Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity WordPress Plugin Fancy Product Designer-WooCommerce Arbitrary File Upload (4.5.1) CWE-434 CWE-434 High WordPress Plugin Fancy Product Designer-WooCommerce Arbitrary File Upload (4.6.8) CVE-2021-24370 CWE-434 CWE-434 High WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Request Forgery (4.7.5) CVE-2021-4096 CWE-352 CWE-352 High WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (3.4.1) CWE-79 CWE-79 High WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (4.5.0) CWE-79 CWE-79 High WordPress Plugin Fancy Product Designer-WooCommerce SQL Injection (4.7.4) CVE-2021-4134 CWE-89 CWE-89 High WordPress Plugin Fancy Slideshows Security Bypass (2.4) CWE-264 CWE-264 High WordPress Plugin FAQ Multiple Cross-Site Scripting Vulnerabilities (1.0.14) CWE-79 CWE-79 High WordPress Plugin FAQs Manager Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.0) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin FAQs Manager SQL Injection (1.0) CWE-89 CWE-89 High WordPress Plugin Far Future Expiry Header Cross-Site Request Forgery (1.4) CVE-2021-24799 CWE-352 CWE-352 High WordPress Plugin Faster and Easier scroll to Top for WordPress-Smart Scroll to Top Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.3) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin Fast Image Adder Arbitrary File Upload (1.1) CVE-2015-1000001 CWE-434 CWE-434 High WordPress Plugin Fast Secure Contact Form 'index.php' Cross-Site Scripting (3.0.3.1) CWE-79 CWE-79 High WordPress Plugin Fast Secure Contact Form-Clockwork SMS Cross-Site Scripting (2.1.2) CVE-2017-17780 CWE-79 CWE-79 High WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.35) CWE-79 CWE-79 High WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.37) CWE-79 CWE-79 High WordPress Plugin Fast Secure Contact Form Remote Code Execution (4.0.44) CVE-2016-10033 CVE-2016-10045 CWE-94 CWE-94 High WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6) CVE-2019-19983 CWE-200 CWE-200 High WordPress Plugin Fathom Analytics Cross-Site Scripting (3.0.4) CVE-2021-41836 CWE-79 CWE-79 High WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.2.12) CWE-79 CWE-79 High WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.3.20) CVE-2021-24437 CWE-79 CWE-79 High WordPress Plugin Favicon by RealFaviconGenerator Unspecified Vulnerability (1.2.13) High WordPress Plugin FavIcon Switcher Cross-Site Request Forgery (1.2.11) CVE-2022-40219 CWE-352 CWE-352 High WordPress Plugin FB Survey Pro 'id' Parameter SQL Injection (1.0) CWE-89 CWE-89 High WordPress Plugin FCChat Widget 'path' Parameter Cross-Site Scripting (2.1.7) CWE-79 CWE-79 High WordPress Plugin FCChat Widget 'Upload.php' Arbitrary File Upload (2.2.13.1) CVE-2012-3578 CWE-264 CWE-264 High WordPress Plugin FD Feedburner Cross-Site Request Forgery (1.42) CWE-352 CWE-352 High WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.1) CVE-2014-4163 CWE-352 CWE-352 High WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.4) CWE-352 CWE-352 High WordPress Plugin Featured Content 'param' Parameter Cross-Site Scripting (0.0.1) CWE-79 CWE-79 High WordPress Plugin Featured Posts by BestWebSoft Cross-Site Scripting (1.0.0) CVE-2017-2171 CWE-79 CWE-79 High WordPress Plugin Featured Post with thumbnail Unspecified Vulnerability (1.4) High WordPress Plugin Featured Video Plus Unspecified Vulnerability (2.2.3) High WordPress Plugin Feature Slideshow 'src' Parameter Cross-Site Scripting (1.0.6beta) CWE-79 CWE-79 High WordPress Plugin Featurific For WordPress 'snum' Parameter Cross-Site Scripting (1.6.2) CVE-2011-5265 CWE-79 CWE-79 High WordPress Plugin Feed Changer & Remover Cross-Site Scripting (0.2) CVE-2023-25795 CWE-79 CWE-79 High WordPress Plugin Feedify-Web Push Notifications Cross-Site Scripting (2.1.8) CVE-2021-38352 CWE-79 CWE-79 High WordPress Plugin Feedify Remote Code Execution (2.0.0) CWE-94 CWE-94 High WordPress Plugin FeedList 'handler_image.php' Cross-Site Scripting (2.61.01) CVE-2010-4637 CWE-79 CWE-79 High WordPress Plugin Feed Statistics Open Redirect (3.0) CVE-2018-17074 CWE-601 CWE-601 High WordPress Plugin Feed Them Gallery Cross-Site Scripting (1.1.8) CWE-79 CWE-79 High WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Request Forgery (2.8.6) CWE-352 CWE-352 High WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (1.6.9) CVE-2015-9350 CWE-79 CWE-79 High WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (2.5.2.1) CWE-79 CWE-79 High WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Multiple Vulnerabilities (2.9.9) CVE-2022-2940 CVE-2022-2942 CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5) CVE-2022-2437 CWE-502 CWE-502 High WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Unspecified Vulnerability (1.9.3) High WordPress Plugin Feedweb Cross-Site Scripting (1.8.8) CVE-2013-3720 CWE-79 CWE-79 High WordPress Plugin Feedweb Cross-Site Scripting (2.4) CWE-79 CWE-79 High WordPress Plugin Feedweb Unspecified Vulnerability (3.0.7) High WordPress Plugin Feedweb Unspecified Vulnerability (3.0.10) High WordPress Plugin FeedWordPress Cross-Site Scripting (2014.0805) CWE-79 CWE-79 High WordPress Plugin FeedWordPress Multiple Vulnerabilities (2015.0426) CVE-2015-4018 CWE-79 CWE-89 CWE-79 CWE-89 High WordPress Plugin Fetch Tweets Cross-Site Scripting (2.6.4) CWE-79 CWE-79 High WordPress Plugin Fetch Tweets Unspecified Vulnerability (1.3.3.6) High WordPress Plugin fGallery SQL Injection (2.4.1) CVE-2008-0491 CWE-89 CWE-89 High WordPress Plugin FG Joomla to WordPress Cross-Site Scripting (3.30.0) CWE-79 CWE-79 High WordPress Plugin FG PrestaShop to WooCommerce Cross-Site Scripting (3.19.1) CWE-79 CWE-79 High WordPress Plugin File Away Multiple Unspecified Vulnerabilities (3.8.4) High WordPress Plugin FileBird-WordPress Media Library Folders & File Manager Cross-Site Scripting (2.4) CWE-79 CWE-79 High WordPress Plugin FileBird-WordPress Media Library Folders & File Manager SQL Injection (4.7.3) CVE-2021-24385 CWE-89 CWE-89 High WordPress Plugin File Browser, Manager, Backup (+ Database) Security Bypass (1.23) CWE-287 CWE-287 High WordPress Plugin Filedownload 'download.php' Local File Disclosure (0.1) CWE-22 CWE-22 High WordPress Plugin Filedownload Multiple Vulnerabilities (1.4) CVE-2015-1000002 CVE-2015-1000003 CVE-2015-1000004 CWE-79 CWE-89 CWE-441 CWE-79 CWE-89 CWE-441 High WordPress Plugin File Gallery Remote Code Execution (1.7.9) CVE-2014-2558 CWE-94 CWE-94 High WordPress Plugin File Groups 'fgid' Parameter SQL Injection (1.1.2) CWE-89 CWE-89 High WordPress Plugin File Manager Advanced Shortcode Arbitrary File Upload (2.5.3) CVE-2023-7061 CWE-434 CWE-434 High WordPress Plugin File Manager Advanced Shortcode Directory Traversal (2.4) CVE-2023-7062 CWE-22 CWE-22 High WordPress Plugin File Manager Arbitrary File Upload (6.8) CVE-2020-25213 CWE-434 CWE-434 High WordPress Plugin File Manager Cross-Site Request Forgery (3.0.1) CWE-352 CWE-352 High WordPress Plugin File Manager Cross-Site Request Forgery (7.2.4) CVE-2024-1538 CWE-352 CWE-352 High WordPress Plugin File Manager Cross-Site Scripting (2.9) CVE-2018-16363 CWE-79 CWE-79 High WordPress Plugin File Manager Cross-Site Scripting (7.0) CVE-2021-24177 CWE-79 CWE-79 High WordPress Plugin File Manager Directory Traversal (7.2.5) CVE-2024-2654 CWE-22 CWE-22 High 1...93949596...169 94 / 169
