freewvsdb/plugins.json
e1127d74
 [
   {
     "name": "Serendipity-mycalendar",
     "url": "https://s9y.org",
     "safe": "0.13",
     "vuln": "CVE-2007-6390",
     "detection": [
       {
         "file": "serendipity_event_mycalendar.php",
         "variable": "$propbag->add('version'",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Serendipity-freetag",
     "url": "https://s9y.org",
     "safe": "3.69",
     "vuln": "https://github.com/s9y/additional_plugins/commit/3edecdb7eccc24e0d5c63a3d5702dba54599bda3",
     "detection": [
       {
         "file": "serendipity_event_freetag.php",
         "variable": "$propbag->add('version'",
         "subdir": 0
       }
     ]
   },
   {
     "name": "SquirrelMail-gpg",
     "url": "https://squirrelmail.org/plugin_view.php?id=153",
     "safe": "2.1",
     "vuln": "CVE-2007-3779",
     "detection": [
       {
         "file": "gpg_pref_functions.php",
         "variable": "$GPG_VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Drupal-Views",
     "url": "https://www.drupal.org/project/views",
     "safe": "2.13",
     "vuln": "CVE-2011-4113",
     "detection": [
       {
         "file": "views.info",
         "variable": "version = \"6.x",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-timthumb",
     "url": "https://github.com/GabrielGil/TimThumb",
     "safe": "2.8.14",
     "vuln": "CVE-2014-4663",
     "detection": [
       {
         "file": "timthumb.php",
         "variable": "('VERSION',",
         "subdir": 0,
         "extra_match": "TimThumb"
       }
     ]
   },
   {
     "name": "Wordpress-timthumb-renamed",
     "url": "https://github.com/GabrielGil/TimThumb",
     "safe": "2.8.14",
     "vuln": "CVE-2014-4663",
     "detection": [
       {
         "file": "thumb.php",
         "variable": "('VERSION',",
         "subdir": 0,
         "extra_match": "TimThumb"
       }
     ]
   },
   {
     "name": "Joomla-JCE",
     "url": "https://www.joomlacontenteditor.net/",
     "safe": "2.1",
     "vuln": "CVE-2012-2902",
     "detection": [
       {
         "file": "editor.php",
         "variable": "$_version",
         "subdir": 3,
         "extra_match": "JCE class"
       }
     ]
   },
   {
     "name": "WP Super Cache",
     "url": "https://wordpress.org/plugins/wp-super-cache/",
     "safe": "1.6.9",
     "vuln": "https://odd.blog/2019/07/25/wp-super-cache-1-6-9-security-update/",
     "latest": "1.7.0",
     "detection": [
       {
         "file": "wp-cache.php",
         "variable": "Version:",
         "subdir": 0,
         "extra_match": "Plugin Name: WP Super Cache"
       }
     ]
   },
   {
     "name": "W3 Total Cache",
     "url": "https://wordpress.org/plugins/w3-total-cache/",
     "safe": "0.9.7.4",
     "vuln": "https://www.cybersecurity-help.cz/vdb/SB2019050701",
     "detection": [
       {
         "file": "w3-total-cache.php",
         "variable": "Version:",
         "subdir": 0,
         "extra_match": "Plugin Name: W3 Total Cache"
       }
     ]
   },
   {
     "name": "phpThumb",
     "url": "http://phpthumb.sourceforge.net/",
     "safe": "1.7.10",
     "vuln": "CVE-2010-1598",
     "detection": [
       {
         "file": "phpthumb.class.php",
         "variable": "$phpthumb_version",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-Jetpack",
     "url": "https://jetpack.com/",
     "safe": "7.9.1",
     "vuln": "https://jetpack.com/2019/11/19/jetpack-7-9-1-maintenance-security/",
     "detection": [
       {
         "file": "jetpack.php",
         "variable": "JETPACK__VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-MailPoet",
     "url": "https://www.mailpoet.com/",
     "safe": "2.6.8",
     "vuln": "CVE-2014-4726",
     "detection": [
       {
         "file": "base.php",
         "variable": "static $version",
         "subdir": 0,
         "extra_match": "WYSIJA_object"
       }
     ]
   },
   {
     "name": "Wordpress-CustomContact",
     "url": "https://wordpress.org/plugins/custom-contact-forms/",
     "safe": "5.1.0.4",
6b04adb7
     "vuln": "https://blog.sucuri.net/2014/08/database-takeover-in-custom-contact-forms.html",
e1127d74
     "detection": [
       {
         "file": "custom-contact-forms.php",
         "variable": "Version",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-SliderRevolution",
     "url": "https://revolution.themepunch.com/",
     "safe": "4.2.3",
     "vuln": "CVE-2015-5151",
     "note": "unclear about exact version",
     "detection": [
       {
         "file": "revslider.php",
         "variable": "$revSliderVersion",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-NextGEN",
     "url": "https://wordpress.org/plugins/nextgen-gallery/",
     "safe": "3.2.11",
     "vuln": "CVE-2019-14314",
     "detection": [
       {
         "file": "nggallery.php",
         "variable": "NGG_PLUGIN_VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-Akismet",
     "url": "https://wordpress.org/plugins/akismet/",
     "safe": "3.1.5",
     "vuln": "CVE-2015-9357",
     "detection": [
       {
         "file": "akismet.php",
         "variable": "AKISMET_VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-AllInOneSEO",
     "url": "https://semperplugins.com/all-in-one-seo-pack-changelog/",
     "safe": "3.2.7",
     "vuln": "CVE-2019-16520",
     "detection": [
       {
         "file": "all_in_one_seo_pack.php",
         "variable": "define( 'AIOSEOP_VERSION'",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-DownloadManager",
     "url": "https://wordpress.org/plugins/download-manager/",
6b04adb7
     "safe": "2.9.61",
     "vuln": "https://www.exploit-db.com/exploits/43487",
e1127d74
     "detection": [
       {
         "file": "download-manager.php",
         "variable": "define('WPDM_Version'",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-Fancybox",
     "url": "https://wordpress.org/plugins/fancybox-for-wordpress/",
     "safe": "3.0.4",
     "vuln": "CVE-2015-1494",
     "detection": [
       {
         "file": "fancybox.php",
         "variable": "FBFW_VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Joomla-Googlemaps",
     "url": "http://joomlacode.org/gf/project/mambot_google1/",
     "safe": "3.1",
6b04adb7
     "vuln": "CVE-2013-7428",
e1127d74
     "detection": [
       {
         "file": "plugin_googlemap3.perm",
         "variable": "<version>",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-SEObyYoast",
     "url": "https://wordpress.org/plugins/wordpress-seo/",
     "safe": "11.6.0",
     "vuln": "CVE-2019-13478",
     "detection": [
       {
         "file": "wp-seo-main.php",
         "variable": "WPSEO_VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-GoogleAnalyticsbyMonsterInsights",
     "url": "https://wordpress.org/plugins/google-analytics-for-wordpress/changelog/",
a1f8265c
     "safe": "7.2.0",
     "vuln": "https://wpvulndb.com/vulnerabilities/9157/",
e1127d74
     "detection": [
       {
         "file": "googleanalytics.php",
         "variable": "GAWP_VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-Captcha",
     "url": "https://wordpress.org/plugins/captcha/",
     "safe": "4.4.5",
     "vuln": "https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/",
     "detection": [
       {
         "file": "captcha.php",
         "variable": "Version:",
         "subdir": 0
       }
     ]
a1f8265c
   },
   {
     "name": "Wordpress-ContactForm7",
     "url": "https://contactform7.com/",
     "safe": "5.0.4",
     "vuln": "CVE-2018-20152",
     "detection": [
       {
         "file": "wp-contact-form-7.php",
         "variable": "WPCF7_VERSION",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-ACF",
     "url": "https://www.advancedcustomfields.com/",
     "safe": "5.7.12",
     "vuln": "https://wpvulndb.com/vulnerabilities/9347",
     "detection": [
       {
         "file": "acf.php",
ca9c7a6b
         "variable": "Version:",
a1f8265c
         "extra_match": "Advanced Custom Fields",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-Updraftplus",
     "url": "https://updraftplus.com/",
     "safe": "1.13.5",
     "vuln": "CVE-2017-18593",
     "detection": [
       {
         "file": "updraftplus.php",
         "variable": "Version:",
         "subdir": 0
       }
     ]
   },
   {
     "name": "Wordpress-GoogleXMLSitemaps",
0c5ab179
     "url": "https://wordpress.org/plugins/google-sitemap-generator/",
a1f8265c
     "safe": "4.1.0",
     "vuln": "CVE-2018-16204",
     "detection": [
       {
         "file": "sitemap.php",
         "variable": "Version:",
         "extra_match": "Google XML Sitemaps Generator for WordPress",
         "subdir": 0
       }
     ]
afac593b
   },
   {
     "name": "Wordpress-DuplicatePost",
     "url": "https://wordpress.org/plugins/duplicate-post/",
     "safe": "3.2.4",
     "vuln": "https://packetstormsecurity.com/files/154622/Duplicate-Post-3.2.3-Cross-Site-Scripting.html",
     "detection": [
       {
         "file": "duplicate-post.php",
         "variable": "DUPLICATE_POST_CURRENT_VERSION",
         "subdir": 0
       }
     ]
ab4d1dc2
   },
   {
     "name": "Wordpress-ThemegrillDemoImporter",
     "url": "https://wordpress.org/plugins/themegrill-demo-importer/",
     "safe": "1.6.3",
     "vuln": "https://www.openwall.com/lists/oss-security/2020/02/19/1",
     "detection": [
       {
         "file": "class-themegrill-demo-importer.php",
         "variable": "$version",
         "subdir": 1
       }
     ]
db5a21e0
   },
   {
     "name": "Wordpress-WooCommerce",
     "url": "https://woocommerce.com/",
     "safe": "3.9.2",
     "vuln": "https://woocommerce.wordpress.com/2020/02/13/woocommerce-3-9-2-security-release/",
     "detection": [
       {
         "file": "woocommerce.php",
         "variable": "Version:",
         "subdir": 0
       }
     ]
33bd2d15
   },
   {
     "name": "Wordpress-AllinoneWPMigration",
     "url": "https://wordpress.org/plugins/all-in-one-wp-migration/",
     "safe": "7.15",
     "vuln": "https://vavkamil.cz/2020/03/25/all-in-one-wp-migration/",
     "detection": [
       {
         "file": "constants.php",
         "variable": "AI1WM_VERSION",
         "subdir": 0
       }
     ]
06104f04
   },
   {
     "name": "Wordpress-SEO-by-Rank-Math",
     "url": "https://rankmath.com/",
     "safe": "1.0.41",
     "vuln": "https://www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin/",
     "detection": [
       {
         "file": "rank-math.php",
         "variable": "$version",
         "subdir": 0
       }
     ]
eeb36a3e
   },
   {
     "name": "bbPress",
     "url": "https://bbpress.org/",
     "safe": "2.6.5",
     "vuln": "CVE-2020-13693",
     "detection": [
       {
         "file": "bbpress.php",
         "variable": "$this->version",
         "subdir": 0
       }
     ]
e1127d74
   }
 ]