Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Web Server Cache Poisoning (CMS Made Simple) v1.x CVE-2016-2784 CWE-20 CWE-20 Low Web Server Cache Poisoning (CMS Made Simple) v2.x CVE-2016-2784 CWE-20 CWE-20 High Web server default welcome page CWE-200 CWE-200 Informational Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577) CVE-2023-25577 CWE-770 CWE-770 High Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767) CVE-2024-49767 CWE-770 CWE-770 High Werkzeug WSGI Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34069) CVE-2024-34069 CWE-352 CWE-352 High Werkzeug WSGI CVE-2023-23934 Vulnerability (CVE-2023-23934) CVE-2023-23934 Low Werkzeug WSGI Improper Handling of Windows Device Names Vulnerability (CVE-2025-66221) CVE-2025-66221 CWE-67 CWE-67 Medium Werkzeug WSGI Improper Handling of Windows Device Names Vulnerability (CVE-2026-21860) CVE-2026-21860 CWE-67 CWE-67 Medium Werkzeug WSGI Improper Handling of Windows Device Names Vulnerability (CVE-2026-27199) CVE-2026-27199 CWE-67 CWE-67 Medium Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-14322) CVE-2019-14322 CWE-22 CWE-22 High Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-49766) CVE-2024-49766 CWE-22 CWE-22 Medium Werkzeug WSGI Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10516) CVE-2016-10516 CWE-707 CWE-707 Medium Werkzeug WSGI Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-29361) CVE-2022-29361 Critical Werkzeug WSGI Insufficient Entropy Vulnerability (CVE-2019-14806) CVE-2019-14806 CWE-331 CWE-331 High Werkzeug WSGI Out-of-bounds Write Vulnerability (CVE-2023-46136) CVE-2023-46136 CWE-787 CWE-787 High Werkzeug WSGI URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-28724) CVE-2020-28724 CWE-601 CWE-601 Medium Whoops error handler component detected CWE-200 CWE-200 Low Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive CWE-942 CWE-942 Informational Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive CWE-942 CWE-942 Informational Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive CWE-942 CWE-942 Informational WildFly Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0793) CVE-2016-0793 CWE-200 CWE-200 High WildFly Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047) CVE-2018-1047 CWE-22 CWE-22 Medium WildFly Application Server Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2016-4993) CVE-2016-4993 CWE-113 CWE-113 Medium WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589) CVE-2016-9589 CWE-400 CWE-400 High Wing FTP Anonymous access CWE-200 CWE-200 Low Wing FTP Server RCE (CVE-2025-47812) CVE-2025-47812 CWE-158 CWE-158 Critical WooCommerce Payments Authentication Bypass and Privilege Escalation CVE-2023-28121 CWE-287 CWE-287 High WooFramework shortcode exploit CWE-95 CWE-95 High WordPress 'admin-ajax.php' SQL Injection Vulnerability (2.1.3) CVE-2007-2821 CWE-89 CWE-89 High WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71) CWE-89 CWE-89 High WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1) CVE-2005-1810 CWE-89 CWE-89 High WordPress 'comment_post_ID' Parameter SQL Injection Vulnerability (3.0.4) CWE-89 CWE-89 High WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5) CWE-79 CWE-79 High WordPress 'get_edit_post_link()' and 'get_edit_comment_link()' Multiple Eavesdropping Vulnerabilities (0.6.2 - 2.6) CVE-2008-3747 CWE-264 CWE-264 High WordPress 'index.php' Cross-Site Scripting Vulnerability (1.5) CWE-79 CWE-79 High WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5) CVE-2006-3389 CWE-89 CWE-89 High WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5) CWE-79 CWE-79 High WordPress 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.5.1) CVE-2008-3233 CWE-79 CWE-79 High WordPress 'press-this.php' Remote Security Bypass Vulnerability (0.7 - 3.1.1) CVE-2011-5270 CWE-264 CWE-264 High WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1) CVE-2012-3414 CWE-79 CWE-79 High WordPress 'templates.php' Cross-Site Scripting Vulnerability (0.6.2 - 2.1) CVE-2007-1049 CWE-79 CWE-79 High WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability (0.6.2 - 2.8) CVE-2009-2334 CWE-287 CWE-287 High WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2) CVE-2008-5695 CWE-20 CWE-20 High WordPress 'wp-db.php' Character Set SQL Injection Vulnerability (2.0 - 2.3.1) CVE-2007-6318 CWE-89 CWE-89 High WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2) CVE-2004-1584 CWE-113 CWE-113 High WordPress 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1) CVE-2007-5105 CVE-2007-5106 CWE-79 CWE-79 High WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5) CVE-2005-1687 CWE-89 CWE-89 High WordPress 'xmlrpc.php' Remote Security Bypass Vulnerability (3.0.1 - 3.0.2) CVE-2010-5106 CWE-264 CWE-264 High WordPress 0.7 Posts SQL Injection Vulnerability (0.7) CVE-2003-1598 CWE-89 CWE-89 High WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2) CVE-2005-2107 CVE-2005-2108 CVE-2005-2109 CVE-2005-2110 CWE-79 CWE-89 CWE-200 CWE-702 CWE-79 CWE-89 CWE-200 CWE-702 High WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1) CWE-400 CWE-400 High WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2) CVE-2006-2667 CVE-2006-2702 CWE-94 CWE-94 High WordPress 2.0.3 Multiple Unspecified Security Vulnerabilities (2.0 - 2.0.3) CVE-2006-4028 CWE-264 CWE-264 High WordPress 2.0.4 Multiple Security Vulnerabilities (2.0.4) CVE-2006-5705 CVE-2006-6016 CVE-2006-6017 CWE-22 CWE-264 CWE-400 CWE-22 CWE-264 CWE-400 High WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5) CVE-2007-0107 CWE-89 CWE-89 High WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5) CVE-2006-6808 CWE-79 CWE-79 High WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5) CVE-2007-0106 CWE-79 CWE-79 High WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6) CVE-2007-0233 CWE-89 CWE-89 High WordPress 2.0.9 Multiple Vulnerabilities (2.0 - 2.0.9) CVE-2007-1622 CVE-2007-1893 CVE-2007-1894 CVE-2007-1897 CWE-79 CWE-89 CWE-264 CWE-79 CWE-89 CWE-264 High WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1) CVE-2007-1277 CWE-94 CWE-94 High WordPress 2.1.1 Cross-Site Scripting Vulnerability (2.1.1) CVE-2007-1244 CWE-79 CWE-79 High WordPress 2.1.2 Multiple Vulnerabilities (2.1 - 2.1.2) CVE-2007-1622 CVE-2007-1893 CVE-2007-1894 CVE-2007-1897 CWE-79 CWE-89 CWE-264 CWE-79 CWE-89 CWE-264 High WordPress 2.2 Cross-Site Scripting Vulnerability (2.2) CVE-2007-3238 CWE-79 CWE-79 High WordPress 2.2 Multiple Vulnerabilities (2.2) CVE-2007-3140 CVE-2007-3238 CVE-2007-3543 CWE-79 CWE-89 CWE-434 CWE-79 CWE-89 CWE-434 High WordPress 2.2.1 Multiple Vulnerabilities (2.2.1) CVE-2007-3639 CVE-2007-4139 CVE-2007-4153 CVE-2007-4154 CWE-79 CWE-89 CWE-601 CWE-79 CWE-89 CWE-601 High WordPress 2.2.2 Multiple Vulnerabilities (2.2 - 2.2.2) CVE-2007-4893 CVE-2007-4894 CVE-2008-2146 CWE-79 CWE-89 CWE-264 CWE-79 CWE-89 CWE-264 High WordPress 2.3 Cross-Site Scripting Vulnerability (2.3) CVE-2007-5710 CWE-79 CWE-79 High WordPress 2.3.1 Unauthorized Post Access Vulnerability (2.3.1) CWE-264 CWE-264 High WordPress 2.3.2 Post Edit Unauthorized Access Vulnerability (0.7 - 2.3.2) CVE-2008-0664 CWE-264 CWE-264 High WordPress 2.3.3 Directory Traversal Vulnerability (0.6.2 - 2.3.3) CVE-2008-4769 CWE-22 CWE-22 High WordPress 2.5 Cookie Integrity Protection Unauthorized Access Vulnerability (0.6.2 - 2.5) CVE-2008-1930 CWE-287 CWE-287 High WordPress 2.5 Cross-Site Scripting Vulnerability (2.5) CVE-2008-2068 CWE-79 CWE-79 High WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability (0.71 - 2.6.1) CVE-2008-4106 CVE-2008-4107 CWE-20 CWE-20 High WordPress 2.6.2 Remote Code Execution Vulnerability (0.70 - 2.6.2) CVE-2008-4796 CWE-94 CWE-94 High 1...203204205206...327 204 / 327
