Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.10) CVE-2024-5325 CWE-89 CWE-89 High WordPress Plugin Form Vibes-Database Manager for Forms Unspecified Vulnerability (1.4.2) High WordPress Plugin ForumConverter SQL Injection (1.11) CWE-89 CWE-89 High WordPress Plugin Forums 'url' Parameter Arbitrary File Disclosure (1.4.3) CVE-2012-4920 CWE-22 CWE-22 High WordPress Plugin Forym-Modern Discussion Forum for Wordpress-Forums Cross-Site Scripting (1.5.8) CWE-79 CWE-79 High WordPress Plugin Fotobook Cross-Site Scripting (3.2.3) CWE-79 CWE-79 High WordPress Plugin FourSquare Checkins Cross-Site Request Forgery (1.2) CVE-2013-2709 CWE-352 CWE-352 High WordPress Plugin Fourteen Extended Cross-Site Scripting (1.2.31) CVE-2014-5156 CWE-79 CWE-79 High WordPress Plugin FoxyPress 'uploadify.php' Arbitrary File Upload (0.4.2.1) CWE-434 CWE-434 High WordPress Plugin FoxyPress Multiple Vulnerabilities (0.4.2.5) CWE-79 CWE-89 CWE-352 CWE-434 CWE-79 CWE-89 CWE-352 CWE-434 High WordPress Plugin FoxyShop Cross-Site Scripting (4.6) CWE-79 CWE-79 High WordPress Plugin FPW Category Thumbnails Multiple Unspecified Vulnerabilities (1.6.7) High WordPress Plugin Free Booking for Hotels, Restaurant and Car Rental-eaSYNC Arbitrary File Upload (1.1.15) CVE-2022-1952 CWE-434 CWE-434 High WordPress Plugin Free counter Cross-Site Scripting (1.1) CVE-2015-4084 CWE-79 CWE-79 High WordPress Plugin Free Live Chat Support Cross-Site Request Forgery (1.0.11) CVE-2022-2039 CWE-352 CWE-352 High WordPress Plugin FreeMind WP Browser Cross-Site Request Forgery (1.2) CVE-2022-2443 CWE-352 CWE-352 High WordPress Plugin Free Responsive Post/Article Author Section for WordPress-Ultimate Author Box Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin Free Responsive Tab For WordPress-Everest Tab Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.3) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin Freetobook review widget Unspecified Vulnerability (1.0) High WordPress Plugin freetobook widget Unspecified Vulnerability (1.0.5) High WordPress Plugin Free WordPress To Display Like/Dislike Comment Rating-Everest Comment Rating Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.4) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin FreshMail For WordPress Multiple SQL Injection Vulnerabilities (1.5.8) CWE-89 CWE-89 High WordPress Plugin Front-end Editor 'upload.php' Arbitrary File Upload (2.2.1) CWE-434 CWE-434 High WordPress Plugin Front-End Only Users Cross-Site Scripting (3.1.10) CWE-79 CWE-79 High WordPress Plugin Frontend File Manager Arbitrary File Upload (1.8) CWE-434 CWE-434 High WordPress Plugin Frontend File Manager Arbitrary File Upload (3.3) CVE-2014-5324 CWE-94 CWE-94 High WordPress Plugin Frontend File Manager Arbitrary File Upload (3.7) CWE-434 CWE-434 High WordPress Plugin Frontend File Manager Arbitrary File Upload (3.9) CWE-434 CWE-434 High WordPress Plugin Frontend File Manager Cross-Site Request Forgery (21.3) CVE-2022-3126 CWE-352 CWE-352 High WordPress Plugin Frontend File Manager Multiple Vulnerabilities (18.2) CWE-79 CWE-264 CWE-434 CWE-79 CWE-264 CWE-434 High WordPress Plugin Frontend File Manager Multiple Vulnerabilities (21.2) CVE-2022-3124 CVE-2022-3125 CWE-434 CWE-862 CWE-434 CWE-862 High WordPress Plugin Frontend Post WordPress-AccessPress Anonymous Post includes Backdoor [Only if downloaded via the vendor website] (2.8.0) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin Front End Upload 'upload.php' Arbitrary File Upload (0.5.3) CWE-434 CWE-434 High WordPress Plugin Front End Upload Arbitrary File Upload (0.5.4.4) CWE-434 CWE-434 High WordPress Plugin Frontend Uploader Cross-Site Scripting (0.9.2) CVE-2014-9444 CWE-79 CWE-79 High WordPress Plugin Frontend Uploader Cross-Site Scripting (1.3.2) CVE-2021-24563 CWE-79 CWE-79 High WordPress Plugin Front File Manager 'upload.php' Arbitrary File Upload (0.1) CWE-434 CWE-434 High WordPress Plugin Frontier Post Security Bypass (1.3.2) CWE-264 CWE-264 High WordPress Plugin Fuctweb CapCC 'plugins.php' SQL Injection (1.0) CWE-89 CWE-89 High WordPress Plugin Fudousan Cross-Site Scripting (5.7.0) CVE-2021-20749 CWE-79 CWE-79 High WordPress Plugin FunCaptcha-Anti-Spam CAPTCHA Cross-Site Request Forgery (0.3.2) CWE-352 CWE-352 High WordPress Plugin FunCaptcha-Anti-Spam CAPTCHA Multiple Cross-Site Scripting Vulnerabilities (0.4.3) CWE-79 CWE-79 High WordPress Plugin Fungif The Awesome GIFs Cross-Site Scripting (2.0) CWE-79 CWE-79 High WordPress Plugin Funky Penguin WP-PHPList 'unsubscribeemail' Parameter Cross-Site Scripting (2.10.2) CWE-79 CWE-79 High WordPress Plugin Funnel Builder by CartFlows-Create High Converting Sales Funnels For WordPress Cross-Site Request Forgery (1.5.15) CWE-352 CWE-352 High WordPress Plugin Funnel Builder by CartFlows-Create High Converting Sales Funnels For WordPress Cross-Site Scripting (1.6.12) CVE-2021-24330 CWE-79 CWE-79 High WordPress Plugin Funnel Builder by CartFlows-Create High Converting Sales Funnels For WordPress Privilege Escalation (1.3.0) CWE-264 CWE-264 High WordPress Plugin furikake Open Redirect (0.1.0) CVE-2017-1000434 CWE-601 CWE-601 High WordPress Plugin Fusion:Extension-Gallery Multiple Unspecified Vulnerabilities (1.0.4) High WordPress Plugin Fusion:Extension-Map Multiple Unspecified Vulnerabilities (1.0.3) High WordPress Plugin Fusion:Extension-Menu Multiple Unspecified Vulnerabilities (1.0.2) High WordPress Plugin Fusion Engage Local File Disclosure (1.0.5) CWE-22 CWE-22 High WordPress Plugin FV Flowplayer Video Player Cross-Site Request Forgery (7.5.30.7210) CVE-2023-25066 CWE-352 CWE-352 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (6.0.3.3) CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (6.6.4) CVE-2018-0642 CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.2.0.727) CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.3.13.727) CVE-2019-14799 CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.4.37.727) CVE-2020-35748 CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.2.727) CVE-2021-39350 CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.18.727) CVE-2022-25613 CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.32.7212) CVE-2023-30499 CWE-79 CWE-79 High WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727) CVE-2019-14800 CVE-2019-14801 CWE-89 CWE-200 CWE-89 CWE-200 High WordPress Plugin FV Flowplayer Video Player SQL Injection (7.3.18.727) CVE-2019-13573 CWE-89 CWE-89 High WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.15.727) CVE-2022-25607 CWE-89 CWE-89 High WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.46.7212) CVE-2024-6338 CWE-89 CWE-89 High WordPress Plugin FV Flowplayer Video Player URL Cross-Site Scripting (1.2.11) CVE-2011-4568 CWE-79 CWE-79 High WordPress Plugin G-Lock Double Opt-in Manager 'ajaxbackend.php' SQL Injection (2.6.2) CWE-89 CWE-89 High WordPress Plugin GA Backend Tracking Cross-Site Scripting (1.2) CWE-79 CWE-79 High WordPress Plugin GA Google Analytics Cross-Site Scripting (20210211) CWE-79 CWE-79 High WordPress Plugin Galleries by Angie Makes Cross-Site Scripting (1.67) CVE-2022-4795 CWE-79 CWE-79 High WordPress Plugin Gallery-Flagallery Photo Portfolio 'facebook.php' Cross-Site Scripting (1.56) CVE-2011-4624 CWE-79 CWE-79 High WordPress Plugin Gallery-Flagallery Photo Portfolio 'flagshow.php' Cross-Site Scripting (1.57) CWE-79 CWE-79 High WordPress Plugin Gallery-Flagallery Photo Portfolio 'skin' Parameter Cross-Site Scripting (1.72) CWE-79 CWE-79 High WordPress Plugin Gallery-Flagallery Photo Portfolio Cross-Site Request Forgery (3.01) CWE-352 CWE-352 High WordPress Plugin Gallery-Flagallery Photo Portfolio Cross-Site Request Forgery (5.3.6) CWE-352 CWE-352 High 1...96979899...169 97 / 169
