High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (4.2.152)	CVE-2020-35950 CWE-352	CWE-352	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.2)	CWE-79	CWE-79	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.4)	CWE-79	CWE-79	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Directory Traversal (3.1.4)	CWE-22	CWE-22	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Multiple Vulnerabilities (3.1.1)	CVE-2014-8603 CVE-2014-8604 CVE-2014-8605 CVE-2014-8606 CVE-2014-8607 CVE-2014-8813 CWE-22 CWE-78 CWE-200	CWE-22 CWE-78 CWE-200	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Security Bypass (4.2.12)	CVE-2020-35948 CWE-264	CWE-264	High
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner SQL Injection (4.2.161)	CWE-89	CWE-89	High
WordPress Plugin Backup and Restore WordPress-WPBackItUp Arbitrary File Deletion (1.15.3)	CWE-73	CWE-73	High
WordPress Plugin Backup and Restore WordPress-WPBackItUp Cross-Site Request Forgery (1.6.7)	CWE-352	CWE-352	High
WordPress Plugin Backup and Restore WordPress-WPBackItUp Multiple Vulnerabilities (1.9)	CVE-2014-8805 CVE-2014-9012 CWE-264 CWE-538	CWE-264 CWE-538	High
WordPress Plugin Backup and Staging by WP Time Capsule PHP Object Injection (1.21.9)	CWE-915	CWE-915	High
WordPress Plugin Backup and Staging by WP Time Capsule Security Bypass (1.21.15)	CVE-2020-8771 CWE-287	CWE-287	High
WordPress Plugin Backup Bank:WordPress Backup Security Bypass (4.0.28)	CVE-2023-28165 CWE-862	CWE-862	High
WordPress Plugin BackupBuddy Arbitrary File Download (8.7.4.1)	CVE-2022-31474 CWE-22	CWE-22	High
WordPress Plugin BackupBuddy Information Disclosure (2.2.28)	CVE-2013-2743 CVE-2013-2744 CWE-200	CWE-200	High
WordPress Plugin BackupBuddy Multiple Vulnerabilities (8.0.1.8)	CWE-352 CWE-915	CWE-352 CWE-915	High
WordPress Plugin Backup by Supsystic Local File Inclusion (2.3.9)	CWE-22	CWE-22	High
WordPress Plugin Backup Scheduler Cross-Site Request Forgery (1.5.13)	CVE-2022-38079 CWE-352	CWE-352	High
WordPress Plugin BackUpWordPress Remote File Inclusion (0.4.2b)	CVE-2007-5800 CWE-94	CWE-94	High
WordPress Plugin BackUpWordPress Unspecified Vulnerability (3.12)			High
WordPress Plugin BackWPup 'wp_export_generate.php' Local and Remote File Include Vulnerabilities (2.1.4)	CWE-94	CWE-94	High
WordPress Plugin BackWPup Cross-Site Scripting (3.0.12)	CVE-2013-4626 CWE-79	CWE-79	High
WordPress Plugin BackWPup Cross-Site Scripting (3.2.3)	CWE-79	CWE-79	High
WordPress Plugin BackWPup Cross-Site Scripting (3.2.5)	CWE-79	CWE-79	High
WordPress Plugin BackWPup Multiple Local File Include Vulnerabilities (1.5.2)	CWE-22	CWE-22	High
WordPress Plugin BackWPup Multiple Unspecified Vulnerabilities (3.2.1)			High
WordPress Plugin BackWPup Remote and Local Code Execution (1.6.1)	CVE-2011-4342 CVE-2011-5208 CWE-22 CWE-94	CWE-22 CWE-94	High
WordPress Plugin BackWPup Security Bypass (3.4.1)	CVE-2017-2551 CWE-552	CWE-552	High
WordPress Plugin BackWPup Unspecified Vulnerability (3.3)			High
WordPress Plugin BackWPup Unspecified Vulnerability (3.4.3)			High
WordPress Plugin Bad Behavior Multiple Cross-Site Scripting Vulnerabilities (2.2.4)	CVE-2012-4271 CWE-79	CWE-79	High
WordPress Plugin Bad Behavior Multiple Vulnerabilities (2.2.18)	CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin Badgearoo Cross-Site Scripting (1.0.8)	CWE-79	CWE-79	High
WordPress Plugin Badge Designer Lite For WooCommerce includes Backdoor [Only if downloaded via the vendor website] (1.1.0)	CVE-2021-24867 CWE-912	CWE-912	High
WordPress Plugin BadgeOS SQL Injection (3.7.0)	CVE-2022-0817 CWE-89	CWE-89	High
WordPress Plugin BadgeOS SQL Injection (3.7.1.2)	CVE-2022-2958 CWE-89	CWE-89	High
WordPress Plugin Baggage Freight Shipping Australia Arbitrary File Upload (0.1.0)	CWE-434	CWE-434	High
WordPress Plugin Bangla Sidebar Login Cross-Site Scripting (1.0)	CWE-79	CWE-79	High
WordPress Plugin Banner Cycler Cross-Site Request Forgery (1.4)	CVE-2022-2233 CWE-352	CWE-352	High
WordPress Plugin Banner Effect Header Cross-Site Request Forgery (1.2.6)	CVE-2015-0920 CWE-352	CWE-352	High
WordPress Plugin Banner Effect Header Cross-Site Scripting (1.2.7)	CVE-2015-1384 CWE-79	CWE-79	High
WordPress Plugin Banner Garden Multiple Cross-Site Scripting Vulnerabilities (0.1.3)	CWE-79	CWE-79	High
WordPress Plugin Bannerlid Cross-Site Scripting (1.1.0)	CWE-79	CWE-79	High
WordPress Plugin BannerMan Cross-Site Scripting (0.2.4)	CVE-2014-4845 CWE-79	CWE-79	High
WordPress Plugin Banner Slider Cross-Site Scripting (1.0)	CWE-79	CWE-79	High
WordPress Plugin Basic Dev Tools Multiple Cross-Site Scripting Vulnerabilities (1.4.1)	CWE-79	CWE-79	High
WordPress Plugin Basic Google Maps Placemarks Cross-Site Scripting (1.10.2)	CWE-79	CWE-79	High
WordPress Plugin Batch-Move Posts Unspecified Vulnerability (1.5)			High
WordPress Plugin Batch Cat Security Bypass (0.3)	CVE-2021-24788 CWE-264	CWE-264	High
WordPress Plugin Battle Suit for Divi Security Bypass (1.10.1)	CWE-264	CWE-264	High
WordPress Plugin BAVOKO SEO Tools-All-in-One WordPress SEO Security Bypass (2.1.9.7)	CWE-264	CWE-264	High
WordPress Plugin bbPress Cross-Site Scripting (2.5.6)	CWE-79	CWE-79	High
WordPress Plugin bbPress Cross-Site Scripting (2.5.8)	CWE-79	CWE-79	High
WordPress Plugin bbPress Cross-Site Scripting (2.5.9)	CWE-79	CWE-79	High
WordPress Plugin bbPress Like Button SQL Injection (1.5)	CWE-89	CWE-89	High
WordPress Plugin bbPress Login Register Links On Forum Topic Pages Cross-Site Request Forgery (2.7.5)	CWE-352	CWE-352	High
WordPress Plugin bbPress Members Only Cross-Site Request Forgery (1.2.1)	CWE-352	CWE-352	High
WordPress Plugin bbPress Move Topics PHP Object Injection (1.1.4)	CVE-2018-21005 CWE-915	CWE-915	High
WordPress Plugin bbPress Multiple Vulnerabilities (2.6.4)	CVE-2020-13487 CVE-2020-13693 CWE-79 CWE-264	CWE-79 CWE-264	High
WordPress Plugin bbPress Security Bypass (2.6.3)	CWE-264	CWE-264	High
WordPress Plugin bbPress Social Network Multiple Cross-Site Scripting Vulnerabilities (9.2)	CWE-79	CWE-79	High
WordPress Plugin bbPress SQL Injection (2.5.14)	CWE-89	CWE-89	High
WordPress Plugin BBS e-Franchise SQL Injection (1.1.1)	CWE-89	CWE-89	High
WordPress Plugin BCS BatchLine Book Importer Security Bypass (1.5.7)	CWE-264	CWE-264	High
WordPress Plugin Beautiful FAQ for WordPress-Everest FAQ Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.8)	CVE-2021-24867 CWE-912	CWE-912	High
WordPress Plugin Beautiful Stat Counter for WordPress-Everest Counter Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.7)	CVE-2021-24867 CWE-912	CWE-912	High
WordPress Plugin Beaver Builder-WordPress Page Builder Multiple Cross-Site Scripting Vulnerabilities (2.5.5.2)	CVE-2022-2517 CVE-2022-2695 CVE-2022-2716 CVE-2022-2934 CWE-79	CWE-79	High
WordPress Plugin Beaver Builder-WordPress Page Builder Security Bypass (1.7)	CWE-264	CWE-264	High
WordPress Plugin BeCustom Cross-Site Request Forgery (1.0.5.2)	CVE-2022-3747 CWE-352	CWE-352	High
WordPress Plugin Beer Recipes Cross-Site Scripting (1.0)	CWE-79	CWE-79	High
WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)	CVE-2022-1186 CWE-200	CWE-200	High
WordPress Plugin BePro Listings Arbitrary File Upload (2.2.0020)	CWE-434	CWE-434	High
WordPress Plugin BePro Listings Security Bypass (2.2.0020)	CWE-264	CWE-264	High
WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Cross-Site Scripting (1.4.31)	CWE-79	CWE-79	High
WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Cross-Site Scripting (1.8.14)	CVE-2019-20182 CWE-79	CWE-79	High