Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Owasp Api Bfla Owasp Api Bola Owasp Api Broken Auth Owasp Api Broken Object Prop Auth Owasp Api Dos Owasp Api Improper Inventory Management Owasp Api Misconfiguration Owasp Api Ssrf Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress Plugin Embed PDF Cross-Site Scripting (1.0.6) CVE-2022-4788 CWE-79 CWE-79 High WordPress Plugin EmbedSocial-Social Media Feeds, Reviews and Galleries Cross-Site Scripting (1.1.27) CVE-2023-0371 CWE-79 CWE-79 High WordPress Plugin EmbedStories-Display social media stories Cross-Site Scripting (0.7.4) CVE-2023-0372 CWE-79 CWE-79 High WordPress Plugin Embed Swagger Cross-Site Scripting (1.0.0) CVE-2022-0381 CWE-79 CWE-79 High WordPress Plugin Embed Youtube Video SQL Injection (1.0) CVE-2021-24395 CWE-89 CWE-89 High WordPress Plugin EMC2 Custom Help Videos Cross-Site Scripting (1.2) CWE-79 CWE-79 High WordPress Plugin EME Sync Facebook Events Unspecified Vulnerability (1.0.38) High WordPress Plugin Enable Media Replace Arbitrary File Upload (4.0.1) CVE-2023-0255 CWE-434 CWE-434 High WordPress Plugin Enable Media Replace Directory Traversal (3.6.3) CVE-2022-2554 CWE-22 CWE-22 High WordPress Plugin Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3) CWE-89 CWE-434 CWE-89 CWE-434 High WordPress Plugin Enable Media Replace Unspecified Vulnerability (2.9.5) High WordPress Plugin Encrypted Blog Multiple Vulnerabilities (0.0.6.2) CWE-79 CWE-601 CWE-79 CWE-601 High WordPress Plugin Encrypted Contact Form Multiple Vulnerabilities (1.0.4) CVE-2015-4010 CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin Enhanced Plugin Admin Cross-Site Scripting (1.15) CWE-79 CWE-79 High WordPress Plugin ENL Newsletter SQL Injection (1.0.1) CVE-2014-4939 CWE-89 CWE-89 High WordPress Plugin Enmask Captcha Malicious Redirects (1.3) CWE-601 CWE-601 High WordPress Plugin Entries For WPForms SQL Injection (1.4.0) CWE-89 CWE-89 High WordPress Plugin EnvialoSimple:Email Marketing y Newsletters Multiple Cross-Site Scripting Vulnerabilities (1.97) CVE-2014-4527 CWE-79 CWE-79 High WordPress Plugin Erident Custom Login and Dashboard Cross-Site Request Forgery (3.4.1) CWE-352 CWE-352 High WordPress Plugin Erident Custom Login and Dashboard Cross-Site Scripting (3.5.8) CVE-2021-24658 CWE-79 CWE-79 High WordPress Plugin Error Log Monitor Security Bypass (1.6.4) CWE-264 CWE-264 High WordPress Plugin Error Log Viewer by BestWebSoft Cross-Site Scripting (1.0.5) CVE-2017-2171 CVE-2017-2171 CVE-2017-18562 CWE-79 CWE-79 High WordPress Plugin eShop Code Injection (6.3.11) CVE-2015-3421 CWE-94 CWE-94 High WordPress Plugin Eshop Magic Arbitrary File Disclosure (0.1) CWE-22 CWE-22 High WordPress Plugin eShop Multiple Cross-Site Scripting Vulnerabilities (6.2.8) CWE-79 CWE-79 High WordPress Plugin eShop Multiple Vulnerabilities (6.3.13) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin eShop Multiple Vulnerabilities (6.3.14) CVE-2016-0765 CVE-2016-0769 CWE-79 CWE-89 CWE-79 CWE-89 High WordPress Plugin Esponce QR Code Generator Cross-Site Scripting (1.4) CWE-79 CWE-79 High WordPress Plugin Essential Addons for Elementor Cross-Site Scripting (5.0.8) CVE-2022-0683 CWE-79 CWE-79 High WordPress Plugin Essential Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (4.5.3) CVE-2021-24255 CWE-79 CWE-79 High WordPress Plugin Essential Addons for Elementor Security Bypass (5.7.1) CVE-2023-32243 CWE-20 CWE-20 High WordPress Plugin Essential Addons for Elementor Server-Side Request Forgery (2.9.8) CWE-918 CWE-918 High WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (3.8.5) CVE-2022-47594 CWE-352 CWE-352 High WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (4.0.6) CVE-2023-2087 CWE-352 CWE-352 High WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Multiple PHP Object Injection Vulnerabilities (4.2.0) CVE-2023-4386 CVE-2023-4402 CWE-915 CWE-915 High WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Multiple Security Bypass Vulnerabilities (4.0.6) CVE-2023-2083 CVE-2023-2084 CVE-2023-2085 CVE-2023-2086 CWE-862 CWE-862 High WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities (1.1.0) CVE-2023-4386 CVE-2023-4402 CWE-915 CWE-915 High WordPress Plugin Essential Content Types Security Bypass (1.4) CWE-264 CWE-264 High WordPress Plugin Essential Content Types Security Bypass (1.8.6) CVE-2021-24752 CWE-284 CWE-284 High WordPress Plugin Essential Grid Portfolio-Photo Gallery Security Bypass (1.1.2) CWE-264 CWE-264 High WordPress Plugin Essential Real Estate Cross-Site Scripting (1.7.0) CWE-79 CWE-79 High WordPress Plugin Essential Real Estate Cross-Site Scripting (1.7.1) CWE-79 CWE-79 High WordPress Plugin Essential Widgets Security Bypass (1.8) CVE-2021-24752 CWE-284 CWE-284 High WordPress Plugin Estatik Real Estate Arbitrary File Upload (2.2.5) CWE-434 CWE-434 High WordPress Plugin Estatik Real Estate Arbitrary File Upload (2.3.0) CWE-434 CWE-434 High WordPress Plugin Estatik Real Estate Cross-Site Request Forgery (3.8.3) CWE-352 CWE-352 High WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.0.6) CVE-2019-16522 CWE-79 CWE-79 High WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.1.6) CVE-2022-3811 CWE-79 CWE-79 High WordPress Plugin Eu Cookie Notice Cross-Site Request Forgery (1.0.6) CWE-352 CWE-352 High WordPress Plugin Evarisk 'ajax.php' SQL Injection (5.1.3.6) CWE-89 CWE-89 High WordPress Plugin Evarisk 'uploadPhotoApres.php' Arbitrary File Upload (5.1.5.4) CWE-434 CWE-434 High WordPress Plugin Event Banner Arbitrary File Upload (1.3) CVE-2021-24252 CWE-434 CWE-434 High WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.0.93) CVE-2017-2224 CWE-79 CWE-79 High WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.23) CWE-79 CWE-79 High WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.42) CWE-79 CWE-79 High WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.44) CWE-79 CWE-79 High WordPress Plugin Event Calendar WD-Responsive Event Calendar Multiple Cross-Site Scripting Vulnerabilities (1.1.21) CVE-2018-16164 CWE-79 CWE-79 High WordPress Plugin EventCommerce WP Event Calendar Cross-Site Scripting (1.0) CWE-79 CWE-79 High WordPress Plugin Event Espresso 4 Decaf-Event Registration Event Ticketing Cross-Site Request Forgery (4.9.82) CWE-352 CWE-352 High WordPress Plugin Event Espresso 4 Decaf-Event Registration Event Ticketing Cross-Site Request Forgery (4.10.11.decaf) CWE-352 CWE-352 High WordPress Plugin Event Espresso Lite-Event Management and Registration System SQL Injection (3.1.37.11) CVE-2017-1002026 CWE-89 CWE-89 High WordPress Plugin Event Espresso Lite-Event Management and Registration System SQL Injection (3.1.37.12) CVE-2017-14760 CWE-89 CWE-89 High WordPress Plugin Eventify-Simple Events 'fetcheventdetails.php' SQL Injection (1.7.f) CWE-89 CWE-89 High WordPress Plugin Eventify-Simple Events 'npath' Parameter Remote File Include (1.7.g) CWE-94 CWE-94 High WordPress Plugin Event List Cross-Site Scripting (0.7.9) CVE-2017-12068 CWE-79 CWE-79 High WordPress Plugin Event List PHP Object Injection (0.7.10) CWE-915 CWE-915 High WordPress Plugin Event List SQL Injection (0.7.8) CVE-2017-9429 CWE-89 CWE-89 High WordPress Plugin Event Management Tickets Booking By Event Monster Cross-Site Scripting (1.0.7) CWE-79 CWE-79 High WordPress Plugin Event Notifier Cross-Site Scripting (1.2.0) CWE-79 CWE-79 High WordPress Plugin EventON Cross-Site Scripting (3.0.5) CVE-2020-29395 CWE-79 CWE-79 High WordPress Plugin eventON Multiple Cross-Site Scripting Vulnerabilities (2.6.11) CWE-79 CWE-79 High WordPress Plugin Event Organiser Cross-Site Scripting (2.12.4) CWE-79 CWE-79 High WordPress Plugin Event post Local File Inclusion (5.9.5) CVE-2024-38735 CWE-22 CWE-22 High WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.32) CVE-2010-4839 CWE-89 CWE-89 High WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.44) CVE-2010-4839 CWE-89 CWE-89 High 1...224225226227...307 225 / 307
