Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity WordPress Plugin MaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles Arbitrary File Deletion (1.9.2) CVE-2024-6885 CWE-73 CWE-73 High WordPress Plugin Max Mega Menu Cross-Site Scripting (2.3.8) CWE-79 CWE-79 High WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0) CVE-2021-24668 CWE-352 CWE-352 High WordPress Plugin MAZ Loader-Preloader Builder for WordPress SQL Injection (1.3.2) CVE-2021-24669 CWE-89 CWE-89 High WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Cross-Site Scripting Vulnerabilities (1.3.8) CWE-79 CWE-79 High WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.6.0) CWE-22 CWE-79 CWE-22 CWE-79 High WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.7.6) CVE-2016-0796 CWE-287 CWE-441 CWE-287 CWE-441 High WordPress Plugin mb.YTPlayer for background videos Unspecified Vulnerability (1.7.2) High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Request Forgery (4.8.4) CWE-352 CWE-352 High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (2.2.7) CWE-79 CWE-79 High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.0.10) CWE-79 CWE-79 High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.1.6) CWE-79 CWE-79 High WordPress Plugin McAvoy Cross-Site Scripting (0.1.0) CWE-79 CWE-79 High WordPress Plugin MContact Button includes Backdoor [Only if downloaded via the vendor website] (2.0.6) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin MDC Private Message Cross-Site Scripting (1.0.0) CVE-2015-6805 CWE-79 CWE-79 High WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0) CVE-2015-5469 CWE-22 CWE-22 High WordPress Plugin MDTF-Wordpress Meta Data & Taxonomies Filter Cross-Site Request Forgery (2.2.7.2) CVE-2021-20781 CWE-352 CWE-352 High WordPress Plugin Media.net Ads Manager Arbitrary File Upload (2.10.13) CVE-2024-6431 CWE-434 CWE-434 High WordPress Plugin MediaElement.js-HTML5 Video & Audio Player Cross-Site Scripting (4.2.8) CVE-2022-4699 CWE-79 CWE-79 High WordPress Plugin Media File Manager Advanced Multiple Vulnerabilities (1.1.5) CWE-79 CWE-89 CWE-264 CWE-79 CWE-89 CWE-264 High WordPress Plugin Media File Manager Multiple Vulnerabilities (1.4.2) CWE-22 CWE-73 CWE-79 CWE-22 CWE-73 CWE-79 High WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Request Forgery (5.2.5) CVE-2021-36850 CWE-352 CWE-352 High WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Scripting (1.7.0) CVE-2014-2040 CWE-79 CWE-79 High WordPress Plugin Media from FTP Cross-Site Scripting (9.89) CWE-79 CWE-79 High WordPress Plugin Media from FTP Directory Traversal (9.85) CVE-2018-5310 CWE-22 CWE-22 High WordPress Plugin Media from FTP PHP Object Injection (9.79) CWE-915 CWE-915 High WordPress Plugin Media Library Assistant Information Disclosure (3.00) CVE-2022-41618 CWE-200 CWE-200 High WordPress Plugin Media Library Assistant Multiple Cross-Site Scripting Vulnerabilities (2.73) CWE-79 CWE-79 High WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.65) CWE-73 CWE-538 CWE-73 CWE-538 High WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81) CVE-2020-11731 CVE-2020-11732 CVE-2020-11928 CWE-22 CWE-79 CWE-94 CWE-22 CWE-79 CWE-94 High WordPress Plugin Media Library Assistant PHP Object Injection (2.60) CWE-915 CWE-915 High WordPress Plugin Media Library Assistant SQL Injection (2.84) CWE-89 CWE-89 High WordPress Plugin Media Library Assistant SQL Injection (3.05) CVE-2023-0279 CWE-89 CWE-89 High WordPress Plugin Media Library Categories 'termid' Parameter SQL Injection (1.0.6) CWE-89 CWE-89 High WordPress Plugin Media Library Categories Multiple Cross-Site Scripting Vulnerabilities (1.1.1) CVE-2012-6630 CWE-79 CWE-79 High WordPress Plugin Media Mirror Cross-Site Scripting (1.0.6) CVE-2021-24435 CWE-79 CWE-79 High WordPress Plugin MediaPress Security Bypass (1.1.9) CWE-264 CWE-264 High WordPress Plugin MediaRSS external gallery TimThumb Arbitrary File Upload (0.1) CVE-2011-4106 CWE-20 CWE-20 High WordPress Plugin Media Search Enhanced SQL Injection (0.6.0) CWE-89 CWE-89 High WordPress Plugin Media Tags Cross-Site Scripting (3.2.0.2) CVE-2021-24899 CWE-79 CWE-79 High WordPress Plugin Media Tagz Gallery Multiple Unspecified Vulnerabilities (1.0) High WordPress Plugin Media Usage Cross-Site Scripting (0.0.4) CVE-2021-34652 CWE-79 CWE-79 High WordPress Plugin Mega Menu for WordPress-AP Mega Menu includes Backdoor [Only if downloaded via the vendor website] (3.0.5) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin MegaOptim Image Optimizer Unspecified Vulnerability (1.3.2) High WordPress Plugin Meks Easy Social Share Cross-Site Scripting (1.2.7) CVE-2022-2574 CWE-79 CWE-79 High WordPress Plugin Meks Flexible Shortcodes Cross-Site Scripting (1.3.4) CVE-2022-4562 CWE-79 CWE-79 High WordPress Plugin Member Approval Cross-Site Request Forgery (131109) CVE-2014-3850 CWE-352 CWE-352 High WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Unspecified Vulnerabilities (1.4.0) High WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Vulnerabilities (2.4.1) CWE-79 CWE-89 CWE-79 CWE-89 High WordPress Plugin Membership 2 Unspecified Vulnerability (4.0.0.2) High WordPress Plugin Membership by Supsystic SQL Injection (1.4.7) CWE-89 CWE-89 High WordPress Plugin Membership For WooCommerce-Add Simple Membership Plans, Recurring Revenue, Product Tags & Send Emails To Members with WooCommerce Membership Arbitrary File Upload (2.1.6) CVE-2022-4395 CWE-434 CWE-434 High WordPress Plugin Membership Simplified Arbitrary File Download (1.58) CVE-2017-1002008 CWE-538 CWE-538 High WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58) CVE-2017-1002009 CVE-2017-1002010 CWE-89 CWE-89 High WordPress Plugin Members Import Cross-Site Request Forgery (1.3) CWE-352 CWE-352 High WordPress Plugin Members Import Cross-Site Scripting (1.4.2) CVE-2022-4663 CWE-79 CWE-79 High WordPress Plugin MemberSonic Lite Security Bypass (1.2) CWE-287 CWE-287 High WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5) CWE-538 CWE-538 High WordPress Plugin Memphis Documents Library Cross-Site Request Forgery (3.9.20) CWE-352 CWE-352 High WordPress Plugin Memphis Documents Library Multiple Unspecified Vulnerabilities (3.6.21) High WordPress Plugin Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7) CWE-89 CWE-89 High WordPress Plugin Menu Image Malware/Addware Notification (2.6.9) CWE-506 CWE-506 High WordPress Plugin Menu Swapper Cross-Site Request Forgery (1.1.0.2) CWE-352 CWE-352 High WordPress Plugin Meow Gallery (+ Gallery Block) Security Bypass (4.1.9) CWE-264 CWE-264 High WordPress Plugin Meow Gallery (+ Gallery Block) SQL Injection (4.1.8) CVE-2021-24465 CWE-89 CWE-89 High WordPress Plugin Merge+Minify+Refresh Cross-Site Request Forgery (1.10.6) CWE-352 CWE-352 High WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Deletion (4.16.2) CVE-2019-14793 CWE-73 CWE-73 High WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Upload (4.16.1) CVE-2019-14794 CWE-434 CWE-434 High WordPress Plugin Meta Slider and Carousel with Lightbox Cross-Site Request Forgery (1.6.2) CVE-2023-25703 CWE-352 CWE-352 High WordPress Plugin MetaSlider Cross-Site Scripting (2.6.2) CVE-2014-4846 CWE-79 CWE-79 High WordPress Plugin MetaSlider Cross-Site Scripting (3.17.1) CWE-79 CWE-79 High WordPress Plugin MetaSlider Information Disclosure (3.3.1) CWE-200 CWE-200 High WordPress Plugin Meteor Slides Cross-Site Scripting (1.5.6) CVE-2022-4486 CWE-79 CWE-79 High WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Cross-Site Scripting (3.1.2) CVE-2023-0084 CWE-79 CWE-79 High WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Information Disclosure (2.1.3) CVE-2022-1442 CWE-200 CWE-200 High 1...110111112113...169 111 / 169
