Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity WordPress plugin Custom Contact Forms critical vulnerability CWE-287 CWE-287 High WordPress Plugin Custom Contact Forms Multiple Cross-Site Scripting Vulnerabilities (5.0.0.1) CWE-79 CWE-79 High WordPress Plugin Custom Contact Forms Security Bypass (5.1.0.3) CWE-264 CWE-264 High WordPress Plugin Custom Content Type Manager 'upload_form.php' Arbitrary File Upload (0.9.5.13) CWE-434 CWE-434 High WordPress Plugin Custom Content Type Manager Backdoor (0.9.8.8) CWE-95 CWE-95 High WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5) CVE-2015-3173 CWE-94 CWE-94 High WordPress Plugin Custom css-js-php Cross-Site Request Forgery (2.0.7) CWE-352 CWE-352 High WordPress Plugin Custom css-js-php Unspecified Vulnerability (2.0.2) High WordPress Plugin Custom CSS Pro Cross-Site Request Forgery (1.0.3) CVE-2019-5984 CWE-352 CWE-352 High WordPress Plugin Custom Dashboard & Login Page-AGCA Cross-Site Request Forgery (6.5.4) CWE-352 CWE-352 High WordPress Plugin Custom Dashboard & Login Page-AGCA Cross-Site Scripting (6.9.1) CVE-2021-36823 CWE-79 CWE-79 High WordPress Plugin Custom Dashboard & Login Page-AGCA Multiple Unspecified Vulnerabilities (1.5.4.2) High WordPress Plugin Customer Reviews for WooCommerce Cross-Site Scripting (5.16.0) CVE-2023-0079 CWE-79 CWE-79 High WordPress Plugin Customer Reviews for WooCommerce Local File Inclusion (5.15.0) CVE-2023-0080 CWE-22 CWE-22 High WordPress Plugin Customer Reviews for WooCommerce Multiple Vulnerabilities (5.3.5) CVE-2022-38134 CVE-2022-38470 CVE-2022-40194 CWE-200 CWE-352 CWE-863 CWE-200 CWE-352 CWE-863 High WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.5.1) CWE-79 CWE-79 High WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.10.3) CVE-2021-24622 CWE-79 CWE-79 High WordPress Plugin Custom Fields Search by BestWebSoft Cross-Site Scripting (1.3.1) CVE-2017-2171 CWE-79 CWE-79 High WordPress Plugin Custom Field Suite Cross-Site Request Forgery (2.5.15) CWE-352 CWE-352 High WordPress Plugin Custom Field Suite Cross-Site Scripting (2.5.14) CVE-2019-11871 CWE-79 CWE-79 High WordPress Plugin Custom Field Suite Security Bypass (2.4) CWE-264 CWE-264 High WordPress Plugin Custom Field Template Cross-Site Request Forgery (2.5.1) CWE-352 CWE-352 High WordPress Plugin Custom Field Template PHP Object Injection (2.5.7) CVE-2022-4324 CWE-915 CWE-915 High WordPress Plugin Custom Frontend Login Registration Form Multiple Cross-Site Scripting Vulnerabilities (1.01) CWE-79 CWE-79 High WordPress Plugin Custom Global Variables Cross-Site Scripting (1.0.5) CWE-79 CWE-79 High WordPress Plugin Customify-Intuitive Website Styling Cross-Site Request Forgery (2.10.4) CVE-2023-27633 CWE-352 CWE-352 High WordPress Plugin Customize Feeds for Twitter Cross-Site Request Forgery (1.8.8) CWE-352 CWE-352 High WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure (1.8.6) CVE-2022-0345 CWE-200 CWE-200 High WordPress Plugin Customize Youtube Videos Multiple Vulnerabilities (0.2) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin Custom Login Cross-Site Scripting (3.2) CWE-79 CWE-79 High WordPress Plugin Custom Login Page Customizer-LoginPress Multiple Vulnerabilities (1.1.13) CVE-2019-15871 CVE-2019-15872 CWE-89 CWE-264 CWE-89 CWE-264 High WordPress Plugin Custom Login Page Customizer-LoginPress Unspecified Vulnerability (1.1.15) High WordPress Plugin Custom Login Redirect Cross-Site Request Forgery (1.0.0) CVE-2021-24536 CWE-352 CWE-352 High WordPress Plugin Custom Map Cross-Site Scripting (1.1) CVE-2017-17744 CWE-79 CWE-79 High WordPress Plugin Custom Menu Cross-Site Scripting (1.3.3) CVE-2021-38321 CWE-79 CWE-79 High WordPress Plugin Custom Metas Cross-Site Scripting (1.5.1) CWE-79 CWE-79 High WordPress Plugin Custom Permalinks SQL Injection (1.1) CWE-89 CWE-89 High WordPress Plugin Custom Permalinks Unspecified Vulnerability (0.7.15) High WordPress Plugin Custom Post Type Relations Cross-Site Scripting (1.0) CVE-2021-34654 CWE-79 CWE-79 High WordPress Plugin Custom Post Types and Custom Fields creator-WCK Multiple Unspecified Vulnerabilities (1.2.9) High WordPress Plugin Custom Post Type UI 'wp-admin/admin.php' Cross-Site Scripting (0.7) CWE-79 CWE-79 High WordPress Plugin Custom Post Type UI Cross-Site Request Forgery (1.7.3) CWE-352 CWE-352 High WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.0.6) CWE-79 CWE-79 High WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.1.1) CWE-79 CWE-79 High WordPress Plugin Custom Post View Generator Cross-Site Scripting (0.4.6) CVE-2021-24605 CWE-79 CWE-79 High WordPress Plugin Custom Scrollbar Designer Cross-Site Scripting (1.0) CVE-2021-24435 CWE-79 CWE-79 High WordPress Plugin Custom Searchable Data Entry System Security Bypass (1.7.1) CVE-2020-10817 CWE-264 CWE-264 High WordPress Plugin Custom Search by BestWebSoft Cross-Site Scripting (1.35) CVE-2017-2171 CVE-2017-2171 CVE-2017-18494 CWE-79 CWE-79 High WordPress Plugin Custom Search by BestWebSoft Unspecified Vulnerability (1.21) High WordPress Plugin Custom Sidebars-Dynamic Widget Area Manager Cross-Site Scripting (2.1.0.1) CWE-79 CWE-79 High WordPress Plugin Custom Sidebars-Dynamic Widget Area Manager Multiple Vulnerabilities (3.0.8) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin Custom Simple Rss Cross-Site Request Forgery (2.0.6) CVE-2019-14327 CWE-352 CWE-352 High WordPress Plugin Custom Tables 'key' Parameter Cross-Site Scripting (3.4.4) CWE-79 CWE-79 High WordPress Plugin Custom Text Selection Colors Cross-Site Scripting (1.0) CVE-2021-24435 CWE-79 CWE-79 High WordPress Plugin Custom Website Data Cross-Site Request Forgery (1.2) CWE-352 CWE-352 High WordPress Plugin Custom Website Data Cross-Site Scripting (1.0) CWE-79 CWE-79 High WordPress Plugin Custom Website Data Cross-Site Scripting (2.2) CVE-2021-38347 CWE-79 CWE-79 High WordPress Plugin CWIS-Antivirus Security Scanner Unspecified Vulnerability (2.3.2) High WordPress Plugin CYSTEME Finder, the admin files explorer Cross-Site Request Forgery (1.4) CWE-352 CWE-352 High WordPress Plugin CYSTEME Finder, the admin files explorer Multiple Vulnerabilities (1.3) CWE-434 CWE-538 CWE-434 CWE-538 High WordPress Plugin CYSTEME Finder, the admin files explorer Unspecified Vulnerability (1.7) High WordPress Plugin Daily Inspiration Generator Cross-Site Scripting (2.0) CWE-79 CWE-79 High WordPress Plugin Daily Inspiration Generator Open Redirect (2.0) CWE-601 CWE-601 High WordPress Plugin Daily Maui Photo Widget Multiple Cross-Site Scripting Vulnerabilities (0.2) CWE-79 CWE-79 High WordPress Plugin Daily Prayer Time Cross-Site Request Forgery (2023.03.08) CVE-2023-27632 CWE-352 CWE-352 High WordPress Plugin Daily Prayer Time Cross-Site Scripting (2021.08.07) CVE-2021-24523 CWE-79 CWE-79 High WordPress Plugin Daily Prayer Time Cross-Site Scripting (2023.03.20) CVE-2023-27631 CWE-79 CWE-79 High WordPress Plugin Daily Prayer Time SQL Injection (2022.02.28) CVE-2022-0785 CWE-89 CWE-89 High WordPress Plugin DandyID Services Cross-Site Request Forgery (1.5.9) CVE-2014-9335 CWE-352 CWE-352 High WordPress Plugin Dark Mode Cross-Site Scripting (1.6) CVE-2018-5651 CVE-2018-5652 CWE-79 CWE-79 High WordPress Plugin Database Backup for WordPress 'edit.php' Directory Traversal (1.7) CVE-2006-4208 CWE-22 CWE-22 High WordPress Plugin Database Backup for WordPress Cross-Site Scripting (2.3.3) CVE-2021-24322 CWE-79 CWE-79 High WordPress Plugin Database Backups Cross-Site Request Forgery (1.2.2.6) CVE-2021-24174 CWE-352 CWE-352 High WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Arbitrary File Upload (1.3.2) CVE-2024-1069 CWE-434 CWE-434 High WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.1.5) CWE-79 CWE-79 High 1...84858687...169 85 / 169
