Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1) CWE-22 CWE-22 High WordPress Plugin WordPress Infinite Scroll-Ajax Load More Multiple Vulnerabilities (5.5.3) CVE-2022-2433 CVE-2022-2943 CVE-2022-2945 CWE-22 CWE-352 CWE-538 CWE-22 CWE-352 CWE-538 High WordPress Plugin WordPress Infinite Scroll-Ajax Load More SQL Injection (5.3.1) CVE-2021-24140 CWE-89 CWE-89 High WordPress Plugin WordPress Infinite Scroll-Ajax Load More Unspecified Vulnerability (2.11.0) High WordPress Plugin WordPress InviteBox for viral Refer-a-Friend Promotions Cross-Site Scripting (1.4.1) CVE-2021-38359 CWE-79 CWE-79 High WordPress Plugin WordPress Landing Page-Squeeze Page-Responsive Landing Page Builder Free-WP Lead Plus X Multiple Vulnerabilities (0.98) CVE-2020-11508 CVE-2020-11509 CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin WordPress Landing Pages Cross-Site Scripting (1.8.5) CWE-79 CWE-79 High WordPress Plugin WordPress Landing Pages Cross-Site Scripting (1.8.7) CWE-79 CWE-79 High WordPress Plugin WordPress Landing Pages Cross-Site Scripting (2.2.4) CWE-79 CWE-79 High WordPress Plugin WordPress Landing Pages Multiple Unspecified Vulnerabilities (1.7.8) High WordPress Plugin WordPress Landing Pages Multiple Vulnerabilities (1.8.4) CVE-2015-4064 CVE-2015-4065 CWE-79 CWE-89 CWE-79 CWE-89 High WordPress Plugin WordPress Landing Pages Remote Code Execution (1.9.0) CVE-2015-5227 CWE-94 CWE-94 High WordPress Plugin WordPress Landing Pages SQL Injection (1.2.1) CVE-2013-6243 CWE-89 CWE-89 High WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (1.8.1) High WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.0.2) High WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.2.6) High WordPress Plugin WordPress Leads Cross-Site Scripting (1.6.2) CWE-79 CWE-79 High WordPress Plugin WordPress Leads Unspecified Vulnerability (1.6.8) High WordPress Plugin WordPress Mega Menu-QuadMenu Remote Code Execution (2.0.6) CWE-94 CWE-94 High WordPress Plugin Wordpress Membership SwiftCloud.io SQL Injection (1.0) CVE-2021-24392 CWE-89 CWE-89 High WordPress Plugin WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Request Forgery (1.2.7.2) CVE-2021-20781 CWE-352 CWE-352 High WordPress Plugin WordPress Meta Data and Taxonomies Filter (MDTF) PHP Object Injection (1.2.2) CWE-915 CWE-915 High WordPress Plugin WordPress Meta Robots SQL Injection (2.1) CWE-89 CWE-89 High WordPress Plugin WordPress Mobile app Builder-Convert WordPress site to native mobile apps Arbitrary File Upload (1.05) CVE-2017-1002001 CWE-434 CWE-434 High WordPress Plugin WordPress Mobile Pack Information Disclosure (2.0.1) CVE-2014-5337 CWE-264 CWE-264 High WordPress Plugin WordPress Mobile Pack Information Disclosure (2.1.2) CVE-2015-9269 CWE-200 CWE-200 High WordPress Plugin WordPress OpenID Connect Client Cross-Site Scripting (2.1.4) CWE-79 CWE-79 High WordPress Plugin WordPress Page Contact SQL Injection (1.0) CVE-2021-24403 CWE-89 CWE-89 High WordPress Plugin WordPress Payments-GetPaid Cross-Site Scripting (2.3.3) CVE-2021-24369 CWE-79 CWE-79 High WordPress Plugin WordPress PDF Light Viewer Command Injection (1.4.11) CVE-2021-24684 CWE-94 CWE-94 High WordPress Plugin WordPress Photo Gallery-Image Gallery Cross-Site Request Forgery (1.0.6) CWE-352 CWE-352 High WordPress Plugin WordPress Photo Gallery by Gallery Bank Cross-Site Scripting (3.0.69) CVE-2014-8758 CWE-79 CWE-79 High WordPress Plugin WordPress Photo Gallery by Gallery Bank Cross-Site Scripting (3.0.228) CWE-79 CWE-79 High WordPress Plugin WordPress Photo Gallery by Gallery Bank Multiple Cross-Site Scripting Vulnerabilities (2.0.19) CWE-79 CWE-79 High WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.101) CWE-89 CWE-89 High WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.229) CWE-89 CWE-89 High WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (3.1.26) High WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (4.0.48) High WordPress Plugin Wordpress Picture/Portfolio/Media Gallery Server-Side Request Forgery (3.0.1) CVE-2024-5021 CWE-918 CWE-918 High WordPress Plugin WordPress Ping Optimizer Cross-Site Request Forgery (2.35.1.2.3) CVE-2022-1591 CWE-352 CWE-352 High WordPress Plugin WordPress Poll Cross-Site Request Forgery (34.05) CWE-352 CWE-352 High WordPress Plugin WordPress Poll Multiple SQL Injection and Security Bypass Vulnerabilities (34.04) CVE-2013-1400 CVE-2013-1401 CWE-89 CWE-264 CWE-89 CWE-264 High WordPress Plugin WordPress Poll Multiple SQL Injection Vulnerabilities (33.5) CWE-89 CWE-89 High WordPress Plugin WordPress Poll Multiple Unspecified Vulnerabilities (35.0) High WordPress Plugin Wordpress Poll SQL Injection (36) CVE-2020-24315 CWE-89 CWE-89 High WordPress Plugin WordPress Popular Posts Cross-Site Scripting (3.3.2) CWE-79 CWE-79 High WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.3) CVE-2021-36872 CWE-79 CWE-79 High WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.5) CWE-79 CWE-79 High WordPress Plugin WordPress Popular Posts Multiple Vulnerabilities (5.3.2) CVE-2021-20746 CVE-2021-42362 CWE-79 CWE-94 CWE-79 CWE-94 High WordPress Plugin WordPress Popular Posts TimThumb Arbitrary File Upload (2.1.4) CWE-434 CWE-434 High WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Cross-Site Scripting (2.6.0) CVE-2021-39325 CWE-79 CWE-79 High WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Security Bypass (1.1.4.5) CWE-264 CWE-264 High WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Security Bypass (2.6.4) CVE-2021-39341 CWE-264 CWE-264 High WordPress Plugin WordPress Portfolio and Gallery-GridKit Gallery Unspecified Vulnerability (1.8.18) High WordPress Plugin WordPress prettyPhoto Cross-Site Scripting (1.1) CWE-79 CWE-79 High WordPress Plugin WordPress Related Posts Cross-Site Request Forgery (2.6.1) CVE-2013-3476 CWE-352 CWE-352 High WordPress Plugin WordPress Related Posts Cross-Site Scripting (3.6.4) CVE-2021-24211 CWE-79 CWE-79 High WordPress Plugin WordPress renaming tool by Vlajo Arbitrary File Download (1.0) CVE-2015-4703 CWE-538 CWE-538 High WordPress Plugin WordPress Responsive Preview Cross-Site Scripting (1.1) CVE-2014-4594 CWE-79 CWE-79 High WordPress Plugin WordPress Robots.txt optimization (+ XML Sitemap)-Website traffic, SEO & ranking Booster Cross-Site Request Forgery (1.4.5) CVE-2023-25706 CWE-352 CWE-352 High WordPress Plugin WordPress Robots.txt optimization (+ XML Sitemap)-Website traffic, SEO & ranking Booster Security Bypass (1.2.5.1) CWE-264 CWE-264 High WordPress Plugin WordPress Robots.txt optimization (+ XML Sitemap)-Website traffic, SEO & ranking Booster Security Bypass (1.4.3) CWE-862 CWE-862 High WordPress Plugin WordPress Sentinel Multiple Vulnerabilities (1.0.0) CVE-2011-5224 CVE-2011-5225 CVE-2011-5226 CWE-79 CWE-89 CWE-352 CWE-79 CWE-89 CWE-352 High WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Cross-Site Scripting (5.0.6) CWE-79 CWE-79 High WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Cross-Site Scripting (5.10.1) CVE-2021-24525 CWE-79 CWE-79 High WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Directory Traversal (4.9.9) CVE-2017-2245 CWE-22 CWE-22 High WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Multiple Vulnerabilities (4.9.3) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0) CWE-94 CWE-94 High WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Unspecified Vulnerability (4.10.2) High WordPress Plugin WordPress Simple Ecommerce Shopping Cart-Sell products through Paypal Arbitrary File Upload (2.2.5) CVE-2021-24620 CWE-434 CWE-434 High WordPress Plugin WordPress Simple Shop Cross-Site Scripting (1.2) CVE-2021-38340 CWE-79 CWE-79 High WordPress Plugin WordPress Simple Shopping Cart Cross-Site Request Forgery (3.5) CVE-2013-2705 CWE-352 CWE-352 High WordPress Plugin WordPress Simple Shopping Cart Cross-Site Scripting (4.6.1) CVE-2022-4672 CWE-79 CWE-79 High WordPress Plugin WordPress Slider-WP 1 Slider includes Backdoor [Only if downloaded via the vendor website] (1.2.9) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin WordPress Slider Block Gutenslider Cross-Site Scripting (5.1.5) CVE-2021-24640 CWE-79 CWE-79 High 1...150151152153...169 151 / 169
