Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress Plugin Attached images title editor Cross-Site Scripting (1.1.1) CWE-79 CWE-79 High WordPress Plugin Attach Gallery Posts Cross-Site Scripting (1.6) CWE-79 CWE-79 High WordPress Plugin Attachment File Icons (AF Icons) Cross-Site Request Forgery (1.3) CVE-2024-6309 CWE-352 CWE-352 High WordPress Plugin Attachment Manager Arbitrary File Upload (2.1.1) CWE-434 CWE-434 High WordPress Plugin Attendance Manager Multiple Vulnerabilities (0.5.6) CVE-2019-5970 CVE-2019-5971 CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin Auctions 'upload.php' Arbitrary File Upload (2.0.1.3) CWE-434 CWE-434 High WordPress Plugin Audio 'showfile' Parameter Cross-Site Scripting (0.5.1) CWE-79 CWE-79 High WordPress Plugin Audio Player Cross-Site Scripting (2.0.4.5) CVE-2013-1464 CWE-79 CWE-79 High WordPress Plugin Audio Record Arbitrary File Upload (1.0) CWE-434 CWE-434 High WordPress Plugin Audit Trail Cross-Site Scripting (1.1.13) CWE-79 CWE-79 High WordPress Plugin Augmented reality Unspecified Vulnerability (1.2.0) High WordPress Plugin Authenticator Denial of Service (1.3.0) CVE-2022-3994 CWE-400 CWE-400 High WordPress Plugin Author Bio Box Cross-Site Scripting (3.3.1) CVE-2021-39349 CWE-79 CWE-79 High WordPress Plugin Author Chat Unspecified Vulnerability (1.9.0) High WordPress Plugin Authorize.net Payment Gateway For WooCommerce Security Bypass (2.0) CWE-264 CWE-264 High WordPress Plugin Author Manager Multiple Vulnerabilities (1.0) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin Author Page Views Cross-Site Scripting (1.0) CWE-79 CWE-79 High WordPress Plugin Author Periodic Report Cross-Site Scripting (1.0) CWE-79 CWE-79 High WordPress Plugin Author Stats Cross-Site Scripting (1.3) CWE-79 CWE-79 High WordPress Plugin Auto Affiliate Links Multiple SQL Injection Vulnerabilities (4.9.9.4) CWE-89 CWE-89 High WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Cross-Site Scripting (4.6.19) CWE-79 CWE-79 High WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Unspecified Vulnerability (2.0.3.4) High WordPress Plugin Auto Attachments TimThumb Arbitrary File Upload (0.3) CVE-2011-4106 CWE-20 CWE-20 High WordPress Plugin Autocomplete Wizard Unspecified Vulnerability (2.0) High WordPress Plugin Auto Featured Image Arbitrary File Upload (1.2) CVE-2024-6054 CWE-434 CWE-434 High WordPress Plugin Auto Group Join Cross-Site Scripting (1.0) CWE-79 CWE-79 High WordPress Plugin Automated Content for Real Estate Multiple Unspecified Vulnerabilities (5.4.2) High WordPress Plugin Automated Editor Cross-Site Scripting (1.3) CWE-79 CWE-79 High WordPress Plugin Automated Registration of the Course Multiple Cross-Site Scripting Vulnerabilities (1.0) CWE-79 CWE-79 High WordPress Plugin Automatic Online Backup 'url' Parameter Cross-Site Scripting (0.8.2) CWE-79 CWE-79 High WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Cross-Site Request Forgery (2.5.0) CVE-2023-23992 CWE-352 CWE-352 High WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Cross-Site Request Forgery (2.5.8) CWE-352 CWE-352 High WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Security Bypass (1.7.5) CVE-2021-24717 CWE-863 CWE-863 High WordPress Plugin Automattic Stats Referer Field HTML Injection (1.0) CWE-79 CWE-79 High WordPress Plugin Autopilot SEO for WooCommerce Security Bypass (1.5.1) CWE-264 CWE-264 High WordPress Plugin Auto Post to Social Media-WordPress to Buffer Cross-Site Scripting (3.7.4) CWE-79 CWE-79 High WordPress Plugin Auto Prune Posts Cross-Site Request Forgery (1.8.0) CVE-2023-27423 CWE-352 CWE-352 High WordPress Plugin Autoptimize Cross-Site Scripting (2.8.3) CVE-2021-24332 CWE-79 CWE-79 High WordPress Plugin Autoptimize Cross-Site Scripting (3.1.0) CVE-2022-2635 CWE-79 CWE-79 High WordPress Plugin Autoptimize Multiple Vulnerabilities (2.1.0) CWE-22 CWE-79 CWE-22 CWE-79 High WordPress Plugin Autoptimize Multiple Vulnerabilities (2.7.6) CVE-2020-24948 CWE-79 CWE-434 CWE-79 CWE-434 High WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3) CVE-2022-4790 CWE-79 CWE-79 High WordPress Plugin Autoship Cloud PHP Object Injection (1.0.13) CWE-915 CWE-915 High WordPress Plugin Auto ThickBox Plus Cross-Site Scripting (1.9) CWE-79 CWE-79 High WordPress Plugin Availability Calendar Cross-Site Scripting (1.2.1) CVE-2021-24604 CWE-79 CWE-79 High WordPress Plugin Availability Calendar SQL Injection (1.2) CVE-2021-24606 CWE-89 CWE-89 High WordPress Plugin Avenir-soft Direct Download Multiple Vulnerabilities (1.0) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin AVH Extended Categories Widgets SQL Injection (4.0.0) CWE-89 CWE-89 High WordPress Plugin AVH Extended Categories Widgets Unspecified Vulnerability (4.0.2) High WordPress Plugin Aviary Image Editor Add-on For Gravity Forms Arbitrary File Upload (3.0) CVE-2015-4455 CWE-434 CWE-434 High WordPress Plugin AVK-Shop Multiple Cross-Site Scripting Vulnerabilities (1.1.1) CWE-79 CWE-79 High WordPress Plugin Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6) CWE-89 CWE-89 High WordPress Plugin Awesome Studio Cross-Site Scripting (1.0.7) CWE-79 CWE-79 High WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (3.2.9) CWE-79 CWE-79 High WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (5.8.0) CVE-2019-20181 CWE-79 CWE-79 High WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (6.0.5) CVE-2021-24435 CWE-79 CWE-79 High WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (6.0.6) CVE-2021-36919 CWE-79 CWE-79 High WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1) CWE-73 CWE-538 CWE-73 CWE-538 High WordPress Plugin Awesome Support-WordPress HelpDesk & Support Unspecified Vulnerability (6.0.7) High WordPress Plugin AWSM Team-Team Showcase Local File Inclusion (1.3.1) CVE-2024-37454 CWE-22 CWE-22 High WordPress Plugin AW WordPress Yearly Category Archives Unspecified Vulnerability (1.2.1) High WordPress Plugin AzonPost Cross-Site Scripting (1.3) CWE-79 CWE-79 High WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More Security Bypass (4.6.00) CVE-2023-3125 CVE-2023-3126 CWE-862 CWE-862 High WordPress Plugin BA Book Everything Cross-Site Scripting (1.3.24) CWE-79 CWE-79 High WordPress Plugin Backend Localization Multiple Cross-Site Scripting Vulnerabilities (1.6.1) CWE-79 CWE-79 High WordPress Plugin Background Music Cross-Site Scripting (1.0) CVE-2013-1942 CWE-79 CWE-79 High WordPress Plugin Backlink Rechecker Multiple Cross-Site Scripting Vulnerabilities (1.2.1) CWE-79 CWE-79 High WordPress Plugin Backup & Restore Dropbox Multiple Vulnerabilities (1.4.7.5) CWE-200 CWE-915 CWE-200 CWE-915 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'config' Parameter Local File Inclusion (3.0.3) CWE-22 CWE-22 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'mosmsg' and 'option' Parameters Cross-Site Scripting Vulnerabilities (3.0) CWE-79 CWE-79 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Arbitrary File Deletion (3.1.4) CWE-73 CWE-73 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (3.1.0) CVE-2014-2340 CWE-352 CWE-352 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (4.2.152) CVE-2020-35950 CWE-352 CWE-352 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.2) CWE-79 CWE-79 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.4) CWE-79 CWE-79 High 1...71727374...169 72 / 169
