| Vulnerability Name | Classifications | Severity |
|---|---|---|
| WordPress Plugin Updraft Plus Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Plugin WooCommerce Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Plugin Wordfence Security Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Plugin WordPress Importer Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Plugin Yoast Duplicate Post Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Plugin Yoast SEO Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Alishop Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Astra Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Avesa Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Bosmarket Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Floris Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Furniki Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Gaion Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme GeneratePress Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Go Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme GrShop Grocery Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Hello Elementor Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme HiStore Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Homevillas Real Estate Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Houskit Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Imarket Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Inspiro Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme JobCareer Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Kadence Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme KONStore Shop Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Levogue Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme NeoMarket Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Nicemerry Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Nusai Fashion Store Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme OceanWP Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme PopularFX Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Rozy Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Secretsho Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Sedona Shop Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Shop4u Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme ShopyMall Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Siezz Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Soaz Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Storemate Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Twenty Nineteen Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Twenty Seventeen Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Twenty Sixteen Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Twenty Twenty Three Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Twenty Twenty Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Twenty Twenty-One Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme Twenty Twenty-Two Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WordPress Theme YITH Wonder Version Disclosure | CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 | Low |
| WP Engine Configuration File Detected | CWE-285, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Low |
| Content Security Policy (CSP) Not Implemented | CWE-16, ISO27001-A.14.2.5, WASC-15 | Best Practice |
| Expect-CT Not Enabled | CWE-16, ISO27001-A.14.1.2, WASC-15 | Best Practice |
| Insecure Transportation Security Protocol Supported (TLS 1.1) | PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 | Best Practice |
| Missing X-XSS-Protection Header | CWE-16, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-15 | Best Practice |
| Referrer-Policy Not Implemented | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 | Best Practice |
| SameSite Cookie Not Implemented | CWE-16, ISO27001-A.14.2.5, WASC-15 | Best Practice |
| SameSite None Cookie Not Marked as Secure | CWE-16, ISO27001-A.14.2.5, WASC-15 | Best Practice |
| Subresource Integrity (SRI) Not Implemented | CWE-16, ISO27001-A.14.2.5, WASC-15 | Best Practice |
| .htaccess File Detected | CWE-285, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| aah Go Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| AbanteCart Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| actionhero.js Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Adminer Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Administration Page Detected | PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| AEM Detected | CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Ampache Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| An Unsafe Content Security Policy (CSP) Directive in Use | CWE-16, ISO27001-A.14.2.5, WASC-15 | Information |
| Angular Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Angularjs Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Apache Coyote Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apache Module Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apache Shiro Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Apache Traffic Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apache Web Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apple’s App-Site Association (AASA) Detected | ISO27001-A.18.1.3 | Information |
| Artifactory DevOps Solution Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| ASP.NET Debugging Enabled | CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 | Information |