| #451 | LatePoint – Calendar Booking Plugin for Appointments and Events | 24 | 1,841 | 937 | 100k+ | | | Output is not escaped |
| #452 | LearnPress – Backup & Migration Tool | 24 | 385 | 469 | 5k+ | | | Output is not escaped |
| #453 | LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes | 24 | 414 | 1,176 | 10k+ | | | Non-prefixed global variable |
| #454 | Limit Attempts by BestWebSoft – WordPress Anti-Bot and Security Plugin for Login and Forms | 24 | 563 | 548 | 4k+ | | | Text Domain Mismatch |
| #455 | Local Delivery Drivers for WooCommerce | 24 | 1,832 | 1,483 | 900 | | | Non-prefixed global variable |
| #456 | Event Booking Manager for WooCommerce | 24 | 968 | 2,122 | 7k+ | | | Non-prefixed global variable |
| #457 | Mailchimp for WooCommerce | 24 | 523 | 663 | 200k+ | | | Non-prefixed global variable |
| #458 | MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails | 24 | 772 | 3,853 | 1k+ | | | Direct Query |
| #459 | Mailjet Email Marketing | 24 | 435 | 206 | 10k+ | | | Unsafe printing function |
| #460 | Mang Board WP | 24 | 1,249 | 4,720 | 9k+ | | | Non-prefixed global variable |
| #461 | Media Library Folders | 24 | 889 | 807 | 10k+ | | | Text Domain Mismatch |
| #462 | Timetable and Event Schedule by MotoPress | 24 | 456 | 232 | 30k+ | | | Output is not escaped |
| #463 | MxChat – AI Chatbot & Content Generation for WordPress | 24 | 3,157 | 1,385 | 2k+ | | | Text Domain Mismatch |
| #464 | My WP Customize Admin/Frontend | 24 | 1,249 | 292 | 8k+ | | | Unsafe printing function |
| #465 | My Agile Privacy® – CMP, Cookie Consent & Privacy Tools | 24 | 1,170 | 674 | 7k+ | | | Text Domain Mismatch |
| #466 | Newsletter – Send awesome emails from WordPress | 24 | 898 | 2,214 | 200k+ | | | Non-prefixed global variable |
| #467 | Newsletter Subscription Form – User Subscriptions Form, Capture Email | 24 | 385 | 829 | 1k+ | | | Non-prefixed global variable |
| #468 | NEX-Forms – Ultimate Forms Plugin for WordPress | 24 | 2,008 | 1,195 | 6k+ | | | Text Domain Mismatch |
| #469 | Pagar.me para WooCommerce | 24 | 549 | 116 | 5k+ | | | Text Domain Mismatch |
| #470 | Page Builder: Pagelayer – Drag and Drop website builder | 24 | 769 | 556 | 400k+ | | | Output is not escaped |
| #471 | Participants Database | 24 | 951 | 894 | 7k+ | | | SQL query is not prepared |
| #472 | Paymob for WooCommerce | 24 | 359 | 288 | 6k+ | | | Text Domain Mismatch |
| #473 | PixelYourSite – Your smart PIXEL (TAG) & API Manager | 24 | 1,160 | 2,407 | 500k+ | | | Non-prefixed namespace |
| #474 | Product Catalog Simple | 24 | 1,555 | 1,982 | 1k+ | | | Output is not escaped |
| #475 | Post Affiliate Pro | 24 | 293 | 335 | 500 | | | Nonce verification recommended |
| #476 | Premmerce Brands for WooCommerce | 24 | 700 | 1,344 | 2k+ | | | Non-prefixed global variable |
| #477 | PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin | 24 | 449 | 1,137 | 300k+ | | | Nonce verification recommended |
| #478 | Product Editor Pro – WooCommerce Bulk Edit: Prices, Stock, Images, Titles, CSV Import & More | 24 | 2,154 | 4,833 | 1k+ | | | Non-prefixed global variable |
| #479 | ProfileGrid – User Profiles, Groups and Communities | 24 | 473 | 2,463 | 6k+ | | | Non-prefixed global variable |
| #480 | Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors | 24 | 369 | 820 | 20k+ | | | Nonce verification recommended |
| #481 | Pz-LinkCard | 24 | 951 | 1,581 | 20k+ | | | Non-prefixed global variable |
| #482 | QuadMenu – Mega Menu | 24 | 2,129 | 455 | 10k+ | | | Output is not escaped |
| #483 | PickPlugins Question Answer | 24 | 32 | 1,413 | 400 | | | Non-prefixed global variable |
| #484 | Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker | 24 | 406 | 2,581 | 40k+ | | | Non-prefixed hook name |
| #485 | reGenerate Thumbnails Advanced | 24 | 220 | 122 | 70k+ | | | Unsafe printing function |
| #486 | Registrations for the Events Calendar – Event Registration Plugin | 24 | 405 | 943 | 7k+ | | | Non-prefixed global variable |
| #487 | RSFirewall! | 24 | 563 | 521 | 4k+ | | | Output is not escaped |
| #488 | Screen Reader Accessibility – WCAG, Text-to-Speech & AI Accessibility Fixes | 24 | 235 | 330 | 600 | | | Non-prefixed global variable |
| #489 | Security Plugin, Firewall & Malware Scanner with Auto Removal | 24 | 1,191 | 769 | 30k+ | | | Output is not escaped |
| #490 | SEO Engine – Smart SEO with AI, Schema & Redirection for WordPress | 24 | 239 | 304 | 1k+ | | | Direct Query |
| #491 | SEOKEY – Powerful SEO plugin with Expert Insights and SEO Audit | 24 | 605 | 928 | 1k+ | | | Non-prefixed global variable |
| #492 | Servebolt Optimizer | 24 | 1,958 | 681 | 1k+ | | | Text Domain Mismatch |
| #493 | Service Box Slider | 24 | 618 | 1,410 | 500 | | | Non-prefixed global variable |
| #494 | Share This Image | 24 | 744 | 1,582 | 1k+ | | | Non-prefixed global variable |
| #495 | ShiftController Employee Shift Scheduling | 24 | 358 | 196 | 700 | | | Output is not escaped |
| #496 | Shortcodes Ultimate – Content Elements | 24 | 656 | 1,552 | 400k+ | | | Non-prefixed global variable |
| #497 | ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization | 24 | 926 | 322 | 10k+ | | | Output is not escaped |
| #498 | Simple Membership | 24 | 2,373 | 1,789 | 40k+ | | | Unsafe printing function |
| #499 | SiteGuard WP Plugin | 24 | 361 | 346 | 500k+ | | | Output is not escaped |
| #500 | Sitepact's Contact Form 7 Extension For Klaviyo | 24 | 541 | 1,412 | 500 | | | Non-prefixed global variable |
