| #101 | UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP | 23 | 693 | 2,436 | 20k+ | | | Non-prefixed hook name |
| #102 | WHMCS Bridge | 23 | 247 | 472 | 4k+ | | | Nonce verification recommended |
| #103 | WP BackItUp Community Edition | 23 | 257 | 989 | 6k+ | | | Non-prefixed global variable |
| #104 | Clone | 23 | 244 | 262 | 40k+ | | | Output is not escaped |
| #105 | WP-Lister Lite for Amazon | 23 | 3,061 | 4,177 | 800 | | | Output is not escaped |
| #106 | Dynamic Team Manager – Team Member Showcase with grid, slider, table Elementor widget & shortcode | 23 | 933 | 2,002 | 900 | | | Non-prefixed global variable |
| #107 | Yatra – Travel Booking & Tour Operator Software | 23 | 2,211 | 3,994 | 600 | | | Non-prefixed global variable |
| #108 | Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress | 23 | 2,317 | 1,714 | 5k+ | | | Output is not escaped |
| #109 | Zephyr Project Manager | 23 | 667 | 2,454 | 1k+ | | | Non-prefixed global variable |
| #110 | 404 Solution | 24 | 486 | 1,338 | 10k+ | | | Non-prefixed class |
| #111 | Anti Spam and list cleaner – AcyChecker | 24 | 462 | 88 | 400 | | | Output is not escaped |
| #112 | AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress | 24 | 5,230 | 1,464 | 7k+ | | | Output is not escaped |
| #113 | Ad Inserter – Ad Manager & AdSense Ads | 24 | 4,241 | 811 | 300k+ | | | Output is not escaped |
| #114 | Ivory Search – WordPress Search Plugin | 24 | 1,173 | 1,688 | 100k+ | | | Non-prefixed global variable |
| #115 | Advanced Contact form 7 DB | 24 | 764 | 1,960 | 70k+ | | | Non-prefixed global variable |
| #116 | All-In-One Security (AIOS) – Security and Firewall | 24 | 552 | 1,228 | 1m+ | | | Non-prefixed global variable |
| #117 | Popup Box – Create Countdown, Coupon, Video, Contact Form Popups | 24 | 482 | 1,253 | 50k+ | | | Non-prefixed global variable |
| #118 | Backuply – Backup, Restore, Migrate and Clone | 24 | 704 | 551 | 700k+ | | | Non-prefixed global variable |
| #119 | Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) | 24 | 1,837 | 1,063 | 1k+ | | | Text Domain Mismatch |
| #120 | Product Feed Manager For WooCommerce – Sell on 200+ Online Marketplaces | 24 | 2,248 | 3,338 | 10k+ | | | slow db query meta key |
| #121 | Buttonizer – Floating Menus, Sticky Buttons, & Popup Builder | 24 | 576 | 1,344 | 70k+ | | | Non-prefixed global variable |
| #122 | Calculated Fields Form | 24 | 283 | 599 | 40k+ | | | Non-prefixed global variable |
| #123 | Smart Online Order for Clover | 24 | 1,746 | 1,246 | 1k+ | | | Text Domain Mismatch |
| #124 | CRM Perks Forms – WordPress Form Builder | 24 | 819 | 577 | 1k+ | | | Output is not escaped |
| #125 | DSGVO All in one for WP | 24 | 75 | 1,637 | 20k+ | | | Non-prefixed global variable |
| #126 | Easy Modal | 24 | 564 | 299 | 7k+ | | | Unsafe printing function |
| #127 | Etsy Integration For WooCommerce | 24 | 1,246 | 4,643 | 900 | | | Non-prefixed global variable |
| #128 | Football Pool | 24 | 1,085 | 733 | 1k+ | | | Output is not escaped |
| #129 | Simple Calendar – Google Calendar Plugin | 24 | 2,053 | 592 | 50k+ | | | Missing direct file access protection |
| #130 | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | 24 | 10,894 | 440 | 70k+ | | | Text Domain Mismatch |
| #131 | Hummingbird Performance – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript | CDN | 24 | 3,410 | 866 | 70k+ | | | Text Domain Mismatch |
| #132 | InstaWP Connect – 1-click WP Staging & Migration | 24 | 253 | 811 | 40k+ | | | Non-prefixed global variable |
| #133 | Joli Table Of Contents | 24 | 653 | 1,755 | 7k+ | | | Non-prefixed global variable |
| #134 | Mang Board WP | 24 | 1,249 | 4,720 | 9k+ | | | Non-prefixed global variable |
| #135 | Media Library Folders | 24 | 889 | 807 | 10k+ | | | Text Domain Mismatch |
| #136 | NEX-Forms – Ultimate Forms Plugin for WordPress | 24 | 2,008 | 1,195 | 6k+ | | | Text Domain Mismatch |
| #137 | Participants Database | 24 | 951 | 894 | 7k+ | | | SQL query is not prepared |
| #138 | PDF for Gravity Forms + Drag And Drop Template Builder | 24 | 1,457 | 260 | 400 | | | wp function not compatible with requires wp |
| #139 | PeproDev Ultimate Invoice | 24 | 379 | 234 | 4k+ | | | Output is not escaped |
| #140 | Database Manager – WP Adminer | 24 | 1,005 | 2,752 | 20k+ | | | Non-prefixed global variable |
| #141 | Post Status Notifier Lite | 24 | 984 | 451 | 700 | | | Missing direct file access protection |
| #142 | Product Catalog Simple | 24 | 1,555 | 1,982 | 1k+ | | | Output is not escaped |
| #143 | Post Affiliate Pro | 24 | 293 | 335 | 500 | | | Nonce verification recommended |
| #144 | SEO Engine – Smart SEO with AI, Schema & Redirection for WordPress | 24 | 239 | 304 | 1k+ | | | Direct Query |
| #145 | ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization | 24 | 926 | 322 | 10k+ | | | Output is not escaped |
| #146 | SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery | 24 | 831 | 1,903 | 4k+ | | | Non-prefixed global variable |
| #147 | Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for Photographers | 24 | 360 | 1,472 | 1k+ | | | Nonce verification recommended |
| #148 | Unlimited Elements For Elementor | 24 | 710 | 2,093 | 300k+ | | | Non-prefixed global variable |
| #149 | VikRentItems Flexible Rental Management System | 24 | 4,755 | 4,639 | 600 | | | Non-prefixed global variable |
| #150 | EU VAT Assistant for WooCommerce | 24 | 1,742 | 495 | 5k+ | | | Non Singular String Literal Domain |
