| #3401 | GoSMTP – SMTP for WordPress | 39 | 59 | 42 | 500k+ | | Output is not escaped |
| #3402 | Graphina – Charts and Graphs For Elementor | 39 | 1,895 | 113 | 10k+ | | Text Domain Mismatch |
| #3403 | Gravity Slider Fields | 39 | 56 | 36 | 2k+ | | Text Domain Mismatch |
| #3404 | GS Only PDF Preview | 39 | 46 | 36 | 1k+ | | Output is not escaped |
| #3405 | HD Quiz | 39 | 252 | 81 | 7k+ | | Output is not escaped |
| #3406 | Maintenance Mode | 39 | 86 | 109 | 7k+ | | Output is not escaped |
| #3407 | hpb seo plugin for WordPress | 39 | 15 | 87 | 2k+ | | Non-prefixed global variable |
| #3408 | HTML5 Cumulus | 39 | 132 | 33 | 1k+ | | Output is not escaped |
| #3409 | If Menu – Visibility control for Menus | 39 | 281 | 63 | 50k+ | | Output is not escaped |
| #3410 | Image Carousel | 39 | 164 | 18 | 1k+ | | Output is not escaped |
| #3411 | S2W – Import Shopify to WooCommerce | 39 | 8 | 132 | 3k+ | | Request data is not unslashed |
| #3412 | Improved Save Button | 39 | 44 | 52 | 4k+ | | Missing Translators Comment |
| #3413 | Insert Html Snippet | 39 | 159 | 205 | 20k+ | | Output is not escaped |
| #3414 | JetGridBuilder — Grid Builder for Elementor and Gutenberg | 39 | 414 | 40 | 4k+ | | Text Domain Mismatch |
| #3415 | Korea SNS | 39 | 88 | 30 | 4k+ | | Unsafe printing function |
| #3416 | Leaflet Map | 39 | 59 | 32 | 30k+ | | Output is not escaped |
| #3417 | LH Add Media From Url | 39 | 42 | 26 | 2k+ | | Output is not escaped |
| #3418 | LuckyWP Table of Contents | 39 | 438 | 62 | 100k+ | | Output is not escaped |
| #3419 | Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid | 39 | 65 | 72 | 6k+ | | block api version too low |
| #3420 | Mail Subscribe List | 39 | 17 | 94 | 3k+ | | Input is not validated |
| #3421 | Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin | 39 | 1 | 395 | 3k+ | | Input is not sanitized |
| #3422 | Kikote – Location Picker at Checkout & Google Address AutoFill Plugin for WooCommerce | 39 | 76 | 64 | 1k+ | | Missing Translators Comment |
| #3423 | Markup by Attribute for WooCommerce | 39 | 46 | 102 | 2k+ | | Direct Query |
| #3424 | Mascaras CF7 | 39 | 54 | 16 | 1k+ | | Text Domain Mismatch |
| #3425 | Media Sync | 39 | 193 | 7 | 50k+ | | Short PHP open tag found |
| #3426 | Mega Addons For WPBakery Page Builder | 39 | 1,320 | 154 | 20k+ | | Text Domain Mismatch |
| #3427 | Meks Easy Photo Feed Widget | 39 | 77 | 27 | 10k+ | | Output is not escaped |
| #3428 | Movable Type and TypePad Importer | 39 | 42 | 25 | 20k+ | | Output is not escaped |
| #3429 | Multilingual Contact Form 7 with Polylang | 39 | 50 | 30 | 9k+ | | Text Domain Mismatch |
| #3430 | NextGEN Download Gallery | 39 | 57 | 21 | 2k+ | | Short PHP open tag found |
| #3431 | Open Graph Pro | 39 | 52 | 13 | 1k+ | | Output is not escaped |
| #3432 | SOGO Add Script to Individual Pages Header Footer | 39 | 74 | 40 | 20k+ | | Output is not escaped |
| #3433 | Pay by paynow.pl | 39 | 51 | 56 | 6k+ | | Output is not escaped |
| #3434 | Designil PDPA Thailand | 39 | 131 | 36 | 3k+ | | Output is not escaped |
| #3435 | Permalink Manager for WooCommerce | 39 | 116 | 24 | 8k+ | | Short PHP open tag found |
| #3436 | Privilege Menu | 39 | 215 | 49 | 1k+ | | Text Domain Mismatch |
| #3437 | Product Video Gallery for Woocommerce | 39 | 63 | 36 | 10k+ | | Setting is missing a sanitization callback |
| #3438 | Purge Varnish Cache | 39 | 113 | 151 | 1k+ | | Non-prefixed global variable |
| #3439 | QR Redirector | 39 | 48 | 54 | 4k+ | | Output is not escaped |
| #3440 | Quantcast Choice | 39 | 227 | 11 | 3k+ | | Text Domain Mismatch |
| #3441 | Simple Webchat | 39 | 142 | 204 | 1k+ | | Output is not escaped |
| #3442 | Radio Buttons for Taxonomies | 39 | 40 | 24 | 20k+ | | Output is not escaped |
| #3443 | Redirect 404 Error Page to Homepage or Custom Page with Logs | 39 | 27 | 53 | 10k+ | | Nonce verification recommended |
| #3444 | RioVizual — Table Blocks for Comparison, Pricing and Pros & Cons | 39 | 32 | 81 | 1k+ | | Nonce verification recommended |
| #3445 | Scripts n Styles | 39 | 150 | 92 | 30k+ | | Output is not escaped |
| #3446 | SEO Friendly Images | 39 | 292 | 20 | 20k+ | | Output is not escaped |
| #3447 | Serial Number for Contact Form 7 | 39 | 105 | 53 | 2k+ | | Non Singular String Literal Domain |
| #3448 | Taxonomy Thumbnail | 39 | 27 | 58 | 3k+ | | Non-prefixed function |
| #3449 | Shared Files – File Upload & Download Manager | 39 | 5 | 184 | 4k+ | | Nonce verification recommended |
| #3450 | Shipping Simulator for WooCommerce | 39 | 120 | 39 | 5k+ | | Text Domain Mismatch |
