| #5201 | Cards for Beaver Builder | 51 | 63 | 1 | 1k+ | | | Output is not escaped |
| #5202 | Booqable Rental Plugin | 51 | 81 | 18 | 1k+ | | | wp function not compatible with requires wp |
| #5203 | Bootstrap Modals | 51 | 43 | 8 | 1k+ | | | Output is not escaped |
| #5204 | WPML Multilingual for BuddyPress and BuddyBoss | 51 | 18 | 21 | 6k+ | | | SQL query is not prepared |
| #5205 | Category Archive Widget | 51 | 54 | 2 | 800 | | | Output is not escaped |
| #5206 | CloudFilt Bot & Spam Protection | 51 | 11 | 22 | 600 | | | Output is not escaped |
| #5207 | Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress | 51 | 3 | 116 | 1k+ | | | Missing nonce verification |
| #5208 | Dolyame Payment gateway | 51 | 122 | 10 | 700 | | | Text Domain Mismatch |
| #5209 | Firelight Lightbox | 51 | 78 | 97 | 200k+ | | | Non-prefixed global variable |
| #5210 | Easy Search Replace – Find & Replace Text/HTML/URLs, Remove Footer Credit | 51 | 6 | 61 | 500 | | | Input is not sanitized |
| #5211 | GamiPress – Reset User | 51 | 14 | 27 | 400 | | | Interpolated SQL is not prepared |
| #5212 | Gravatar Enhanced – Avatars, Profiles, and Privacy | 51 | 38 | 48 | 100k+ | | | Dynamic hook name |
| #5213 | Gravity Forms No CAPTCHA reCAPTCHA | 51 | 30 | 17 | 10k+ | | | Text Domain Mismatch |
| #5214 | Gutenverse – WordPress Blocks, Page Builder & Site Editor | 51 | 17 | 47 | 20k+ | | | Non-prefixed hook name |
| #5215 | Hide Admin Bar | 51 | 35 | 17 | 20k+ | | | Unsafe printing function |
| #5216 | Interactive Globes – 3D World Maps | 51 | 24 | 104 | 400 | | | Non-prefixed global variable |
| #5217 | Juicer.io: Effortlessly embed, curate, and aggregate social media feeds into your website | 51 | 44 | 34 | 9k+ | | | Output is not escaped |
| #5218 | KIA Subtitle | 51 | 21 | 19 | 7k+ | | | Non-prefixed global variable |
| #5219 | Menu Icons by Themeisle – Add Icons to Navigation Menus | 51 | 34 | 22 | 100k+ | | | Output is not escaped |
| #5220 | Lite Video Embed | 51 | 35 | 7 | 1k+ | | | Output is not escaped |
| #5221 | Mintpay | 51 | 14 | 35 | 600 | | | Nonce verification recommended |
| #5222 | OnSale Page for WooCommerce | 51 | 30 | 44 | 2k+ | | | Text Domain Mismatch |
| #5223 | POLi Payments for WooCommerce | 51 | 62 | 26 | 500 | | | Text Domain Mismatch |
| #5224 | Quotes and Tips by BestWebSoft | 51 | 485 | 190 | 1k+ | | | Text Domain Mismatch |
| #5225 | Security-Protection | 51 | 5 | 32 | 400 | | | Missing nonce verification |
| #5226 | SePay Gateway | 51 | 12 | 39 | 2k+ | | | Nonce verification recommended |
| #5227 | Contact Information Widget | 51 | 69 | 5 | 500 | | | Output is not escaped |
| #5228 | Simple Cookie Notification Bar | 51 | 49 | 6 | 1k+ | | | Text Domain Mismatch |
| #5229 | Popular Brand Icons – Simple Icons | 51 | 20 | 12 | 3k+ | | | Output is not escaped |
| #5230 | Redirect | 51 | 26 | 12 | 5k+ | | | Output is not escaped |
| #5231 | Star Rating Field For Contact Form 7 | 51 | 36 | 7 | 800 | | | Output is not escaped |
| #5232 | StoryChief | 51 | 12 | 55 | 1k+ | | | Input is not sanitized |
| #5233 | The Paste | 51 | 19 | 11 | 10k+ | | | Unsafe printing function |
| #5234 | Tiny gtag.js Analytics | 51 | 39 | 0 | 400 | | | Output is not escaped |
| #5235 | Toolbar Publish Button | 51 | 37 | 4 | 5k+ | | | Unsafe printing function |
| #5236 | Tourfic Toolkit | 51 | 44 | 27 | 1k+ | | | Output is not escaped |
| #5237 | Trustpilot Reviews | 51 | 14 | 52 | 30k+ | | | Missing nonce verification |
| #5238 | Visual Sitemap | 51 | 23 | 6 | 400 | | | Output is not escaped |
| #5239 | VK Filter Search | 51 | 35 | 71 | 6k+ | | | Nonce verification recommended |
| #5240 | Payment Gateway Payoneer For WooCommerce | 51 | 9 | 35 | 1k+ | | | Input is not validated |
| #5241 | Swift SMTP (formerly Welcome Email Editor) | 51 | 12 | 62 | 7k+ | | | Missing nonce verification |
| #5242 | WP Counter Up – Animated Number Counter & Milestone Showcase | 51 | 18 | 239 | 1k+ | | | Non-prefixed global variable |
| #5243 | REST API Log | 51 | 44 | 95 | 5k+ | | | Non-prefixed hook name |
| #5244 | Insert Code by Angie Makes | 51 | 43 | 8 | 900 | | | Output is not escaped |
| #5245 | WPFrom Email | 51 | 44 | 12 | 600 | | | Output is not escaped |
| #5246 | YayMail – WooCommerce Email Customizer | 51 | 163 | 788 | 50k+ | | | Non-prefixed global variable |
| #5247 | Affiliate Area Shortcodes by AffiliateWP | 52 | 56 | 16 | 2k+ | | | Text Domain Mismatch |
| #5248 | Age Gate Lite | 52 | 28 | 3 | 2k+ | | | Output is not escaped |
| #5249 | Bloglovin Button | 52 | 33 | 1 | 800 | | | Output is not escaped |
| #5250 | Check Pincode For WooCommerce | 52 | | 55 | 400 | | | Direct Query |