| #151 | SEO Engine – Smart SEO with AI, Schema & Redirection for WordPress | 24 | 239 | 304 | 1k+ | | | Direct Query |
| #152 | Sequential Order Numbers for WooCommerce | 24 | 709 | 469 | 1k+ | | | Text Domain Mismatch |
| #153 | ShiftController Employee Shift Scheduling | 24 | 358 | 196 | 700 | | | Output is not escaped |
| #154 | GEO Plugin by Squirrly SEO | 24 | 1,196 | 224 | 30k+ | | | Missing Translators Comment |
| #155 | Ultimate Maps by Supsystic | 24 | 1,034 | 374 | 10k+ | | | Non Singular String Literal Domain |
| #156 | Bulk Edit Products for WooCommerce – WP Sheet Editor | 24 | 941 | 936 | 10k+ | | | Text Domain Mismatch |
| #157 | Bulk Edit Coupons for WooCommerce – WP Sheet Editor | 24 | 1,006 | 950 | 500 | | | Text Domain Mismatch |
| #158 | pensopay Payments | 24 | 397 | 246 | 2k+ | | | Output is not escaped |
| #159 | EU VAT Assistant for WooCommerce | 24 | 1,742 | 495 | 5k+ | | | Non Singular String Literal Domain |
| #160 | WPML Multilingual & Multicurrency for WooCommerce | 24 | 1,453 | 1,618 | 100k+ | | | SQL query is not prepared |
| #161 | WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content | 24 | 1,775 | 393 | 40k+ | | | Text Domain Mismatch |
| #162 | Bulk Edit Posts and Products in Spreadsheet | 24 | 918 | 912 | 8k+ | | | Text Domain Mismatch |
| #163 | WP-Stateless – Google Cloud Storage | 24 | 1,036 | 482 | 4k+ | | | Non Singular String Literal Domain |
| #164 | xili-language | 24 | 1,501 | 523 | 600 | | | Output is not escaped |
| #165 | Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation | 24 | 1,211 | 3,152 | 30k+ | | | Non-prefixed global variable |
| #166 | Advanced WordPress Reset – Debug, Recover & Reset WP | 25 | 475 | 464 | 20k+ | | | Output is not escaped |
| #167 | Affiliates | 25 | 689 | 1,483 | 2k+ | | | Output is not escaped |
| #168 | ATUM WooCommerce Inventory Management and Stock Tracking | 25 | 2,638 | 1,304 | 10k+ | | | Non Singular String Literal Domain |
| #169 | Booking Package | 25 | 1,703 | 3,977 | 10k+ | | | Missing nonce verification |
| #170 | Coupon Creator | 25 | 698 | 412 | 1k+ | | | Output is not escaped |
| #171 | DecaLog | 25 | 943 | 236 | 1k+ | | | Exception output is not escaped |
| #172 | ELEX WooCommerce Dynamic Pricing and Discounts | 25 | 478 | 748 | 800 | | | Text Domain Mismatch |
| #173 | Fluid Checkout for WooCommerce – Lite | 25 | 370 | 841 | 20k+ | | | Non-prefixed hook name |
| #174 | Lightbox & Modal Popup WordPress Plugin – FooBox | 25 | 610 | 1,365 | 100k+ | | | Non-prefixed global variable |
| #175 | Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel | 25 | 876 | 1,798 | 100k+ | | | Non-prefixed global variable |
| #176 | Photo Gallery by Ays – Responsive Image Gallery | 25 | 466 | 820 | 1k+ | | | Output is not escaped |
| #177 | GeekyBot — AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content | 25 | 87 | 863 | 6k+ | | | Non-prefixed global variable |
| #178 | Genesis Club Lite | 25 | 513 | 317 | 900 | | | Output is not escaped |
| #179 | WPBruiser {no- Captcha anti-Spam} | 25 | 646 | 259 | 10k+ | | | Non Singular String Literal Domain |
| #180 | Hardcore Google Fonts Localizer | 25 | 331 | 261 | 800 | | | Text Domain Mismatch |
| #181 | Cool Author Box – For Widget and Post Content | 25 | 853 | 1,379 | 600 | | | Non-prefixed global variable |
| #182 | Icegram Collect – Easy Form, Lead Collection and Subscription plugin | 25 | 424 | 290 | 2k+ | | | Output is not escaped |
| #183 | Index WP MySQL For Speed | 25 | 250 | 255 | 50k+ | | | Output is not escaped |
| #184 | JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin | 25 | 1,541 | 1,578 | 1k+ | | | Non-prefixed global variable |
| #185 | Knit Pay – Cashfree, Instamojo, Razorpay, PayPal and more | 25 | 4,019 | 1,265 | 2k+ | | | Text Domain Mismatch |
| #186 | Limit Login Attempts Security – Login Security, 2FA, Firewall, Brute Force Prevention | 25 | 618 | 605 | 1m+ | | | Unsafe printing function |
| #187 | Liza Widget For Spotify and Elementor | 25 | 1,478 | 2,572 | 1k+ | | | Non-prefixed global variable |
| #188 | Media Cleaner: Clean your WordPress! | 25 | 151 | 391 | 90k+ | | | Direct Query |
| #189 | MyFatoorah – WooCommerce | 25 | 191 | 89 | 2k+ | | | Output is not escaped |
| #190 | Poll Maker by AYS – Versus Polls, Anonymous Polls, Image Polls | 25 | 488 | 1,412 | 7k+ | | | Non-prefixed global variable |
| #191 | Premmerce | 25 | 712 | 1,411 | 500 | | | Non-prefixed global variable |
| #192 | Premmerce Product Search for WooCommerce | 25 | 596 | 1,350 | 900 | | | Non-prefixed global variable |
| #193 | Premmerce Wholesale Pricing for WooCommerce | 25 | 635 | 1,377 | 400 | | | Non-prefixed global variable |
| #194 | Quiz Maker by AYS | 25 | 505 | 3,021 | 20k+ | | | Non-prefixed global variable |
| #195 | Seers Ai | Consent Management Platform (Easy to set up GDPR/CCPA Compliant Cookie Consent) | 25 | 1,446 | 421 | 1k+ | | | Output is not escaped |
| #196 | Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management | 25 | 366 | 923 | 10k+ | | | SQL query is not prepared |
| #197 | Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator | 25 | 648 | 1,021 | 1k+ | | | Output is not escaped |
| #198 | Survey Maker by AYS | 25 | 567 | 2,397 | 6k+ | | | Non-prefixed global variable |
| #199 | Ultimate Post Kit Addons for Elementor | 25 | 182 | 412 | 30k+ | | | Missing nonce verification |
| #200 | Social Share Icons & Social Share Buttons | 25 | 2,365 | 1,357 | 10k+ | | | Output is not escaped |