Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity ACME mini_httpd arbitrary file read CVE-2018-18778 CWE-23 CWE-23 High Apache Axis2 xsd local file inclusion CWE-22 CWE-22 High Drupal Core 5.x Local File Inclusion (5.0 - 5.11) CVE-2008-6171 CWE-22 CWE-22 High Drupal Core 5.x Local File Inclusion (5.0 - 5.15) CWE-22 CWE-22 High Drupal Core 6.x Local File Inclusion (6.0 - 6.9) CWE-22 CWE-22 High Joomla! Core 1.0 Remote File Inclusion (1.0.0) CVE-2006-2960 CWE-94 CWE-94 High Joomla! Core 1.0.x Remote File Inclusion (1.0.11 - 1.0.14) CVE-2008-5671 CWE-94 CWE-94 High Joomla! Core 2.5.x Remote File Inclusion (2.5.4 - 2.5.25) CVE-2014-7228 CWE-94 CWE-94 High Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - 3.3.4) CVE-2014-7228 CWE-94 CWE-94 High Joomla! Core 3.x.x Local File Inclusion (3.0.0 - 3.9.25) CVE-2021-26031 CWE-22 CWE-22 High Joomla! Core 3.x.x Remote File Inclusion (3.0.0 - 3.2.5) CVE-2014-7228 CWE-94 CWE-94 High Joomla! Core Local File Inclusion (2.5.0 - 3.8.8) CVE-2018-12712 CWE-22 CWE-22 High Joomla! core remote file inclusion CVE-2014-7228.xml CWE-98 CWE-98 High Laravel log viewer local file download (LFD) CVE-2018-8947 CWE-22 CWE-22 High Limited Remote File Read/Include in Jira Software Server CVE-2021-26086 CWE-22 CWE-22 Medium Local File Inclusion CWE-20 CWE-20 Critical Local File Inclusion (CMS Made Simple) CWE-94 CWE-94 Medium Metabase Local File Inclusion (CVE-2021-41277) CVE-2021-41277 CWE-200 CWE-200 High Metabase RCE (CVE-2023-38646) CVE-2023-38646 CWE-20 CWE-20 High Odoo LFI (CVE-2019-14322) CVE-2019-14322 CWE-22 CWE-22 High PHP allow_url_fopen Is Enabled CWE-829 CWE-829 Low PHP allow_url_include enabled CWE-829 CWE-829 High PHP allow_url_include Is Enabled CWE-829 CWE-829 Low PHP curl_exec() url is controlled by user CVE-2009-0037 CWE-352 CWE-352 Medium PHP open_basedir Is Not Configured CWE-664 CWE-664 Low Remote File Inclusion (admin/lang.php) (CMS Made Simple) CVE-2005-2846 High SAP B2B/B2C CRM Local File Inclusion CWE-22 CWE-22 High SearchBlox Local File Inclusion (CVE-2020-35580) CVE-2020-35580 CWE-22 CWE-22 High TCPDF arbitrary file read CWE-98 CWE-98 High Typo3 Restler 1.7.0 Local File Disclosure CWE-22 CWE-22 High Umbraco CMS local file inclusion CWE-98 CWE-98 High Unauthenticated Arbitrary File Read vulnerability in VMware vCenter CWE-22 CWE-22 High vBulletin routestring Local File Inclusion CWE-98 CWE-98 High VMware vCenter vcavbootstrap Arbitrary File Read High webadmin.php script CWE-552 CWE-552 High WordPress Plugin Abstract Submission Local File Inclusion (0.6) CVE-2014-2383 CWE-22 CWE-22 High WordPress Plugin AceIDE Local File Inclusion (2.6.2) CVE-2021-24549 CWE-22 CWE-22 High WordPress Plugin Adavnced Video embed Local File Inclusion (1.0) CWE-22 CWE-22 High WordPress Plugin Adsense Extreme 'adsensextreme[lang]' Parameter Remote File Include (1.0.3) CWE-94 CWE-94 High WordPress Plugin Advanced Custom Fields (ACF) 'acf_abspath' Parameter Remote File Include (3.5.1) CWE-94 CWE-94 High WordPress Plugin Ajax Pagination (twitter Style) Local File Inclusion (1.1) CVE-2014-2674 CWE-22 CWE-22 High WordPress Plugin All-in-One Video Gallery Local File Inclusion (2.4.9) CVE-2021-24970 CWE-22 CWE-22 High WordPress Plugin AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3) CVE-2011-3981 CWE-94 CWE-94 High WordPress Plugin Annonces 'abspath' Parameter Remote File Include (1.2.0.0) CWE-94 CWE-94 High WordPress Plugin Anti-Malware Security and Brute-Force Firewall Local File Inclusion (4.18.63) CWE-22 CWE-22 High WordPress Plugin A Page Flip Book 'pageflipbook_language' Parameter Local File Include (2.3) CVE-2012-6652 CWE-22 CWE-22 High WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'config' Parameter Local File Inclusion (3.0.3) CWE-22 CWE-22 High WordPress Plugin Backup by Supsystic Local File Inclusion (2.3.9) CWE-22 CWE-22 High WordPress Plugin BackUpWordPress Remote File Inclusion (0.4.2b) CVE-2007-5800 CWE-94 CWE-94 High WordPress Plugin BackWPup 'wp_export_generate.php' Local and Remote File Include Vulnerabilities (2.1.4) CWE-94 CWE-94 High WordPress Plugin BackWPup Multiple Local File Include Vulnerabilities (1.5.2) CWE-22 CWE-22 High WordPress Plugin Blogtopdf Local File Inclusion (1.0.2) CVE-2014-2383 CWE-22 CWE-22 High WordPress Plugin Booking Calendar Local File Inclusion (7.0) CWE-22 CWE-22 High WordPress Plugin BookX Local File Inclusion (1.7) CVE-2014-4937 CWE-22 CWE-22 High WordPress Plugin Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0) CWE-98 CWE-98 High WordPress Plugin Browser Rejector Remote File Inclusion (2.10) CWE-94 CWE-94 High WordPress Plugin Buddypress Component Stats Local File Inclusion (1.0) CVE-2014-2383 CWE-22 CWE-22 High WordPress Plugin ChimpMate-WordPress MailChimp Assistant Local File Inclusion (1.3.2) CWE-22 CWE-22 High WordPress Plugin CIP4 Folder Download Widget Local File Inclusion (1.10) CWE-22 CWE-22 High WordPress Plugin Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1) CWE-94 CWE-94 High WordPress Plugin Customer Reviews for WooCommerce Local File Inclusion (5.15.0) CVE-2023-0080 CWE-22 CWE-22 High WordPress Plugin Dharma booking Local/Remote File Inclusion (2.38.3) CWE-98 CWE-98 High WordPress Plugin Disclosure Policy 'abspath' Parameter Remote File Include (1.0) CWE-94 CWE-94 High WordPress Plugin DM Albums 'album.php' Remote File Inclusion (1.9.2) CVE-2009-2396 CWE-94 CWE-94 High WordPress Plugin Download Shortcode Local File Inclusion (0.2.3) CVE-2014-5465 CWE-22 CWE-22 High WordPress Plugin Easy Forms for MailChimp Local File Inclusion (6.0.5.5) CWE-22 CWE-22 High WordPress Plugin Eventify-Simple Events 'npath' Parameter Remote File Include (1.7.g) CWE-94 CWE-94 High WordPress Plugin Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9) CVE-2023-0159 CWE-22 CWE-22 High WordPress Plugin FireStats 'firestats-wordpress.php' Remote File Include (1.6.1) CVE-2009-2143 CWE-94 CWE-94 High WordPress Plugin Floating Social Media Links 'wpp' Parameter Multiple Remote File Include Vulnerabilities (1.4.2) CWE-94 CWE-94 High WordPress Plugin gboutique Local File Inclusion (1.3) CVE-2014-2383 CWE-22 CWE-22 High WordPress Plugin GraceMedia Media Player Local File Inclusion (1.0) CVE-2019-9618 CWE-22 CWE-22 High WordPress Plugin Gwolle Guestbook Remote File Inclusion (1.5.3) CVE-2015-8351 CWE-98 CWE-98 High WordPress Plugin IMDb Profile Widget Local File Inclusion (1.0.8) CWE-22 CWE-22 High WordPress Plugin Issuu Panel Local/Remote File Inclusion (1.6) CWE-98 CWE-98 High WordPress Plugin jQuery Mega Menu Widget 'skin' Parameter Local File Include (1.0) CWE-22 CWE-22 High WordPress Plugin kk Star Ratings 'root' Parameter Remote File Include (1.7) CWE-94 CWE-94 High WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Local File Inclusion (1.4.3) CWE-22 CWE-22 High WordPress Plugin Last.fm Rotation Local File Inclusion (1.0) CVE-2014-5181 CWE-22 CWE-22 High WordPress Plugin Light Post 'abspath' Parameter Remote File Include (1.4) CWE-94 CWE-94 High WordPress Plugin LiveSig 'wp-root' Parameter Remote File Include (0.4) CWE-94 CWE-94 High WordPress Plugin Localize My Post Local File Inclusion (1.0) CVE-2018-16299 CWE-22 CWE-22 High WordPress Plugin Loco Translate Local File Inclusion (2.2.1) CWE-22 CWE-22 High WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1) CWE-22 CWE-22 High WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3) CWE-94 CWE-94 High WordPress Plugin Mail Masta Local File Inclusion (1.0) CWE-22 CWE-22 High WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0) CVE-2015-5469 CWE-22 CWE-22 High WordPress Plugin Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36) CWE-94 CWE-94 High WordPress Plugin myFlash Remote File Include (1.10) CVE-2007-2485 CWE-94 CWE-94 High WordPress Plugin myGallery Remote File Include (1.4b4) CVE-2007-2426 CWE-94 CWE-94 High WordPress Plugin MyPixs Local File Inclusion (0.3) CVE-2015-1000012 CWE-22 CWE-22 High WordPress Plugin N-Media Website Contact Form with File Upload Local File Inclusion (1.5) CWE-22 CWE-22 High WordPress Plugin NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.7) CWE-22 CWE-22 High WordPress Plugin NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.56) CVE-2016-6565 CWE-22 CWE-22 High WordPress Plugin Nmedia MailChimp Widget 'abs_path' Parameter Remote File Include (3.1) CWE-94 CWE-94 High WordPress Plugin OPS Old Post Spinner 'ops_file' Parameter Local File Include (2.2.1) CWE-22 CWE-22 High WordPress Plugin Payment Gateways Caller for WP e-Commerce Local File Inclusion (0.1) CWE-22 CWE-22 High WordPress Plugin Photocart Link Local File Inclusion (1.6) CWE-22 CWE-22 High WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Local File Inclusion (1.5.24) CVE-2019-14798 CWE-22 CWE-22 High WordPress Plugin PictPress 'resize.php' Multiple Local File Include Vulnerabilities (1.0) CVE-2007-6369 CWE-22 CWE-22 High WordPress Plugin Post PDF Export Local File Inclusion (1.0.1) CVE-2014-2383 CWE-22 CWE-22 High WordPress Plugin Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2) CWE-94 CWE-94 High WordPress Plugin Posts in Page Local File Inclusion (1.2.4) CWE-22 CWE-22 High WordPress Plugin Really Simple Guest Post Local File Inclusion (1.0.6) CWE-22 CWE-22 High WordPress Plugin Redirection Local File Inclusion (2.7.3) CWE-22 CWE-22 High WordPress Plugin Relocate Upload 'abspath' Parameter Remote File Include (0.14) CVE-2012-1205 CWE-94 CWE-94 High WordPress Plugin Revamp CRM for WooCommerce Local File Inclusion (1.0.3) CWE-22 CWE-22 High WordPress Plugin Ruben Boelinger wordTube 'wpPATH' Parameter Multiple Remote File Include Vulnerabilities (1.43) CVE-2007-2481 CVE-2007-2482 CWE-94 CWE-94 High WordPress Plugin Ruben Boelinger WP-Table 'wpPATH' Parameter Multiple Remote File Include Vulnerabilities (1.43) CVE-2007-2483 CVE-2007-2484 CWE-94 CWE-94 High WordPress Plugin SAM Pro (Free Edition) Local File Inclusion (1.9.6.67) CWE-22 CWE-22 High WordPress Plugin SG Optimizer Local File Inclusion (5.0.12) CWE-22 CWE-22 High WordPress Plugin Shortcode Factory Local File Inclusion (2.7) CVE-2019-15322 CWE-22 CWE-22 High WordPress Plugin Simple Ads Manager Local File Inclusion (2.10.0.130) CWE-22 CWE-22 High WordPress Plugin Simple Fields Local File Inclusion (0.3.5) CWE-22 CWE-22 High WordPress Plugin Sina Extension for Elementor Local File Inclusion (2.2.0) CVE-2019-15839 CWE-22 CWE-22 High WordPress Plugin Site Editor-WordPress Site Builder-Theme Builder and Page Builder Local File Inclusion (1.1.1) CVE-2018-7422 CWE-22 CWE-22 High WordPress Plugin Site Import Remote File Inclusion (1.0.1) CWE-98 CWE-98 High WordPress Plugin SlideDeck 2 Lite Responsive Content Slider Local/Remote File Inclusion (2.3.3) CWE-98 CWE-98 High WordPress plugin Slider Revolution arbitrary file disclosure CWE-200 CWE-200 High WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4) CWE-22 CWE-22 High WordPress Plugin Social Discussions Remote File Include and Information Disclosure Vulnerabilities (6.1.1) CWE-94 CWE-200 CWE-94 CWE-200 High WordPress Plugin Spellchecker 'general.php' Local and Remote File Include Vulnerabilities (3.1) CWE-22 CWE-94 CWE-22 CWE-94 High WordPress Plugin Spicy Blogroll Local File Include (1.0.0) CWE-22 CWE-22 High WordPress Plugin Subscribe to Comments Local File Inclusion (2.1.2) CWE-22 CWE-22 High WordPress Plugin Tera Charts Multiple Local File Inclusion Vulnerabilities (0.1) CVE-2014-4940 CWE-22 CWE-22 High WordPress Plugin TheCartPress eCommerce Shopping Cart 'tcp_class_path' Parameter Remote File Include (1.1.1) CWE-94 CWE-94 High WordPress Plugin Theme My Login Local File Inclusion (6.3.9) CVE-2014-5155 CWE-22 CWE-22 High WordPress Plugin Theme Tuner 'tt-abspath' Parameter Remote File Include (0.7) CVE-2012-0934 CWE-94 CWE-94 High WordPress Plugin Tutor LMS-eLearning and online course solution Local File Inclusion (1.8.7) CVE-2021-24242 CWE-22 CWE-22 High WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Local File Inclusion (1.3.64) CWE-22 CWE-22 High WordPress Plugin Visual Composer:Page Builder for WordPress Local File Inclusion (5.1) CWE-22 CWE-22 High WordPress Plugin Vmax Project Manager Local File Inclusion (1.1) CWE-22 CWE-22 High WordPress Plugin Wechat Broadcast Local/Remote File Inclusion (1.2.0) CVE-2018-16283 CWE-98 CWE-98 High WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Local File Inclusion (1.3.6.2) CVE-2021-24566 CWE-98 CWE-98 High WordPress Plugin WordPress Ad Widget Local File Inclusion (2.11.0) CWE-22 CWE-22 High WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1) CWE-22 CWE-22 High WordPress Plugin WP-Client Lite::Client Portals, File Sharing, Messaging & Invoicing Local File Inclusion (1.1.1) CVE-2014-2383 CWE-22 CWE-22 High WordPress Plugin WP-Lytebox 'pg' Parameter Local File Inclusion (1.3) CVE-2009-4672 CWE-22 CWE-22 High WordPress Plugin wp-publications Local File Inclusion (0.0) CVE-2021-38360 CWE-22 CWE-22 High WordPress Plugin WP e-Commerce Shop Styling Local File Inclusion (2.9.1) CVE-2014-2383 CWE-22 CWE-22 High WordPress Plugin WP e-Commerce Shop Styling Remote File Inclusion (1.7.2) CVE-2013-0724 CWE-94 CWE-94 High WordPress Plugin WP Easy Stats 'homep' Parameter Remote File Include (1.8) CWE-94 CWE-94 High WordPress Plugin WPE Indoshipping Multiple Remote File Inclusion Vulnerabilities (2.5.0) CWE-94 CWE-94 High WordPress Plugin WP Fastest Cache Local File Inclusion (0.8.5.9) CWE-22 CWE-22 High WordPress Plugin WP Image Zoom Local File Inclusion (1.46) CVE-2021-24447 CWE-22 CWE-22 High WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities (1.3.1) CWE-22 CWE-538 CWE-22 CWE-538 High WordPress Plugin WP Payeezy Pay Local File Inclusion (2.97) CWE-22 CWE-22 High WordPress Plugin WP Rocket Local File Inclusion (2.10.3) CVE-2017-11658 CWE-22 CWE-22 High WordPress Plugin WP Vault Local File Inclusion (0.8.6.6) CWE-22 CWE-22 High WordPress Plugin WP with Spritz Local/Remote File Inclusion (1.0) CWE-98 CWE-98 High WordPress Plugin YARPP-Yet Another Related Posts Local File Inclusion (5.30.3) CVE-2022-45374 CWE-22 CWE-22 High WordPress Plugin Zingiri Web Shop 'abspath' Parameter Remote File Include (2.4.6) CWE-94 CWE-94 High WordPress Plugin Zingiri Web Shop 'wpabspath' Parameter Remote File Include (2.2.0) CWE-94 CWE-94 High Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack CWE-611 CWE-611 High Zend Framework local file disclosure via XXE injection CVE-2012-3363 CVE-2015-5161 CWE-611 CWE-611 High ZK Framework AuUploader Information Disclosure (CVE-2022-36537) CVE-2022-36537 CWE-200 CWE-200 High