Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity WordPress Plugin Testimonial-Best Testimonial Slider Cross-Site Scripting (2.1.6) CWE-79 CWE-79 High WordPress Plugin Testimonial Cross-Site Scripting (1.5.9) CVE-2021-24598 CWE-79 CWE-79 High WordPress Plugin Testimonial Multiple Vulnerabilities (2.2) CVE-2013-5672 CVE-2013-5673 CWE-79 CWE-89 CWE-352 CWE-79 CWE-89 CWE-352 High WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.2) CVE-2020-26672 CWE-79 CWE-79 High WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.3) CWE-79 CWE-79 High WordPress Plugin Testimonials by BestWebSoft Cross-Site Scripting (0.1.8) CVE-2017-2171 CVE-2017-2171 CVE-2017-18558 CWE-79 CWE-79 High WordPress Plugin Testimonial Slider Cross-Site Scripting (1.2.1) CWE-79 CWE-79 High WordPress Plugin Testimonial Slider Multiple Cross-Site Scripting Vulnerabilities (1.2.5) CWE-79 CWE-79 High WordPress Plugin Testimonial Slider SQL Injection (1.2.4) CVE-2018-5372 CWE-89 CWE-89 High WordPress Plugin Testimonials Widget Cross-Site Scripting (3.5.1) CVE-2021-24136 CWE-79 CWE-79 High WordPress Plugin Testimonial WordPress-AP Custom Testimonial includes Backdoor [Only if downloaded via the vendor website] (1.4.6) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin Testimonial WordPress-AP Custom Testimonial Unspecified Vulnerability (1.4.7) High WordPress Plugin TextMe SMS Cross-Site Scripting (1.8.8) CWE-79 CWE-79 High WordPress Plugin Thank You Counter Button Cross-Site Scripting (1.8.2) CWE-79 CWE-79 High WordPress Plugin Thank You Counter Button Multiple Cross-Site Scripting Vulnerabilities (1.8.7) CVE-2014-2315 CWE-79 CWE-79 High WordPress Plugin TheCartPress eCommerce Shopping Cart 'OptionsPostsList.php' Cross-Site Scripting (1.1.6) CVE-2011-5207 CWE-79 CWE-79 High WordPress Plugin TheCartPress eCommerce Shopping Cart 'tcp_class_path' Parameter Remote File Include (1.1.1) CWE-94 CWE-94 High WordPress Plugin TheCartPress eCommerce Shopping Cart Multiple Vulnerabilities (1.3.9) CVE-2015-3300 CVE-2015-3301 CVE-2015-3302 CVE-2015-3986 CWE-79 CWE-98 CWE-284 CWE-352 CWE-79 CWE-98 CWE-284 CWE-352 High WordPress Plugin TheCartPress eCommerce Shopping Cart Multiple Vulnerabilities (1.5.3.6) CWE-352 CWE-434 CWE-352 CWE-434 High WordPress Plugin TheCartPress eCommerce Shopping Cart Order Information Security Bypass (1.1.9.2) CWE-264 CWE-264 High WordPress Plugin The Crawl Rate Tracker 'sbtracking-chart-data.php' SQL Injection (2.0.2) CWE-89 CWE-89 High WordPress Plugin The Easiest WordPress Media Manager-WP Media Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin The Events Calendar:Eventbrite Tickets Cross-Site Scripting (3.9.6) CVE-2015-5485 CWE-79 CWE-79 High WordPress Plugin The Events Calendar Countdown Addon Security Bypass (1.3.1) CWE-94 CWE-94 High WordPress Plugin The Events Calendar Cross-Site Scripting (3.0) CWE-79 CWE-79 High WordPress Plugin The Events Calendar Cross-Site Scripting (4.8.1) CVE-2019-15109 CWE-79 CWE-79 High WordPress Plugin The Events Calendar Open Redirect (4.1.1) CWE-601 CWE-601 High WordPress Plugin The Events Calendar Security Bypass (3.11.2) CWE-264 CWE-264 High WordPress Plugin The Events Calendar Unspecified Vulnerability (4.0.4) High WordPress Plugin The Guardian News Feed Cross-Site Request Forgery (0.4) CWE-352 CWE-352 High WordPress Plugin The Holiday Calendar Cross-Site Scripting (1.11.2) CVE-2015-9270 CWE-79 CWE-79 High WordPress Plugin Theme Blvd Layout Builder Multiple Security Bypass Vulnerabilities (2.0.1) CWE-264 CWE-264 High WordPress Plugin Theme Blvd Shortcodes Multiple Security Bypass Vulnerabilities (1.5.2) CWE-264 CWE-264 High WordPress Plugin Theme Blvd Sliders Multiple Security Bypass Vulnerabilities (1.2.3) CWE-264 CWE-264 High WordPress Plugin Theme Blvd Widget Areas Multiple Security Bypass Vulnerabilities (1.2.2) CWE-264 CWE-264 High WordPress Plugin Theme Check Cross-Site Request Forgery (20190208.1) CWE-352 CWE-352 High WordPress Plugin Theme Demo Import Arbitrary File Upload (1.1.0) CVE-2022-1538 CWE-434 CWE-434 High WordPress Plugin Theme Editor Arbitrary File Download (2.5) CVE-2021-24154 CWE-538 CWE-538 High WordPress Plugin Theme Editor Multiple Vulnerabilities (2.1) CWE-352 CWE-434 CWE-352 CWE-434 High WordPress Plugin ThemeGrill Demo Importer Cross-Site Request Forgery (1.6.2) CWE-352 CWE-352 High WordPress Plugin ThemeGrill Demo Importer Security Bypass (1.6.1) CWE-264 CWE-264 High WordPress Plugin ThemeHigh WooCommerce Wishlist and Comparison Cross-Site Request Forgery (1.0.4) CWE-352 CWE-352 High WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4) CWE-79 CWE-79 High WordPress Plugin Theme My Login Local File Inclusion (6.3.9) CVE-2014-5155 CWE-22 CWE-22 High WordPress Plugin Theme My Login Security Bypass (6.4.6) CWE-264 CWE-264 High WordPress Plugin ThemeREX Addons Remote Code Execution (All) CVE-2020-10257 CWE-94 CWE-94 High WordPress Plugin Theme Test Drive Multiple Vulnerabilities (2.9) CWE-79 CWE-434 CWE-79 CWE-434 High WordPress Plugin Theme Tuner 'tt-abspath' Parameter Remote File Include (0.7) CVE-2012-0934 CWE-94 CWE-94 High WordPress Plugin Theme Tweaker Cross-Site Request Forgery (5.20) CVE-2023-23713 CWE-352 CWE-352 High WordPress Plugin Themify-WooCommerce Product Filter SQL Injection (1.4.9) CVE-2024-6027 CWE-89 CWE-89 High WordPress Plugin Themify Builder Cross-Site Scripting (5.3.1) CWE-79 CWE-79 High WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.5) CVE-2021-24129 CWE-79 CWE-79 High WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.6) CVE-2022-0200 CWE-79 CWE-79 High WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.9) CWE-79 CWE-79 High WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.0) CVE-2022-4464 CWE-79 CWE-79 High WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.1) CVE-2023-0362 CWE-79 CWE-79 High WordPress Plugin The Official Facebook Chat Cross-Site Request Forgery (1.2) CWE-352 CWE-352 High WordPress Plugin The Official Facebook Chat Security Bypass (1.5) CWE-264 CWE-264 High WordPress Plugin The Piecemaker 'php.php' Arbitrary File Upload (1.1) CWE-434 CWE-434 High WordPress Plugin The Plus Addons for Elementor Cross-Site Scripting (4.1.11) CVE-2021-24351 CWE-79 CWE-79 High WordPress Plugin The Plus Addons for Elementor Open Redirect (4.1.9) CVE-2021-24358 CWE-601 CWE-601 High WordPress Plugin The Plus Addons for Elementor Page Builder Lite Multiple Cross-Site Scripting Vulnerabilities (2.0.5) CVE-2021-24266 CWE-79 CWE-79 High WordPress Plugin The Plus Addons for Elementor Security Bypass (4.1.6) CVE-2021-24175 CWE-264 CWE-264 High WordPress Plugin The Plus Addons for Elementor Security Bypass (4.1.10) CVE-2021-24359 CWE-264 CWE-264 High WordPress Plugin The Post Grid-Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Cross-Site Request Forgery (5.0.4) CVE-2022-46853 CWE-352 CWE-352 High WordPress Plugin The Sorter SQL Injection (1.0) CVE-2021-24399 CWE-89 CWE-89 High WordPress Plugin TheThe Layout Grid Cross-Site Scripting (1.0.0) CVE-2013-1808 CWE-79 CWE-79 High WordPress Plugin The Welcomizer 'twiz-index.php' Cross-Site Scripting (1.3.9.4) CWE-79 CWE-79 High WordPress Plugin ThinkIT WP Contact Form Multiple Vulnerabilities (0.2) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin ThinkTwit Cross-Site Scripting (1.7.0) CVE-2021-24582 CWE-79 CWE-79 High WordPress Plugin ThinkTwit Security Bypass (1.5.1) CWE-264 CWE-264 High WordPress Plugin Thinkun Remind 'dirPath' Parameter Information Disclosure (1.1.3) CWE-22 CWE-22 High WordPress Plugin ThirstyAffiliates Affiliate Link Manager Cross-Site Scripting (3.9.2) CVE-2021-24127 CWE-79 CWE-79 High WordPress Plugin ThreeWP Email Reflector 'Subject' Field Cross-Site Scripting (1.15) CVE-2012-2572 CWE-79 CWE-79 High WordPress Plugin Thrive Apprentice Security Bypass (2.3.9.3) CVE-2021-24219 CWE-264 CWE-264 High 1...138139140141...169 139 / 169
