0 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD LISL Last Image Slider Wordpress plugin 1.0 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Islidex Wordpress plugin 2.7 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Kino Gallery Wordpress plugin 1.0 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Cms Pack Wordpress plugin 1.3 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD A Gallery Wordpress plugin 0.9 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Category List Portfolio Page Wordpress plugin 0.9 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Really Easy Slider Wordpress plugin 0.1 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Verve Meta Boxes Wordpress plugin 1.2.8 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD User Avatar Wordpress plugin 1.3.7 shell upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD Extend Wordpress Wordpress plugin 1.3.7 Shell Upload vulnerability http://www.exploit-db.com/exploits/17872/ UPLOAD WordPress AdRotate plugin <= 3.6.5 SQL Injection Vulnerability http://unconciousmind.blogspot.com/2011/09/wordpress-adrotate-plugin-365-sql.html SQLI WordPress AdRotate plugin <= 3.6.6 SQL Injection Vulnerability http://www.exploit-db.com/exploits/18114/ SQLI WP-SpamFree 3.2.1 WordPress Spam Plugin SQL Injection Vulnerability http://www.exploit-db.com/exploits/17970/ SQLI WordPress GD Star Rating plugin <= 1.9.10 SQL Injection http://www.exploit-db.com/exploits/17973/ SQLI WordPress GD Star Rating plugin <= 1.9.16 Cross Site Scripting http://www.packetstormsecurity.org/files/112702 SQLI WordPress Contact Form plugin <= 2.7.5 SQL Injection http://www.exploit-db.com/exploits/17980/ SQLI WP Photo Album Plus <= 4.1.1 SQL Injection http://www.exploit-db.com/exploits/17983/ SQLI WordPress BackWPUp Plugin 2.1.4 Code Execution http://www.exploit-db.com/exploits/17987/ RCE Wordpress plugin BackWPup 1.5.2, 1.6.1, 1.7.1 Remote and Local Code Execution Vulnerability http://osvdb.org/show/osvdb/71481 RCE