Acunetix Web Vulnerabilities Index

Vulnerability Name CVE CWE Severity
WordPress Plugin Zendesk Chat Unspecified Vulnerability (1.3.9) High
WordPress Plugin Zendesk Help Center by BestWebSoft Cross-Site Scripting (1.0.4) CVE-2017-2171 CWE-79 High
WordPress Plugin Zero Spam SQL Injection (2.1.2) CWE-89 High
WordPress Plugin Zibbra Cross-Site Scripting (1.7.0) CWE-79 High
WordPress Plugin Zingiri Web Shop 'abspath' Parameter Remote File Include (2.4.6) CWE-94 High
WordPress Plugin Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3) CWE-95 High
WordPress Plugin Zingiri Web Shop 'uploadfilexd.php' Arbitrary File Upload (2.4.3) CWE-434 High
WordPress Plugin Zingiri Web Shop 'wpabspath' Parameter Remote File Include (2.2.0) CWE-94 High
WordPress Plugin Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7) CWE-89 High
WordPress Plugin Zingiri Web Shop Cross-Site Scripting (2.4.2) CWE-79 High
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (2.3.5) CWE-79 CWE-89 High
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting Vulnerabilities (2.4.1) CVE-2012-6506 CWE-79 High
WordPress Plugin Zingiri Web Shop Unspecified Vulnerability (2.6.5) High
WordPress Plugin Zip Attachments Arbitrary File Download (1.4) CVE-2015-4694 CWE-538 High
WordPress Plugin zM Ajax Login & Register Multiple Vulnerabilities (1.0.9) CVE-2015-4153 CVE-2015-4465 CWE-22 CWE-79 High
WordPress Plugin ZM Gallery SQL Injection (1.0) CWE-89 High
WordPress Plugin ZooEffect for Video player Photo Gallery Slideshow jQuery and audio/music/podcast-HTML Cross-Site Scripting (1.01) CVE-2011-5180 CWE-79 High
WordPress Plugin ZoomSounds-WordPress Audio Player Arbitrary File Upload (2.0) CWE-434 High
WordPress Plugin Zotpress 'citation' Parameter Cross-Site Scripting (2.6.1) CWE-79 High
WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4) CWE-89 High
WordPress Plugin Zotpress SQL Injection (6.1.2) CVE-2016-1000217 CWE-89 High
WordPress Plugin ZTR Zeumic Work Timer Multiple Unspecified Vulnerabilities (1.0.6) High
WordPress Plugin ZWM Zeumic Work Management Multiple Unspecified Vulnerabilities (1.0.11) High
WordPress Plugin ZX_CSV Upload Multiple Vulnerabilities (1) CWE-89 CWE-352 High
WordPress Possible Security Bypass Vulnerability (0.70 - 4.7.4) CVE-2017-8295 CWE-264 High
WordPress Possible SQL Injection Vulnerability (0.70 - 3.6.1) CVE-2017-16510 CWE-89 High
WordPress readme.html file CWE-16 Informational
WordPress REST API User Enumeration CWE-200 Low
WordPress Same Origin Method Execution (SOME) Vulnerability (0.70 - 3.7.13) CVE-2016-4566 CWE-79 High
WordPress User-Agent SQL Injection Vulnerability (1.5.2 - 1.5.2) CVE-2006-1012 CWE-89 High
WordPress username enumeration CWE-200 Medium
WordPress user registration enabled CWE-16 Informational
WordPress W3 Total Cache plugin predictable cache filenames CVE-2012-6077 CVE-2012-6078 CVE-2012-6079 CWE-200 High
WordPress XML-RPC authentication brute force CWE-521 Medium
WPEngine _wpeprivate/config.json information disclosure CWE-200 High
WS_FTP log file found CWE-538 Medium
X-Forwarded-For HTTP header security bypass CWE-287 High
Xdebug remote code execution via xdebug.remote_connect_back CWE-16 High
XDMCP service running CWE-16 Low
XML external entity injection CWE-611 High
XML external entity injection and XML injection CWE-611 High
XML external entity injection via external file CWE-611 High
XML external entity injection via File Upload CWE-611 High
XML quadratic blowup denial of service attack CWE-400 High
XPath injection vulnerability CWE-643 High
XSLT injection CWE-91 High
XSS on Apache HTTP Server 413 error pages via malformed HTTP method CVE-2007-6203 CWE-79 Medium
Yii2 debug toolkit CWE-200 Medium
Yii2 Gii extension CWE-16 Medium
You are using an old version of Typo3 CWE-16 Medium
Your SSL certificate is about to expire CWE-298 Low
YUI uploader.swf cross site scripting CVE-2013-6780 CWE-79 High
Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack CWE-611 High
Zabbix 2.0.8 SQL injection CVE-2013-5743 CWE-89 High
Zend framework configuration file information disclosure CWE-538 High
Zend Framework local file disclosure via XXE injection CVE-2012-3363 CWE-611 High