High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
WordPress Plugin Asset Manager 'upload.php' Arbitrary File Upload (0.3)	CWE-434	CWE-434	High
WordPress Plugin AStickyPostOrderER Cross-Site Scripting (0.3.1)	CWE-79	CWE-79	High
WordPress Plugin Async JavaScript Cross-Site Scripting (2.20.12.09)	CWE-79	CWE-79	High
WordPress Plugin Async JavaScript Security Bypass (2.19.07.14)	CWE-264	CWE-264	High
WordPress Plugin A to Z Category Listing 'R' Parameter SQL Injection (1.3)	CWE-89	CWE-89	High
WordPress Plugin Attached images title editor Cross-Site Scripting (1.1.1)	CWE-79	CWE-79	High
WordPress Plugin Attach Gallery Posts Cross-Site Scripting (1.6)	CWE-79	CWE-79	High
WordPress Plugin Attachment Manager Arbitrary File Upload (2.1.1)	CWE-434	CWE-434	High
WordPress Plugin Attendance Manager Multiple Vulnerabilities (0.5.6)	CVE-2019-5970 CVE-2019-5971 CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin Auctions 'upload.php' Arbitrary File Upload (2.0.1.3)	CWE-434	CWE-434	High
WordPress Plugin Audio 'showfile' Parameter Cross-Site Scripting (0.5.1)	CWE-79	CWE-79	High
WordPress Plugin Audio Player Cross-Site Scripting (2.0.4.5)	CVE-2013-1464 CWE-79	CWE-79	High
WordPress Plugin Audio Record Arbitrary File Upload (1.0)	CWE-434	CWE-434	High
WordPress Plugin Audit Trail Cross-Site Scripting (1.1.13)	CWE-79	CWE-79	High
WordPress Plugin Augmented reality Unspecified Vulnerability (1.2.0)			High
WordPress Plugin Authenticator Denial of Service (1.3.0)	CVE-2022-3994 CWE-400	CWE-400	High
WordPress Plugin Author Bio Box Cross-Site Scripting (3.3.1)	CVE-2021-39349 CWE-79	CWE-79	High
WordPress Plugin Author Chat Unspecified Vulnerability (1.9.0)			High
WordPress Plugin Authorize.net Payment Gateway For WooCommerce Security Bypass (2.0)	CWE-264	CWE-264	High
WordPress Plugin Author Manager Multiple Vulnerabilities (1.0)	CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin Author Page Views Cross-Site Scripting (1.0)	CWE-79	CWE-79	High
WordPress Plugin Author Periodic Report Cross-Site Scripting (1.0)	CWE-79	CWE-79	High
WordPress Plugin Author Stats Cross-Site Scripting (1.3)	CWE-79	CWE-79	High
WordPress Plugin Auto Affiliate Links Multiple SQL Injection Vulnerabilities (4.9.9.4)	CWE-89	CWE-89	High
WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Cross-Site Scripting (4.6.19)	CWE-79	CWE-79	High
WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Unspecified Vulnerability (2.0.3.4)			High
WordPress Plugin Auto Attachments TimThumb Arbitrary File Upload (0.3)	CVE-2011-4106 CWE-20	CWE-20	High
WordPress Plugin Autocomplete Wizard Unspecified Vulnerability (2.0)			High
WordPress Plugin Auto Group Join Cross-Site Scripting (1.0)	CWE-79	CWE-79	High
WordPress Plugin Automated Content for Real Estate Multiple Unspecified Vulnerabilities (5.4.2)			High
WordPress Plugin Automated Editor Cross-Site Scripting (1.3)	CWE-79	CWE-79	High
WordPress Plugin Automated Registration of the Course Multiple Cross-Site Scripting Vulnerabilities (1.0)	CWE-79	CWE-79	High
WordPress Plugin Automatic 'q' Parameter SQL Injection (2.0.3)	CWE-89	CWE-89	High
WordPress Plugin Automatic Online Backup 'url' Parameter Cross-Site Scripting (0.8.2)	CWE-79	CWE-79	High
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Cross-Site Request Forgery (2.5.0)	CVE-2023-23992 CWE-352	CWE-352	High
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Cross-Site Request Forgery (2.5.8)	CWE-352	CWE-352	High
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Security Bypass (1.7.5)	CVE-2021-24717 CWE-863	CWE-863	High
WordPress Plugin Automattic Stats Referer Field HTML Injection (1.0)	CWE-79	CWE-79	High
WordPress Plugin Autopilot SEO for WooCommerce Security Bypass (1.5.1)	CWE-264	CWE-264	High
WordPress Plugin Auto Post to Social Media-WordPress to Buffer Cross-Site Scripting (3.7.4)	CWE-79	CWE-79	High
WordPress Plugin Auto Prune Posts Cross-Site Request Forgery (1.8.0)	CVE-2023-27423 CWE-352	CWE-352	High
WordPress Plugin Autoptimize Cross-Site Scripting (2.8.3)	CVE-2021-24332 CWE-79	CWE-79	High
WordPress Plugin Autoptimize Cross-Site Scripting (3.1.0)	CVE-2022-2635 CWE-79	CWE-79	High
WordPress Plugin Autoptimize Multiple Vulnerabilities (2.1.0)	CWE-22 CWE-79	CWE-22 CWE-79	High
WordPress Plugin Autoptimize Multiple Vulnerabilities (2.7.6)	CVE-2020-24948 CWE-79 CWE-434	CWE-79 CWE-434	High
WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3)	CVE-2022-4790 CWE-79	CWE-79	High
WordPress Plugin Autoship Cloud PHP Object Injection (1.0.13)	CWE-915	CWE-915	High
WordPress Plugin Auto ThickBox Plus Cross-Site Scripting (1.9)	CWE-79	CWE-79	High
WordPress Plugin Availability Calendar Cross-Site Scripting (1.2.1)	CVE-2021-24604 CWE-79	CWE-79	High
WordPress Plugin Availability Calendar SQL Injection (1.2)	CVE-2021-24606 CWE-89	CWE-89	High
WordPress Plugin Avenir-soft Direct Download Multiple Vulnerabilities (1.0)	CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin AVH Extended Categories Widgets SQL Injection (4.0.0)	CWE-89	CWE-89	High
WordPress Plugin AVH Extended Categories Widgets Unspecified Vulnerability (4.0.2)			High
WordPress Plugin Aviary Image Editor Add-on For Gravity Forms Arbitrary File Upload (3.0)	CVE-2015-4455 CWE-434	CWE-434	High
WordPress Plugin AVK-Shop Multiple Cross-Site Scripting Vulnerabilities (1.1.1)	CWE-79	CWE-79	High
WordPress Plugin Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6)	CWE-89	CWE-89	High
WordPress Plugin Awesome Studio Cross-Site Scripting (1.0.7)	CWE-79	CWE-79	High
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (3.2.9)	CWE-79	CWE-79	High
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (5.8.0)	CVE-2019-20181 CWE-79	CWE-79	High
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (6.0.5)	CVE-2021-24435 CWE-79	CWE-79	High
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (6.0.6)	CVE-2021-36919 CWE-79	CWE-79	High
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1)	CWE-73 CWE-538	CWE-73 CWE-538	High
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Unspecified Vulnerability (6.0.7)			High
WordPress Plugin AW WordPress Yearly Category Archives Unspecified Vulnerability (1.2.1)			High
WordPress Plugin AzonPost Cross-Site Scripting (1.3)	CWE-79	CWE-79	High
WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More Security Bypass (4.6.00)	CVE-2023-3125 CVE-2023-3126 CWE-862	CWE-862	High
WordPress Plugin BA Book Everything Cross-Site Scripting (1.3.24)	CWE-79	CWE-79	High
WordPress Plugin Backend Localization Multiple Cross-Site Scripting Vulnerabilities (1.6.1)	CWE-79	CWE-79	High
WordPress Plugin Background Music Cross-Site Scripting (1.0)	CVE-2013-1942 CWE-79	CWE-79	High
WordPress Plugin Backlink Rechecker Multiple Cross-Site Scripting Vulnerabilities (1.2.1)	CWE-79	CWE-79	High
WordPress Plugin Backup & Restore Dropbox Multiple Vulnerabilities (1.4.7.5)	CWE-200 CWE-915	CWE-200 CWE-915	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'config' Parameter Local File Inclusion (3.0.3)	CWE-22	CWE-22	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'mosmsg' and 'option' Parameters Cross-Site Scripting Vulnerabilities (3.0)	CWE-79	CWE-79	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Arbitrary File Deletion (3.1.4)	CWE-73	CWE-73	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (3.1.0)	CVE-2014-2340 CWE-352	CWE-352	High