| #101 | Advanced Form Integration — Connect Forms to 200+ Apps | 22 | 5,771 | 4,678 | 10k+ | | wp function not compatible with requires wp |
| #102 | Ajax Load More – Infinite Scroll, Load More, & Lazy Load | 22 | 641 | 595 | 40k+ | | Unsafe printing function |
| #103 | All-in-One Video Gallery | 22 | 911 | 2,892 | 20k+ | | Non-prefixed global variable |
| #104 | Booking for Appointments and Events Calendar – Amelia | 22 | 1,489 | 480 | 90k+ | | Exception output is not escaped |
| #105 | Shortcodes and extra features for Phlox theme | 22 | 413 | 426 | 90k+ | | Output is not escaped |
| #106 | Knowledge Base documentation & wiki plugin – BasePress Docs | 22 | 671 | 1,767 | 2k+ | | Non-prefixed global variable |
| #107 | Better Messages – Chat Rooms, Group Chat, Private Messages & AI Chat Bots | 22 | 1,604 | 2,019 | 10k+ | | Direct Query |
| #108 | BuddyPress | 22 | 583 | 9,008 | 100k+ | | Non-prefixed function |
| #109 | Captcha by BestWebSoft – Advanced Spam Protection, Math & OCR-Friendly Captcha for Site Forms | 22 | 493 | 295 | 10k+ | | Text Domain Mismatch |
| #110 | Divi Carousel Lite – 17+ Carousel Module | 22 | 967 | 1,275 | 10k+ | | Non-prefixed global variable |
| #111 | Cleanup Action Scheduler | 22 | 545 | 1,306 | 1k+ | | Non-prefixed global variable |
| #112 | Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer | 22 | 2,858 | 1,270 | 50k+ | | Text Domain Mismatch |
| #113 | Passster – Password Protect Pages and Content | 22 | 539 | 1,419 | 10k+ | | Non-prefixed global variable |
| #114 | Cozy Blocks – Page Builder for Gutenberg Editor & FSE with 500+ Patterns, 57 Blocks & Templates | 22 | 2,167 | 4,175 | 7k+ | | Non-prefixed global variable |
| #115 | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | 22 | 3,654 | 5,061 | 8k+ | | Non-prefixed global variable |
| #116 | Data Tables Generator by Supsystic | 22 | 156 | 144 | 10k+ | | Exception output is not escaped |
| #117 | Directorist: AI-Powered Business Directory, Listings & Classified Ads | 22 | 443 | 2,129 | 20k+ | | Non-prefixed global variable |
| #118 | Download Manager | 22 | 2,290 | 1,301 | 100k+ | | Output is not escaped |
| #119 | Dynamic QR Code – generator | 22 | 238 | 208 | 6k+ | | Missing direct file access protection |
| #120 | E2Pdf – Export Pdf Tool for WordPress | 22 | 1,075 | 836 | 10k+ | | Unsafe printing function |
| #121 | Easy Social Feed – Social Photos Gallery and Post Feed for WordPress | 22 | 1,567 | 1,277 | 30k+ | | Non-prefixed global variable |
| #122 | EleSpare – News, Magazine and Blog Addons for Elementor | 22 | 733 | 1,423 | 10k+ | | Non-prefixed global variable |
| #123 | Estatik Real Estate Plugin | 22 | 3,049 | 325 | 10k+ | | Text Domain Mismatch |
| #124 | Events Manager – Calendar, Bookings, Tickets, and more! | 22 | 4,722 | 5,621 | 70k+ | | Output is not escaped |
| #125 | Falang multilanguage for WordPress | 22 | 716 | 769 | 1k+ | | Output is not escaped |
| #126 | Finale Lite – Sales Countdown Timer & Discount for WooCommerce | 22 | 1,031 | 451 | 4k+ | | Output is not escaped |
| #127 | FireBox Popups – Increase Sales and Grow Your Email List | 22 | 153 | 812 | 7k+ | | Non-prefixed global variable |
| #128 | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | 22 | 409 | 236 | 700k+ | | Text Domain Mismatch |
| #129 | Notification Bar, Announcement and Cookie Notice WordPress Plugin – FooBar | 22 | 1,321 | 1,371 | 3k+ | | Non-prefixed global variable |
| #130 | Five Star Restaurant Menu and Food Ordering | 22 | 752 | 609 | 5k+ | | Output is not escaped |
| #131 | FunnelKit Payment Gateway for Stripe WooCommerce | 22 | 244 | 321 | 20k+ | | Input is not sanitized |
| #132 | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | 22 | 4,462 | 3,972 | 10k+ | | Output is not escaped |
| #133 | Anti-Malware Security and Brute-Force Firewall | 22 | 544 | 965 | 100k+ | | Output is not escaped |
| #134 | Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms | 22 | 1,037 | 722 | 20k+ | | Unsafe printing function |
| #135 | Csomagpontok és Címkék WooCommerce-hez | 22 | 2,001 | 769 | 7k+ | | Text Domain Mismatch |
| #136 | IMPress for IDX Broker | 22 | 1,085 | 636 | 7k+ | | Text Domain Mismatch |
| #137 | Insert or Embed Articulate Content into WordPress | 22 | 659 | 1,437 | 2k+ | | Non-prefixed global variable |
| #138 | InfiniteWP Client | 22 | 2,286 | 1,812 | 200k+ | | Exception output is not escaped |
| #139 | Import WP – Export and Import CSV and XML files to WordPress | 22 | 580 | 330 | 4k+ | | Exception output is not escaped |
| #140 | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | 22 | 2,361 | 3,384 | 70k+ | | Non-prefixed global variable |
| #141 | Leyka | 22 | 253 | 3,445 | 2k+ | | Request data is not unslashed |
| #142 | Custom Login Page Customizer – Login Designer | 22 | 588 | 1,455 | 30k+ | | Non-prefixed global variable |
| #143 | MailOptin – Popup, Optin Forms & Email Newsletters for Mailchimp, HubSpot, AWeber Etc. | 22 | 2,619 | 2,453 | 10k+ | | Output is not escaped |
| #144 | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | 22 | 207 | 323 | 500k+ | | Non-prefixed global variable |
| #145 | Modula Image Gallery – Photo Grid & Video Gallery | 22 | 474 | 436 | 100k+ | | Text Domain Mismatch |
| #146 | Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress | 22 | 919 | 1,230 | 10k+ | | Output is not escaped |
| #147 | Moloni | 22 | 902 | 356 | 2k+ | | Missing Arg Domain |
| #148 | Motors – Car Dealership & Classified Listings Plugin | 22 | 5,340 | 5,958 | 9k+ | | Text Domain Mismatch |
| #149 | Newsletters | 22 | 2,968 | 2,248 | 2k+ | | Text Domain Mismatch |
| #150 | WP OAuth Server (OAuth Authentication) | 22 | 189 | 347 | 3k+ | | Non-prefixed function |
