High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
WordPress Plugin YouTube Embed Cross-Site Scripting (5.2.1)	CVE-2021-24471 CWE-79	CWE-79	High
WordPress Plugin Youtube Feeder Cross-Site Request Forgery (2.0.1)	CVE-2021-34633 CWE-352	CWE-352	High
WordPress Plugin YouTube Gallery-Best YouTube Video Gallery Cross-Site Scripting (3.2.1)	CWE-79	CWE-79	High
WordPress Plugin Youtube shortcode Cross-Site Scripting (1.8.5)	CVE-2023-23687 CWE-79	CWE-79	High
WordPress Plugin YouTube Video Inserter Cross-Site Scripting (1.2.1.0)	CVE-2021-38327 CWE-79	CWE-79	High
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress Cross-Site Scripting (1.0.6)	CVE-2021-24443 CWE-79	CWE-79	High
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress Cross-Site Scripting (1.2.1)	CVE-2023-0059 CWE-79	CWE-79	High
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress SQL Injection (1.1.9)	CVE-2022-1950 CWE-89	CWE-89	High
WordPress Plugin YT-Audio:Audio Hosting From YouTube in WordPress 'v' Parameter Cross-Site Scripting (1.7)	CWE-79	CWE-79	High
WordPress Plugin yURL ReTwitt Cross-Site Request Forgery (1.4)	CVE-2014-9341 CWE-352	CWE-352	High
WordPress Plugin Z-URL Preview Cross-Site Scripting (1.6.2)	CVE-2017-18012 CWE-79	CWE-79	High
WordPress Plugin Z-Vote 'zvote' Parameter SQL Injection (1.1)	CWE-89	CWE-89	High
WordPress Plugin ZdStatistics Cross-Site Scripting (2.0.1)	CVE-2014-4605 CWE-79	CWE-79	High
WordPress Plugin Zedity:The Easiest Way To Create Posts & Pages Cross-Site Scripting (2.5.0)	CWE-79	CWE-79	High
WordPress Plugin Zedity:The Easiest Way To Create Posts & Pages Unspecified Vulnerability (5.0.2)			High
WordPress Plugin Zedna Contact form Arbitrary File Upload (1.0)	CWE-434	CWE-434	High
WordPress Plugin Zedna Contact form Directory Traversal (1.1)	CWE-22	CWE-22	High
WordPress Plugin Zedna eBook download Directory Traversal (1.1)	CWE-22	CWE-22	High
WordPress Plugin ZeenShare Cross-Site Scripting (1.0.1)	CVE-2014-4606 CWE-79	CWE-79	High
WordPress Plugin zeList Directory Cross-Site Scripting (0.5.11.07)	CWE-79	CWE-79	High
WordPress Plugin Zendesk Chat Cross-Site Request Forgery (1.4.5)	CWE-352	CWE-352	High
WordPress Plugin Zendesk Chat Cross-Site Scripting (1.2.5)	CVE-2013-1808 CWE-79	CWE-79	High
WordPress Plugin Zendesk Chat Unspecified Vulnerability (1.3.9)			High
WordPress Plugin Zendesk Help Center by BestWebSoft Cross-Site Scripting (1.0.4)	CVE-2017-2171 CWE-79	CWE-79	High
WordPress Plugin Zeno Font Resizer Cross-Site Scripting (1.7.9)	CVE-2023-25442 CWE-79	CWE-79	High
WordPress Plugin Zephyr Project Manager Cross-Site Scripting (3.2.40)	CVE-2022-1822 CWE-79	CWE-79	High
WordPress Plugin Zephyr Project Manager Multiple Vulnerabilities (3.2.42)	CVE-2022-2840 CWE-79 CWE-89	CWE-79 CWE-89	High
WordPress Plugin Zero BS WordPress CRM Cross-Site Request Forgery (2.99.9)	CWE-352	CWE-352	High
WordPress Plugin Zero Spam SQL Injection (2.1.2)	CWE-89	CWE-89	High
WordPress Plugin Zibbra Cross-Site Scripting (1.7.0)	CWE-79	CWE-79	High
WordPress Plugin Zielke Specialized Catalog Arbitrary File Upload (3.0.7)	CWE-434	CWE-434	High
WordPress Plugin Zingiri Web Shop 'abspath' Parameter Remote File Include (2.4.6)	CWE-94	CWE-94	High
WordPress Plugin Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3)	CWE-95	CWE-95	High
WordPress Plugin Zingiri Web Shop 'uploadfilexd.php' Arbitrary File Upload (2.4.3)	CWE-434	CWE-434	High
WordPress Plugin Zingiri Web Shop 'wpabspath' Parameter Remote File Include (2.2.0)	CWE-94	CWE-94	High
WordPress Plugin Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7)	CWE-89	CWE-89	High
WordPress Plugin Zingiri Web Shop Cross-Site Scripting (2.4.2)	CWE-79	CWE-79	High
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (2.3.5)	CWE-79 CWE-89	CWE-79 CWE-89	High
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting Vulnerabilities (2.4.1)	CVE-2012-6506 CWE-79	CWE-79	High
WordPress Plugin Zingiri Web Shop Unspecified Vulnerability (2.6.5)			High
WordPress Plugin Zip Attachments Arbitrary File Download (1.4)	CVE-2015-4694 CWE-538	CWE-538	High
WordPress Plugin Zlick Paywall Security Bypass (2.2.1)	CWE-264	CWE-264	High
WordPress Plugin zM Ajax Login & Register Multiple Vulnerabilities (1.0.9)	CVE-2015-4153 CVE-2015-4465 CWE-22 CWE-79	CWE-22 CWE-79	High
WordPress Plugin ZM Gallery SQL Injection (1.0)	CWE-89	CWE-89	High
WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.6.9.1)	CVE-2019-19306 CWE-79	CWE-79	High
WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.7.2.8)	CVE-2021-33849 CWE-79	CWE-79	High
WordPress Plugin Zoho CRM Lead Magnet Unspecified Vulnerability (1.7.2.9)			High
WordPress Plugin Zoho SalesIQ Multiple Vulnerabilities (1.0.8)	CVE-2019-5962 CVE-2019-5963 CVE-2019-15644 CVE-2019-15645 CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin ZooEffect for Video player Photo Gallery Slideshow jQuery and audio/music/podcast-HTML Cross-Site Scripting (1.01)	CVE-2011-5180 CWE-79	CWE-79	High
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Arbitrary File Upload (2.0)	CWE-434	CWE-434	High
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Directory Traversal (6.45)	CVE-2021-39316 CWE-22	CWE-22	High
WordPress Plugin Zotpress 'citation' Parameter Cross-Site Scripting (2.6.1)	CWE-79	CWE-79	High
WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4)	CWE-89	CWE-89	High
WordPress Plugin Zotpress SQL Injection (6.1.2)	CVE-2016-1000217 CWE-89	CWE-89	High
WordPress Plugin ZTR Zeumic Work Timer Multiple Unspecified Vulnerabilities (1.0.6)			High
WordPress Plugin ZWM Zeumic Work Management Multiple Unspecified Vulnerabilities (1.0.11)			High
WordPress Plugin ZX_CSV Upload Multiple Vulnerabilities (1)	CWE-89 CWE-352	CWE-89 CWE-352	High
WordPress Possible Security Bypass Vulnerability (0.70 - 4.7.4)	CVE-2017-8295 CWE-264	CWE-264	High
WordPress Possible SQL Injection Vulnerability (0.70 - 3.6.1)	CVE-2017-16510 CWE-89	CWE-89	High
WordPress Same Origin Method Execution (SOME) Vulnerability (0.70 - 3.7.13)	CVE-2016-4566 CWE-79	CWE-79	High
WordPress Server-Side Request Forgery (3.7 - 6.1.1)	CVE-2022-3590 CWE-918	CWE-918	High
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-9066)	CVE-2017-9066 CWE-918	CWE-918	High
WordPress Super Socialat backdoor plugin	CWE-94	CWE-94	High
WordPress Theme OneTone: Unauthenticated Stored Cross-Site Scripting (XSS)	CVE-2019-17230 CVE-2019-17231 CWE-79	CWE-79	High
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2018-6389)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2023-22622)	CVE-2023-22622 CWE-400	CWE-400	High
WordPress Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-14028)	CVE-2018-14028 CWE-434	CWE-434	High
WordPress Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2017-5493)	CVE-2017-5493 CWE-338	CWE-338	High
WordPress Use of Insufficiently Random Values Vulnerability (CVE-2017-17091)	CVE-2017-17091 CWE-330	CWE-330	High
WordPress User-Agent SQL Injection Vulnerability (1.5.2)	CVE-2006-1012 CWE-89	CWE-89	High
WordPress W3 Total Cache plugin predictable cache filenames	CVE-2012-6077 CVE-2012-6078 CVE-2012-6079 CWE-200	CWE-200	High
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2014-6412)	CVE-2014-6412 CWE-640	CWE-640	High
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2020-11027)	CVE-2020-11027 CWE-640	CWE-640	High
WPEngine _wpeprivate/config.json information disclosure	CWE-200	CWE-200	High
X-Forwarded-For HTTP header security bypass	CWE-287	CWE-287	High