Severity High Medium Low Informational Vulnerability Categories 200 Abuse Of Functionality Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF Code Execution Configuration Crlf Injection Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress Plugin WP Portfolio Gallery Cross-Site Scripting (1.0.0) CWE-79 CWE-79 High WordPress Plugin WP Post Page Clone SQL Injection (1.0) CWE-89 CWE-89 High WordPress Plugin WP Post Popup Directory Traversal (2.0) CWE-22 CWE-22 High WordPress Plugin WP Post Popup Directory Traversal (2.1.1) CWE-22 CWE-22 High WordPress Plugin WP Posts Carousel Cross-Site Scripting (1.3.6) CWE-79 CWE-79 High WordPress Plugin WP Post to PDF Cross-Site Scripting (2.3.1) CWE-79 CWE-79 High WordPress Plugin WP Post to PDF Enhanced Cross-Site Scripting (1.0.5) CWE-79 CWE-79 High WordPress Plugin WP Print Friendly Cross-Site Scripting (0.6) CWE-79 CWE-79 High WordPress Plugin WP Print Friendly Security Bypass (0.5.2) CWE-264 CWE-264 High WordPress Plugin WP Private Content Plus Security Bypass (1.31) CVE-2019-15816 CWE-264 CWE-264 High WordPress Plugin WP Private Messages SQL Injection (1.0.1) CWE-89 CWE-89 High WordPress Plugin WP PRO Advertising System-All In One Ad Manager SQL Injection (4.6.18) CWE-89 CWE-89 High WordPress Plugin WP Product Review Lite Cross-Site Scripting (3.7.5) CWE-79 CWE-79 High WordPress Plugin WP Product Review Lite Unspecified Vulnerability (3.7.6) High WordPress Plugin WP Project Manager-Project, Task Management & Team Collaboration Software Cross-Site Request Forgery (2.4.0) CWE-352 CWE-352 High WordPress Plugin WP Publication Archive 'file' Parameter Directory Traversal (2.3) CWE-22 CWE-22 High WordPress Plugin WpPygments Multiple Cross-Site Scripting Vulnerabilities (0.3.2) CVE-2013-1808 CWE-79 CWE-79 High WordPress Plugin WP Quick Booking Manager Cross-Site Scripting (1.1) CWE-79 CWE-79 High WordPress Plugin WP Real Estate Unspecified Vulnerability (2.0) High WordPress Plugin WP Realtime Sitemap Multiple Unspecified Vulnerabilities (1.5.5) High WordPress Plugin WP Responsive Tabs horizontal vertical and accordion Tabs Unspecified Vulnerability (1.1.1) High WordPress Plugin WP REST API (WP API) Cross-Site Request Forgery (1.1) CWE-352 CWE-352 High WordPress Plugin WP REST API (WP API) Cross-Site Scripting (1.2.2) CWE-79 CWE-79 High WordPress Plugin WP REST API (WP API) Information Disclosure (1.2) CWE-200 CWE-200 High WordPress Plugin WP REST API (WP API) Security Bypass (1.2.1) CWE-264 CWE-264 High WordPress Plugin WP Retina 2x Cross-Site Scripting (5.2.0) CVE-2018-0511 CWE-79 CWE-79 High WordPress Plugin WP Review Multiple Unspecified Vulnerabilities (2.0) High WordPress Plugin WP Review Unspecified Vulnerability (5.2.1) High WordPress Plugin WP Rocket Local File Inclusion (2.10.3) CVE-2017-11658 CWE-22 CWE-22 High WordPress Plugin WP Rollback Multiple Vulnerabilities (1.2.2) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin WP RSS Aggregator Multiple Unspecified Vulnerabilities (4.6.8) High WordPress Plugin WP RSS Aggregator Security Bypass (4.6.3) CVE-2014-9314 CWE-264 CWE-264 High WordPress Plugin WP RSS Aggregator Unspecified Vulnerability (4.8.2) High WordPress Plugin WP RSS Multi Importer Multiple Cross-Site Request Forgery Vulnerabilities (3.11) CWE-352 CWE-352 High WordPress Plugin WP RSS Multi Importer Multiple Vulnerabilities (3.15) CWE-79 CWE-89 CWE-79 CWE-89 High WordPress Plugin WP Rss Poster SQL Injection (1.0.0) CVE-2014-4938 CWE-89 CWE-89 High WordPress Plugin WP Safe Search 'v1' Parameter Cross-Site Scripting (0.7) CVE-2010-4518 CWE-79 CWE-79 High WordPress Plugin WPS Bidouille Multiple Vulnerabilities (1.12.2) CWE-79 CWE-352 CWE-434 CWE-79 CWE-352 CWE-434 High WordPress Plugin WPS Child Theme Generator Directory Traversal (1.1) CVE-2019-15822 CWE-22 CWE-22 High WordPress Plugin WPS Cleaner Multiple Cross-Site Request Forgery Vulnerabilities (1.4.4) CWE-352 CWE-352 High WordPress Plugin WP Security Audit Log Cross-Site Scripting (2.4.3) CWE-79 CWE-79 High WordPress Plugin WP Security Audit Log Information Disclosure (3.1.1) CVE-2018-8719 CWE-200 CWE-200 High WordPress Plugin WP Security Audit Log PHP Object Injection (3.2.5) CWE-915 CWE-915 High WordPress Plugin WP Security Audit Log Security Bypass (3.3.1.1) CWE-264 CWE-264 High WordPress Plugin WP Security Audit Log Security Bypass (4.0.1) CWE-264 CWE-264 High WordPress Plugin WP Security Safe Cross-Site Request Forgery (2.2.2) CWE-352 CWE-352 High WordPress Plugin WP Selected Text Sharer Multiple Vulnerabilities (1.0) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin WP SEO TDK Security Bypass (2.0.2) CWE-264 CWE-264 High WordPress Plugin WP Server Log Viewer Cross-Site Scripting (1.0) CWE-79 CWE-79 High WordPress Plugin WP Session Manager SQL Injection (1.2.1) CWE-89 CWE-89 High WordPress Plugin WPS Hide Login Cross-Site Request Forgery (1.0) CWE-352 CWE-352 High WordPress Plugin WPS Hide Login Multiple Security Bypass Vulnerabilities (1.5.2.2) CVE-2019-15823 CVE-2019-15824 CVE-2019-15825 CVE-2019-15826 CWE-264 CWE-264 High WordPress Plugin WPS Hide Login Security Bypass (1.5.4.2) CWE-264 CWE-264 High WordPress Plugin WPshop-eCommerce Arbitrary File Upload (1.3.9.5) CWE-434 CWE-434 High WordPress Plugin wpShopGermany Free Arbitrary File Upload (4.0.10) CWE-434 CWE-434 High WordPress Plugin WP Shopify Cross-Site Scripting (2.0.4) CWE-79 CWE-79 High WordPress Plugin WP Shop Multiple SQL Injection Vulnerabilities (3.4.3.15) CWE-89 CWE-89 High WordPress Plugin WP Shop Multiple Vulnerabilities (3.4.3.18) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin WP Silverlight Media Player Cross-Site Scripting (0.8) CVE-2014-4589 CWE-79 CWE-79 High WordPress Plugin WP Simple Booking Calendar Cross-Site Request Forgery (1.3) CWE-352 CWE-352 High WordPress Plugin WP Simple Cart Arbitrary File Upload (1.0.15) CWE-434 CWE-434 High WordPress Plugin WP Simple Login Registration Cross-Site Scripting (1.0.2) CWE-79 CWE-79 High WordPress Plugin WP SimpleMail Multiple Cross-Site Scripting Vulnerabilities (1.0.6) CVE-2012-2579 CWE-79 CWE-79 High WordPress Plugin WP Simple Spreadsheet Fetcher for Google Cross-Site Request Forgery (0.3.6) CWE-352 CWE-352 High WordPress Plugin WP SlackSync Information Disclosure (1.8.5) CVE-2019-14366 CWE-200 CWE-200 High WordPress Plugin WPS Limit Login Multiple Vulnerabilities (1.4.5) CWE-79 CWE-264 CWE-352 CWE-79 CWE-264 CWE-352 High WordPress Plugin WP smart CRM & Invoices FREE Cross-Site Scripting (1.8.7) CVE-2020-25375 CWE-79 CWE-79 High WordPress Plugin WP Smart Image II Cross-Site Scripting (0.2) CWE-79 CWE-79 High WordPress Plugin WP Smart Security PHP Object Injection (1.0) CWE-915 CWE-915 High WordPress Plugin WP Smiley Multiple Vulnerabilities (1.4.1) CVE-2015-4139 CVE-2015-4140 CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin WP Social Bookmarking Light Cross-Site Scripting (1.7.9) CWE-79 CWE-79 High WordPress Plugin WP Social Feed Gallery Cross-Site Request Forgery (2.4.7) CVE-2019-15779 CWE-352 CWE-352 High WordPress Plugin WP Social Feed Gallery Unspecified Vulnerability (2.1.1) High WordPress Plugin WP Social Invitations Cross-Site Scripting (1.4.4.2) CVE-2014-4597 CWE-79 CWE-79 High WordPress Plugin WP Socializer 'val' Parameter Cross-Site Scripting (2.4.2) CWE-79 CWE-79 High 1...85868788...90 86 / 90