High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.11)	CWE-79	CWE-79	High
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.19)	CWE-79	CWE-79	High
WordPress Plugin MailPoet Newsletters (Previous) Multiple Unspecified Vulnerabilities (2.7.1)			High
WordPress Plugin MailPoet Newsletters (Previous) Multiple Vulnerabilities (2.7.2)	CWE-79 CWE-89	CWE-79 CWE-89	High
WordPress Plugin MailPoet Newsletters (Previous) Security Bypass (2.8.1)	CVE-2018-20853 CWE-264	CWE-264	High
WordPress Plugin MailPoet Newsletters (Previous) SQL Injection (2.2)	CVE-2013-1408 CWE-89	CWE-89	High
WordPress Plugin MailPoet Newsletters (Previous) Unspecified Vulnerability (2.7.8)			High
WordPress Plugin MailPress Multiple Vulnerabilities (5.4.4)	CWE-22 CWE-264	CWE-22 CWE-264	High
WordPress Plugin MailPress Remote Code Execution (7.0.2)	CWE-94	CWE-94	High
WordPress Plugin Mail Queue Cross-Site Scripting (1.1)	CVE-2023-3167 CWE-79	CWE-79	High
WordPress Plugin Mailster-Email Newsletter for WordPress Cross-Site Scripting (2.4.5.1)	CWE-79	CWE-79	High
WordPress Plugin Mail Subscribe List Unspecified Vulnerability (2.0.9)			High
WordPress Plugin Mailtree Log Mail Cross-Site Scripting (1.0.0)	CVE-2023-3135 CWE-79	CWE-79	High
WordPress Plugin MailUp newsletter sign-up form Security Bypass (1.3.2)	CVE-2013-0731 CVE-2013-2640 CWE-264	CWE-264	High
WordPress Plugin Maintenance Cross-Site Request Forgery (3.6.4)	CWE-352	CWE-352	High
WordPress Plugin Maintenance Cross-Site Scripting (4.02)	CVE-2021-24533 CWE-79	CWE-79	High
WordPress Plugin Maintenance Mode Under Construction Page Landing Page Possible Remote Code Execution (1.0.9)	CVE-2016-10033 CVE-2016-10045 CWE-94	CWE-94	High
WordPress Plugin Maintenance Mode Unspecified Vulnerability (1.3.3)			High
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Cross-Site Scripting (2.0.12)	CWE-79	CWE-79	High
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (2.0.9.1)	CWE-264	CWE-264	High
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (3.4.4)	CWE-287	CWE-287	High
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard SQL Injection (4.1.7.1)	CVE-2021-24877 CWE-89	CWE-89	High
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Unspecified Vulnerability (2.0.27)			High
WordPress Plugin MainWP Child Reports SQL Injection (2.0.7)	CVE-2021-24754 CWE-89	CWE-89	High
WordPress Plugin MainWP Dashboard Cross-Site Scripting (3.1.2)	CWE-79	CWE-79	High
WordPress Plugin MainWP Dashboard Unspecified Vulnerability (2.0.22)			High
WordPress Plugin MalCare Security-Free Malware Scanner, Protection & Security for WordPress Cross-Site Scripting (4.57)	CWE-79	CWE-79	High
WordPress Plugin Malware Finder Cross-Site Scripting (1.1)	CVE-2014-4538 CWE-79	CWE-79	High
WordPress Plugin Manage and respond to conversations with leads-HappyForms PHP Object Injection (1.0.0)	CWE-915	CWE-915	High
WordPress Plugin Manage Calameo Publications by Athlon Cross-Site Scripting (1.1.0)	CWE-79	CWE-79	High
WordPress Plugin Manage Notification E-mails Cross-Site Request Forgery (1.8.2)	CVE-2022-34654 CWE-352	CWE-352	High
WordPress Plugin ManageWP Worker Unspecified Vulnerability (4.1.7)			High
WordPress Plugin Mang Board WP SQL Injection (1.9.9)	CVE-2021-26609 CWE-89	CWE-89	High
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.3)			High
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.5)			High
WordPress Plugin Manual Image Crop Cross-Site Scripting (1.10)	CWE-79	CWE-79	High
WordPress Plugin Map Block for Google Maps Unspecified Vulnerability (1.31)			High
WordPress Plugin MapifyLite (by MapifyPro) Cross-Site Scripting (3.3)	CWE-79	CWE-79	High
WordPress Plugin Mapplic-Custom Interactive Map Server-Side Request Forgery (6.1)	CWE-918	CWE-918	High
WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0)	CWE-918	CWE-918	High
WordPress Plugin MapPress Maps for WordPress Cross-Site Request Forgery (2.53.8)	CVE-2020-12077 CWE-352	CWE-352	High
WordPress Plugin MapPress Maps for WordPress Security Bypass (2.54.5)	CVE-2020-12675 CWE-264	CWE-264	High
WordPress Plugin MapSVG Lite Arbitrary File Disclosure (4.2.3.1)	CWE-538	CWE-538	High
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.0.5)	CWE-434	CWE-434	High
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.2.4)	CWE-434	CWE-434	High
WordPress Plugin MapSVG Lite Cross-Site Request Forgery (4.2.4)	CWE-352	CWE-352	High
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Cross-Site Scripting (2.30)	CWE-79	CWE-79	High
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Open Redirect (4.0)	CWE-601	CWE-601	High
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Security Bypass (4.16)	CWE-264	CWE-264	High
WordPress Plugin Mapwiz SQL Injection (1.0.1)	CVE-2022-4546 CWE-89	CWE-89	High
WordPress Plugin Marekkis Watermark Cross-Site Scripting (0.9.1)	CVE-2013-1758 CWE-79	CWE-79	High
WordPress Plugin Markdown on Save Improved Cross-Site Scripting (2.5)	CVE-2016-4812 CWE-79	CWE-79	High
WordPress Plugin Marketo Forms and Tracking Cross-Site Request Forgery (1.0.2)	CVE-2020-6849 CWE-352	CWE-352	High
WordPress Plugin MarketPress-WordPress eCommerce PHP Object Injection (3.2.6)	CWE-915	CWE-915	High
WordPress Plugin Markup (JSON-LD) structured in schema.org Cross-Site Scripting (4.8.1)	CVE-2022-4666 CWE-79	CWE-79	High
WordPress Plugin Mashshare-Social Media Icons SEO Share Buttons for Facebook, Twitter, Subscribe Information Disclosure (2.3.0)	CWE-200	CWE-200	High
WordPress Plugin Mass Delete Taxonomies Cross-Site Request Forgery (3.0.0)	CWE-352	CWE-352	High
WordPress Plugin Mass Delete Unused Tags Cross-Site Request Forgery (2.0.0)	CVE-2023-27430 CWE-352	CWE-352	High
WordPress Plugin Mass Pages/Posts Creator Cross-Site Scripting (1.2.2)	CVE-2018-11580 CWE-79	CWE-79	High
WordPress Plugin Master Popups Remote Code Execution (1.0.0)	CWE-94	CWE-94	High
WordPress Plugin Master Slider-Responsive Touch Slider Cross-Site Scripting (2.7.1)	CWE-79	CWE-79	High
WordPress Plugin Master Slider-Responsive Touch Slider SQL Injection (2.5.1)	CWE-89	CWE-89	High
WordPress Plugin Master Slider-WordPress Responsive Touch Slider Unspecified Vulnerability (2.18.2)			High
WordPress Plugin MathJax-LaTeX Cross-Site Request Forgery (1.1)	CWE-352	CWE-352	High
WordPress Plugin MATRIX 3D Cross-Site Scripting (1.2)	CWE-79	CWE-79	High
WordPress Plugin Matrix Gallery 'upload.php' Arbitrary File Upload (2.1)	CWE-434	CWE-434	High
WordPress Plugin MaxBlogPress Max Banner Ads Cross-Site Scripting (1.9)	CWE-79	CWE-79	High
WordPress Plugin Max Mega Menu Cross-Site Scripting (2.3.8)	CWE-79	CWE-79	High
WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0)	CVE-2021-24668 CWE-352	CWE-352	High
WordPress Plugin MAZ Loader-Preloader Builder for WordPress SQL Injection (1.3.2)	CVE-2021-24669 CWE-89	CWE-89	High
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Cross-Site Scripting Vulnerabilities (1.3.8)	CWE-79	CWE-79	High
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.6.0)	CWE-22 CWE-79	CWE-22 CWE-79	High
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.7.6)	CVE-2016-0796 CWE-287 CWE-441	CWE-287 CWE-441	High
WordPress Plugin mb.YTPlayer for background videos Unspecified Vulnerability (1.7.2)			High
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Request Forgery (4.8.4)	CWE-352	CWE-352	High