Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

PickPlugins — Vulnerabilities & Security Advisories 69

Browse all 69 CVE security advisories affecting PickPlugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by PickPlugins:Post GridJob Board ManagerPost Grid and Gutenberg BlocksWishlistAccordionQuestion AnswerTestimonial SliderProduct DesignerMail PickerProduct Slider for WooCommercePickPlugins Product Designer for WooCommerceTeam ShowcasePost Grid and Gutenberg Blocks – ComboBlocksUser VerificationPickPlugins Pricing TableRelated Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPluginsUser Verification by PickPluginsRelated Posts By PickPluginsComboBlocksTabs & AccordionAccordionsUser profileRelated PostPost Grid Combo – 36+ Gutenberg BlocksPickPlugins Product Slider for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2026-32497 WordPress User Verification plugin <= 2.0.45 - Email Verification Bypass vulnerability — User VerificationCWE-1390 9.8 -2026-03-25
CVE-2026-25455 WordPress Product Slider for WooCommerce plugin <= 1.13.61 - Broken Access Control vulnerability — Product Slider for WooCommerceCWE-862 6.5 Medium2026-03-25
CVE-2025-68000 WordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerability — Testimonial SliderCWE-862 6.5 Medium2026-02-20
CVE-2025-68605 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability — Post Grid and Gutenberg BlocksCWE-79 6.5 Medium2025-12-24
CVE-2025-63043 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Insecure Direct Object References (IDOR) vulnerability — Post Grid and Gutenberg BlocksCWE-639 5.3 Medium2025-12-18
CVE-2025-66058 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.17 - Broken Access Control vulnerability — Post Grid and Gutenberg BlocksCWE-862 6.5 Medium2025-12-18
CVE-2025-12374 Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – User Verification <= 2.0.44 - Authentication Bypass to Account Takeover — User Verification by PickPluginsCWE-287 9.8 Critical2025-12-05
CVE-2025-62929 WordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerability — Testimonial SliderCWE-862 6.5 Medium2025-10-27
CVE-2025-62924 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.17 - Broken Access Control vulnerability — Post Grid and Gutenberg BlocksCWE-862 6.5 Medium2025-10-27
CVE-2025-53421 WordPress Accordion plugin <= 2.3.14 - Broken Access Control vulnerability — AccordionCWE-862 6.5 Medium2025-10-22
CVE-2025-60162 WordPress Job Board Manager Plugin <= 2.1.61 - Cross Site Scripting (XSS) Vulnerability — Job Board ManagerCWE-79 6.5 Medium2025-09-26
CVE-2025-58678 WordPress Accordion Plugin <= 2.3.15 - Broken Access Control Vulnerability — AccordionCWE-862 6.5 Medium2025-09-22
CVE-2025-58827 WordPress Job Board Manager Plugin <= 2.1.61 - Content Injection Vulnerability — Job Board ManagerCWE-94 3.8 Low2025-09-05
CVE-2025-54007 WordPress Post Grid and Gutenberg Blocks Plugin <= 2.3.11 - PHP Object Injection Vulnerability — Post Grid and Gutenberg BlocksCWE-502 8.8 High2025-08-20
CVE-2025-49324 WordPress Job Board Manager plugin <= 2.1.60 - Broken Access Control Vulnerability — Job Board ManagerCWE-862 5.3 Medium2025-06-06
CVE-2025-49075 WordPress Wishlist plugin <= 1.0.43 - Cross Site Scripting (XSS) vulnerability — WishlistCWE-79 6.5 Medium2025-06-06
CVE-2025-24655 WordPress Wishlist Plugin <= 1.0.39 - Reflected Cross Site Scripting (XSS) vulnerability — WishlistCWE-79 7.1 High2025-04-17
CVE-2025-32646 WordPress Question Answer plugin <= 1.2.70 - Reflected Cross Site Scripting (XSS) vulnerability — Question AnswerCWE-79 7.1 High2025-04-17
CVE-2025-32647 WordPress Question Answer plugin <= 1.2.73 - PHP Object Injection vulnerability — Question AnswerCWE-502 8.8 High2025-04-17
CVE-2025-32618 WordPress Wishlist plugin <= 1.0.46 - SQL Injection vulnerability — WishlistCWE-89 8.5 High2025-04-11
CVE-2025-32144 WordPress Job Board Manager Plugin <= 2.1.61 - PHP Object Injection vulnerability — Job Board ManagerCWE-502 8.8 High2025-04-11
CVE-2025-32143 WordPress Accordion plugin <= 2.3.11 - PHP Object Injection vulnerability — AccordionCWE-502 8.8 High2025-04-11
CVE-2025-32272 WordPress Wishlist plugin <= 1.0.46 - Cross Site Request Forgery (CSRF) vulnerability — WishlistCWE-352 4.3 Medium2025-04-04
CVE-2025-30889 WordPress Testimonial Slider plugin <= 2.0.13 - PHP Object Injection vulnerability — Testimonial SliderCWE-502 8.8 High2025-04-03
CVE-2025-31862 WordPress Job Board Manager Plugin <= 2.1.61 - Broken Access Control vulnerability — Job Board ManagerCWE-862 5.3 Medium2025-04-01
CVE-2025-31810 WordPress Question Answer plugin <= 1.2.73 - Broken Access Control vulnerability — Question AnswerCWE-862 5.3 Medium2025-04-01
CVE-2024-12634 Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins <= 2.0.59 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPluginsCWE-352 6.1 Medium2025-03-07
CVE-2024-12809 Wishlist <= 1.0.43 - Authenticated (Contributor+) Stored Cross-Site Scripting — WishlistCWE-79 6.4 Medium2025-03-07
CVE-2024-13469 Pricing Table by PickPlugins <= 1.12.10 - Authenticated (Contributor+) Stored Cross-Site Scripting — PickPlugins Pricing TableCWE-79 6.4 Medium2025-02-28
CVE-2024-13796 Post Grid and Gutenberg Blocks – ComboBlocks <= 2.3.6 - Unauthenticated User Information Exposure — Post GridCWE-200 5.3 Medium2025-02-28

This page lists every published CVE security advisory associated with PickPlugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.