Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity (Possible) Cross site scripting CWE-79 CWE-79 Informational .htaccess File Detected CWE-443 CWE-443 Informational .htaccess Redirect Cross-Site Scripting (0.3.1) CVE-2021-38361 CWE-79 CWE-79 High .NET HTTP Remoting publicly exposed CWE-502 CWE-502 High .NET JSON.NET Deserialization RCE CWE-502 CWE-502 High 0mk Shortener Cross-Site Request Forgery (0.2) CVE-2022-2933 CWE-352 CWE-352 High 1 Flash Gallery 'upload.php' Arbitrary File Upload (1.5.7) CWE-434 CWE-434 High 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities (0.2.5) CWE-79 CWE-89 CWE-79 CWE-89 High 1-click Retweet/Share/Like Cross-Site Scripting (5.2) CWE-79 CWE-79 High 1player Cross-Site Scripting (1.3) CWE-79 CWE-79 High 2 Click Social Media Buttons 'xing-url' Parameter Cross-Site Scripting (0.32.2) CVE-2012-4273 CWE-79 CWE-79 High 2kb Amazon Affiliates Store Cross-Site Scripting (2.1.0) CVE-2017-14622 CWE-79 CWE-79 High 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (4.41) CWE-79 CWE-79 High 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (5.2.7) CVE-2021-34656 CWE-79 CWE-79 High 3dady real-time web stats Cross-Site Request Forgery (1.0) CWE-352 CWE-352 High 3D Banner Rotator 'upload.php' Arbitrary File Upload (2.1) CWE-434 CWE-434 High 3D Cover Carousel Cross-Site Scripting (1.0) CVE-2021-38318 CWE-79 CWE-79 High 3D Flick Slideshow 'upload.php' Arbitrary File Upload (2.1) CWE-434 CWE-434 High 3DPrint Cross-Site Request Forgery (3.5.4.7) CVE-2022-3899 CWE-352 CWE-352 High 3DPrint Lite Arbitrary File Upload (1.9.1.4) CWE-434 CWE-434 High 3DPrint Lite Cross-Site Scripting (1.9.1.5) CWE-79 CWE-79 High 3D Product configurator for WooCommerce Arbitrary File Upload (1.5.531) CWE-434 CWE-434 High 3D Slider Slice Box Multiple Cross-Site Scripting Vulnerabilities (1.0) CWE-79 CWE-79 High 3D Tag Cloud Cross-Site Request Forgery (3.8) CVE-2022-36417 CWE-352 CWE-352 High 3xSocializer Cross-Site Scripting (0.98.22) CWE-79 CWE-79 High 4k Icons for Visual Composer-Free Cross-Site Scripting (1.0) CVE-2021-24435 CWE-79 CWE-79 High 5gig Concerts Unspecified Vulnerability (1.0) High 10WebAnalytics Cross-Site Request Forgery (1.2.8) CWE-352 CWE-352 High 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.69) CWE-79 CWE-79 High 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.71) CVE-2022-4758 CWE-79 CWE-79 High 10Web Map Builder for Google Maps Security Bypass (1.0.63) CWE-264 CWE-264 High 10Web Map Builder for Google Maps SQL Injection (1.0.72) CWE-89 CWE-89 High 10Web Social Feed for Instagram Multiple Cross-Site Scripting Vulnerabilities (1.3.0) CVE-2018-10300 CVE-2018-10301 CWE-79 CWE-79 High 10Web Social Feed for Instagram Security Bypass (1.3.18) CWE-264 CWE-264 High 10Web Social Post Feed Unspecified Vulnerability (1.1.26) High 123ContactForm for WordPress Multiple Vulnerabilities (1.5.6) CWE-264 CWE-434 CWE-264 CWE-434 High 123devis-affiliation Cross-Site Scripting (1.0.4) CWE-79 CWE-79 High 301 Redirects-Easy Redirect Manager Cross-Site Request Forgery (2.72) CWE-352 CWE-352 High 301 Redirects-Easy Redirect Manager Security Bypass (2.40) CVE-2019-19915 CWE-264 CWE-264 High 301 Redirects-Easy Redirect Manager SQL Injection (2.50) CVE-2021-24142 CWE-89 CWE-89 High 360 Product Rotation Arbitrary File Upload (1.2.4) CWE-434 CWE-434 High 360 Product Rotation Cross-Site Scripting (1.4.7) CVE-2019-15082 CWE-79 CWE-79 High 360 Product Viewer Cross-Site Scripting (2.5.1) CWE-79 CWE-79 High 404 SEO Redirection Cross-Site Scripting (1.3) CVE-2021-24325 CWE-79 CWE-79 High 404 SEO Redirection SQL Injection (1.0) CWE-89 CWE-89 High 404 to 301-Redirect, Log and Notify 404 Errors Cloaking (2.2.9) High 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Request Forgery (3.0.8) CVE-2021-24766 CWE-352 CWE-352 High 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.0) CWE-79 CWE-79 High 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.1) CWE-79 CWE-79 High 404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.1) CWE-264 CWE-264 High 404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.7) CWE-264 CWE-264 High 404 to 301-Redirect, Log and Notify 404 Errors SQL Injection (2.0.2) CWE-89 CWE-89 High 404page-your smart custom 404 error page Cross-Site Request Forgery (10.3) CWE-352 CWE-352 High A. Gallery TimThumb Arbitrary File Upload (0.9rev378511) CVE-2011-4106 CWE-20 CWE-20 High A.M.Y. Cross-Site Scripting (1.3.3) CWE-79 CWE-79 High A/B Test 'action' Parameter Directory Traversal (1.0.6) CWE-22 CWE-22 High A2 Optimized WP Information Disclosure (2.0.10.8) CWE-200 CWE-200 High Abandoned Cart Lite for WooCommerce Cross-Site Request Forgery (5.8.5) CWE-352 CWE-352 High Abandoned Cart Lite for WooCommerce Cross-Site Scripting (5.1.3) CWE-79 CWE-79 High Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2) CVE-2023-2986 CWE-326 CWE-326 High Abandoned Cart Lite for WooCommerce SQL Injection (1.8) CWE-89 CWE-89 High Abandoned Cart Lite for WooCommerce SQL Injection (5.8.1) CWE-89 CWE-89 High Abandoned Cart Pro for WooCommerce Cross-Site Scripting (7.11.1) CWE-79 CWE-79 High Abandoned Cart Recovery for WooCommerce Cross-Site Request Forgery (1.0.4) CWE-352 CWE-352 High AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141) CVE-2018-20141 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050) CVE-2021-42050 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42051) CVE-2021-42051 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10755) CVE-2016-10755 CWE-138 CWE-138 High AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521) CVE-2022-26521 CWE-434 CWE-434 High ABASE Multiple Vulnerabilities (2.6) CWE-79 CWE-352 CWE-79 CWE-352 High ABC Test 'id' Parameter Cross-Site Scripting (0.1) CWE-79 CWE-79 High AB Google Map Travel (AB-MAP) Multiple Vulnerabilities (3.4) CVE-2015-2755 CWE-79 CWE-352 CWE-79 CWE-352 High About Author Box Cross-Site Scripting (1.0.1) CVE-2021-24745 CWE-79 CWE-79 High About Author Cross-Site Scripting (1.3.9) CWE-79 CWE-79 High About Me Page Cross-Site Scripting (4.0) CWE-79 CWE-79 High 12345...275 1 / 275