Pricing
Case studies
Login
Start trial
ch4r0n
1,130.28
XP
86
Reports
1
Reports, last 90 days
#36
3 Apr, 2026
Lvl 4
0
0
0
0
Website
X
GitHub
Sort by
Priority
Severity
Exploited
Search
Clear
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Popup box
<= 5.5.4
Cross Site Request Forgery (CSRF)
7.95
5.3
16/07/2025
Image Hover Effects – Elementor Addon
<= 1.4.4
Broken Access Control
N/A
5.3
18/07/2025
AfterShip Tracking
<= 1.17.17
Broken Access Control
10.6
5.3
15/07/2025
Premium Age Verification / Restriction for WordPress
<= 3.0.2
Arbitrary File Download
33.75
7.5
27/06/2025
Pro Bulk Watermark Plugin for WordPress
<= 2.0
Path Traversal
3.23
4.3
26/06/2025
Templately
<= 3.2.7
Sensitive Data Exposure
14.7
4.9
24/06/2025
Captcha.eu
<= 1.0.61
Server Side Request Forgery (SSRF)
N/A
5.4
13/05/2025
Thank You Page Customizer for WooCommerce
<= 1.1.7
Broken Access Control
6.5
6.5
23/04/2025
Premium Age Verification / Restriction for WordPress
<= 3.0.2
SQL Injection
12.75
8.5
26/06/2025
The E-Commerce ERP
<= 2.1.1.3
Broken Access Control
10.95
7.3
21/05/2025
Maya Business
<= 1.2.0
Insecure Direct Object References (IDOR)
15
7.5
25/04/2025
URL Shortener
<= 3.0.7
Broken Access Control
12.9
8.6
02/06/2025
URL Shortener
<= 3.0.7
SQL Injection
27.9
9.3
02/06/2025
The E-Commerce ERP
<= 2.1.1.3
Privilege Escalation
44.1
9.8
21/05/2025
URL Shortener
<= 3.0.7
PHP Object Injection
29.4
9.8
02/06/2025
Wishlist for WooCommerce
<= 3.2.3
Broken Access Control
13
6.5
09/05/2025
Profiler - What Slowing Down Your WP
<= 1.0.0
Broken Access Control
9.75
6.5
23/05/2025
Multi-language Responsive Contact Form
<= 2.8
Broken Access Control
15
7.5
26/04/2025
Gallery Widget
<= 1.2.1
SQL Injection
9.56
8.5
02/06/2025
Contact Us page - Contact people LITE
<= 3.7.4
SQL Injection
9.56
8.5
02/06/2025
URL Shortener
<= 3.0.7
Server Side Request Forgery (SSRF)
8.1
5.4
02/06/2025
bSecure – Your Universal Checkout
<= 1.7.9
SQL Injection
18.6
9.3
08/05/2025
NGG Smart Image Search
<= 3.4.1
SQL Injection
27.9
9.3
19/05/2025
MobiLoud
<= 4.6.6
Broken Access Control
6.08
8.1
15/05/2025
iCount Payment Gateway
<= 2.0.7
Broken Access Control
7.95
5.3
20/05/2025
Spreadconnect
<= 2.1.5
Broken Access Control
4.05
5.4
27/05/2025
HurryTimer
<= 2.13.1
Broken Access Control
10.6
5.3
28/05/2025
GG Bought Together for WooCommerce
<= 1.0.2
SQL Injection
37.2
9.3
27/04/2025
Image Shadow
<= 1.1.0
Arbitrary File Deletion
23.1
7.7
29/04/2025
Selling Commander for WooCommerce
<= 1.2.46
Privilege Escalation
29.4
9.8
20/05/2025
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes
<= 1.0.10
Broken Access Control
3.23
4.3
21/05/2025
Auto Upload Images
<= 3.3.2
Server Side Request Forgery (SSRF)
7.35
4.9
28/04/2025
CRM ERP Business Solution
<= 1.13
Broken Access Control
N/A
5.3
13/05/2025
Zapier for WordPress
<= 1.5.2
Broken Access Control
16.2
5.4
26/04/2025
DELUCKS SEO
<= 2.5.9
Broken Access Control
12.19
5.3
20/05/2025
Widget Logic
<= 6.0.5
Remote Code Execution (RCE)
89.1
9.9
28/04/2025
TicketBAI Facturas para WooCommerce
<= 3.45
Broken Access Control
N/A
5.4
29/04/2025
bbPress API
<= 1.0.14
Broken Access Control
N/A
5.3
29/04/2025
Responsive Flipbooks
<= 1.0
Broken Access Control
N/A
5.4
23/04/2025
No Spam At All
<= 1.3
Broken Access Control
N/A
5.4
23/04/2025
Viral Loops WP Integration
<= 3.8.1
Broken Access Control
N/A
4.3
26/04/2025
Viral Loops WP Integration
<= 3.8.1
Broken Access Control
N/A
5.3
26/04/2025
Payment QR WooCommerce
<= 1.1.6
Broken Access Control
10.6
5.3
23/04/2025
FraudLabs Pro for WooCommerce
<= 2.22.11
Broken Access Control
7.95
5.3
27/05/2025
Icegram Collect
<= 1.3.18
Broken Access Control
7.1
7.1
21/04/2025
Multi CryptoCurrency Payments
<= 2.0.7
SQL Injection
37.2
9.3
17/04/2025
Recover abandoned cart for WooCommerce
<= 2.5
SQL Injection
37.2
9.3
05/04/2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
SQL Injection
37.2
9.3
14/04/2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
Arbitrary File Download
22.5
7.5
14/04/2025
CryptoCloud - Crypto Payment Gateway
<= 2.1.2
Broken Access Control
13
6.5
18/04/2025
StyleAI
<= 1.0.4
Broken Access Control
13
6.5
16/04/2025
MetalpriceAPI
<= 1.1.4
Remote Code Execution (RCE)
N/A
9.9
17/04/2025
TableOn
<= 1.0.5.1
Content Injection
24.5
7.1
22/04/2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
Remote Code Execution (RCE)
60
10
14/04/2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light
<= 2.4.37
Privilege Escalation
58.8
9.8
14/04/2025
Embed and Integrate Etsy Shop
<= 1.0.8
Broken Access Control
N/A
5.3
20/04/2025
Bot for Telegram on WooCommerce
<= 1.2.6
Broken Access Control
N/A
4.3
26/04/2025
Bux Woocommerce
<= 1.2.3
Broken Access Control
13
6.5
18/04/2025
Sharespine Woocommerce Connector
<= 4.7.55
Broken Access Control
3.23
4.3
14/04/2025
Push notification for Mobile and Web app
<= 2.0.3
Broken Access Control
13
6.5
14/04/2025
ValidateCertify
<= 1.6.4
Cross Site Request Forgery (CSRF)
2.15
4.3
11/04/2025
Experto CTA Widget – Call To Action, Sticky CTA, Floating Button Plugin
<= 1.1.1
Settings Change
13
6.5
29/04/2025
Awin – Advertiser Tracking for WooCommerce
<= 2.0.0
Cross Site Request Forgery (CSRF)
2.15
4.3
01/04/2025
Calculate Prices based on Distance For WooCommerce
<= 1.3.5
Broken Access Control
N/A
5.4
07/04/2025
WP Podcasts Manager
<= 1.3
Cross Site Request Forgery (CSRF)
N/A
4.3
08/04/2025
Soccer Live Scores
<= 1.0.5
Cross Site Request Forgery (CSRF)
N/A
4.3
08/04/2025
Ovation Elements
<= 1.1.2
Broken Access Control
4.3
4.3
23/04/2025
GS Variation Swatches for WooCommerce
<= 3.0.4
Broken Access Control
N/A
5.4
07/04/2025
Crossword Compiler Puzzles
<= 14.5
Cross Site Scripting (XSS)
6.5
6.5
09/04/2025
Web3Press
<= 3.2.0
Arbitrary File Download
7.31
6.5
14/04/2025
Custom PC Builder Lite for WooCommerce
<= 1.0.1
Settings Change
13
6.5
20/04/2025
WP AVCL Automation Helper (formerly WPFlyLeads)
<= 3.4
Server Side Request Forgery (SSRF)
4.9
4.9
15/04/2025
Media Library Downloader
<= 1.3.1
Broken Access Control
4.3
4.3
13/04/2025
BeerXML Shortcode
<= 0.7.1
Server Side Request Forgery (SSRF)
N/A
6.4
13/04/2025
Simple Google Photos Grid
<= 1.5
Server Side Request Forgery (SSRF)
3.68
4.9
11/04/2025
Bulk Assign Linked Products For WooCommerce
<= 2.1
Broken Access Control
N/A
5.3
07/04/2025
CM Answers
<= 3.3.3
Cross Site Request Forgery (CSRF)
N/A
4.3
09/04/2025
CM Ad Changer
<= 2.0.5
Cross Site Request Forgery (CSRF)
N/A
4.3
08/04/2025
Advanced Linked Variations for Woocommerce
<= 1.0.3
Broken Access Control
N/A
5.3
05/04/2025
Recover abandoned cart for WooCommerce
<= 2.2
Cross Site Request Forgery (CSRF)
N/A
4.3
05/04/2025
Theme Changer
<= 1.4
Cross Site Request Forgery (CSRF)
N/A
4.3
02/04/2025
wpLike2Get
<= 1.2.9
Sensitive Data Exposure
N/A
5.3
02/04/2025
BP Email Assign Templates
<= 1.6
Cross Site Scripting (XSS)
N/A
5.9
26/02/2025
BP Email Assign Templates
<= 1.7
Other Vulnerability Type
N/A
6.5
26/02/2025
Report vulnerabilities to earn bounties and rewards!
Read more
Include pending
Back to top