Vulnerability Name CVE Severity
WordPress Plugin Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7)
WordPress Plugin Zingiri Web Shop Cross-Site Scripting (2.4.2)
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (2.3.5)
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting Vulnerabilities (2.4.1) CVE-2012-6506
WordPress Plugin Zingiri Web Shop Unspecified Vulnerability (2.6.5)
WordPress Plugin Zip Attachments Arbitrary File Download (1.4) CVE-2015-4694
WordPress Plugin zM Ajax Login & Register Multiple Vulnerabilities (1.0.9) CVE-2015-4153 CVE-2015-4465
WordPress Plugin ZM Gallery SQL Injection (1.0)
WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.6.9.1) CVE-2019-19306
WordPress Plugin Zoho SalesIQ Multiple Vulnerabilities (1.0.8) CVE-2019-5962 CVE-2019-5963 CVE-2019-15644 CVE-2019-15645
WordPress Plugin ZooEffect for Video player Photo Gallery Slideshow jQuery and audio/music/podcast-HTML Cross-Site Scripting (1.01) CVE-2011-5180
WordPress Plugin ZoomSounds-WordPress Audio Player Arbitrary File Upload (2.0)
WordPress Plugin Zotpress 'citation' Parameter Cross-Site Scripting (2.6.1)
WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4)
WordPress Plugin Zotpress SQL Injection (6.1.2) CVE-2016-1000217
WordPress Plugin ZTR Zeumic Work Timer Multiple Unspecified Vulnerabilities (1.0.6)
WordPress Plugin ZWM Zeumic Work Management Multiple Unspecified Vulnerabilities (1.0.11)
WordPress Plugin ZX_CSV Upload Multiple Vulnerabilities (1)
WordPress Possible Security Bypass Vulnerability (0.70 - 4.7.4) CVE-2017-8295
WordPress Possible SQL Injection Vulnerability (0.70 - 3.6.1) CVE-2017-16510
WordPress readme.html file
WordPress REST API User Enumeration
WordPress Same Origin Method Execution (SOME) Vulnerability (0.70 - 3.7.13) CVE-2016-4566
WordPress Super Socialat backdoor plugin
WordPress Theme OneTone: Unauthenticated Stored Cross-Site Scripting (XSS) CVE-2019-17230 CVE-2019-17231
WordPress User-Agent SQL Injection Vulnerability (1.5.2 - 1.5.2) CVE-2006-1012
WordPress username enumeration
WordPress user registration enabled
WordPress W3 Total Cache plugin predictable cache filenames CVE-2012-6077 CVE-2012-6078 CVE-2012-6079
WordPress XML-RPC authentication brute force
WPEngine _wpeprivate/config.json information disclosure
WS_FTP log file found
X-Forwarded-For HTTP header security bypass
Xdebug remote code execution via xdebug.remote_connect_back
XML entity injection
XML external entity injection
XML external entity injection and XML injection
XML external entity injection via external file
XML external entity injection via File Upload
XML quadratic blowup denial of service attack
XPath injection vulnerability
XSLT injection
XSS on Apache HTTP Server 413 error pages via malformed HTTP method CVE-2007-6203
Yii2 debug toolkit
Yii2 Gii extension
Yii2 weak secret key
YUI uploader.swf cross site scripting CVE-2013-6780
Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack
Zabbix 2.0.8 SQL injection CVE-2013-5743
Zend framework configuration file information disclosure
Zend Framework local file disclosure via XXE injection CVE-2012-3363 CVE-2015-5161