| #501 | Create | 25 | 1,558 | 769 | 6k+ | | | Text Domain Mismatch |
| #502 | All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements | 25 | 352 | 597 | 40k+ | | | Non-prefixed global variable |
| #503 | Nexter Extension – Security, Performance, Code Snippets & Site Toolkit | 25 | 198 | 710 | 10k+ | | | Nonce verification recommended |
| #504 | NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar | 25 | 257 | 397 | 40k+ | | | Non-prefixed hook name |
| #505 | Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content | 25 | 680 | 1,513 | 300k+ | | | Non-prefixed global variable |
| #506 | phpinfo() WP — Site Health, PHP Compatibility & Server Audit | 25 | 276 | 704 | 3k+ | | | Non-prefixed global variable |
| #507 | Poll Maker by AYS – Versus Polls, Anonymous Polls, Image Polls | 25 | 486 | 1,414 | 7k+ | | | Non-prefixed global variable |
| #508 | Post Snippets – Custom WordPress Code Snippets Customizer | 25 | 808 | 1,654 | 20k+ | | | Non-prefixed global variable |
| #509 | Quiz Maker by AYS | 25 | 505 | 3,015 | 20k+ | | | Non-prefixed global variable |
| #510 | Quttera ThreatSign – Web Malware Scanner for WordPress | 25 | 334 | 471 | 10k+ | | | Non-prefixed global variable |
| #511 | reSmush.it : The original free image compressor and optimizer plugin | 25 | 155 | 69 | 100k+ | | | Output is not escaped |
| #512 | Secure Copy Content Protection and Content Locking | 25 | 958 | 799 | 20k+ | | | Output is not escaped |
| #513 | ShopMagic – email automation | 25 | 228 | 145 | 10k+ | | | Exception output is not escaped |
| #514 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | 25 | 960 | 738 | 60k+ | | | Text Domain Mismatch |
| #515 | Simply Static – The Static Site Generator | 25 | 163 | 446 | 30k+ | | | Non-prefixed hook name |
| #516 | Sitemap by click5 | 25 | 286 | 132 | 6k+ | | | Unsafe printing function |
| #517 | Affiliate Program Suite — SliceWP Affiliates | 25 | 1,291 | 2,089 | 10k+ | | | Output is not escaped |
| #518 | Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management | 25 | 387 | 935 | 10k+ | | | SQL query is not prepared |
| #519 | SupportCandy – Helpdesk & Customer Support Ticket System | 25 | 434 | 1,357 | 10k+ | | | Direct Query |
| #520 | Survey Maker by AYS | 25 | 566 | 2,397 | 6k+ | | | Non-prefixed global variable |
| #521 | TemplateSpare – 1000+ WordPress Starter Templates & Full Site Migration Tool | 1-Click Import/Export & No-Code Builder | 25 | 705 | 1,587 | 10k+ | | | Non-prefixed global variable |
| #522 | Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin | 25 | 119 | 2,706 | 2k+ | | | Non-prefixed global variable |
| #523 | TrackShip for WooCommerce | 25 | 421 | 957 | 6k+ | | | Non-prefixed global variable |
| #524 | TranslatePress – Translate Multilingual sites with AI Translation | 25 | 452 | 1,541 | 400k+ | | | Non-prefixed hook name |
| #525 | Ultimate Post Kit Addons for Elementor | 25 | 182 | 412 | 30k+ | | | Missing nonce verification |
| #526 | Product Customer List for WooCommerce | 25 | 610 | 1,334 | 9k+ | | | Non-prefixed global variable |
| #527 | weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot | 25 | 279 | 518 | 4k+ | | | Non-prefixed global variable |
| #528 | weForms – Easy Drag & Drop Contact Form Builder For WordPress | 25 | 916 | 450 | 10k+ | | | Output is not escaped |
| #529 | PDF Builder for WooCommerce. Create invoices,packing slips and more | 25 | 372 | 503 | 2k+ | | | Non-prefixed global variable |
| #530 | Product Table for WooCommerce | 25 | 183 | 896 | 5k+ | | | Non-prefixed global variable |
| #531 | Pay with Vipps and MobilePay for WooCommerce | 25 | 845 | 509 | 5k+ | | | Output is not escaped |
| #532 | Wordfence Login Security | 25 | 248 | 418 | 70k+ | | | Output is not escaped |
| #533 | WP Airbnb Review Slider | 25 | 325 | 646 | 1k+ | | | Non-prefixed global variable |
| #534 | WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards | 25 | 1,431 | 1,270 | 10k+ | | | Output is not escaped |
| #535 | WP-DownloadManager | 25 | 607 | 508 | 3k+ | | | Unsafe printing function |
| #536 | WP Review Slider | 25 | 1,186 | 2,279 | 6k+ | | | Non-prefixed global variable |
| #537 | WP Go Maps – Google Map, OpenStreetMap, Leaflet Map | 25 | 4,996 | 1,008 | 300k+ | | | Unsafe printing function |
| #538 | WP Google Review Slider | 25 | 1,367 | 2,582 | 30k+ | | | Non-prefixed global variable |
| #539 | WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan | 25 | 727 | 1,554 | 50k+ | | | Non-prefixed global variable |
| #540 | Nested Pages | 25 | 674 | 560 | 90k+ | | | Non-prefixed global variable |
| #541 | WP-Polls | 25 | 618 | 639 | 40k+ | | | Unsafe printing function |
| #542 | WP Popups – WordPress Popup builder | 25 | 440 | 342 | 30k+ | | | Output is not escaped |
| #543 | Perfect Images: Regenerate Thumbnails, Image Sizes, WebP & AVIF | 25 | 154 | 118 | 60k+ | | | Non-prefixed global variable |
| #544 | Smush – Image Optimization, Compression, Lazy Load, WebP & CDN | 25 | 252 | 566 | 1m+ | | | Non-prefixed hook name |
| #545 | Wp Social Login and Register Social Counter | 25 | 80 | 738 | 90k+ | | | Non-prefixed global variable |
| #546 | WP Spell Check | 25 | 6 | 4,390 | 2k+ | | | Direct Query |
| #547 | WP Statistics – Simple, privacy-friendly Google Analytics alternative | 25 | 610 | 2,465 | 600k+ | | | Non-prefixed global variable |
| #548 | WP TripAdvisor Review Slider | 25 | 958 | 2,058 | 8k+ | | | Non-prefixed global variable |
| #549 | WP Yelp Review Slider | 25 | 429 | 645 | 1k+ | | | Non-prefixed global variable |
| #550 | WPCargo Track & Trace | 25 | 239 | 557 | 10k+ | | | Non-prefixed global variable |
