Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Abstract Submission Local File Inclusion (0.6) CVE-2014-2383 CWE-22 CWE-22 High AceIDE Local File Inclusion (2.6.2) CVE-2021-24549 CWE-22 CWE-22 High ACME mini_httpd arbitrary file read CVE-2018-18778 CWE-23 CWE-23 High Adavnced Video embed Local File Inclusion (1.0) CWE-22 CWE-22 High Adsense Extreme 'adsensextreme[lang]' Parameter Remote File Include (1.0.3) CWE-94 CWE-94 High Advanced Custom Fields (ACF) 'acf_abspath' Parameter Remote File Include (3.5.1) CWE-94 CWE-94 High Ajax Pagination (twitter Style) Local File Inclusion (1.1) CVE-2014-2674 CWE-22 CWE-22 High All-in-One Video Gallery Local File Inclusion (2.4.9) CVE-2021-24970 CWE-22 CWE-22 High AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3) CVE-2011-3981 CWE-94 CWE-94 High Annonces 'abspath' Parameter Remote File Include (1.2.0.0) CWE-94 CWE-94 High Anti-Malware Security and Brute-Force Firewall Local File Inclusion (4.18.63) CWE-22 CWE-22 High Apache Axis2 xsd local file inclusion CWE-22 CWE-22 High A Page Flip Book 'pageflipbook_language' Parameter Local File Include (2.3) CVE-2012-6652 CWE-22 CWE-22 High Backup, Restore and Migrate WordPress Sites With the XCloner 'config' Parameter Local File Inclusion (3.0.3) CWE-22 CWE-22 High Backup by Supsystic Local File Inclusion (2.3.9) CWE-22 CWE-22 High BackUpWordPress Remote File Inclusion (0.4.2b) CVE-2007-5800 CWE-94 CWE-94 High BackWPup 'wp_export_generate.php' Local and Remote File Include Vulnerabilities (2.1.4) CWE-94 CWE-94 High BackWPup Multiple Local File Include Vulnerabilities (1.5.2) CWE-22 CWE-22 High Blogtopdf Local File Inclusion (1.0.2) CVE-2014-2383 CWE-22 CWE-22 High Booking Calendar Local File Inclusion (7.0) CWE-22 CWE-22 High BookX Local File Inclusion (1.7) CVE-2014-4937 CWE-22 CWE-22 High Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0) CWE-98 CWE-98 High Browser Rejector Remote File Inclusion (2.10) CWE-94 CWE-94 High Buddypress Component Stats Local File Inclusion (1.0) CVE-2014-2383 CWE-22 CWE-22 High ChimpMate-WordPress MailChimp Assistant Local File Inclusion (1.3.2) CWE-22 CWE-22 High CIP4 Folder Download Widget Local File Inclusion (1.10) CWE-22 CWE-22 High Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1) CWE-94 CWE-94 High Customer Reviews for WooCommerce Local File Inclusion (5.15.0) CVE-2023-0080 CWE-22 CWE-22 High Dharma booking Local/Remote File Inclusion (2.38.3) CWE-98 CWE-98 High Disclosure Policy 'abspath' Parameter Remote File Include (1.0) CWE-94 CWE-94 High DM Albums 'album.php' Remote File Inclusion (1.9.2) CVE-2009-2396 CWE-94 CWE-94 High Download Shortcode Local File Inclusion (0.2.3) CVE-2014-5465 CWE-22 CWE-22 High Drupal Core 5.x Local File Inclusion (5.0 - 5.11) CVE-2008-6171 CWE-22 CWE-22 High Drupal Core 5.x Local File Inclusion (5.0 - 5.15) CWE-22 CWE-22 High Drupal Core 6.x Local File Inclusion (6.0 - 6.9) CWE-22 CWE-22 High Easy Forms for MailChimp Local File Inclusion (6.0.5.5) CWE-22 CWE-22 High Eventify-Simple Events 'npath' Parameter Remote File Include (1.7.g) CWE-94 CWE-94 High Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9) CVE-2023-0159 CWE-22 CWE-22 High FireStats 'firestats-wordpress.php' Remote File Include (1.6.1) CVE-2009-2143 CWE-94 CWE-94 High Floating Social Media Links 'wpp' Parameter Multiple Remote File Include Vulnerabilities (1.4.2) CWE-94 CWE-94 High gboutique Local File Inclusion (1.3) CVE-2014-2383 CWE-22 CWE-22 High GraceMedia Media Player Local File Inclusion (1.0) CVE-2019-9618 CWE-22 CWE-22 High Gwolle Guestbook Remote File Inclusion (1.5.3) CVE-2015-8351 CWE-98 CWE-98 High IMDb Profile Widget Local File Inclusion (1.0.8) CWE-22 CWE-22 High Issuu Panel Local/Remote File Inclusion (1.6) CWE-98 CWE-98 High Joomla! Core 1.0 Remote File Inclusion (1.0.0) CVE-2006-2960 CWE-94 CWE-94 High Joomla! Core 1.0.x Remote File Inclusion (1.0.11 - 1.0.14) CVE-2008-5671 CWE-94 CWE-94 High Joomla! Core 2.5.x Remote File Inclusion (2.5.4 - 2.5.25) CVE-2014-7228 CWE-94 CWE-94 High Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - 3.3.4) CVE-2014-7228 CWE-94 CWE-94 High Joomla! Core 3.x.x Local File Inclusion (3.0.0 - 3.9.25) CVE-2021-26031 CWE-22 CWE-22 High Joomla! Core 3.x.x Remote File Inclusion (3.0.0 - 3.2.5) CVE-2014-7228 CWE-94 CWE-94 High Joomla! Core Local File Inclusion (2.5.0 - 3.8.8) CVE-2018-12712 CWE-22 CWE-22 High Joomla! core remote file inclusion CVE-2014-7228.xml CWE-98 CWE-98 High jQuery Mega Menu Widget 'skin' Parameter Local File Include (1.0) CWE-22 CWE-22 High kk Star Ratings 'root' Parameter Remote File Include (1.7) CWE-94 CWE-94 High Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Local File Inclusion (1.4.3) CWE-22 CWE-22 High Laravel log viewer local file download (LFD) CVE-2018-8947 CWE-22 CWE-22 High Last.fm Rotation Local File Inclusion (1.0) CVE-2014-5181 CWE-22 CWE-22 High Light Post 'abspath' Parameter Remote File Include (1.4) CWE-94 CWE-94 High Limited Remote File Read/Include in Jira Software Server CVE-2021-26086 CWE-22 CWE-22 Medium LiveSig 'wp-root' Parameter Remote File Include (0.4) CWE-94 CWE-94 High Local File Inclusion CWE-20 CWE-20 Critical Local File Inclusion (CMS Made Simple) CWE-94 CWE-94 Medium Localize My Post Local File Inclusion (1.0) CVE-2018-16299 CWE-22 CWE-22 High Loco Translate Local File Inclusion (2.2.1) CWE-22 CWE-22 High MailChimp for WooCommerce Local File Inclusion (2.1.1) CWE-22 CWE-22 High Mailing List 'wpabspath' Parameter Remote File Include (1.3.3) CWE-94 CWE-94 High Mail Masta Local File Inclusion (1.0) CWE-22 CWE-22 High MDC YouTube Downloader Local File Inclusion (2.1.0) CVE-2015-5469 CWE-22 CWE-22 High Metabase Local File Inclusion (CVE-2021-41277) CVE-2021-41277 CWE-200 CWE-200 High Metabase RCE (CVE-2023-38646) CVE-2023-38646 CWE-20 CWE-20 High Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36) CWE-94 CWE-94 High myFlash Remote File Include (1.10) CVE-2007-2485 CWE-94 CWE-94 High myGallery Remote File Include (1.4b4) CVE-2007-2426 CWE-94 CWE-94 High MyPixs Local File Inclusion (0.3) CVE-2015-1000012 CWE-22 CWE-22 High N-Media Website Contact Form with File Upload Local File Inclusion (1.5) CWE-22 CWE-22 High NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.7) CWE-22 CWE-22 High NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.56) CVE-2016-6565 CWE-22 CWE-22 High Nmedia MailChimp Widget 'abs_path' Parameter Remote File Include (3.1) CWE-94 CWE-94 High Odoo LFI (CVE-2019-14322) CVE-2019-14322 CWE-22 CWE-22 High OPS Old Post Spinner 'ops_file' Parameter Local File Include (2.2.1) CWE-22 CWE-22 High Payment Gateways Caller for WP e-Commerce Local File Inclusion (0.1) CWE-22 CWE-22 High Photocart Link Local File Inclusion (1.6) CWE-22 CWE-22 High Photo Gallery by 10Web-Mobile-Friendly Image Gallery Local File Inclusion (1.5.24) CVE-2019-14798 CWE-22 CWE-22 High PHP allow_url_fopen Is Enabled CWE-829 CWE-829 Low PHP allow_url_include enabled CWE-829 CWE-829 High PHP allow_url_include Is Enabled CWE-829 CWE-829 Low PHP curl_exec() url is controlled by user CVE-2009-0037 CWE-352 CWE-352 Medium PHP open_basedir Is Not Configured CWE-664 CWE-664 Low PictPress 'resize.php' Multiple Local File Include Vulnerabilities (1.0) CVE-2007-6369 CWE-22 CWE-22 High Post PDF Export Local File Inclusion (1.0.1) CVE-2014-2383 CWE-22 CWE-22 High Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2) CWE-94 CWE-94 High Posts in Page Local File Inclusion (1.2.4) CWE-22 CWE-22 High Really Simple Guest Post Local File Inclusion (1.0.6) CWE-22 CWE-22 High Redirection Local File Inclusion (2.7.3) CWE-22 CWE-22 High Relocate Upload 'abspath' Parameter Remote File Include (0.14) CVE-2012-1205 CWE-94 CWE-94 High Remote File Inclusion (admin/lang.php) (CMS Made Simple) CVE-2005-2846 High Revamp CRM for WooCommerce Local File Inclusion (1.0.3) CWE-22 CWE-22 High Ruben Boelinger wordTube 'wpPATH' Parameter Multiple Remote File Include Vulnerabilities (1.43) CVE-2007-2481 CVE-2007-2482 CWE-94 CWE-94 High Ruben Boelinger WP-Table 'wpPATH' Parameter Multiple Remote File Include Vulnerabilities (1.43) CVE-2007-2483 CVE-2007-2484 CWE-94 CWE-94 High SAM Pro (Free Edition) Local File Inclusion (1.9.6.67) CWE-22 CWE-22 High SAP B2B/B2C CRM Local File Inclusion CWE-22 CWE-22 High SearchBlox Local File Inclusion (CVE-2020-35580) CVE-2020-35580 CWE-22 CWE-22 High SG Optimizer Local File Inclusion (5.0.12) CWE-22 CWE-22 High Shortcode Factory Local File Inclusion (2.7) CVE-2019-15322 CWE-22 CWE-22 High Simple Ads Manager Local File Inclusion (2.10.0.130) CWE-22 CWE-22 High Simple Fields Local File Inclusion (0.3.5) CWE-22 CWE-22 High Sina Extension for Elementor Local File Inclusion (2.2.0) CVE-2019-15839 CWE-22 CWE-22 High Site Editor-WordPress Site Builder-Theme Builder and Page Builder Local File Inclusion (1.1.1) CVE-2018-7422 CWE-22 CWE-22 High Site Import Remote File Inclusion (1.0.1) CWE-98 CWE-98 High SlideDeck 2 Lite Responsive Content Slider Local/Remote File Inclusion (2.3.3) CWE-98 CWE-98 High Slider Revolution Responsive Local File Inclusion (4.1.4) CWE-22 CWE-22 High Social Discussions Remote File Include and Information Disclosure Vulnerabilities (6.1.1) CWE-94 CWE-200 CWE-94 CWE-200 High Spellchecker 'general.php' Local and Remote File Include Vulnerabilities (3.1) CWE-22 CWE-94 CWE-22 CWE-94 High Spicy Blogroll Local File Include (1.0.0) CWE-22 CWE-22 High Subscribe to Comments Local File Inclusion (2.1.2) CWE-22 CWE-22 High TCPDF arbitrary file read CWE-98 CWE-98 High Tera Charts Multiple Local File Inclusion Vulnerabilities (0.1) CVE-2014-4940 CWE-22 CWE-22 High TheCartPress eCommerce Shopping Cart 'tcp_class_path' Parameter Remote File Include (1.1.1) CWE-94 CWE-94 High Theme My Login Local File Inclusion (6.3.9) CVE-2014-5155 CWE-22 CWE-22 High Theme Tuner 'tt-abspath' Parameter Remote File Include (0.7) CVE-2012-0934 CWE-94 CWE-94 High Tutor LMS-eLearning and online course solution Local File Inclusion (1.8.7) CVE-2021-24242 CWE-22 CWE-22 High Typo3 Restler 1.7.0 Local File Disclosure CWE-22 CWE-22 High Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Local File Inclusion (1.3.64) CWE-22 CWE-22 High Umbraco CMS local file inclusion CWE-98 CWE-98 High Unauthenticated Arbitrary File Read vulnerability in VMware vCenter CWE-22 CWE-22 High vBulletin routestring Local File Inclusion CWE-98 CWE-98 High Visual Composer:Page Builder for WordPress Local File Inclusion (5.1) CWE-22 CWE-22 High Vmax Project Manager Local File Inclusion (1.1) CWE-22 CWE-22 High VMware vCenter vcavbootstrap Arbitrary File Read High webadmin.php script CWE-552 CWE-552 High Wechat Broadcast Local/Remote File Inclusion (1.2.0) CVE-2018-16283 CWE-98 CWE-98 High WOOCS-Currency Switcher for WooCommerce Professional Local File Inclusion (1.3.6.2) CVE-2021-24566 CWE-98 CWE-98 High WordPress Ad Widget Local File Inclusion (2.11.0) CWE-22 CWE-22 High WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1) CWE-22 CWE-22 High WordPress plugin Slider Revolution arbitrary file disclosure CWE-200 CWE-200 High WP-Client Lite::Client Portals, File Sharing, Messaging & Invoicing Local File Inclusion (1.1.1) CVE-2014-2383 CWE-22 CWE-22 High WP-Lytebox 'pg' Parameter Local File Inclusion (1.3) CVE-2009-4672 CWE-22 CWE-22 High wp-publications Local File Inclusion (0.0) CVE-2021-38360 CWE-22 CWE-22 High WP e-Commerce Shop Styling Local File Inclusion (2.9.1) CVE-2014-2383 CWE-22 CWE-22 High WP e-Commerce Shop Styling Remote File Inclusion (1.7.2) CVE-2013-0724 CWE-94 CWE-94 High WP Easy Stats 'homep' Parameter Remote File Include (1.8) CWE-94 CWE-94 High WPE Indoshipping Multiple Remote File Inclusion Vulnerabilities (2.5.0) CWE-94 CWE-94 High WP Fastest Cache Local File Inclusion (0.8.5.9) CWE-22 CWE-22 High WP Image Zoom Local File Inclusion (1.46) CVE-2021-24447 CWE-22 CWE-22 High WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities (1.3.1) CWE-22 CWE-538 CWE-22 CWE-538 High WP Payeezy Pay Local File Inclusion (2.97) CWE-22 CWE-22 High WP Rocket Local File Inclusion (2.10.3) CVE-2017-11658 CWE-22 CWE-22 High WP Vault Local File Inclusion (0.8.6.6) CWE-22 CWE-22 High WP with Spritz Local/Remote File Inclusion (1.0) CWE-98 CWE-98 High YARPP-Yet Another Related Posts Local File Inclusion (5.30.3) CVE-2022-45374 CWE-22 CWE-22 High Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack CWE-611 CWE-611 High Zend Framework local file disclosure via XXE injection CVE-2012-3363 CVE-2015-5161 CWE-611 CWE-611 High Zingiri Web Shop 'abspath' Parameter Remote File Include (2.4.6) CWE-94 CWE-94 High Zingiri Web Shop 'wpabspath' Parameter Remote File Include (2.2.0) CWE-94 CWE-94 High