Vulnerable Extensions

This category lists vulnerable extensions for which no patch is known to exists. You are recommended to uninstall any listed here from your site. Patched extensions are moved to the Resolved category.

List of articles in category Vulnerable Extensions
Title	Published Date
Admiror Gallery, , XSS (Cross Site Scripting)	25 July 2023
one vote, 1.7, XSS (Cross Site Scripting)	27 June 2023
JKassa, 2.0.0, SQL Injection	19 October 2022
YooRecipe, All, SQL Injection	30 March 2021
publisher, 3.0.19, XSS (Cross Site Scripting)	07 November 2020
paGO Commerce, 2.5.9.0, SQL Injection	27 October 2020
Social Chat, 1.5 and Below, SQL Injection Iacopo Guarneri	20 September 2020
hwdplayer,4.2,SQL Injection	09 April 2020
Rapicode, Multiple Extensions, Back Door	30 March 2018
Google Map Landkarten,4.2.3,SQL Injection	15 March 2018

Page 2 of 24