Severity High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity AjaxControlToolkit directory traversal CVE-2015-4670 CWE-434 CWE-434 High Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425 CWE-20 CWE-20 High Apache 2.x version older than 2.2.3 CVE-2006-3747 CWE-189 CWE-189 Medium Apache Log4j2 JNDI Remote Code Execution CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (delayed) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (per folder) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j socket receiver deserialization vulnerability CVE-2017-5645 CWE-502 CWE-502 High Apache OFBiz SOAPService Deserialization RCE CVE-2021-26295 CWE-502 CWE-502 High Apache Shiro Deserialization RCE CVE-2016-4437 CWE-78 CWE-78 High Apache Solr SSRF CVE-2017-3164 CWE-918 CWE-918 Medium Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution CVE-2013-2251 CWE-20 CWE-20 High Apache Struts2 remote code execution vulnerability CVE-2016-0785 CWE-78 CWE-78 High Apache Struts2 remote command execution (S2-045) CVE-2017-5638 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611 CWE-94 CWE-94 High Apache Struts Remote Code Execution (S2-057) CVE-2018-11776 CWE-917 CWE-917 High Apache Tomcat Remote Code Execution Vulnerability CVE-2017-12615 CWE-94 CWE-94 High Arbitrary EL Evaluation in RichFaces CWE-917 CWE-917 High Argument Injection CWE-88 CWE-88 High ASP code injection CWE-95 CWE-95 High Atlassian Crowd Remote Code Execution CVE-2019-11580 CWE-78 CWE-78 High Authentication bypass via MongoDB operator injection CWE-943 CWE-943 High Bash code injection vulnerability CVE-2014-6271 CWE-78 CWE-78 High BigIP iRule Tcl code injection CWE-78 CWE-78 High CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335 CWE-20 CWE-20 High Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392 CWE-119 CWE-119 High Citrix ADC/Gateway Unauthenticated Remote Code Execution CVE-2019-19781 CWE-22 CWE-22 High Cmd hijack vulnerability CWE-94 CWE-94 High Code execution CWE-94 CWE-94 High CodeIgniter weak encryption key CWE-200 CWE-200 High ColdFusion AMF Deserialization RCE CVE-2017-3066 CWE-502 CWE-502 High ColdFusion FlashGateway Deserialization RCE CVE-2019-7091 CVE-2019-7091 CWE-502 CWE-502 High ColdFusion JNDI injection RCE CVE-2018-15957 CWE-502 CWE-502 High Data Binding Expression Vulnerability in Spring Web Flow CVE-2017-4971 CWE-78 CWE-78 High Drupal 7 arbitrary PHP code execution and information disclosure CVE-2012-4553 CVE-2012-4554 CWE-264 CWE-264 High Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6) CVE-2006-2743 CWE-95 CWE-95 High Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7) CVE-2006-2831 CWE-95 CWE-95 High Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.0) CVE-2006-2743 CWE-95 CWE-95 High Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5) CVE-2007-0626 CWE-95 CWE-95 High Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.0) CVE-2007-0626 CWE-95 CWE-95 High Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2) CVE-2007-5593 CWE-95 CWE-95 High Drupal Core 6.x Remote Code Execution (6.0 - 6.38) CVE-2018-7600 CWE-94 CWE-94 High Drupal Core 7.x Remote Code Execution (7.0 - 7.57) CVE-2018-7600 CWE-94 CWE-94 High Drupal Core 7.x Remote Code Execution (7.0 - 7.58) CVE-2018-7602 CWE-94 CWE-94 High Drupal Core 7.x Remote Code Execution (7.0 - 7.73) CVE-2020-13671 CWE-434 CWE-434 High Drupal Core 7.x Remote Code Execution (7.0 - 7.74) CVE-2020-28948 CVE-2020-28949 CWE-434 CWE-434 High Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.5) CVE-2018-7600 CWE-94 CWE-94 High Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.7) CVE-2018-7602 CWE-94 CWE-94 High Drupal Core 8.5.0 Remote Code Execution (8.5.0 - 8.5.0) CVE-2018-7600 CWE-94 CWE-94 High Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2) CVE-2018-7602 CWE-94 CWE-94 High Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.10) CVE-2019-6340 CWE-94 CWE-94 High Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9) CVE-2019-6340 CWE-94 CWE-94 High Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.7) CVE-2020-13664 CWE-94 CWE-94 High Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.10) CVE-2020-13671 CWE-434 CWE-434 High Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.11) CVE-2020-28948 CVE-2020-28949 CWE-434 CWE-434 High Drupal Core 8.9.0 Remote Code Execution (8.9.0 - 8.9.0) CVE-2020-13664 CWE-94 CWE-94 High Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.8) CVE-2020-13671 CWE-434 CWE-434 High Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.9) CVE-2020-28948 CVE-2020-28949 CWE-434 CWE-434 High Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.3.8) CVE-2018-7600 CWE-94 CWE-94 High Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.4.8) CVE-2019-6340 CWE-94 CWE-94 High Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14) CVE-2020-28948 CVE-2020-28949 CWE-434 CWE-434 High Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14) CVE-2020-13664 CWE-94 CWE-94 High Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14) CVE-2020-13671 CWE-434 CWE-434 High Drupal Core 9.0.0 Remote Code Execution (9.0.0 - 9.0.0) CVE-2020-13664 CWE-94 CWE-94 High Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.7) CVE-2020-13671 CWE-434 CWE-434 High Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.8) CVE-2020-28948 CVE-2020-28949 CWE-434 CWE-434 High Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18) CVE-2022-25277 CWE-434 CWE-434 High Drupal Core 9.4.x Remote Code Execution (9.4.0 - 9.4.2) CVE-2022-25277 CWE-434 CWE-434 High Drupal Core Remote Code Execution (8.0.0 - 9.2.21) CVE-2022-25277 CWE-434 CWE-434 High Drupal Remote Code Execution (SA-CORE-2018-002) CVE-2018-7600 CWE-94 CWE-94 High Drupal Remote Code Execution (SA-CORE-2018-004) CVE-2018-7602 CWE-94 CWE-94 High Drupal REST Remote Code Execution CVE-2019-6340 CWE-78 CWE-78 High EktronCMS Saxon XSLT parser remote code execution CVE-2015-0931 CWE-78 CWE-78 High Ektron CMS unauthenticated code execution and Local File Read CVE-2012-5357 CVE-2012-5358 CWE-20 CWE-20 High Elasticsearch remote code execution CVE-2014-3120 CWE-78 CWE-78 High F5 BIG-IP Traffic Management User Interface (TMUI) RCE CVE-2020-5902 CWE-78 CWE-78 High F5 iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986 CWE-78 CWE-78 High FastCGI Unauthorized Access Vulnerability CWE-78 CWE-78 High Flask debug mode CWE-489 CWE-489 High Flex BlazeDS AMF Deserialization RCE CVE-2017-5641 CWE-502 CWE-502 High Gallery 3.0.4 remote code execution CWE-20 CWE-20 High GhostScript RCE (Remote Code Execution) CVE-2016-3714 CWE-78 CWE-78 High GoAhead web server remote code execution CVE-2017-17562 CWE-94 CWE-94 High Grafana avatar SSRF CVE-2020-13379 CWE-78 CWE-78 High HipChat for JIRA plugin - Velocity template injection CVE-2015-5603 CWE-94 CWE-94 High Horde/IMP Plesk webmail exploit CWE-20 CWE-20 High Horde Imp Unauthenticated Remote Command Execution CVE-2018-19518 CWE-94 CWE-94 High Horde remote code execution CVE-2014-1691 CWE-94 CWE-94 High HTTP.sys remote code execution vulnerability CVE-2015-1635 CWE-119 CWE-119 High IBM WebSphere RCE Java Deserialization Vulnerability CVE-2015-7450 CWE-502 CWE-502 High ImageMagick remote code execution CVE-2016-3714 CWE-78 CWE-78 High Invision Power Board version 3.3.4 unserialize PHP code execution CVE-2012-5692 CWE-20 CWE-20 High Jboss Application Server HTTPServerILServlet.java remote code execution CVE-2017-7504 CWE-502 CWE-502 High JBoss InvokerTransformer Remote Code Execution CVE-2015-7501 CWE-502 CWE-502 High JBoss Seam framework remote code execution CVE-2010-1871 CWE-94 CWE-94 High Joomla! Core 3.9.x Remote Code Execution (3.9.7 - 3.9.8) CVE-2019-14654 CWE-94 CWE-94 High Joomla! Core 3.x.x Remote Code Execution (3.7.0 - 3.8.7) CVE-2018-11321 CWE-94 CWE-94 High Joomla! Core Remote Code Execution (1.5.0 - 3.4.5) CVE-2015-8562 CWE-94 CWE-94 High Joomla! JCE arbitrary file upload CWE-20 CWE-20 High Joomla! JomSocial remote code execution CWE-94 CWE-94 High Joomla! remote code execution vulnerability CVE-2015-8562 CWE-94 CWE-94 High Liferay TunnelServlet Deserialization Remote Code Execution CWE-502 CWE-502 High Liferay version older than 7.0 CWE-502 CWE-502 High Liferay version older than 7.1 CWE-918 CWE-918 Medium Liferay XMLRPC Blind SSRF CWE-918 CWE-918 Medium Magento remote code execution CVE-2015-1397 CVE-2015-1398 CVE-2015-1399 CWE-94 CWE-94 High MediaWiki remote code execution CVE-2014-1610 CWE-20 CWE-20 High Microsoft Exchange Server Server-Side Request Forgery (SSRF) vulnerability CVE-2021-26855 CWE-918 CWE-918 High Microsoft IIS 6.0 WebDAV Buffer Overflow CVE-2017-7269 CWE-287 CWE-287 High Missing Authentication Check in SAP Solution Manager CVE-2020-6207 CWE-287 CWE-287 High MobileIron Remote Code Execution via LogService CVE-2020-15505 CWE-78 CWE-78 High MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities CVE-2012-6081 CWE-434 CWE-434 High MongoDB $where operator JavaScript injection CWE-943 CWE-943 High MongoDB injection CWE-943 CWE-943 High MovableType remote code execution CVE-2015-1592 CWE-94 CWE-94 High Moveable Type 4.x unauthenticated remote command execution CVE-2013-0209 CWE-287 CWE-287 High Multiple critical vulnerabilities in Apache Struts2 CVE-2012-0393 CWE-264 CWE-264 High Multiple vulnerabilities reported in Parallels Plesk Sitebuilder CWE-94 CWE-94 High Nagios XI Magpie_debug.php Unauthenticated RCE CVE-2018-15708 CWE-94 CWE-94 High Nagios XI Unauthenticated SQLi CVE-2018-8734 CVE-2018-8734 CWE-89 CWE-89 High Nette framework PHP code injection via callback CVE-2020-15227 CWE-94 CWE-94 High Nginx PHP code execution via FastCGI CWE-94 CWE-94 High OpenX 2.8.10 backdoor CVE-2013-4211 CWE-95 CWE-95 High OpenX arbitrary file upload CVE-2009-4140 CWE-434 CWE-434 High Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950 CVE-2020-2950 CWE-502 CWE-502 High Oracle Reports rwservlet vulnerabilities CVE-2012-3152 CVE-2012-3153 CWE-20 CWE-20 High Oracle Weblogic Async Component Deserialization RCE CVE-2019-2725 CVE-2019-2725 CWE-94 CWE-94 High Oracle WebLogic Remote Code Execution via T3 CVE-2018-3245 CWE-502 CWE-502 High Oracle WebLogic Server unauthenticated remote code execution CVE-2020-14882 CWE-78 CWE-78 High Oracle Weblogic WLS-WSAT Component Deserialization RCE CVE-2017-3506 CVE-2017-10271 CWE-94 CWE-94 High Perl code injection CWE-94 CWE-94 High PHP 4.3.0 file disclosure and possible code execution CVE-2003-0097 CWE-20 CWE-20 Medium PHP 5.3.9 remote code execution CVE-2012-0830 CWE-399 CWE-399 High PHP code injection CWE-94 CWE-94 High PHP code injection (pmwiki) CWE-94 CWE-94 High PHP eval() used on user input CWE-95 CWE-95 Medium phpMoAdmin remote code execution CWE-95 CWE-95 High phpMyAdmin v3.5.2.2 backdoor CVE-2012-5159 CWE-95 CWE-95 High phpThumb() fltr[] parameter command injection vulnerability CVE-2010-1598 CWE-20 CWE-20 High PHPUnit Remote Code Execution CVE-2017-9841 CWE-94 CWE-94 High Plone arbitrary code execution CVE-2011-3587 CWE-78 CWE-78 High Python code injection CWE-95 CWE-95 High Rails remote code execution using render :inline CVE-2016-2098 CWE-94 CWE-94 High RCE in SQL Server Reporting Services (SSRS) CVE-2020-0618 CWE-78 CWE-78 High RCE with Spring Data Commons CVE-2018-1273 CWE-94 CWE-94 High Remote Code Execution (RCE) in Spring Security OAuth CVE-2016-4977 CWE-94 CWE-94 High Remote code execution in bootstrap-sass 3.2.0.3 CVE-2019-10842 CWE-95 CWE-95 High Remote code execution of user-provided local names in Rails CVE-2020-8163 CWE-94 CWE-94 High Remote code execution vulnerability in WordPress Duplicator CWE-98 CWE-98 High Ruby on Rails code injection CWE-94 CWE-94 High Ruby on Rails directory traversal vulnerability CVE-2014-0130 CWE-22 CWE-22 High Ruby on Rails weak/known secret token CVE-2013-0156 CWE-200 CWE-200 High SAP Hybris Deserialization RCE CWE-502 CWE-502 High SAP NetWeaver ConfigServlet remote command execution CWE-94 CWE-94 High Security update: Hotfix available for ColdFusion CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632 CWE-255 CWE-255 High Server-side JavaScript injection CWE-20 CWE-20 High Server-side template injection CWE-20 CWE-20 High SonicWall SSL-VPN 8.0.0.0 RCE via ShellShock exploit CWE-78 CWE-78 High Spring Beans ClassLoader Manipulation RCE CVE-2022-22965 CWE-94 CWE-94 High Spring Boot Whitelabel Error Page SpEL CWE-94 CWE-94 High Spring Data REST RCE via PATCH requests CVE-2017-8046 CWE-94 CWE-94 High Struts 2 development mode CWE-489 CWE-489 High Struts2/XWork remote command execution (S2-014) CVE-2013-1966 CVE-2013-2115 CWE-94 CWE-94 High Symfony RCE via weak/predictable APP_SECRET CWE-94 CWE-94 High Symfony weak application secret CWE-94 CWE-94 High Telerik Web UI Insecure Direct Object Reference CVE-2017-11357 CWE-78 CWE-78 High Telerik Web UI RadAsyncUpload Deserialization CVE-2019-18935 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2014-2217) CVE-2014-2217 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2017-11317) CVE-2017-11317 CWE-78 CWE-78 High ThinkPHP v5.0.22/5.1.29 Remote Code Execution Vulnerability CWE-94 CWE-94 High timthumb.php remote code execution CVE-2011-4106 CWE-20 CWE-20 High TimThumb WebShot remote code execution CWE-94 CWE-94 High TinyMCE ajax_create_folder remote code execution vulnerability CWE-94 CWE-94 High Umbraco CMS remote code execution CWE-94 CWE-94 High Umbraco CMS TemplateService remote code execution CVE-2013-4793 CWE-94 CWE-94 High Unauthenticated OGNL injection in Confluence Server and Data Center CVE-2021-26084 CWE-917 CWE-917 High Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051) CWE-78 CWE-78 High Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1 CVE-2020-0618 CWE-78 CWE-78 High Unauthenticated remote code execution vulnerability in Confluence Server and Data Center CVE-2022-26134 CWE-917 CWE-917 High uWSGI Unauthorized Access Vulnerability CWE-78 CWE-78 High vBSEO 3.6.0 PHP code injection CVE-2012-5223 CWE-94 CWE-94 High vBulletin 5 CONNECT remote code execution CWE-94 CWE-94 High vBulletin 5.x 0day pre-auth RCE CWE-94 CWE-94 High vBulletin PHP object injection vulnerability CWE-915 CWE-915 High vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496 CWE-94 CWE-94 High VMware vCenter Server Unauthorized Remote Code Execution CVE-2021-21972 CWE-78 CWE-78 High Webmin v1.920 Unauhenticated Remote Command Execution CVE-2019-15107 CWE-94 CWE-94 High WooFramework shortcode exploit CWE-95 CWE-95 High WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2) CVE-2008-5695 CWE-20 CWE-20 High WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2) CVE-2006-2667 CVE-2006-2702 CWE-94 CWE-94 High WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1 - 2.1.1) CVE-2007-1277 CWE-94 CWE-94 High WordPress 2.6.2 Remote Code Execution Vulnerability (0.70 - 2.6.2) CVE-2008-4796 CWE-94 CWE-94 High WordPress caching plugins PHP code execution CVE-2013-2010 CWE-95 CWE-95 High WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3) CVE-2005-2612 CWE-94 CWE-94 High WordPress OptimizePress unrestricted file upload CVE-2013-7102 CWE-20 CWE-20 High WordPress Plugin AccessAlly PHP Code Execution (3.3.1) CWE-94 CWE-94 High WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Remote Code Execution (2.4.21) CVE-2019-15324 CWE-94 CWE-94 High WordPress Plugin Advanced Access Manager Arbitrary Code Execution (2.8.2) CVE-2014-6059 CWE-95 CWE-95 High WordPress Plugin Ajax Search Lite Remote Command Execution (3.1) CWE-95 CWE-95 High WordPress Plugin All-in-One WP Migration Remote Code Execution (2.0.2) CVE-2014-8794 CWE-94 CWE-94 High WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve Your SEO Rankings Remote Code Execution (4.1.0.1) CVE-2021-24307 CWE-94 CWE-94 High WordPress Plugin Analytics Remote Code Execution (1.7) CWE-94 CWE-94 High WordPress Plugin Arigato Autoresponder and Newsletter Remote Code Execution (2.5.1.9) CVE-2018-18461 CWE-94 CWE-94 High WordPress Plugin BackWPup Remote and Local Code Execution (1.6.1) CVE-2011-4342 CVE-2011-5208 CWE-22 CWE-94 CWE-22 CWE-94 High WordPress Plugin Best Seo Remote Code Execution (1.5) CWE-94 CWE-94 High WordPress Plugin BJ Lazy Load Remote Code Execution (0.7.5) CWE-94 CWE-94 High WordPress Plugin Catch Themes Demo Import Remote Code Execution (2.1) CVE-2022-0440 CWE-94 CWE-94 High WordPress Plugin CiviCRM Remote Code Execution (5.24.2) CVE-2020-36388 CWE-502 CWE-502 High WordPress Plugin CM Download Manager Code Injection (2.0.3) CVE-2014-8877 CWE-95 CWE-95 High WordPress Plugin Coming Soon Possible Remote Code Execution (1.1.3) CVE-2016-10033 CVE-2016-10045 CWE-94 CWE-94 High WordPress Plugin Cool Video Gallery Command Injection (1.9) CVE-2015-7527 CWE-94 CWE-94 High WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5) CVE-2015-3173 CWE-94 CWE-94 High WordPress Plugin Divi Builder PHP Code Injection (4.0.9) CWE-95 CWE-95 High WordPress Plugin Duplicator-WordPress Migration Remote Code Execution (1.2.40) CWE-94 CWE-94 High WordPress Plugin Dynamic Content for Elementor Remote Code Execution (1.9.5.6) CVE-2020-26596 CWE-94 CWE-94 High WordPress Plugin Easy Forms for Mailchimp PHP Code Injection (6.5.2) CVE-2019-15318 CWE-95 CWE-95 High WordPress Plugin eShop Code Injection (6.3.11) CVE-2015-3421 CWE-94 CWE-94 High WordPress Plugin EWWW Image Optimizer Remote Code Execution (2.8.3) CWE-94 CWE-94 High WordPress Plugin EZPZ One Click Backup Remote Code Execution (12.03.10) CVE-2014-3114 CWE-78 CWE-78 High WordPress Plugin Fast Secure Contact Form Remote Code Execution (4.0.44) CVE-2016-10033 CVE-2016-10045 CWE-94 CWE-94 High WordPress Plugin Feedify Remote Code Execution (2.0.0) CWE-94 CWE-94 High WordPress Plugin File Gallery Remote Code Execution (1.7.9) CVE-2014-2558 CWE-94 CWE-94 High WordPress Plugin File Manager Remote Code Execution (4.5) CWE-94 CWE-94 High WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0) CVE-2020-29045 CWE-502 CWE-502 High WordPress Plugin Flamingo Code Injection (1.1) CWE-95 CWE-95 High WordPress Plugin Formidable Form Builder-Contact Form, Survey & Quiz Forms for WordPress Remote Code Execution (2.05.01) CWE-94 CWE-94 High WordPress Plugin Form Manager Remote Command Execution (1.7.2) CVE-2015-7806 CWE-94 CWE-94 High WordPress Plugin Gantry 4 Framework Remote Command Execution (4.1.3) CWE-95 CWE-95 High WordPress Plugin Global Content Blocks PHP Code Execution and Information Disclosure Vulnerabilities (1.5.1) CWE-95 CWE-200 CWE-95 CWE-200 High WordPress Plugin Google Map Remote Code Execution (1.0) CWE-94 CWE-94 High WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4) CVE-2019-15647 CWE-94 CWE-94 High WordPress Plugin Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5) CVE-2021-24546 CWE-94 CWE-94 High WordPress Plugin Include Me Remote Code Execution (1.2.1) CVE-2021-24453 CWE-94 CWE-94 High WordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (4.2997) CVE-2019-15649 CWE-94 CWE-94 High WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2) CWE-95 CWE-95 High WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0) CWE-94 CWE-94 High WordPress Plugin Jekyll Exporter Remote Code Execution (2.2.0) CVE-2017-9841 CWE-94 CWE-94 High WordPress Plugin Kanzu Support Desk-WordPress Helpdesk Remote Code Execution (2.4.6) CWE-94 CWE-94 High WordPress Plugin Lightbox Jquery Possible Remote Code Execution (0.24) CWE-94 CWE-94 High WordPress Plugin Loco Translate PHP Code Injection (2.5.3) CVE-2021-24721 CWE-95 CWE-95 High WordPress Plugin MailPress Remote Code Execution (7.0.2) CWE-94 CWE-94 High WordPress Plugin Maintenance Mode Under Construction Page Landing Page Possible Remote Code Execution (1.0.9) CVE-2016-10033 CVE-2016-10045 CWE-94 CWE-94 High WordPress Plugin Master Popups Remote Code Execution (1.0.0) CWE-94 CWE-94 High WordPress Plugin MobiLoud-WordPress Mobile Apps-Convert your WordPress Website to Native Mobile Apps Remote Code Execution (4.0.1) CWE-94 CWE-94 High WordPress Plugin Newsletter Subscription Form Possible Remote Code Execution (1.1.2) CVE-2016-10033 CVE-2016-10045 CWE-94 CWE-94 High WordPress Plugin NextGEN Gallery-WordPress Gallery Remote Code Execution (2.1.59) CWE-94 CWE-94 High WordPress Plugin open-flash-chart-core Remote Code Execution (0.4) CVE-2009-4140 CWE-434 CWE-434 High WordPress Plugin PHP Everywhere Multiple Remote Code Execution Vulnerabilities (2.0.3) CVE-2022-24663 CVE-2022-24664 CVE-2022-24665 CWE-94 CWE-94 High WordPress Plugin PHP Speedy 'admin_container.php' Remote PHP Code Execution (0.5.2) CWE-94 CWE-94 High WordPress Plugin Plainview Activity Monitor Remote Command Execution (20161228) CVE-2018-15877 CWE-94 CWE-94 High WordPress Plugin Product Lister for Walmart Remote Code Execution (1.0.1) CVE-2017-9841 CWE-94 CWE-94 High WordPress Plugin ProfileGrid-User Profiles, Memberships, Groups and Communities Remote Code Execution (2.8.5) CVE-2019-15873 CWE-94 CWE-94 High WordPress Plugin PropertyHive Remote Code Execution (1.4.25) CWE-94 CWE-94 High WordPress Plugin Robo Gallery-Photo Gallery and Images Gallery Remote Code Execution (2.0.14) CWE-94 CWE-94 High WordPress Plugin Secure File Manager Remote Code Execution (2.8.1) CVE-2020-35235 CWE-94 CWE-94 High WordPress Plugin Share Possible Remote Code Execution (1.0) CWE-94 CWE-94 High WordPress Plugin Similar Posts-Best Related Posts for WordPress Remote Code Execution (3.1.5) CVE-2021-24537 CWE-94 CWE-94 High WordPress Plugin Social Media Tab Remote Code Execution (1.0.9) CWE-94 CWE-94 High WordPress Plugin Social Photo Gallery Remote Code Execution (1.0) CVE-2019-14467 CWE-94 CWE-94 High WordPress Plugin Statistics Remote Code Execution (1.8) CWE-94 CWE-94 High WordPress Plugin Subscribe Form Remote Command Execution (1.1) CWE-94 CWE-94 High WordPress Plugin ThemeREX Addons Remote Code Execution (All) CVE-2020-10257 CWE-94 CWE-94 High WordPress Plugin Ultimate Member-User Profile & Membership Remote Code Execution (2.0.32) CWE-94 CWE-94 High WordPress Plugin UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5) CWE-95 CWE-95 High WordPress Plugin VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6) CWE-94 CWE-94 High WordPress Plugin VaultPress Remote Code Execution (1.9.0) CWE-94 CWE-94 High WordPress Plugin Video Embed & Thumbnail Generator 'kg_callffmpeg.php' Multiple Remote Code Execution Vulnerabilities (1.1) CVE-2012-1785 CWE-20 CWE-20 High WordPress Plugin W3 Total Cache PHP Code Injection (0.9.2.8) CVE-2013-2010 CWE-95 CWE-95 High WordPress Plugin WooCommerce Possible Remote Code Execution (3.4.5) CWE-94 CWE-94 High WordPress Plugin WooCommerce Possible Remote Code Execution (3.5.0) CWE-94 CWE-94 High WordPress Plugin WooCommerce Remote Code Execution (4.0.1) CWE-94 CWE-94 High WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3) CWE-95 CWE-95 High WordPress Plugin WordPress Download Manager Remote Code Execution (2.7.4) CWE-94 CWE-94 High WordPress Plugin WordPress Landing Pages Remote Code Execution (1.9.0) CVE-2015-5227 CWE-94 CWE-94 High WordPress Plugin WordPress Mega Menu-QuadMenu Remote Code Execution (2.0.6) CWE-94 CWE-94 High WordPress Plugin WordPress PDF Light Viewer Command Injection (1.4.11) CVE-2021-24684 CWE-94 CWE-94 High WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0) CWE-94 CWE-94 High WordPress Plugin WP-Filebase Download Manager Remote Code Execution (0.3.0.03) CWE-94 CWE-94 High WordPress Plugin WP-Live Chat by 3CX Remote Code Execution (7.0.01) CVE-2016-10033 CVE-2016-10045 CWE-94 CWE-94 High WordPress Plugin WP-Stateless-Google Cloud Storage Remote Code Execution (2.2.0) CWE-94 CWE-94 High WordPress Plugin WP-Syntax Remote PHP Code Execution (0.9.9) CVE-2009-2852 CWE-20 CWE-20 High WordPress Plugin WP E-Signature Remote Code Execution (1.5.6.5) CWE-94 CWE-94 High WordPress Plugin wp heyloyalty Remote Code Execution (1.1.4) CVE-2017-9841 CWE-94 CWE-94 High WordPress Plugin WP Hotel Booking Remote Code Execution (1.10.2) CVE-2020-29047 CWE-502 CWE-502 High WordPress Plugin WP Maintenance Mode Remote Code Execution (2.0.6) CVE-2018-20156 CWE-94 CWE-94 High WordPress Plugin WP Super Cache PHP Code Injection (1.2) CVE-2013-2009 CVE-2013-2011 CWE-95 CWE-95 High WordPress Plugin WP Super Cache Remote Code Execution (1.7.1) CVE-2021-24209 CWE-94 CWE-94 High WordPress Plugin wSecure Lite Remote Code Execution (2.3) CWE-94 CWE-94 High WordPress Plugin Yoast SEO Possible Remote Code Execution (9.1.0) CVE-2018-19370 CWE-94 CWE-94 High WordPress Plugin Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3) CWE-95 CWE-95 High WordPress Super Socialat backdoor plugin CWE-94 CWE-94 High
