| #1 | BulletProof Security | 0 | 5,048 | 4,949 | 20k+ | | Output Not Escaped |
| #2 | Intercom | 0 | 60 | 71 | 6k+ | | Non Prefixed Function Found |
| #3 | Plugin Check (PCP) | 0 | 128 | 132 | 10k+ | | Exception Not Escaped |
| #4 | Themify Builder | 9 | 5,195 | 2,096 | 5k+ | | Text Domain Mismatch |
| #5 | JetBackup – Backup, Restore & Migrate | 10 | 1,559 | 145 | 100k+ | | Exception Not Escaped |
| #6 | Easy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more | 15 | 32 | 163 | 500k+ | | Direct Query |
| #7 | Visual Composer Website Builder | 16 | 82 | 320 | 40k+ | | Non Prefixed Variable Found |
| #8 | AnyComment | 17 | 445 | 449 | 5k+ | | Output Not Escaped |
| #9 | JetFormBuilder — Dynamic Blocks Form Builder | 17 | 2,094 | 1,588 | 90k+ | | Text Domain Mismatch |
| #10 | wpForo Forum | 17 | 4,033 | 2,922 | 20k+ | | Unsafe Printing Function |
| #11 | WPtouch – Make your WordPress Website Mobile-Friendly | 17 | 1,466 | 325 | 50k+ | | Text Domain Mismatch |
| #12 | Prime Slider Addons for Elementor | 18 | 3,500 | 230 | 100k+ | | Text Domain Mismatch |
| #13 | Podlove Podcast Publisher | 18 | 2,326 | 1,429 | 3k+ | | Output Not Escaped |
| #14 | Property Hive | 18 | 1,957 | 6,027 | 3k+ | | Missing |
| #15 | Shopping Cart & eCommerce Store | 18 | 5,459 | 17,298 | 4k+ | | Non Prefixed Variable Found |
| #16 | WP Import Export Lite | 18 | 738 | 979 | 40k+ | | Non Prefixed Variable Found |
| #17 | WP Directory Kit | 18 | 2,119 | 2,617 | 2k+ | | Non Prefixed Variable Found |
| #18 | Element Pack – Widgets, Templates & Addons for Elementor | 19 | 9,448 | 517 | 100k+ | | Text Domain Mismatch |
| #19 | Block Slider – Responsive Image Slider, Video Slider & Post Slider | 19 | 555 | 1,291 | 3k+ | | Non Prefixed Variable Found |
| #20 | Download Monitor | 19 | 425 | 1,364 | 80k+ | | Non Prefixed Hookname Found |
| #21 | Event Organiser | 19 | 1,106 | 544 | 20k+ | | Text Domain Mismatch |
| #22 | Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution | 19 | 1,218 | 901 | 100k+ | | Exception Not Escaped |
| #23 | Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) | 19 | 3,275 | 3,228 | 10k+ | | Output Not Escaped |
| #24 | Matomo Analytics – Powerful, Privacy-First Insights for WordPress | 19 | 1,909 | 878 | 100k+ | | Exception Not Escaped |
| #25 | Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization | 19 | 1,295 | 2,679 | 9k+ | | Output Not Escaped |
| #26 | Really Simple Security – Simple and Performant Security (formerly Really Simple SSL) | 19 | 541 | 385 | 3m+ | | Missing Translators Comment |
| #27 | Membership Plugin – Kadence Memberships | 19 | 5,082 | 2,982 | 9k+ | | Text Domain Mismatch |
| #28 | Scrollsequence – Cinematic Scroll Image Animation Plugin | 19 | 878 | 1,528 | 4k+ | | Non Prefixed Variable Found |
| #29 | SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments | 19 | 526 | 1,119 | 90k+ | | Non Prefixed Variable Found |
| #30 | WP Email Template | 19 | 342 | 350 | 2k+ | | Exception Not Escaped |
| #31 | BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot | 20 | 508 | 1,406 | 30k+ | | Non Prefixed Variable Found |
| #32 | Brizy – Page Builder | 20 | 589 | 720 | 70k+ | | Output Not Escaped |
| #33 | Filter Everything — WordPress & WooCommerce Filters | 20 | 568 | 730 | 50k+ | | Output Not Escaped |
| #34 | GiveWP – Donation Plugin and Fundraising Platform | 20 | 3,435 | 3,580 | 100k+ | | Output Not Escaped |
| #35 | Link Library | 20 | 1,941 | 1,397 | 10k+ | | Unsafe Printing Function |
| #36 | Brevo – Email, SMS, Web Push, Chat, and more. | 20 | 460 | 646 | 100k+ | | Missing Unslash |
| #37 | Microthemer Lite – Visual Editor to Customize CSS | 20 | 1,004 | 1,699 | 10k+ | | Non Prefixed Variable Found |
| #38 | Nimble Page Builder | 20 | 1,591 | 1,684 | 30k+ | | Missing Arg Domain |
| #39 | Pix por Piggly (para Woocommerce) | 20 | 547 | 195 | 4k+ | | Exception Not Escaped |
| #40 | Powered Cache – Caching and Optimization for WordPress – Easily Improve PageSpeed & Web Vitals Score | 20 | 147 | 231 | 3k+ | | Exception Not Escaped |
| #41 | Quill Forms | Conversational Multi Step Forms, Surveys & quizzes | 20 | 401 | 368 | 3k+ | | Text Domain Mismatch |
| #42 | Remove Add to Cart WooCommerce | 20 | 616 | 1,378 | 4k+ | | Non Prefixed Variable Found |
| #43 | Robin Image Optimizer – Unlimited Image Optimization, WebP & AVIF | 20 | 557 | 541 | 100k+ | | Output Not Escaped |
| #44 | SpeakOut! Email Petitions | 20 | 850 | 994 | 3k+ | | Missing |
| #45 | Razorpay for WooCommerce | 20 | 974 | 855 | 100k+ | | Non Prefixed Function Found |
| #46 | WPJAM Basic | 20 | 328 | 356 | 4k+ | | Output Not Escaped |
| #47 | Store Locator WordPress | 21 | 2,372 | 1,572 | 10k+ | | Text Domain Mismatch |
| #48 | Backup Migration | 21 | 981 | 1,093 | 80k+ | | Non Prefixed Variable Found |
| #49 | bbPress | 21 | 929 | 3,672 | 100k+ | | Non Prefixed Function Found |
| #50 | Pinpoint Booking System – Version 2 | 21 | 634 | 328 | 3k+ | | missing direct file access protection |
