| #101 | eCommerce Product Catalog Plugin for WordPress | 24 | 621 | 3,177 | 7k+ | | | Non-prefixed function |
| #102 | Etsy Integration For WooCommerce | 24 | 1,246 | 4,643 | 900 | | | Non-prefixed global variable |
| #103 | FeedWordPress | 24 | 496 | 319 | 9k+ | | | Missing Arg Domain |
| #104 | Food Store – Online Food Delivery & Pickup | 24 | 862 | 1,941 | 1k+ | | | Non-prefixed global variable |
| #105 | Assets manager, dequeue scripts, dequeue styles for WordPress | 24 | 592 | 255 | 2k+ | | | Output is not escaped |
| #106 | Import and export users and customers | 24 | 1,040 | 357 | 70k+ | | | Unsafe printing function |
| #107 | Social Slider Feed – Social Media Feed & Gallery Widgets | 24 | 929 | 707 | 20k+ | | | Non-prefixed global variable |
| #108 | Media Library Folders | 24 | 889 | 807 | 10k+ | | | Text Domain Mismatch |
| #109 | Ninja Forms – The Contact Form Builder That Grows With You | 24 | 749 | 1,525 | 600k+ | | | Nonce verification recommended |
| #110 | Participants Database | 24 | 951 | 894 | 7k+ | | | SQL query is not prepared |
| #111 | Product Catalog Simple | 24 | 1,555 | 1,982 | 1k+ | | | Output is not escaped |
| #112 | Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors | 24 | 369 | 820 | 20k+ | | | Nonce verification recommended |
| #113 | Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker | 24 | 407 | 2,587 | 40k+ | | | Non-prefixed hook name |
| #114 | PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes | 24 | 414 | 573 | 10k+ | | | Missing Translators Comment |
| #115 | Security Plugin, Firewall & Malware Scanner with Auto Removal | 24 | 1,191 | 769 | 30k+ | | | Output is not escaped |
| #116 | Shortcodes Ultimate – Content Elements | 24 | 656 | 1,552 | 400k+ | | | Non-prefixed global variable |
| #117 | SiteOrigin Widgets Bundle | 24 | 606 | 455 | 400k+ | | | Output is not escaped |
| #118 | Team Members – Multi Language Supported Team Plugin | 24 | 2,081 | 11,206 | 7k+ | | | Non-prefixed global variable |
| #119 | Timber | 24 | 85 | 128 | 20k+ | | | Non-prefixed hook name |
| #120 | Ultimate Product Catalog | 24 | 554 | 525 | 5k+ | | | Unsafe printing function |
| #121 | Disable Updates – Updates Manager, Disable Automatic Updates, Disable All Updates | 24 | 522 | 135 | 10k+ | | | Output is not escaped |
| #122 | WPML Multilingual & Multicurrency for WooCommerce | 24 | 1,453 | 1,618 | 100k+ | | | SQL query is not prepared |
| #123 | Auto Affiliate Links | 24 | 375 | 407 | 3k+ | | | Output is not escaped |
| #124 | WP-Members Membership Plugin | 24 | 669 | 382 | 50k+ | | | Output is not escaped |
| #125 | WP Notification Bell | 24 | 736 | 1,591 | 700 | | | Non-prefixed global variable |
| #126 | WP-Stateless – Google Cloud Storage | 24 | 1,036 | 482 | 4k+ | | | Non Singular String Literal Domain |
| #127 | WP Travel Engine – Tour Booking Plugin – Tour Operator Software | 24 | 2,010 | 5,688 | 20k+ | | | Non-prefixed global variable |
| #128 | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | 24 | 2,576 | 2,103 | 100k+ | | | Output is not escaped |
| #129 | WPeMatico RSS Feed Fetcher | 24 | 1,378 | 587 | 10k+ | | | Output is not escaped |
| #130 | YMC Filter | 24 | 12 | 1,729 | 4k+ | | | Non-prefixed global variable |
| #131 | AdRotate Banner Manager | 25 | 1,363 | 846 | 20k+ | | | Unsafe printing function |
| #132 | bbp style pack | 25 | 1,419 | 1,792 | 6k+ | | | Output is not escaped |
| #133 | Booking Package | 25 | 1,703 | 3,977 | 10k+ | | | Missing nonce verification |
| #134 | Broken Link Checker | 25 | 727 | 600 | 500k+ | | | Output is not escaped |
| #135 | Disable Comments & Delete All Comments | 25 | 503 | 185 | 9k+ | | | Output is not escaped |
| #136 | Coupon Creator | 25 | 698 | 412 | 1k+ | | | Output is not escaped |
| #137 | CP Contact Form with PayPal | 25 | 466 | 936 | 800 | | | Unsafe printing function |
| #138 | Disable Admin Notices – Hide Dashboard Notifications | 25 | 465 | 195 | 100k+ | | | Output is not escaped |
| #139 | Docket Cache – Object Cache Accelerator | 25 | 333 | 481 | 20k+ | | | Output is not escaped |
| #140 | 胖鼠采集(Fat Rat Collect) | 25 | 630 | 190 | 900 | | | Missing Arg Domain |
| #141 | Simple Giveaways – Grow your business, email lists and traffic with contests | 25 | 956 | 2,384 | 400 | | | Non-prefixed global variable |
| #142 | Team Members – A WordPress Team Plugin with Gallery, Grid, Carousel, Slider, Table, List, and More | 25 | 1,786 | 2,220 | 2k+ | | | Non-prefixed global variable |
| #143 | MaxButtons – Create buttons | 25 | 626 | 404 | 70k+ | | | Output is not escaped |
| #144 | Media Cleaner: Clean your WordPress! | 25 | 151 | 391 | 90k+ | | | Direct Query |
| #145 | Poll Maker by AYS – Versus Polls, Anonymous Polls, Image Polls | 25 | 488 | 1,412 | 7k+ | | | Non-prefixed global variable |
| #146 | Post Snippets – Custom WordPress Code Snippets Customizer | 25 | 808 | 1,654 | 20k+ | | | Non-prefixed global variable |
| #147 | Premmerce Product Search for WooCommerce | 25 | 596 | 1,350 | 900 | | | Non-prefixed global variable |
| #148 | Quiz Maker by AYS | 25 | 505 | 3,021 | 20k+ | | | Non-prefixed global variable |
| #149 | reSmush.it : The original free image compressor and optimizer plugin | 25 | 155 | 69 | 100k+ | | | Output is not escaped |
| #150 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | 25 | 960 | 738 | 60k+ | | | Text Domain Mismatch |