Missing Update Vulnerabilities

Vulnerability Name CVE CWE Severity
Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872  CWE-79  High
Apache 2.0.39 Win32 directory traversal CVE-2002-0661  CWE-22  High
Apache 2.0.43 Win32 file reading vulnerability CVE-2003-0017  CWE-20  High
Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425  CWE-20  High
Apache 2.x version equal to 2.0.51 CVE-2004-0811  CWE-264  Medium
Apache 2.x version older than 2.0.43 CVE-2002-0840  CVE-2002-1156  CWE-538  Medium
Apache 2.x version older than 2.0.45 CVE-2003-0132  CWE-400  Medium
Apache 2.x version older than 2.0.46 CVE-2003-0083  CVE-2003-0134  CVE-2003-0189  CVE-2003-0245  CWE-20  Medium
Apache 2.x version older than 2.0.47 CVE-2003-0192  CVE-2003-0253  CVE-2003-0254  CWE-20  Medium
Apache 2.x version older than 2.0.48 CVE-2003-0542  CVE-2003-0789  CWE-119  Medium
Apache 2.x version older than 2.0.49 CVE-2003-0020  CVE-2004-0113  CVE-2004-0174  CWE-20  Medium
Apache 2.x version older than 2.0.51 CVE-2004-0747  CVE-2004-0748  CVE-2004-0751  CVE-2004-0786  CVE-2004-0809  CWE-119  Medium
Apache 2.x version older than 2.0.55 CVE-2005-1268  CVE-2005-2088  CVE-2005-2491  CVE-2005-2700  CVE-2005-2728  CVE-2005-2970  CWE-119  Medium
Apache 2.x version older than 2.0.61 CVE-2006-5752  CVE-2007-1863  CVE-2007-3304  CVE-2007-3847  CWE-701  Medium
Apache 2.x version older than 2.0.63 CVE-2007-5000  CVE-2007-6388  CVE-2008-0005  CWE-79  Medium
Apache 2.x version older than 2.2.10 CVE-2008-2939  CVE-2010-2791  CWE-79  Low
Apache 2.x version older than 2.2.3 CVE-2006-3747  CWE-189  Medium
Apache 2.x version older than 2.2.6 CVE-2006-5752  CVE-2007-1862  CVE-2007-1863  CVE-2007-3304  CVE-2007-3847  CWE-20  Medium
Apache 2.x version older than 2.2.8 CVE-2007-5000  CVE-2007-6388  CVE-2007-6421  CVE-2007-6422  CVE-2008-0005  CWE-79  Medium
Apache 2.x version older than 2.2.9 CVE-2007-6420  CVE-2008-2364  CWE-399  Medium
Apache Tomcat "allowLinking" on case insensitive filesystems CVE-2008-2938  CWE-22  High
Apache Tomcat WAR file directory traversal vulnerability CVE-2009-2693  CVE-2009-2901  CWE-22  Medium
Apache Tomcat directory host Appbase authentication bypass vulnerability CVE-2009-2901  CWE-264  Medium
Apache Tomcat directory traversal CVE-2007-0450  CWE-22  Medium
Apache Tomcat version older than 4.1.37 CVE-2005-3164  CVE-2007-1355  CVE-2007-2449  CVE-2007-2450  CVE-2007-3382  CVE-2007-3383  CVE-2007-3385  CVE-2007-5333  CVE-2007-5461  CWE-79  Medium
Apache Tomcat version older than 4.1.39 CVE-2008-0128  CVE-2008-1232  CVE-2008-2370  CWE-22  Medium
Apache Tomcat version older than 5.5.25 CVE-2007-2449  CVE-2007-2450  CVE-2007-3382  CVE-2007-3385  CVE-2007-3386  CWE-79  Medium
Apache Tomcat version older than 5.5.26 CVE-2007-5333  CVE-2007-5342  CVE-2007-5461  CVE-2007-6286  CWE-264  Medium
Apache Tomcat version older than 5.5.27 CVE-2008-1232  CVE-2008-1947  CVE-2008-2370  CWE-22  Medium
Apache Tomcat version older than 6.0.10 CVE-2007-0450  CWE-22  Medium
Apache Tomcat version older than 6.0.11 CVE-2005-2090  CVE-2007-1355  CWE-79  Medium
Apache Tomcat version older than 6.0.14 CVE-2007-2449  CVE-2007-2450  CVE-2007-3382  CVE-2007-3385  CVE-2007-3386  CWE-79  Medium
Apache Tomcat version older than 6.0.16 CVE-2007-5333  CVE-2007-5342  CVE-2007-5461  CVE-2007-6286  CVE-2008-0002  CWE-264  Medium
Apache Tomcat version older than 6.0.18 CVE-2008-1232  CVE-2008-1947  CVE-2008-2370  CWE-79  Medium
Apache Tomcat version older than 6.0.35 CVE-2011-3190  CVE-2011-3375  CVE-2012-0022  CWE-264  High
Apache Tomcat version older than 6.0.36 CVE-2012-2733  CVE-2012-3439  CVE-2012-3546  CVE-2012-4431  CVE-2012-4534  CWE-20  High
Apache Tomcat version older than 6.0.6 CVE-2007-1358  CWE-79  Low
Apache Tomcat version older than 6.0.9 CVE-2008-0128  CWE-16  Medium
Apache Tomcat version older than 7.0.21 CVE-2011-3190  CWE-264  High
Apache Tomcat version older than 7.0.23 CVE-2012-0022  CWE-189  High
Apache Tomcat version older than 7.0.28 CVE-2012-2733  CVE-2012-4534  CWE-20  High
Apache Tomcat version older than 7.0.30 CVE-2012-3439  CVE-2012-3544  CVE-2012-3546  CWE-20  High
Apache Tomcat version older than 7.0.32 CVE-2012-4431  CWE-264  High
Apache Win32 batch file remote command execution vulnerability CVE-2002-0061  CWE-20  High
Apache error log escape sequence injection vulnerability CVE-2003-0020  CWE-20  Medium
Apache httpOnly cookie disclosure CVE-2012-0053  CWE-264  Medium
Apache httpd remote denial of service CVE-2011-3192  CWE-399  Medium
Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747  CWE-189  High
Apache version older than 1.3.27 CVE-2002-0839  CVE-2002-0840  CVE-2002-0843  CWE-119  Medium
Apache version older than 1.3.28 CVE-2003-0460  CWE-20  Medium
Apache version older than 1.3.29 CVE-2003-0542  CWE-119  Medium
Apache version older than 1.3.31 CVE-2003-0020  CVE-2003-0987  CVE-2003-0993  CVE-2004-0174  CWE-264  Medium
Apache version older than 1.3.34 CVE-2005-2088  CWE-20  Medium
Apache version older than 1.3.37 CVE-2006-3747  CWE-189  Medium
Apache version older than 1.3.39 CVE-2006-5752  CVE-2007-3304  CWE-79  Medium
Apache version older than 1.3.41 CVE-2007-6388  CWE-79  Medium
Apache version up to 1.3.33 htpasswd local overflow CVE-2006-1078  CWE-119  Low
Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392  CWE-119  High
ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265  CWE-22  High
ColdFusion 9 solr service exposed CVE-2010-0185  CWE-264  High
ColdFusion User-Agent cross-site scripting CVE-2007-0817  CWE-79  High
ColdFusion directory traversal CVE-2010-2861  CWE-22  High
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1) CVE-2005-0682  CWE-79  High
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5) CVE-2005-3973  CWE-79  High
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7) CVE-2006-1226  CWE-79  High
Drupal Core 4.5.x Mail Header Injection (4.5.0 - 4.5.7) CWE-20  High
Drupal Core 4.5.x Multiple Vulnerabilities (4.5.0 - 4.5.5) CWE-79  CWE-113  High
Drupal Core 4.5.x Security Bypass (4.5.0 - 4.5.7) CWE-264  High
Drupal Core 4.5.x Session Fixation (4.5.0 - 4.5.7) CWE-384  High
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6) CVE-2006-2743  CWE-95  High
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7) CVE-2006-2831  CWE-95  High
Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 - 4.6.9) CVE-2006-5476  CWE-352  High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.10) CVE-2007-0136  CWE-79  High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3) CVE-2005-3973  CWE-79  High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5) CVE-2006-1226  CWE-79  High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7) CVE-2006-2833  CWE-79  High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8) CVE-2006-4002  CWE-79  High
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124  CWE-400  High
Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9) CVE-2006-5477  CWE-20  High
Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5) CWE-20  High
Drupal Core 4.6.x Multiple Cross-Site Scripting Vulnerabilities (4.6.0 - 4.6.9) CVE-2006-5475  CWE-79  High
Drupal Core 4.6.x Multiple Vulnerabilities (4.6.0 - 4.6.3) CWE-79  CWE-113  High
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6) CVE-2006-2742  CWE-89  High
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3) CVE-2005-3974  CWE-264  High
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.5) CWE-264  High
Drupal Core 4.6.x Session Fixation (4.6.0 - 4.6.5) CWE-384  High
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.0) CVE-2006-2743  CWE-95  High
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5) CVE-2007-0626  CWE-95  High
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.10) CVE-2008-0272  CWE-352  High
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.3) CVE-2006-5476  CWE-352  High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1) CVE-2006-2833  CWE-79  High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10) CVE-2008-0273  CWE-79  High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10) CVE-2008-0274  CWE-79  High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2) CVE-2006-4002  CWE-79  High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4) CVE-2007-0136  CWE-79  High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7) CVE-2007-5596  CWE-79  High
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124  CWE-400  High
Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3) CVE-2006-5477  CWE-20  High
Drupal Core 4.7.x HTTP Response Splitting (4.7.0 - 4.7.7) CVE-2007-5595  CWE-113  High
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.3) CVE-2006-5475  CWE-79  High
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.6) CVE-2007-4064  CWE-79  High
Drupal Core 4.7.x Multiple Vulnerabilities (4.7.0 - 4.7.1) CVE-2006-2831  CVE-2006-2832  CWE-79  CWE-95  High
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.0) CVE-2006-2742  CWE-89  High
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8) CVE-2007-6299  CWE-89  High
Drupal Core 4.7.x Security Bypass (4.7.0 - 4.7.7) CVE-2007-5597  CWE-702  High
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.0) CVE-2007-0626  CWE-95  High
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2) CVE-2007-5593  CWE-95  High
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.2) CVE-2007-5594  CWE-352  High
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.5) CVE-2008-0272  CWE-352  High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.16) CVE-2009-1575  CVE-2009-1576  CVE-2009-1844  CWE-79  High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.17) CVE-2009-1844  CWE-79  High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.2) CVE-2007-5596  CWE-79  High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.20) CVE-2009-4369  CWE-79  High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5) CVE-2008-0274  CWE-79  High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5) CVE-2008-0273  CWE-79  High
Drupal Core 5.x HTTP Response Splitting (5.0 - 5.2) CVE-2007-5595  CWE-113  High
Drupal Core 5.x Information Disclosure (5.0 - 5.18) CVE-2009-2374  CWE-200  High
Drupal Core 5.x Local File Inclusion (5.0 - 5.11) CVE-2008-6171  CWE-22  High
Drupal Core 5.x Local File Inclusion (5.0 - 5.15) CWE-22  High
Drupal Core 5.x Multiple Cross-Site Request Forgery Vulnerabilities (5.0 - 5.1) CVE-2007-4063  CWE-352  High
Drupal Core 5.x Multiple Cross-Site Scripting Vulnerabilities (5.0 - 5.1) CVE-2007-4064  CWE-79  High
Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.10) CVE-2008-4790  CVE-2008-4791  CVE-2008-4792  CVE-2008-4793  CWE-264  High
Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.22) CVE-2010-3092  CVE-2010-3093  CWE-264  High
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.12) CVE-2008-6532  CVE-2008-6533  CWE-79  CWE-352  High
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.21) CWE-79  CWE-264  CWE-601  High
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.7) CVE-2008-3219  CVE-2008-3220  CVE-2008-3222  CWE-352  CWE-384  High
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.9) CVE-2008-3740  CVE-2008-3741  CVE-2008-3742  CVE-2008-3744  CWE-79  CWE-352  CWE-434  High
Drupal Core 5.x SQL Injection (5.0 - 5.14) CWE-89  High
Drupal Core 5.x SQL Injection (5.0 - 5.3) CVE-2007-6299  CWE-89  High
Drupal Core 5.x Security Bypass (5.0 - 5.2) CVE-2007-5597  CWE-702  High
Drupal Core 5.x Session Fixation (5.0 - 5.19) CWE-384  High
Drupal Core 5.x Session Fixation (5.0 - 5.8) CWE-384  High
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.10) CVE-2009-1575  CVE-2009-1576  CVE-2009-1844  CWE-79  High
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11) CVE-2009-1844  CWE-79  High
Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265  CVE-2014-5266  CVE-2014-5267  CWE-400  High
Drupal Core 6.x Information Disclosure (6.0 - 6.30) CVE-2014-2983  CWE-200  High
Drupal Core 6.x Local File Inclusion (6.0 - 6.9) CWE-22  High
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.0) CVE-2008-1131  CVE-2008-1133  CWE-79  High
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.14) CVE-2009-4369  CVE-2009-4370  CWE-79  High
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.20) CWE-79  High
Drupal Core 6.x Multiple Security Bypass Vulnerabilities (6.0 - 6.4) CVE-2008-4789  CVE-2008-4791  CVE-2008-4792  CWE-264  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.12) CVE-2009-2372  CVE-2009-2373  CVE-2009-2374  CWE-79  CWE-200  CWE-264  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.13) CWE-264  CWE-352  CWE-434  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.15) CWE-79  CWE-264  CWE-601  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.17) CVE-2010-3091  CVE-2010-3092  CVE-2010-3093  CVE-2010-3094  CVE-2010-3685  CVE-2010-3686  CWE-79  CWE-264  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.2) CVE-2008-3218  CVE-2008-3219  CVE-2008-3220  CVE-2008-3221  CVE-2008-3222  CVE-2008-3223  CWE-79  CWE-89  CWE-352  CWE-384  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.22) CVE-2012-0825  CVE-2012-0826  CWE-264  CWE-352  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.26) CVE-2012-5651  CVE-2012-5652  CVE-2012-5653  CWE-95  CWE-264  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.27) CVE-2013-0244  CVE-2013-0245  CWE-79  CWE-264  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.28) CVE-2013-6385  CVE-2013-6386  CWE-95  CWE-264  CWE-330  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.3) CVE-2008-3740  CVE-2008-3741  CVE-2008-3742  CVE-2008-3743  CVE-2008-3744  CVE-2008-3745  CWE-79  CWE-264  CWE-352  CWE-434  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.31) CVE-2014-5019  CVE-2014-5021  CWE-79  CWE-400  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.34) CVE-2015-2559  CVE-2015-2749  CVE-2015-2750  CWE-264  CWE-601  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.36) CVE-2015-6658  CVE-2015-6660  CVE-2015-6661  CWE-79  CWE-200  CWE-352  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.37) CVE-2016-3163  CVE-2016-3164  CVE-2016-3165  CVE-2016-3166  CVE-2016-3167  CVE-2016-3168  CVE-2016-3169  CVE-2016-3171  CWE-113  CWE-287  CWE-405  CWE-601  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.5) CVE-2008-6170  CVE-2008-6171  CWE-22  CWE-79  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.6) CVE-2008-6532  CVE-2008-6533  CWE-79  CWE-352  High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.8) CWE-89  CWE-264  High
Drupal Core 6.x Security Bypass (6.0 - 6.1) CWE-264  High
Drupal Core 6.x Security Bypass (6.0 - 6.29) CVE-2014-1475  CWE-287  High
Drupal Core 6.x Security Bypass (6.0 - 6.35) CVE-2015-3234  CWE-287  High
Drupal Core 6.x Session Hijacking (6.0 - 6.33) CVE-2014-9015  CWE-384  High
Drupal Core 7.x Cross-Site Request Forgery (7.0 - 7.12) CVE-2007-6752  CWE-352  High
Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316  CWE-400  High
Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265  CVE-2014-5266  CVE-2014-5267  CWE-400  High
Drupal Core 7.x Information Disclosure (7.0 - 7.14) CVE-2012-2922  CWE-200  High
Drupal Core 7.x Information Disclosure (7.0 - 7.26) CVE-2014-2983  CWE-200  High
Drupal Core 7.x Multiple Security Bypass Vulnerabilities (7.0 - 7.25) CVE-2014-1475  CVE-2014-1476  CWE-264  CWE-287  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.0) CWE-79  CWE-264  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.10) CVE-2012-0825  CVE-2012-0826  CVE-2012-0827  CWE-264  CWE-352  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.12) CVE-2012-1588  CVE-2012-1589  CVE-2012-1590  CVE-2012-1591  CVE-2012-2153  CWE-264  CWE-400  CWE-601  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.15) CVE-2012-4553  CVE-2012-4554  CWE-95  CWE-538  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.17) CVE-2012-5651  CVE-2012-5653  CWE-95  CWE-264  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.18) CVE-2013-0244  CVE-2013-0245  CVE-2013-0246  CWE-79  CWE-264  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.23) CVE-2013-6385  CVE-2013-6386  CVE-2013-6387  CVE-2013-6388  CVE-2013-6389  CWE-79  CWE-95  CWE-264  CWE-330  CWE-601  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.28) CVE-2014-5019  CVE-2014-5020  CVE-2014-5021  CVE-2014-5022  CWE-79  CWE-264  CWE-400  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.33) CVE-2014-9015  CVE-2014-9016  CWE-384  CWE-400  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.34) CVE-2015-2559  CVE-2015-2749  CVE-2015-2750  CWE-264  CWE-601  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.37) CVE-2015-3231  CVE-2015-3232  CVE-2015-3233  CVE-2015-3234  CWE-200  CWE-287  CWE-601  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.38) CVE-2015-6658  CVE-2015-6659  CVE-2015-6660  CVE-2015-6661  CVE-2015-6665  CWE-79  CWE-89  CWE-200  CWE-352  High
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.42) CVE-2016-3162  CVE-2016-3163  CVE-2016-3164  CVE-2016-3168  CVE-2016-3169  CVE-2016-3170  CWE-200  CWE-287  CWE-400  CWE-405  CWE-601  High
Drupal Core 7.x Open Redirect (7.0 - 7.40) CVE-2015-7943  CWE-601  High
Drupal Core 7.x SQL Injection (7.0 - 7.31) CVE-2014-3704  CWE-89  High
Drupal Core 7.x Security Bypass (7.0 - 7.2) CVE-2011-2687  CWE-264  High
Drupal Core 7.x Security Bypass (7.0 - 7.4) CVE-2011-2726   CWE-264  High
Drupal Core 8.0.x Multiple Vulnerabilities (8.0.0 - 8.0.3) CVE-2016-3162  CVE-2016-3164  CVE-2016-3170  CWE-200  CWE-287  CWE-400  CWE-601  High
Exim Illegal IPv6 Address and SPA Authentication Buffer Overflow CVE-2005-0021  CWE-119  High
Horde remote code execution CVE-2014-1691  CWE-94  High
Jetpack 2.9.3: Critical Security Update CVE-2014-0173  CWE-287  High
Joomla! Core 1.0 Remote File Inclusion (1.0.0 - 1.0.0) CVE-2006-2960  CWE-94  High
Joomla! Core 1.0.5 Security Bypass (1.0.5 - 1.0.5) CVE-2006-0114  CWE-264  High
Joomla! Core 1.0.x Cross-Site Scripting (1.0.0 - 1.0.11) CVE-2006-6832  CWE-79  High
Joomla! Core 1.0.x Cross-Site Scripting (1.0.0 - 1.0.15) CWE-79  High
Joomla! Core 1.0.x Cross-Site Scripting (1.0.0 - 1.0.15) CVE-2011-0005  CWE-79  High
Joomla! Core 1.0.x Multiple Cross-Site Scripting Vulnerabilities (1.0.0 - 1.0.10) CVE-2006-4474  CWE-79  High
Joomla! Core 1.0.x Multiple Cross-Site Scripting Vulnerabilities (1.0.0 - 1.0.12) CVE-2007-4189  CVE-2007-4190  CVE-2007-5577  CWE-79  High
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.10) CVE-2006-4466  CVE-2006-4468  CVE-2006-4469  CVE-2006-4470  CVE-2006-4472  CVE-2006-4473  CVE-2006-4475  CVE-2006-4476  High
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.11) CVE-2006-6833  CVE-2006-6834  High
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.5) CVE-2006-0303  High
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.7) CVE-2006-1030  CVE-2006-1047  High
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.9) CVE-2006-7008  CVE-2006-7009  High
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.12) CVE-2007-4184  CVE-2007-4185  CWE-89  CWE-200  High
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.13) CVE-2007-5427  CWE-79  CWE-352  High
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.3) CVE-2005-3771  CVE-2005-3772  CVE-2005-4650  CWE-79  CWE-89  CWE-400  High
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.7) CVE-2006-1027  CVE-2006-1028  CVE-2006-1029  CVE-2006-1048  CVE-2006-1049  CWE-89  CWE-200  CWE-264  CWE-400  High
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.9) CVE-2006-3480  CVE-2006-3481  CVE-2006-7010  CWE-79  CWE-89  High
Joomla! Core 1.0.x Remote File Inclusion (1.0.11 - 1.0.14) CVE-2008-5671  CWE-94  High
Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11) CVE-2007-0374  CWE-89  High
Joomla! Core 1.0.x Security Bypass (1.0.0 - 1.0.10) CVE-2006-4471  CWE-264  High
Joomla! Core 1.0.x Session Fixation (1.0.0 - 1.0.12) CVE-2007-4188  CWE-287  High
Joomla! Core 1.0.x Unspecified Vulnerability (1.0.0 - 1.0.3) CVE-2005-3773  High
Joomla! Core 1.5.12 Arbitrary File Upload (1.5.12 - 1.5.12) CVE-2011-4906  CVE-2011-4908  CWE-434   High
Joomla! Core 1.5.x Arbitrary File Upload (1.5.0 - 1.5.15) CVE-2010-1433  CWE-434   High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.10) CVE-2009-1939  CWE-79  High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.10) CVE-2009-1940  CWE-79  High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.10) CVE-2009-1938  CWE-79  High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.11) CVE-2011-4910  CWE-79  High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.11) CVE-2011-4909  CWE-79  High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.7) CVE-2008-6299  CWE-79  High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.9) CVE-2009-1279  CWE-79  High
Joomla! Core 1.5.x Directory Traversal (1.5.0 - 1.5.8) CVE-2009-0113  CWE-22  High
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.11) CVE-2011-4911  CWE-200  High
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.12) CWE-200  High
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.14) CWE-200  High
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.15) CVE-2010-1432  CWE-200  High
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.23) CVE-2011-3629  CWE-200  High
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.25) CVE-2012-1599  CWE-264  High
Joomla! Core 1.5.x Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 1.5.20) CVE-2010-3712  CWE-79  High
Joomla! Core 1.5.x Multiple SQL Injection Vulnerabilities (1.5.0 - 1.5.21) CVE-2010-4166  CVE-2010-4696  CWE-89  High
Joomla! Core 1.5.x Multiple Vulnerabilities (1.5.0 - 1.5.3) CVE-2008-3225  CVE-2008-3226  CVE-2008-3227  CVE-2008-3228  CWE-16  CWE-59  CWE-264  High
Joomla! Core 1.5.x Multiple Vulnerabilities (1.5.0 - 1.5.9) CVE-2009-1279  CVE-2009-1280  CWE-79  CWE-352  High
Joomla! Core 1.5.x Open Redirect (1.5.0 - 1.5.6) CVE-2008-4104  CWE-601  High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.13) CWE-264  High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.14) CWE-264  High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.15) CVE-2010-1435  CWE-264  High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.24) CVE-2011-4321  CWE-310  High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.25) CVE-2012-1598  CWE-264  High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.5) CVE-2008-3681  CWE-264  High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.6) CVE-2008-4102  CWE-330  High
Joomla! Core 1.5.x Session Fixation (1.5.0 - 1.5.15) CVE-2010-1434  CWE-384  High
Joomla! Core 1.5.x Session Hijacking (1.5.0 - 1.5.8) CVE-2008-4122  CWE-310  High
Joomla! Core 1.5.x Spam (1.5.0 - 1.5.22) CWE-20  High
Joomla! Core 1.5.x Spam (1.5.0 - 1.5.6) CVE-2008-4103  CWE-20  High
Joomla! Core 1.5.x Variable Injection (1.5.0 - 1.5.6) CVE-2008-4105  CWE-20  High
Joomla! Core 1.6.0 Multiple Vulnerabilities (1.6.0 - 1.6.0) CVE-2010-3712  CWE-79  CWE-89  CWE-200  High
Joomla! Core 1.6.0 Spam (1.6.0 - 1.6.0) CWE-20  High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.3) CVE-2011-4332  CWE-79  High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.5) CVE-2011-2710  CWE-79  High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6) CWE-79  High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6) CVE-2012-0820  CWE-79  High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6) CVE-2012-0822  CWE-79  High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6) CVE-2011-3595  CWE-79  High
Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.3) CWE-200  High
Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.6) CVE-2012-0819  CWE-200  High
Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.6) CVE-2012-0821  CWE-200  High
Joomla! Core 1.6.x Multiple Cross-Site Scripting Vulnerabilities (1.6.0 - 1.6.3) CVE-2011-2509  CWE-79  High
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.3) CWE-264  High
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.6) CWE-330  High
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.6) CVE-2012-1562  CWE-264  High
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.6) CVE-2012-1563  CWE-264  High
Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0 - 1.7.0) CWE-79  High
Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0 - 1.7.0) CVE-2011-3595  CWE-79  High
Joomla! Core 1.7.0 Information Disclosure (1.7.0 - 1.7.0) CWE-200  High
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.2) CWE-79  High
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.3) CVE-2012-0822  CWE-79  High
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.3) CVE-2012-0820  CWE-79  High
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.1) CVE-2011-3629  CWE-200  High
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.1) CVE-2011-4937  CWE-200  High
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.3) CVE-2012-0819  CWE-200  High
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.3) CVE-2012-0821  CWE-200  High
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4) CVE-2012-0835  CWE-200  High
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4) CVE-2012-0837  CWE-200  High
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4) CVE-2012-0836  CWE-200  High
Joomla! Core 1.7.x SQL Injection (1.7.0 - 1.7.4) CVE-2012-1116  CWE-89  High
Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.2) CWE-330  High
Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.5) CVE-2012-1563  CWE-264  High
Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.5) CVE-2012-1562  CWE-264  High
Joomla! Core 2.5.0 Information Disclosure (2.5.0 - 2.5.0) CVE-2012-0835  CWE-200  High
Joomla! Core 2.5.0 Information Disclosure (2.5.0 - 2.5.0) CVE-2012-0837  CWE-200  High
Joomla! Core 2.5.x Arbitrary File Upload (2.5.0 - 2.5.13) CVE-2013-5576  CWE-434   High
Joomla! Core 2.5.x Clickjacking Vulnerability (2.5.0 - 2.5.7) CVE-2012-5827  CWE-693  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.1) CVE-2012-1117  CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.14) CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.18) CVE-2014-7982  CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.3) CVE-2012-1612  CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.6) CVE-2012-4532  CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.6) CVE-2012-4531   CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9) CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9) CVE-2013-3267  CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9) CVE-2013-3058  CWE-79  High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9) CVE-2013-3059  CWE-79  High
Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242  CWE-400  High
Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229  CWE-400  High
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.3) CVE-2012-1611  CWE-200  High
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.4) CVE-2012-2748  CWE-200  High
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.8) CVE-2013-1453  CWE-200  High
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.9) CVE-2013-3057  CWE-200  High
Joomla! Core 2.5.x Remote File Inclusion (2.5.4 - 2.5.25) CVE-2014-7228  CWE-94  High
Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1) CVE-2012-1116  CWE-89  High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.18) CVE-2014-7984  CWE-264  High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.2) CVE-2012-1562  CWE-264  High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.2) CVE-2012-1563  CWE-264  High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.24) CVE-2014-6632  CWE-264  High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.4) CVE-2012-2747  CWE-264  High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.9) CVE-2013-3056  CWE-264  High
Joomla! Core 3.0.0 Cross-Site Scripting (3.0.0 - 3.0.0) CWE-79  High
Joomla! Core 3.0.x Clickjacking Vulnerability (3.0.0 - 3.0.1) CVE-2012-5827  CWE-693  High
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3) CVE-2013-3059  CWE-79  High
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3) CWE-79  High
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3) CVE-2013-3058  CWE-79  High
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3) CVE-2013-3267  CWE-79  High
Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242  CWE-400  High
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2) CVE-2013-1455  CWE-200  High
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2) CVE-2013-1454  CWE-200  High
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2) CVE-2013-1453  CWE-200  High
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.3) CVE-2013-3057  CWE-200  High
Joomla! Core 3.0.x Security Bypass (3.0.0 - 3.0.3) CVE-2013-3056  CWE-264  High
Joomla! Core 3.2.x Cross-Site Scripting (3.2.0 - 3.2.4) CVE-2014-6631  CWE-79  High
Joomla! Core 3.3.x Cross-Site Scripting (3.3.0 - 3.3.3) CVE-2014-6631  CWE-79  High
Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229  CWE-400  High
Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - 3.3.4) CVE-2014-7228  CWE-94  High
Joomla! Core 3.3.x Security Bypass (3.3.0 - 3.3.3) CVE-2014-6632  CWE-264  High
Joomla! Core 3.4.x Cross-Site Scripting (3.4.0 - 3.4.3) CVE-2015-6939  CWE-79  High
Joomla! Core 3.4.x Directory Traversal (3.4.0 - 3.4.5) CVE-2015-8564  CWE-22  High
Joomla! Core 3.x.x Arbitrary File Upload (3.0.0 - 3.1.4) CVE-2013-5576  CWE-434   High
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.4.1) CVE-2015-5397  CWE-352  High
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.4.5) CVE-2015-8563  CWE-352  High
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.1.5) CWE-79  High
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.2.2) CVE-2014-7982  CWE-79  High
Joomla! Core 3.x.x Cross-Site Scripting (3.1.2 - 3.2.2) CVE-2014-7983  CWE-79  High
Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229  CWE-400  High
Joomla! Core 3.x.x Directory Traversal (3.2.0 - 3.4.5) CVE-2015-8565  CWE-22  High
Joomla! Core 3.x.x Open Redirect (3.0.0 - 3.4.1) CVE-2015-5608  CWE-601  High
Joomla! Core 3.x.x Remote File Inclusion (3.0.0 - 3.2.5) CVE-2014-7228  CWE-94  High
Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.4.6) CWE-89  High
Joomla! Core 3.x.x SQL Injection (3.1.0 - 3.2.2) CVE-2014-7981  CWE-89  High
Joomla! Core 3.x.x SQL Injection (3.2.0 - 3.4.4) CVE-2015-7297  CVE-2015-7857  CVE-2015-7858  CWE-89  High
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.2) CVE-2014-7984  CWE-264  High
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.4) CVE-2014-6632  CWE-264  High
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.4.4) CVE-2015-7899  CWE-264  High
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.4.4) CVE-2015-7859  CWE-264  High
Joomla! Core Remote Code Execution (1.5.0 - 3.4.5) CVE-2015-8562  CWE-94  High
Magento Cacheleak CWE-200  High
MediaWiki remote code execution CVE-2014-1610  CWE-20  High
Microsoft IIS 5.1 directory authentication bypass CVE-2010-2731  CWE-287  High
Microsoft IIS5 NTLM and Basic authentication bypass CVE-2007-2815  CWE-264  High
Microsoft SQL Server weak password encryption vulnerability CVE-2000-0199  CWE-310  Medium
MySQL 5.1 to 5.1.18 multiple vulnerabilities CVE-2007-2691  CVE-2007-2692  CVE-2007-2693  CWE-264  High
MySQL Community Server 5.0 to 5.0.45 multiple vulnerabilities CVE-2007-2691  CVE-2007-2692  CVE-2007-3780  CVE-2007-3781  CVE-2007-3782  CWE-264  Low
MySQL Community Server symlink attack vulnerability CVE-2004-0381  CVE-2004-0388  CWE-284  High
MySQL Community Server to 5.1.23 / 6.0.4 multiple vulnerabilities CVE-2007-5969  CVE-2007-5970  CVE-2007-6313  CVE-2008-0226  CVE-2008-0227  CWE-264  High
MySQL Enterprise Server v.5.0.52 multiple vulnerabilities CVE-2007-5969  CVE-2007-6303  CVE-2007-6304  CWE-264  High
MySQL buffer overflow in user defined functions CVE-2005-2558  CWE-119  High
MySQL server older than 3.23.36 CVE-2001-0407  CWE-284  High
MySQL server older than 4.0.21 CVE-2004-0957  CWE-284  High
MySQL server older than 4.0.21 or 3.23.59 CVE-2004-0835  CVE-2004-0836  CVE-2004-0837  CWE-284  High
MySQL server older than 4.0.24 or 4.1.10a CVE-2005-0709  CVE-2005-0710  CVE-2005-0711  CWE-284  High
MySQL server older than 4.0.6 or 3.23.54 CVE-2002-1373  CVE-2002-1374  CVE-2002-1375  CVE-2002-1376  CWE-284  High
NSS Library SSL v.2.0 remote command execution CVE-2007-0009  CWE-119  High
Nginx buffer underflow vulnerability CVE-2009-2629  CWE-119  High
Nginx stack-based buffer overflow CVE-2013-2028  CWE-189  High
PHP 4.3.0 file disclosure and possible code execution CVE-2003-0097  CWE-20  Medium
PHP 5.3.9 remote code execution CVE-2012-0830  CWE-399  High
PHP HTML entity encoder heap overflow vulnerability CVE-2006-5465  CWE-119  High
PHP HTTP POST incorrect MIME header parsing vulnerability CVE-2002-0717  CWE-20  Medium
PHP POST file upload buffer overflow vulnerabilities CVE-2002-0081  CWE-119  High
PHP Safedir restriction bypass vulnerabilities CWE-20  High
PHP Zend_Hash_Del_Key_Or_Index vulnerability CVE-2006-3017  CWE-702  High
PHP error logging format string vulnerability CVE-2000-0967  CWE-20  Medium
PHP hangs on parsing particular strings as floating point number CVE-2010-4645  CWE-189  Medium
PHP mail function ASCII control character header spoofing vulnerability CVE-2002-0986  CWE-20  Medium
PHP multipart/form-data denial of service CVE-2009-4017  CWE-400  Medium
PHP multiple vulnerabilities CVE-2004-1018  CVE-2004-1019  CVE-2004-1020  CVE-2004-1063  CVE-2004-1064  CVE-2004-1065  CWE-119  High
PHP socket_iovec_alloc() integer overflow CVE-2003-0172  CWE-119  Medium
PHP undefined Safe_Mode_Include_Dir safemode bypass vulnerability CVE-2003-0863  CWE-16  Medium
PHP unspecified remote arbitrary file upload vulnerability CVE-2004-0959  CWE-20  High
PHP upload arbitrary file disclosure vulnerability CVE-2000-0860  CWE-538  Medium
PHP version older than 4.3.8 CVE-2004-0594  CVE-2004-0595  CWE-16  Medium
PHP version older than 4.4.1 CVE-2005-3388  CVE-2006-0097  CWE-16  High
PHP version older than 5.2.1 CVE-2007-1376  CVE-2007-1380  CVE-2007-1453  CVE-2007-1454  CWE-16  High
PHP version older than 5.2.3 CVE-2007-1900  CVE-2007-2756  CVE-2007-2872  CWE-16  High
PHP version older than 5.2.5 CVE-2007-4840  CVE-2007-4887  CVE-2007-5898  CVE-2007-5899  CVE-2007-5900  CWE-16  High
PHP version older than 5.2.6 CVE-2007-4850  CVE-2008-0599  CVE-2008-0674  CVE-2008-1384  CVE-2008-2050  CVE-2008-2051  CWE-16  High
PHP version older than 5.2.8 CVE-2008-2371  CVE-2008-2665  CVE-2008-2666  CVE-2008-2829  CVE-2008-3658  CVE-2008-3659  CVE-2008-3660  CWE-16  High
PHP4 IMAP module buffer overflow vulnerability CWE-119  Medium
PHP4 multiple vulnerabilities CVE-2003-0860  CVE-2003-0861  CWE-119  Medium
Plone arbitrary code execution CVE-2011-3587  CWE-78  High
RealVNC remote authentication bypass CVE-2006-2369  CWE-287  High
Solaris in.fingerd information disclosure vulnerability CVE-2001-1503  CWE-16  High
Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1 CVE-2006-3918  CWE-79  High
UnrealIRCd 3.2.8.1 backdoor CVE-2010-2075  CWE-20  High
VMware directory traversal and privilege escalation vulnerabilities CVE-2009-2267  CVE-2009-3733  CWE-22  High
Vulnerable Javascript library CWE-16  Medium
Vulnerable project dependencies CWE-16  High
WEBrick v.1.3 directory traversal CVE-2008-1145  CWE-22  High
WordPress 'admin-ajax.php' SQL Injection Vulnerability (2.1.3 - 2.1.3) CVE-2007-2821  CWE-89  High
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71) CWE-89  High
WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1) CVE-2005-1810  CWE-89  High
WordPress 'comment_post_ID' Parameter SQL Injection Vulnerability (3.0.4 - 3.0.4) CWE-89  High
WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5 - 1.5) CWE-79  High
WordPress 'get_edit_post_link()' and 'get_edit_comment_link()' Multiple Eavesdropping Vulnerabilities (0.6.2 - 2.6) CVE-2008-3747  CWE-264  High
WordPress 'index.php' Cross-Site Scripting Vulnerability (1.5 - 1.5) CWE-79  High
WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5) CVE-2006-3389  CWE-89  High
WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5 - 1.5) CWE-79  High
WordPress 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.5.1) CVE-2008-3233  CWE-79  High
WordPress 'press-this.php' Remote Security Bypass Vulnerability (0.7 - 3.1.1) CVE-2011-5270  CWE-264  High
WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1) CVE-2012-3414  CWE-79  High
WordPress 'templates.php' Cross-Site Scripting Vulnerability (0.6.2 - 2.1) CVE-2007-1049  CWE-79  High
WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability (0.6.2 - 2.8) CVE-2009-2334  CWE-287  High
WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2) CVE-2008-5695  CWE-20  High
WordPress 'wp-db.php' Character Set SQL Injection Vulnerability (2.0 - 2.3.1) CVE-2007-6318  CWE-89  High
WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2 - 1.2) CVE-2004-1584  CWE-113  High
WordPress 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1) CVE-2007-5105  CVE-2007-5106  CWE-79  High
WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5 - 1.5) CVE-2005-1687  CWE-89  High
WordPress 'xmlrpc.php' Remote Security Bypass Vulnerability (3.0.1 - 3.0.2) CVE-2010-5106  CWE-264  High
WordPress 0.7 Posts SQL Injection Vulnerability (0.7 - 0.7) CVE-2003-1598  CWE-89  High
WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2) CVE-2005-2107  CVE-2005-2108  CVE-2005-2109  CVE-2005-2110  CWE-79  CWE-89  CWE-200  CWE-702  High
WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1 ) CWE-400  High
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2) CVE-2006-2667  CVE-2006-2702  CWE-94  High
WordPress 2.0.3 Multiple Unspecified Security Vulnerabilities (2.0 - 2.0.3) CVE-2006-4028  CWE-264  High
WordPress 2.0.4 Multiple Security Vulnerabilities (2.0.4 - 2.0.4) CVE-2006-5705  CVE-2006-6016  CVE-2006-6017  CWE-22  CWE-264  CWE-400  High
WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5) CVE-2007-0107  CWE-89  High
WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5) CVE-2006-6808  CWE-79  High
WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5) CVE-2007-0106  CWE-79  High
WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6) CVE-2007-0233  CWE-89  High
WordPress 2.0.9 Multiple Vulnerabilities (2.0 - 2.0.9) CVE-2007-1622  CVE-2007-1893  CVE-2007-1894  CVE-2007-1897  CWE-79  CWE-89  CWE-264  High
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1 - 2.1.1) CVE-2007-1277  CWE-94  High
WordPress 2.1.1 Cross-Site Scripting Vulnerability (2.1.1 - 2.1.1) CVE-2007-1244  CWE-79  High
WordPress 2.1.2 Multiple Vulnerabilities (2.1 - 2.1.2) CVE-2007-1622  CVE-2007-1893  CVE-2007-1894  CVE-2007-1897  CWE-79  CWE-89  CWE-264  High
WordPress 2.2 Cross-Site Scripting Vulnerability (2.2 - 2.2) CVE-2007-3238  CWE-79  High
WordPress 2.2 Multiple Vulnerabilities (2.2 - 2.2) CVE-2007-3140  CVE-2007-3238  CVE-2007-3543  CWE-79  CWE-89  CWE-434  High
WordPress 2.2.1 Multiple Vulnerabilities (2.2.1 - 2.2.1) CVE-2007-3639  CVE-2007-4139  CVE-2007-4153  CVE-2007-4154  CWE-79  CWE-89  CWE-601  High
WordPress 2.2.2 Multiple Vulnerabilities (2.2 - 2.2.2) CVE-2007-4893  CVE-2007-4894  CVE-2008-2146  CWE-79  CWE-89  CWE-264  High
WordPress 2.3 Cross-Site Scripting Vulnerability (2.3 - 2.3) CVE-2007-5710  CWE-79  High
WordPress 2.3.1 Unauthorized Post Access Vulnerability (2.3.1 - 2.3.1) CWE-264  High
WordPress 2.3.2 Post Edit Unauthorized Access Vulnerability (0.7 - 2.3.2) CVE-2008-0664  CWE-264  High
WordPress 2.3.3 Directory Traversal Vulnerability (0.6.2 - 2.3.3) CVE-2008-4769  CWE-22  High
WordPress 2.5 Cookie Integrity Protection Unauthorized Access Vulnerability (0.6.2 - 2.5) CVE-2008-1930  CWE-287  High
WordPress 2.5 Cross-Site Scripting Vulnerability (2.5 - 2.5) CVE-2008-2068  CWE-79  High
WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability (0.71 - 2.6.1) CVE-2008-4106  CVE-2008-4107  CWE-20  High
WordPress 2.6.2 Remote Code Execution Vulnerability (0.70 - 2.6.2) CVE-2008-4796  CWE-94  High
WordPress 2.6.3 Cross-Site Scripting Vulnerability (0.6.2 - 2.6.3) CVE-2008-5278  CWE-79  High
WordPress 2.8 Multiple Existing/Non-Existing Username Enumeration Weaknesses (0.6.2 - 2.8) CVE-2009-2335  CVE-2009-2336  CWE-16  High
WordPress 2.8.1 Comment Author URI Cross-Site Scripting Vulnerability (0.6.2 - 2.8.1) CVE-2009-2851  CWE-79  High
WordPress 2.8.2 Multiple Security Bypass Vulnerabilities (2.0 - 2.8.2) CVE-2009-2853  CVE-2009-2854  CWE-264  High
WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3) CVE-2009-2762  CWE-255  High
WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4) CVE-2009-3622  CWE-310  High
WordPress 2.8.5 Multiple Vulnerabilities (2.8 - 2.8.5) CVE-2009-3890  CVE-2009-3891  CWE-79  CWE-94  High
WordPress 2.9.1 Trashed Posts Security Bypass Vulnerability (2.9 - 2.9.1) CVE-2010-0682  CWE-264  High
WordPress 3.0.1 Multiple Vulnerabilities (0.6.2 - 3.0.1) CVE-2010-4257  CVE-2010-5293  CVE-2010-5294  CVE-2010-5295  CVE-2010-5296  CWE-79  CWE-89  CWE-264  High
WordPress 3.0.3 KSES Library Cross-Site Scripting Vulnerability (0.6.2 - 3.0.3) CVE-2010-4536  CWE-79  High
WordPress 3.0.4 Multiple Vulnerabilities (0.6.2 - 3.0.4) CVE-2011-0700  CVE-2011-0701  CWE-79  CWE-200  High
WordPress 3.1 Multiple Vulnerabilities (0.7 - 3.1) CVE-2011-4956  CVE-2011-4957  CWE-79  CWE-352  CWE-400  High
WordPress 3.1.2 Multiple Vulnerabilities (3.0.1 - 3.1.2) CVE-2011-3122  CVE-2011-3125  CVE-2011-3126  CVE-2011-3127  CVE-2011-3128  CVE-2011-3129  CVE-2011-3130  CWE-89  CWE-200  CWE-264  CWE-693  High
WordPress 3.1.3 Multiple SQL Injection Vulnerabilities (3.1 - 3.1.3) CWE-89  High
WordPress 3.3 Cross-Site Scripting Vulnerability (3.3 - 3.3) CVE-2012-0287  CWE-79  High
WordPress 3.3.1 Multiple Vulnerabilities (2.0 - 3.3.1) CVE-2012-2399  CVE-2012-2400  CVE-2012-2401  CVE-2012-2402  CVE-2012-2403  CVE-2012-2404  CVE-2012-3414  CWE-79  CWE-264  CWE-352  High
WordPress 3.3.2 Multiple Vulnerabilities (3.3 - 3.3.2) CVE-2012-6633  CVE-2012-6634  CVE-2012-6635  CWE-79  CWE-200  CWE-264  CWE-352  High
WordPress 3.4 Multiple Vulnerabilities (3.4 - 3.4) CVE-2012-3384  CVE-2012-3385  CWE-79  CWE-200  CWE-264  CWE-352  High
WordPress 3.4.1 Multiple Vulnerabilities (2.0 - 3.4.1) CVE-2012-3383  CVE-2012-4421  CVE-2012-4422  CWE-79  CWE-264  High
WordPress 3.5 Multiple Vulnerabilities (1.5 - 3.5) CVE-2013-0235  CVE-2013-0236  CVE-2013-0237  CWE-79  CWE-918  High
WordPress 3.5.1 Multiple Vulnerabilities (2.0 - 3.5.1) CVE-2013-2173  CVE-2013-2199  CVE-2013-2200  CVE-2013-2201  CVE-2013-2202  CVE-2013-2203  CVE-2013-2204  CVE-2013-2205  CWE-79  CWE-200  CWE-264  CWE-400  CWE-611  CWE-918  High
WordPress 3.6 Multiple Vulnerabilities (2.0 - 3.6) CVE-2013-4338  CVE-2013-4339  CVE-2013-4340  CVE-2013-5738  CVE-2013-5739  CWE-20  CWE-94  CWE-264  High
WordPress 3.7.1 Multiple Vulnerabilities (3.7 - 3.7.1) CVE-2014-0165  CVE-2014-0166  CWE-89  CWE-264  CWE-287  High
WordPress 3.7.3 Multiple Vulnerabilities (3.7 - 3.7.3) CVE-2014-5204  CVE-2014-5205  CVE-2014-5240  CVE-2014-5265  CVE-2014-5266  CWE-79  CWE-352  CWE-399  CWE-611  High
WordPress 3.7.4 Multiple Vulnerabilities (3.7 - 3.7.4) CVE-2014-9031  CVE-2014-9032  CVE-2014-9033  CVE-2014-9034  CVE-2014-9035  CVE-2014-9036  CVE-2014-9037  CVE-2014-9038  CVE-2014-9039  CWE-19  CWE-79  CWE-310  CWE-352  CWE-918  High
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.12) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress 3.8.1 Multiple Vulnerabilities (3.8 - 3.8.1) CVE-2014-0165  CVE-2014-0166  CWE-89  CWE-264  CWE-287  High
WordPress 3.8.2 security release CWE-16  High
WordPress 3.8.3 Multiple Vulnerabilities (3.8 - 3.8.3) CVE-2014-5204  CVE-2014-5205  CVE-2014-5240  CVE-2014-5265  CVE-2014-5266  CWE-79  CWE-352  CWE-399  CWE-611  High
WordPress 3.8.4 Multiple Vulnerabilities (3.8 - 3.8.4) CVE-2014-9031  CVE-2014-9032  CVE-2014-9033  CVE-2014-9034  CVE-2014-9035  CVE-2014-9036  CVE-2014-9037  CVE-2014-9038  CVE-2014-9039  CWE-19  CWE-79  CWE-310  CWE-352  CWE-918  High
WordPress 3.8.x Cross-Site Scripting Vulnerability (3.8 - 3.8.11) CVE-2016-1564  CWE-79  High
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.12) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress 3.9.1 Multiple Vulnerabilities (3.9 - 3.9.1) CVE-2014-5203  CVE-2014-5204  CVE-2014-5205  CVE-2014-5240  CVE-2014-5265  CVE-2014-5266  CWE-79  CWE-94  CWE-352  CWE-399  CWE-611  High
WordPress 3.9.2 Multiple Vulnerabilities (3.9 - 3.9.2) CVE-2014-9031  CVE-2014-9032  CVE-2014-9033  CVE-2014-9034  CVE-2014-9035  CVE-2014-9036  CVE-2014-9037  CVE-2014-9038  CVE-2014-9039  CWE-19  CWE-79  CWE-310  CWE-352  CWE-918  High
WordPress 3.9.x Cross-Site Scripting Vulnerability (3.9 - 3.9.9) CVE-2016-1564  CWE-79  High
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.10) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress 4.0 Multiple Vulnerabilities (4.0 - 4.0) CVE-2014-9032  CVE-2014-9033  CVE-2014-9034  CVE-2014-9035  CVE-2014-9036  CVE-2014-9037  CVE-2014-9038  CVE-2014-9039  CWE-19  CWE-79  CWE-310  CWE-352  CWE-918  High
WordPress 4.0.x Cross-Site Scripting Vulnerability (4.0 - 4.0.8) CVE-2016-1564  CWE-79  High
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.9) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress 4.1.x Cross-Site Scripting Vulnerability (4.1 - 4.1.8) CVE-2016-1564  CWE-79  High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.9) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress 4.2.2 Multiple Vulnerabilities (0.7 - 4.2.2) CVE-2015-5622  CVE-2015-5623  CWE-79  CWE-264  High
WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3) CVE-2015-2213  CVE-2015-5714  CVE-2015-5715  CVE-2015-5716  CVE-2015-5730  CVE-2015-5731  CVE-2015-5732  CVE-2015-5733  CVE-2015-5734  CWE-79  CWE-89  CWE-264  High
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5) CVE-2016-1564  CWE-79  High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.6) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress 4.3 Multiple Vulnerabilities (0.7 - 4.3) CVE-2015-5714  CVE-2015-5715  CVE-2015-7989  CWE-79  CWE-264  High
WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.1) CVE-2016-1564  CWE-79  High
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.2) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress 4.4 Cross-Site Scripting Vulnerability (4.4 - 4.4) CVE-2016-1564  CWE-79  High
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.1) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress Anti-CSRF Token Security Bypass Weakness (3.3.1 - 3.3.1) CVE-2012-1936  CWE-352  High
WordPress Clickjacking Vulnerability (0.7 - 3.1.2) CVE-2011-3127  CWE-693  High
WordPress Comment Post Cross-Site Scripting Vulnerability (2.0 - 2.0) CVE-2006-0733  CWE-79  High
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3) CVE-2005-2612  CWE-94  High
WordPress Cookies Security Bypass Weakness (1.5 - 2.3.1) CVE-2007-6013  CWE-287  High
WordPress Cross-Site Scripting Vulnerability (0.70 - 3.7.11) CVE-2016-1564  CWE-79  High
WordPress Cross-Site Scripting Vulnerability (0.70 - 4.1.1) CVE-2015-3438   CWE-79  High
WordPress Cross-Site Scripting Vulnerability (3.0 - 3.6.1) CVE-2014-9031  CWE-79  High
WordPress Cross-Site Scripting Vulnerability (3.9 - 4.1.1) CVE-2015-3439   CWE-79  High
WordPress Cross-Site Scripting Vulnerability (3.9.3 - 4.2) CVE-2015-3440   CWE-79  High
WordPress Denial of Service Vulnerability (3.5 - 3.6.1) CVE-2014-5265  CWE-399  High
WordPress MU 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities (1.0 - 2.5.1) CVE-2008-4671  CWE-79  High
WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability (1.0 - 2.6) CVE-2009-1030  CWE-79  High
WordPress Multiple Cross-Site Scripting Vulnerabilities (1.2 - 1.2.1) CWE-79  High
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1) CVE-2006-0985  CVE-2006-1796  CWE-79  High
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0.11 - 2.3) CVE-2008-0193  CWE-79  High
WordPress Multiple Cross-Site Scripting Vulnerabilities (4.1 - 4.2.1) CVE-2015-3429   CWE-79  High
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2) CWE-79  CWE-89  High
WordPress Multiple Vulnerabilities (0.70 - 3.6.1) CVE-2016-2221  CVE-2016-2222  CWE-601  CWE-918  High
WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) CVE-2007-0540  CWE-200  CWE-400  High
WordPress Plugin 1 Flash Gallery 'upload.php' Arbitrary File Upload (1.5.7) CWE-434  High
WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities (0.2.5 ) CWE-79  CWE-89  High
WordPress Plugin 1-click Retweet/Share/Like Cross-Site Scripting (5.2) CWE-79  High
WordPress Plugin 1player Cross-Site Scripting (1.3) CWE-79  High
WordPress Plugin 2 Click Social Media Buttons 'xing-url' Parameter Cross-Site Scripting (0.32.2) CVE-2012-4273  CWE-79  High
WordPress Plugin 360 Product Viewer Cross-Site Scripting (2.5.1) CWE-79  High
WordPress Plugin 3D Banner Rotator 'upload.php' Arbitrary File Upload (2.1) CWE-434  High
WordPress Plugin 3D Flick Slideshow 'upload.php' Arbitrary File Upload (2.1) CWE-434  High
WordPress Plugin 404 to 301 SQL Injection (2.0.2) CWE-89  High
WordPress Plugin A Page Flip Book 'pageflipbook_language' Parameter Local File Include (2.3) CVE-2012-6652  CWE-22  High
WordPress Plugin A to Z Category Listing 'R' Parameter SQL Injection (1.3) CWE-89  High
WordPress Plugin A. Gallery TimThumb Arbitrary File Upload (0.9rev378511) CVE-2011-4106  CWE-20  High
WordPress Plugin A/B Test 'action' Parameter Directory Traversal (1.0.6) CWE-22  High
WordPress Plugin AB Google Map Travel (AB-MAP) Multiple Vulnerabilities (3.4) CVE-2015-2755  CWE-79  CWE-352  High
WordPress Plugin ABC Test 'id' Parameter Cross-Site Scripting (0.1) CWE-79  High
WordPress Plugin ACF Frontend display Arbitrary File Upload (2.0.5) CWE-434   High
WordPress Plugin ADIF Log Search Widget Cross-Site Scripting (1.0e) CWE-79  High
WordPress Plugin AJAX Comment Page Cross-Site Scripting (3.25) CWE-79  High
WordPress Plugin AJAX Post Search 'srch_txt' Parameter SQL Injection (1.2) CVE-2012-5853  CWE-89  High
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00) CWE-79  High
WordPress Plugin ALO EasyMail Newsletter Cross-Site Request Forgery (2.6.01) CWE-352  High
WordPress Plugin ALO EasyMail Newsletter Multiple Cross-Site Scripting Vulnerabilities (2.4.7) CWE-79  High
WordPress Plugin ALO EasyMail Newsletter Multiple Vulnerabilities (2.6.00) CWE-79  CWE-352  High
WordPress Plugin AVH Extended Categories Widgets SQL Injection (4.0.0) CWE-89  High
WordPress Plugin Absolute Privacy 'abpr_authenticateUser()' Security Bypass (2.0.5) CWE-264  High
WordPress Plugin Accept Signups 'email' Parameter Cross-Site Scripting (0.1) CWE-79  High
WordPress Plugin Acobot Live Chat & Contact Form Multiple Vulnerabilities (2.0) CVE-2015-2039  CWE-79  CWE-352  High
WordPress Plugin ActiveHelper LiveHelp Live Chat Multiple Cross-Site Scripting Vulnerabilities (3.1.0) CVE-2014-4513  CWE-79  High
WordPress Plugin Acumbamail Information Disclosure (1.0.4) CWE-200  High
WordPress Plugin Acunetix Secure WordPress Cross-Site Request Forgery (3.0.2) CWE-352  High
WordPress Plugin Acunetix WP Security Cross-Site Request Forgery (4.0.4) CWE-352  High
WordPress Plugin Ad Buttons Multiple Vulnerabilities (2.3.1) CWE-79  CWE-352  High
WordPress Plugin Ad Inserter Cross-Site Scripting (1.5.5) CWE-79  High
WordPress Plugin Ad Inserter Multiple Vulnerabilities (1.5.2) CWE-79  CWE-352  High
WordPress Plugin Ad-Manager Open Redirect (1.1.2) CVE-2014-8754  CWE-601  High
WordPress Plugin Ad-minister Cross-Site Scripting (0.6) CVE-2013-6993   CWE-79  High
WordPress Plugin AdPlugg WordPress Ad Cross-Site Scripting (1.1.33) CWE-79  High
WordPress Plugin AdRotate 'adrotate-out.php' SQL Injection (3.6.6) CVE-2011-4671  CWE-89  High
WordPress Plugin AdRotate 'title' Parameter Multiple Cross-Site Scripting Vulnerabilities (3.7.3.5) CWE-79  High
WordPress Plugin AdRotate 'track' Parameter SQL Injection (3.6.5) CVE-2011-4671  CWE-89  High
WordPress Plugin AdRotate SQL Injection (3.9.4) CVE-2014-1854  CWE-89  High
WordPress Plugin AdServe 'id' Parameter SQL Injection (0.2) CVE-2008-0507  CWE-89  High
WordPress Plugin AdWizz 'link' Parameter Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin Adavnced Video embed Local File Inclusion (1.0) CWE-22  High
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.2.7) CWE-79  High
WordPress Plugin Add Link to Facebook Multiple Cross-Site Scripting Vulnerabilities (1.215) CWE-79  High
WordPress Plugin AddThis Sharing Buttons Cross-Site Scripting (4.0.7) CWE-79  High
WordPress Plugin AddThis Sharing Buttons Cross-Site Scripting (5.0.12) CWE-79  High
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.6.6) CWE-79  High
WordPress Plugin Admin Font Editor Cross-Site Scripting (1.8) CWE-79  High
WordPress Plugin Admin Management Xtended Privilege Escalation (2.4.0) CWE-264  High
WordPress Plugin Admin Pack by SITE CASEIRO Cross-Site Scripting (1.1) CWE-79  High
WordPress Plugin Adminer Cross-Site Scripting (1.4.2) CWE-79  High
WordPress Plugin Adminimize 'page' Parameter Cross-Site Scripting (1.7.21) CVE-2011-4926  CWE-79  High
WordPress Plugin Ads in bottom right Multiple Vulnerabilities (1.0) CWE-79  CWE-352  High
WordPress Plugin Adsense Extreme 'adsensextreme[lang]' Parameter Remote File Include (1.0.3) CWE-94  High
WordPress Plugin Advance Categorizer Cross-Site Scripting (0.3) CWE-79  High
WordPress Plugin Advanced Access Manager Arbitrary Code Execution (2.8.2) CVE-2014-6059   CWE-95  High
WordPress Plugin Advanced Custom Fields 'acf_abspath' Parameter Remote File Include (3.5.1) CWE-94  High
WordPress Plugin Advanced Custom Fields Cross-Site Scripting (4.4.3) CWE-79  High
WordPress Plugin Advanced Dewplayer Directory Traversal (1.2) CVE-2013-7240  CWE-22  High
WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0) CVE-2011-4618  CWE-79  High
WordPress Plugin Advanced XML Reader XML External Entity Information Disclosure (0.3.4) CWE-611  High
WordPress Plugin Advanced post slider Unspecified Vulnerability (2.4.0) High
WordPress Plugin Advertisement Management Multiple Vulnerabilities (1.0) CWE-79  CWE-352  High
WordPress Plugin Advertizer 'id' Parameter SQL Injection (1.0) CWE-89  High
WordPress Plugin Aesop Story Engine Cross-Site Scripting (1.6) CWE-79  High
WordPress Plugin AffiliateWP SQL Injection (1.5.6) CWE-89  High
WordPress Plugin Age Verification 'redirect_to' Parameter URI Redirection (0.4) CVE-2012-6499  CWE-20  High
WordPress Plugin Ajax Calendar 'example.php' Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin Ajax Category Dropdown Cross-Site Scripting and SQL Injection Vulnerabilities (0.1.5) CWE-79  CWE-89  High
WordPress Plugin Ajax Gallery 'list.php' SQL Injection (3.0) CWE-89  High
WordPress Plugin Ajax Load More Arbitrary File Upload (2.8.1.1) CWE-434   High
WordPress Plugin Ajax Multi Upload 'upload.php' Arbitrary File Upload (1.1) CWE-434  High
WordPress Plugin Ajax Pagination (twitter Style) Local File Inclusion (1.1) CVE-2014-2674  CWE-22  High
WordPress Plugin Ajax Search Lite Remote Command Execution (3.1) CWE-95  High
WordPress Plugin Ajax Search Lite Security Bypass (3.1) CWE-264  High
WordPress Plugin Ajax Search Pro Security Bypass (3.5) CWE-264  High
WordPress Plugin Ajax Store Locator Directory Traversal (1.2.0) CWE-22  High
WordPress Plugin Ajax Store Locator SQL Injection (1.2.0) CWE-89  High
WordPress Plugin Akeeba Backup CORE for WordPress Arbitrary File Upload (1.1.3) CVE-2014-7228  CWE-310  High
WordPress Plugin Akismet Cross-Site Scripting (3.1.4) CWE-79  High
WordPress Plugin Albo Pretorio On line Multiple Vulnerabilities (3.2) CWE-79  CWE-89  CWE-352  High
WordPress Plugin Alert Before Your Post Cross-Site Scripting (0.1.1) CVE-2011-5107  CWE-79  High
WordPress Plugin AlertWire Information Disclosure (1.1.1) CWE-200  High
WordPress Plugin All In One WP Security & Firewall Cross-Site Request Forgery (3.8.9) CVE-2015-0895  CWE-352  High
WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting (3.8.3) CWE-79  High
WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting (3.9.4) CWE-79  High
WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting (3.9.7) CWE-79  High
WordPress Plugin All In One WP Security & Firewall Multiple SQL Injection Vulnerabilities (3.8.2) CVE-2014-6242  CWE-89  High
WordPress Plugin All In One WP Security & Firewall SQL Injection (3.8.7) CVE-2015-0894  CWE-89  High
WordPress Plugin All In One WP Security & Firewall SQL Injection (3.9.0) CWE-89  High
WordPress Plugin All Video Gallery 'vid' Parameter Multiple SQL Injection Vulnerabilities (1.1) CVE-2012-6653  CWE-89  High
WordPress Plugin All Video Gallery SQL Injection (1.2) CVE-2014-5186  CWE-89  High
WordPress Plugin All in One SEO Pack Cross-Site Scripting (2.0.3) CWE-79  High
WordPress Plugin All in One SEO Pack Cross-Site Scripting (2.2.2) CWE-79  High
WordPress Plugin All in One SEO Pack Cross-Site Scripting (2.2.6.1) CWE-79  High
WordPress Plugin All in One SEO Pack Information Disclosure (2.2.5.1) CVE-2015-0902  CWE-200  High
WordPress Plugin All in One SEO Pack Multiple Vulnerabilities (2.1.5) CWE-79  CWE-287  High
WordPress Plugin All in One Social Lite Server-Side Request Forgery (1.0) CWE-918  High
WordPress Plugin All in One Webmaster Cross-Site Request Forgery (8.2.3) CVE-2013-2696  CWE-352  High
WordPress Plugin All-in-One Event Calendar Multiple Cross-Site Scripting Vulnerabilities (1.5) CVE-2012-1835  CWE-79  High
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (1.10-standard) CWE-79  CWE-89  High
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (1.9) CWE-79  CWE-89  High
WordPress Plugin All-in-One WP Migration Remote Code Execution (2.0.2) CVE-2014-8794  CWE-94  High
WordPress Plugin All-in-One WP Migration Security Bypass (2.0.4) CWE-264  High
WordPress Plugin AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3) CVE-2011-3981  CWE-94  High
WordPress Plugin AllWebMenus WordPress Menu 'actions.php' Arbitrary File Upload (1.1.8) CVE-2012-1010  CVE-2012-1011  CWE-264  High
WordPress Plugin Allow PHP in Posts and Pages 'id' Parameter SQL Injection (2.0.0.RC1) CWE-89  High
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.6.5) CWE-79  High
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.4) CWE-79  High
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.5) CWE-79  High
WordPress Plugin Altos Connect Widget Cross-Site Scripting (1.3.0) CWE-79  High
WordPress Plugin Amazon Product in a Post SQL Injection (3.5.2) CWE-89  High
WordPress Plugin Animal Captcha Cross-Site Scripting (1.6.2) CWE-79  High
WordPress Plugin Annonces 'abspath' Parameter Remote File Include (1.2.0.0) CWE-94  High
WordPress Plugin Annonces 'theme.php' Arbitrary File Upload (1.2.0.1) CWE-434  High
WordPress Plugin Another WordPress Classifieds Arbitrary File Upload (3.3.2) CWE-434   High
WordPress Plugin Another WordPress Classifieds Cross-Site Scripting (3.3.1) CVE-2014-9313  CWE-79  High
WordPress Plugin Another WordPress Classifieds Multiple Vulnerabilities (2.2.1) CVE-2014-10012  CVE-2014-10013  CWE-79  CWE-89  High
WordPress Plugin Another WordPress Classifieds Unspecified Vulnerability (1.8.9.4) CVE-2012-4874  High
WordPress Plugin Answer My Question Multiple Cross-Site Scripting Vulnerabilities (1.1) CWE-79  High
WordPress Plugin Anti Plagiarism Cross-Site Scripting (3.60) CWE-79  High
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.42) CWE-79  High
WordPress Plugin Anti-Malware and Brute-Force Security by ELI Cross-Site Scripting (1.2.05.20) CWE-79  High
WordPress Plugin Anti-Malware and Brute-Force Security by ELI Cross-Site Scripting (4.15.22) CWE-79  High
WordPress Plugin Anti-Malware and Brute-Force Security by ELI Multiple Cross-Site Scripting Vulnerabilities (4.15.17) CWE-79  High
WordPress Plugin Anti-Spam by CleanTalk-No Captcha, no comments & registrations spam Cross-Site Scripting (5.21) CWE-79  High
WordPress Plugin Anti-spam Cross-Site Scripting (4.1) CWE-79  High
WordPress Plugin AnyFont Cross-Site Scripting (2.2.3) CVE-2014-4515   CWE-79  High
WordPress Plugin AppPresser-Mobile App Framework Cross-Site Scripting (1.1.4) CWE-79  High
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.24) CWE-79  CWE-89  CWE-264  High
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.7) CVE-2015-7319  CVE-2015-7320  CWE-79  CWE-89  High
WordPress Plugin Appointment Booking Calendar SQL Injection (1.1.23) CWE-89  High
WordPress Plugin Appointments Scheduler Cross-Site Scripting (1.5) CVE-2014-4579  CWE-79  High
WordPress Plugin April's Super Functions Pack Cross-Site Scripting (1.4.7) CVE-2014-100026  CWE-79  High
WordPress Plugin ArcadePress 'upload.php' Arbitrary File Upload (0.65) CWE-434  High
WordPress Plugin AskApache Firefox Adsense Cross-Site Request Forgery (3.0) CVE-2013-6992  CWE-352  High
WordPress Plugin Aspose Cloud eBook Generator Arbitrary File Download (1.0) CWE-22  High
WordPress Plugin Aspose DOC Exporter Arbitrary File Download (1.0) CWE-22  High
WordPress Plugin Aspose Importer & Exporter Arbitrary File Download (2.0) CWE-22  High
WordPress Plugin Aspose PDF Exporter Arbitrary File Download (1.0) CWE-22  High
WordPress Plugin Asset Manager 'upload.php' Arbitrary File Upload (0.3) CWE-434  High
WordPress Plugin Auction Cross-Site Request Forgery (1.0.0) CWE-352  High
WordPress Plugin Auctions 'upload.php' Arbitrary File Upload (2.0.1.3) CWE-434  High
WordPress Plugin Audio 'showfile' Parameter Cross-Site Scripting (0.5.1) CWE-79  High
WordPress Plugin Audio Player Cross-Site Scripting (2.0.4.5) CVE-2013-1464  CWE-79  High
WordPress Plugin Audit Trail Cross-Site Scripting (1.1.13) CWE-79  High
WordPress Plugin Author Manager Multiple Vulnerabilities (1.0) CWE-79  CWE-352  High
WordPress Plugin Authorize.net Payment Gateway For WooCommerce Security Bypass (2.0) CWE-264  High
WordPress Plugin Auto Affiliate Links Multiple SQL Injection Vulnerabilities (4.9.9.4) CWE-89  High
WordPress Plugin Auto Attachments TimThumb Arbitrary File Upload (0.3) CVE-2011-4106  CWE-20  High
WordPress Plugin Auto ThickBox Plus Cross-Site Scripting (1.9) CWE-79  High
WordPress Plugin Automatic 'q' Parameter SQL Injection (2.0.3) CWE-89  High
WordPress Plugin Automatic Online Backup 'url' Parameter Cross-Site Scripting (0.8.2) CWE-79  High
WordPress Plugin Automattic Stats Referer Field HTML Injection (1.0) CWE-79  High
WordPress Plugin Avenir-soft Direct Download Multiple Vulnerabilities (1.0) CWE-79  CWE-352  High
WordPress Plugin Aviary Image Editor Add-on For Gravity Forms Arbitrary File Upload (3.0) CVE-2015-4455  CWE-434   High
WordPress Plugin Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6) CWE-89  High
WordPress Plugin BIC Media Widget Cross-Site Scripting (1.0) CVE-2014-4516   CWE-79  High
WordPress Plugin BJ Lazy Load Remote Code Execution (0.7.5) CWE-94  High
WordPress Plugin BP Code Snippets Cross-Site Scripting (2.0) CVE-2013-1808  CWE-79  High
WordPress Plugin BP Group Documents Multiple Vulnerabilities (1.2.1) CWE-22  CWE-79  CWE-352  High
WordPress Plugin BSK PDF Manager Multiple Cross-Site Scripting Vulnerabilities (1.3) CWE-79  High
WordPress Plugin BSK PDF Manager Multiple SQL Injection Vulnerabilities (1.3.2) CVE-2014-4944  CWE-89  High
WordPress Plugin BackUpWordPress Remote File Inclusion (0.4.2b) CVE-2007-5800  CWE-94  High
WordPress Plugin BackWPup 'wp_export_generate.php' Local and Remote File Include Vulnerabilities (2.1.4) CWE-94  High
WordPress Plugin BackWPup Free Cross-Site Scripting (3.0.12) CVE-2013-4626   CWE-79  High
WordPress Plugin BackWPup Free Remote and Local Code Execution (1.6.1) CVE-2011-4342  CVE-2011-5208  CWE-22  CWE-94  High
WordPress Plugin BackWPup Free-WordPress Backup Multiple Local File Include Vulnerabilities (1.5.2) CWE-22  High
WordPress Plugin BackWPup Free-WordPress Backup Multiple Unspecified Vulnerabilities (3.2.1) High
WordPress Plugin Backend Localization Multiple Cross-Site Scripting Vulnerabilities (1.6.1) CWE-79  High
WordPress Plugin Background Music Cross-Site Scripting (1.0) CVE-2013-1942  CWE-79  High
WordPress Plugin Backup Database Backup Information Disclosure (2.0.1) CWE-538  High
WordPress Plugin Backup Guard Arbitrary File Upload (1.0.2) CWE-434   High
WordPress Plugin BackupBuddy Information Disclosure (2.2.28) CVE-2013-2743  CVE-2013-2744  CWE-200  High
WordPress Plugin Bad Behavior Multiple Cross-Site Scripting Vulnerabilities (2.2.4) CVE-2012-4271  CWE-79  High
WordPress Plugin Banner Effect Header Cross-Site Request Forgery (1.2.6) CVE-2015-0920  CWE-352  High
WordPress Plugin Banner Effect Header Cross-Site Scripting (1.2.7) CVE-2015-1384   CWE-79  High
WordPress Plugin BannerMan Cross-Site Scripting (0.2.4) CVE-2014-4845  CWE-79  High
WordPress Plugin Basic Google Maps Placemarks Cross-Site Scripting (1.10.2) CWE-79  High
WordPress Plugin Beaver Builder-WordPress Page Builder Security Bypass (1.7) CWE-264  High
WordPress Plugin Beer Recipes Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin Better Search Replace Multiple Unspecified Vulnerabilities (1.0.3) High
WordPress Plugin Better WordPress Minify Arbitrary File Disclosure (1.2.2) CWE-538  High
WordPress Plugin BezahlCode-Generator 'gen_name' Parameter Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin Bilingual Linker Cross-Site Scripting (2.1.1) CWE-79  High
WordPress Plugin Bird Feeder Multiple Vulnerabilities (1.2.3) CVE-2014-9334  CWE-79  CWE-352  High
WordPress Plugin Blaze Slideshow 'upload.php' Arbitrary File Upload (2.4) CWE-434  High
WordPress Plugin Bliss Gallery 'upload.php' Arbitrary File Upload (2.1) CWE-434  High
WordPress Plugin Blogroll Fun-Show Last Post and Last Update Time Cross-Site Scripting (0.8.4) CWE-79  High
WordPress Plugin Blogstand Banner Cross-Site Scripting (1.0) CVE-2014-4848  CWE-79  High
WordPress Plugin Bloom eMail Opt-In Security Bypass (1.1) CWE-264  High
WordPress Plugin Blubrry PowerPress Podcasting Cross-Site Scripting (6.0) CVE-2015-1385   CWE-79  High
WordPress Plugin Blubrry PowerPress Podcasting Cross-Site Scripting (6.0.4) CWE-79  High
WordPress Plugin Blubrry PowerPress Podcasting SQL Injection (6.0.2) CWE-89  High
WordPress Plugin Blue Wrench Video Widget Cross-Site Request Forgery (1.0.5) CVE-2013-6797  CWE-352  High
WordPress Plugin BookX Local File Inclusion (1.7) CVE-2014-4937  CWE-22  High
WordPress Plugin Booking Calendar Contact Form Multiple Vulnerabilities (1.0.2) CWE-79  CWE-89  High
WordPress Plugin Booking Calendar Contact Form Multiple Vulnerabilities (1.0.23) CWE-79  CWE-89  High
WordPress Plugin Booking Calendar Cross-Site Request Forgery (4.1.5) CWE-352  High
WordPress Plugin Bookings Cross-Site Scripting (1.8.2) CWE-79  High
WordPress Plugin Bookmarkify Multiple Vulnerabilities (2.9.2) CWE-79  CWE-352  High
WordPress Plugin Bookshelf Cross-Site Scripting (2.0.4) CWE-79  High
WordPress Plugin Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0) CWE-98  High
WordPress Plugin Breezing Forms Cross-Site Scripting (1.2.7.33) CWE-79  High
WordPress Plugin Breezing Forms SQL Injection (1.2.7.30) CWE-89  High
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.1) CWE-79  High
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.4) CWE-79  High
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.5) CWE-79  High
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.8) CVE-2015-5057  CWE-79  High
WordPress Plugin Broken Link Checker Multiple Cross-Site Scripting Vulnerabilities (1.9.1) CWE-79  High
WordPress Plugin Broken Link Checker Unspecified Vulnerability (1.10.7) High
WordPress Plugin Broken Link Manager Cross-Site Scripting (0.5.5) CWE-79  High
WordPress Plugin Broken Link Manager Multiple Vulnerabilities (0.4.5) CWE-79  CWE-89  High
WordPress Plugin Browser Rejector Remote File Inclusion (2.10) CWE-94  High
WordPress Plugin Brute Force Login Protection Unspecified Vulnerability (1.5) High
WordPress Plugin Buckets Cross-Site Scripting (0.1.9.2) CVE-2013-1808  CWE-79  High
WordPress Plugin BuddyDrive Cross-Site Scripting (1.2.2) CWE-79  High
WordPress Plugin BuddyPress 'page' Parameter SQL Injection (1.5.4) CVE-2012-2109  CWE-89  High
WordPress Plugin BuddyPress Activity Plus Cross-Site Scripting (1.6.3) CWE-79  High
WordPress Plugin BuddyPress Activity Plus Multiple Vulnerabilities (1.6.1) CWE-73  CWE-352  High
WordPress Plugin BuddyPress Cross-Site Scripting (2.2.2.1) CWE-79  High
WordPress Plugin BuddyPress Extended Friendship Request Cross-Site Scripting (1.0.1) CVE-2013-4944  CWE-79  High
WordPress Plugin BuddyPress Multiple SQL Injection Vulnerabilities (1.7.1) CWE-89  High
WordPress Plugin BuddyPress Multiple Vulnerabilities (1.9.1) CVE-2014-1888  CVE-2014-1889  CWE-79  CWE-264  High
WordPress Plugin BuddyPress PHP Object Injection (2.0.2) CWE-915  High
WordPress Plugin BuddyPress Security Bypass (2.3.4) CWE-264  High
WordPress Plugin BuddyStream Multiple Cross-Site Scripting Vulnerabilities (2.6.2) CWE-79  High
WordPress Plugin Bulk Delete Privilege Escalation (5.5.3) CWE-264  High
WordPress Plugin Bulk Delete Users by Email Cross-Site Request Forgery (1.0) CWE-352  High
WordPress Plugin BulletProof Security Cross-Site Scripting (.47) CVE-2012-4268  CWE-79  High
WordPress Plugin BulletProof Security Cross-Site Scripting (.50.9) CWE-79  High
WordPress Plugin BulletProof Security Cross-Site Scripting (.52.4) CWE-79  High
WordPress Plugin BulletProof Security Multiple Cross-Site Scripting Vulnerabilities (.48.9) CVE-2013-3487  CWE-79  High
WordPress Plugin BulletProof Security Multiple Cross-Site Scripting Vulnerabilities (.53.2) CWE-79  High
WordPress Plugin BulletProof Security Multiple Vulnerabilities (.51) CVE-2014-7958  CVE-2014-7959  CVE-2014-8749  CWE-79  CWE-89  CWE-918  High
WordPress Plugin CAC Featured Content TimThumb Arbitrary File Upload (0.8) CVE-2011-4106  CWE-20  High
WordPress Plugin CAPTCHA in Thai Multiple Cross-Site Scripting Vulnerabilities (1.1) CWE-79  High
WordPress Plugin CBI Referral Manager Cross-Site Scripting (1.2.1) CVE-2014-4517  CWE-79  High
WordPress Plugin CIP4 Folder Download Widget Local File Inclusion (1.10) CWE-22  High
WordPress Plugin CKEditor for WordPress Cross-Site Scripting (4.5.3) CWE-79  High
WordPress Plugin CM Ad Changer Multiple Cross-Site Scripting Vulnerabilities (1.7.2) CWE-79  High
WordPress Plugin CM Download Manager Code Injection (2.0.3) CVE-2014-8877   CWE-95  High
WordPress Plugin CM Download Manager Multiple Vulnerabilities (2.0.6) CVE-2014-9129  CWE-79  CWE-352  High
WordPress Plugin CM Tooltip Glossary Cross-Site Scripting (3.3.4) CWE-79  High
WordPress Plugin CMS Tree Page View 'cms_tpv_view' Parameter Cross-Site Scripting (0.8.8) CVE-2012-1834  CWE-79  High
WordPress Plugin CMS Tree Page View Cross-Site Request Forgery (1.2.4) CWE-352  High
WordPress Plugin CMS Tree Page View Cross-Site Scripting (1.2.31) CWE-79  High
WordPress Plugin CONTUS VBLOG-Video Blogging 'save.php' Arbitrary File Upload (1.0) CWE-434  High
WordPress Plugin CP Contact Form with Paypal Multiple Vulnerabilities (1.1.5) CWE-79  CWE-89  CWE-352  High
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5) CWE-22  High
WordPress Plugin CP Multi View Event Calendar Multiple SQL Injection Vulnerabilities (1.1.7) CWE-89  High
WordPress Plugin CP Multi View Event Calendar Multiple Vulnerabilities (1.1.4) CWE-79  CWE-89  High
WordPress Plugin CP Multi View Event Calendar SQL Injection (1.01) CVE-2014-8586  CWE-89  High
WordPress Plugin CP Polls Multiple Vulnerabilities (1.0.8) CWE-79  CWE-352  High
WordPress Plugin CP Reservation Calendar SQL Injection (1.1.6) CVE-2015-7235  CWE-89  High
WordPress Plugin CSS Plus Multiple Unspecified Vulnerabilities (1.3.1) High
WordPress Plugin CSV Import Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin CSV Importer Multiple Unspecified Vulnerabilities (0.3.7) High
WordPress Plugin Calculated Fields Form Cross-Site Scripting (1.0.81) CWE-79  High
WordPress Plugin Calculated Fields Form Multiple SQL Injection Vulnerabilities (1.0.10) CWE-89  High
WordPress Plugin Calendar Cross-Site Request Forgery (1.3.2) CVE-2013-2698  CWE-352  High
WordPress Plugin Calendar Multiple Cross-Site Scripting Vulnerabilities (1.2.1) CWE-79  High
WordPress Plugin Candidate Application Form Arbitrary File Download (1.0) CWE-22  High
WordPress Plugin Captain Slider Cross-Site Scripting (1.0.6) CWE-79  High
WordPress Plugin Captcha by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (4.0.2) CWE-79  High
WordPress Plugin Captcha by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (4.1.5) CWE-79  High
WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.4) CWE-89  High
WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.7) CWE-89  High
WordPress Plugin Captcha by BestWebSoft Security Bypass (3.8.7) CWE-284  High
WordPress Plugin Captcha by BestWebSoft Security Bypass (4.0.6) CVE-2014-9283  CWE-254  High
WordPress Plugin Car Demon Multiple Cross-Site Scripting Vulnerabilities (1.0.1) CWE-79  High
WordPress Plugin Car Rental System SQL Injection (3.0) CWE-89  High
WordPress Plugin Carousel slideshow 'swfupload.swf' Cross-Site Scripting (3.10) CVE-2012-3414  CWE-79  High
WordPress Plugin Carousel slideshow 'upload.php' Arbitrary File Upload (3.9) CWE-434  High
WordPress Plugin Cart66 Lite::WordPress Ecommerce Cross-Site Scripting (1.5.4) CWE-79  High
WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.1.14) CVE-2013-5977  CVE-2013-5978  CWE-79  CWE-352  High
WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.3) CVE-2014-9442  CWE-89  CWE-264  High
WordPress Plugin Cart66 Lite::WordPress Ecommerce SQL Injection (1.5.1.17) CVE-2014-9305  CWE-89  High
WordPress Plugin Cart66 Pro Arbitrary File Disclosure (1.5.3) CVE-2014-9461  CWE-22  High
WordPress Plugin CataBlog 'category' Parameter Cross-Site Scripting (1.6.2) CWE-79  High
WordPress Plugin Category Grid View Gallery Cross-Site Scripting (2.3.3) CVE-2013-4117  CWE-79  High
WordPress Plugin Category Grid View Gallery TimThumb Arbitrary File Upload (0.1.1) CVE-2011-4106  CWE-20  High
WordPress Plugin Category List Portfolio Page TimThumb Arbitrary File Upload (1.2.3) CVE-2011-4106  CWE-20  High
WordPress Plugin Category Order and Taxonomy Terms Order Cross-Site Scripting (1.4.6) CWE-79  High
WordPress Plugin Category and Page Icons Multiple Vulnerabilities (0.9.1) CWE-73  CWE-434  High
WordPress Plugin Ceceppa Multilingua Unspecified Vulnerability (1.5.3) High
WordPress Plugin CevherShare 'cevhershare-admin.php' SQL Injection (2.0) CWE-89  High
WordPress Plugin Chat Cross-Site Scripting (1.0.8) CWE-79  High
WordPress Plugin ChenPress Arbitrary File Upload (3.0) CWE-434  High
WordPress Plugin Chief Editor Multiple Vulnerabilities (3.7.1) CWE-79  CWE-352  High
WordPress Plugin Child Theme Configurator Arbitrary File Disclosure (1.7.4) CWE-538  High
WordPress Plugin Child Theme Creator by Orbisius Arbitrary File Modification (1.2.6) CWE-88  High
WordPress Plugin Cimy Counter HTTP Response Splitting and Cross-Site Scripting Vulnerabilities (0.9.4) CWE-79  CWE-113  High
WordPress Plugin Cimy User Extra Fields Arbitrary File Upload (2.3.7) CWE-434  High
WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3) CWE-400  High
WordPress Plugin Cimy User Manager 'cimy_um_filename' Parameter Arbitrary File Disclosure (1.4.2) CWE-22  High
WordPress Plugin Citizen Space Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin Citizen Space Cross-Site Scripting (1.1) CWE-79  High
WordPress Plugin Claptastic Clap! Button Multiple Cross-Site Scripting Vulnerabilities (1.3) CWE-79  High
WordPress Plugin Cleeng-Sell your videos Cross-Site Scripting (2.3.2) CVE-2013-1808  CWE-79  High
WordPress Plugin Click to Copy Grab Box Multiple Cross-Site Scripting Vulnerabilities (0.1.1) CVE-2013-1808  CWE-79  High
WordPress Plugin ClickBank Affiliate Ads Multiple Vulnerabilities (1.7) CWE-79  CWE-352  High
WordPress Plugin ClickDesk Live Support-Live Chat-Help Desk 'cdwidgetid' Parameter Cross-Site Scripting (2.0) CVE-2011-5181  CWE-79  High
WordPress Plugin ClickDesk Live Support-Live Chat-Help Desk Cross-Site Scripting (4.2) CWE-79  High
WordPress Plugin ClickSold IDX Cross-Site Scripting (1.48) CWE-79  High
WordPress Plugin Clik stats Open Redirect (0.8) CWE-601  High
WordPress Plugin Clipta Video Informer Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin CloudFlare Multiple Cross-Site Scripting Vulnerabilities (1.3.20) CWE-79  High
WordPress Plugin CloudFlare Multiple Unspecified Vulnerabilities (1.1.6) High
WordPress Plugin Cms Pack TimThumb Arbitrary File Upload (1.3) CVE-2011-4106  CWE-20  High
WordPress Plugin Code Embed 'suffix' Parameter Cross-Site Scripting (2.0.1) CWE-79  High
WordPress Plugin Code Insert Manager (Q2W3 Inc Manager) ZeroClipboard Cross-Site Scripting (2.3.1) CVE-2013-1808  CWE-79  High
WordPress Plugin CodeArt-Google MP3 Player Arbitrary File Disclosure (1.0.11) CWE-538  High
WordPress Plugin Codestyling Localization 'name' Parameter Cross-Site Scripting (1.99.19) CWE-79  High
WordPress Plugin Codestyling Localization Multiple Vulnerabilities (1.99.30) CVE-2015-4179   CWE-79  CWE-95  CWE-352  High
WordPress Plugin Collapse-O-Matic Cross-Site Scripting (1.6.8) CWE-79  High
WordPress Plugin Collision Testimonials 'admin.php' SQL Injection (3.0) CWE-89  High
WordPress Plugin ComicPress Manager 'lang' Parameter Cross-Site Scripting (1.4.9.9 ) CWE-79  High
WordPress Plugin Coming Soon/Maintenance mode Ready! Cross-Site Request Forgery (0.5.0) CWE-352  High
WordPress Plugin Comment Attachment Cross-Site Scripting (1.5.5) CVE-2013-6010  CWE-79  High
WordPress Plugin Comment Extra Fields 'cef-upload.php' Arbitrary File Upload (1.7) CWE-434  High
WordPress Plugin Comment Extra Fields Multiple Cross-Site Scripting Vulnerabilities (1.7) CWE-79  High
WordPress Plugin Comment Rating 'id' Parameter SQL Injection (2.9.23) CWE-89  High
WordPress Plugin Comment Rating 'path' Parameter Cross-Site Scripting (2.9.20) CWE-79  High
WordPress Plugin Comment Rating Cross-Site Request Forgery (2.9.20) CWE-352  High
WordPress Plugin Comment Rating SQL Injection and Security Bypass Weakness Vulnerabilities (2.9.32) CWE-89  CWE-264  High
WordPress Plugin CommentLuv Cross-Site Scripting (2.92.3) CVE-2013-1409  CWE-79  High
WordPress Plugin Commentator Cross-Site Scripting (2.5.2) CWE-79  High
WordPress Plugin Community Events 'id' Parameter SQL Injection (1.2.2) CWE-89  High
WordPress Plugin Community Events SQL Injection (1.3.5) CVE-2015-3313   CWE-89  High
WordPress Plugin Compfight Cross-Site Scripting (1.4) CVE-2014-5202  CVE-2014-8622  CWE-79  High
WordPress Plugin Complete Gallery Manager for WordPress Arbitrary File Upload (3.3.3) CVE-2013-5962  CWE-434  High
WordPress Plugin Conduit Banner 'banner-index-field-id' Parameter Cross-Site Scripting (0.2) CWE-79  High
WordPress Plugin Connections Business Directory Cross-Site Scripting (8.5.8) CVE-2016-0770  CWE-79  High
WordPress Plugin Connections Business Directory Unspecified Vulnerability (0.7.1.5) CVE-2011-5254  High
WordPress Plugin Constant Contact for WordPress Multiple Cross-Site Scripting Vulnerabilities (3.1.7) CWE-79  High
WordPress Plugin Constant Contact for WordPress Unspecified Vulnerability (3.1.6) High
WordPress Plugin Contact Bank-Contact Forms Builder Cross-Site Scripting (2.0.225) CWE-79  High
WordPress Plugin Contact Bank-Contact Forms Builder Cross-Site Scripting (2.0.226) CWE-79  High
WordPress Plugin Contact Form 'wpcf_easyform_formid' Parameter SQL Injection (2.7.5) CWE-89  High
WordPress Plugin Contact Form 7 Arbitrary File Upload (3.5.2) CWE-434  High
WordPress Plugin Contact Form 7 Arbitrary File Upload (3.5.3) CWE-434  High
WordPress Plugin Contact Form 7 Cross-Site Scripting (4.0.1) CWE-79  High
WordPress Plugin Contact Form 7 Integrations Multiple Cross-Site Scripting Vulnerabilities (1.3.10) CVE-2014-6445  CWE-79  High
WordPress Plugin Contact Form 7 Security Bypass (3.7.1) CVE-2014-2265  CWE-264  High
WordPress Plugin Contact Form 7 Security Bypass (4.1) CWE-330  High
WordPress Plugin Contact Form Builder Multiple SQL Injection Vulnerabilities (1.0.24) CWE-89  High
WordPress Plugin Contact Form Builder Security Bypass (1.0.7) CWE-264  High
WordPress Plugin Contact Form Clean and Simple Cross-Site Scripting (4.4.0) CVE-2014-8955  CWE-79  High
WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31) CVE-2015-1874   CWE-352  High
WordPress Plugin Contact Form DB Cross-Site Scripting (2.8.19) CWE-79  High
WordPress Plugin Contact Form DB Cross-Site Scripting (2.8.27) CVE-2015-2040  CWE-79  High
WordPress Plugin Contact Form DB Multiple Cross-Site Scripting Vulnerabilities (2.8.15) CVE-2014-7139  CWE-79  High
WordPress Plugin Contact Form Generator Multiple Cross-Site Request Forgery Vulnerabilities (2.0.1) CVE-2015-6965  CWE-352  High
WordPress Plugin Contact Form Integrated With Google Maps Cross-Site Scripting (2.4) CVE-2014-7238  CWE-79  High
WordPress Plugin Contact Form Maker Cross-Site Scripting (1.7.18) CVE-2014-8796  CWE-79  High
WordPress Plugin Contact Form Maker SQL Injection (1.7.30) CWE-89  High
WordPress Plugin Contact Form Maker Security Bypass (1.7.14) CWE-264  High
WordPress Plugin Contact Form Manager Multiple Cross-Site Scripting Vulnerabilities (1.4.1) CWE-79  High
WordPress Plugin Contact Form Unspecified Vulnerability (1.2) High
WordPress Plugin Contact Form by BestWebSoft Cross-Site Request Forgery (3.82) CWE-352  High
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.34) CWE-79  High
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.51) CWE-79  High
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.81) CWE-79  High
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.95) CWE-79  High
WordPress Plugin Contact Form by BestWebSoft Email Header Injection (3.83) CWE-88  High
WordPress Plugin Contact Form by ContactMe.com Cross-Site Scripting (2.3) CVE-2014-4518   CWE-79  High
WordPress Plugin Contact Form to DB by BestWebSoft Cross-Site Scripting (1.4.0) CWE-79  High
WordPress Plugin Contact Form to Email Cross-Site Scripting (1.0) CVE-2014-8798  CWE-79  High
WordPress Plugin Contact Form to Email Multiple Vulnerabilities (1.1.4) CWE-79  CWE-352  High
WordPress Plugin Content Audit Blind SQL Injection (1.6) CVE-2014-5389  CWE-89  High
WordPress Plugin Content Grabber Multiple Vulnerabilities (1.0) CWE-79  CWE-352  High
WordPress Plugin Content text slider on post Cross-Site Scripting (6.8) CWE-79  High
WordPress Plugin Contentboxes Cross-Site Scripting (1.1) CWE-79  High
WordPress Plugin Contextual Related Posts Cross-Site Request Forgery (1.8.6) CVE-2013-2710  CWE-352  High
WordPress Plugin Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3) CWE-89  High
WordPress Plugin Contus HD FLV Player 'uploadVideo.php' Arbitrary File Upload (1.7) CWE-434  High
WordPress Plugin Conversador Cross-Site Scripting (2.61) CVE-2014-4519   CWE-79  High
WordPress Plugin Cool Video Gallery Command Injection (1.9) CVE-2015-7527  CWE-94  High
WordPress Plugin Cool Video Gallery Cross-Site Request Forgery (1.8) CWE-352  High
WordPress Plugin Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16) CVE-2010-0673  CWE-89  High
WordPress Plugin Copy or Move Comments Multiple Vulnerabilities (1.0.0) CWE-79  CWE-352  High
WordPress Plugin CopySafe PDF Protection Arbitrary File Upload (0.6) CWE-434  High
WordPress Plugin Count per Day 'month' Parameter SQL Injection (2.17) CWE-89  High
WordPress Plugin Count per Day 'notes.php' Cross-Site Scripting (3.2.3) CWE-79  High
WordPress Plugin Count per Day 'userperspan.php' Multiple Cross-Site Scripting Vulnerabilities (3.1.1) CVE-2012-3434  CWE-79  High
WordPress Plugin Count per Day Arbitrary File Download and Cross-Site Scripting Vulnerabilities (3.1) CVE-2012-0896  CWE-22  CWE-79  High
WordPress Plugin Count per Day Cross-Site Request Forgery (3.2.5) CWE-352  High
WordPress Plugin Count per Day Information Disclosure (3.2.5) CWE-200  High
WordPress Plugin Count per Day SQL Injection (3.4) CVE-2015-5533   CWE-89  High
WordPress Plugin Count per Day Search Bar Cross-Site Scripting (3.2.2) CWE-79  High
WordPress Plugin Coupon Tab for DirectoryPress Multiple Cross-Site Scripting Vulnerabilities (0.2.0) CWE-79  High
WordPress Plugin Couponer 'print-coupon.php' SQL Injection (1.2) CWE-89  High
WordPress Plugin Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1) CWE-94  High
WordPress Plugin Crayon Syntax Highlighter Local File Disclosure (2.6.10) CWE-22  High
WordPress Plugin Crayon Syntax Highlighter Security Bypass (2.6.10) CWE-264  High
WordPress Plugin Crazy Bone Cross-Site Scripting (0.5.6) CWE-79  High
WordPress Plugin Creative Contact Form-The Best WordPress Contact Form Builder Arbitrary File Upload (0.9.7) CVE-2014-7969   CWE-94  High
WordPress Plugin Crony Cronjob Manager Multiple Vulnerabilities (0.4.4) CWE-79  CWE-352  High
WordPress Plugin Cross-RSS Directory Traversal (1.7) CVE-2014-4941  CWE-22  High
WordPress Plugin CrossSlide jQuery Multiple Vulnerabilities (2.0.5) CVE-2015-2089  CWE-79  CWE-352  High
WordPress Plugin Csv2WPeC Coupon Arbitrary File Upload (1.1) CWE-434   High
WordPress Plugin Custom Background 'uploadify.php' Arbitrary File Upload (1.01) CWE-434  High
WordPress Plugin Custom Banners Cross-Site Scripting (1.2.2.2) CVE-2014-4724  CWE-79  High
WordPress Plugin Custom Contact Forms Multiple Cross-Site Scripting Vulnerabilities (5.0.0.1) CWE-79  High
WordPress Plugin Custom Contact Forms Security Bypass (5.1.0.3) CWE-264  High
WordPress Plugin Custom Content Type Manager 'upload_form.php' Arbitrary File Upload (0.9.5.13) CWE-434  High
WordPress Plugin Custom Content Type Manager Backdoor (0.9.8.8) CWE-95  High
WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5) CVE-2015-3173   CWE-94  High
WordPress Plugin Custom Field Suite Security Bypass (2.4) CWE-264  High
WordPress Plugin Custom Login Cross-Site Scripting (3.2) CWE-79  High
WordPress Plugin Custom Metas Cross-Site Scripting (1.5.1) CWE-79  High
WordPress Plugin Custom Permalinks Unspecified Vulnerability (0.7.15) High
WordPress Plugin Custom Post Type UI 'wp-admin/admin.php' Cross-Site Scripting (0.7) CWE-79  High
WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.0.6) CWE-79  High
WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.1.1) CWE-79  High
WordPress Plugin Custom Sidebars Cross-Site Scripting (2.1.0.1) CWE-79  High
WordPress Plugin Custom Tables 'key' Parameter Cross-Site Scripting (3.4.4) CWE-79  High
WordPress Plugin Custom Website Data Cross-Site Request Forgery (1.2) CWE-352  High
WordPress Plugin Custom Website Data Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin Customize Youtube Videos Multiple Vulnerabilities (0.2) CWE-79  CWE-352  High
WordPress Plugin DB Backup Directory Traversal (4.5) CVE-2014-9119  CWE-22  High
WordPress Plugin DB Toolkit 'uploadify.php' Arbitrary File Upload (0.1.10) CWE-434  High
WordPress Plugin DM Albums 'album.php' Remote File Inclusion (1.9.2) CVE-2009-2396  CWE-94  High
WordPress Plugin DM Albums File Dislosure (1.9.2) CWE-22  High
WordPress Plugin DM Albums Multiple File Deletion Vulnerabilities (2.1) CWE-22  High
WordPress Plugin DMCA WaterMarker Cross-Site Scripting (1.0) CVE-2014-4520  CWE-79  High
WordPress Plugin DMSGuestbook File Manipulation (1.17.4) CWE-99  High
WordPress Plugin DMSGuestbook Multiple Remote Vulnerabilities (1.8.0) CVE-2008-0615  CVE-2008-0616  CVE-2008-0617  CVE-2008-0618  CWE-22  CWE-79  CWE-89  High
WordPress Plugin DP Maintenance Mode Lite Cross-Site Scripting (1.3.2) CWE-79  High
WordPress Plugin DP Thumbnail TimThumb Arbitrary File Upload (1.0) CVE-2011-4106  CWE-20  High
WordPress Plugin DVS Custom Notification Multiple Cross-Site Request Forgery Vulnerabilities (1.0.1) CVE-2012-4921  CWE-352  High
WordPress Plugin DW Question & Answer Cross-Site Scripting (1.4.2.2) CWE-79  High
WordPress Plugin DW Question & Answer Security Bypass (1.2.9) CWE-264  High
WordPress Plugin DX-Contribute Cross-Site Request Forgery (1.2.0) CWE-352  High
WordPress Plugin DZS Video Gallery Information Disclosure (3.1.3) CWE-200  High
WordPress Plugin DZS Video Gallery Multiple Cross-Site Scripting Vulnerabilities (All) CVE-2014-3923  CVE-2014-9094  CWE-79  High
WordPress Plugin Daily Inspiration Generator Cross-Site Scripting (2.0) CWE-79  High
WordPress Plugin Daily Inspiration Generator Open Redirect (2.0) CWE-601  High
WordPress Plugin Daily Maui Photo Widget Multiple Cross-Site Scripting Vulnerabilities (0.2) CWE-79  High
WordPress Plugin DandyID Services Cross-Site Request Forgery (1.5.9) CVE-2014-9335  CWE-352  High
WordPress Plugin Database Sync Cross-Site Scripting (0.4) CWE-79  High
WordPress Plugin Dean's FCKEditor with pwwang's code Arbitrary File Upload (1.0.0) CWE-20  High
WordPress Plugin Dean's Permalinks Migration Cross-Site Request Forgery (1.0) CVE-2008-0508  CWE-352  High
WordPress Plugin Debug Bar Unspecified Vulnerability (0.8) High
WordPress Plugin Defa Online Image Protector Cross-Site Scripting (3.3) CWE-79  High
WordPress Plugin Default Facebook Thumbnails Multiple Vulnerabilities (0.4) CWE-79  CWE-352  High
WordPress Plugin Delete All Comments Cross-Site Request Forgery (1.0) CWE-352  High
WordPress Plugin Design Approval System Cross-Site Scripting (3.6) CVE-2013-5711  CWE-79  High
WordPress Plugin Developer Formatter Cross-Site Request Forgery (2012.0.1.39) CWE-352  High
WordPress Plugin Dexs PM System Cross-Site Scripting (1.0.1) CWE-79  High
WordPress Plugin Dharma booking Local/Remote File Inclusion (2.38.3) CWE-98  High
WordPress Plugin Digg Digg Cross-Site Request Forgery (5.3.4) CVE-2013-3258  CWE-352  High
WordPress Plugin Disable Comments Cross-Site Request Forgery (1.0.3) CVE-2014-2550   CWE-352  High
WordPress Plugin Disable Comments Cross-Site Scripting (1.3) CWE-79  High
WordPress Plugin Disable Feeds Unspecified Vulnerability (1.4) High
WordPress Plugin Disclosure Policy 'abspath' Parameter Remote File Include (1.0) CWE-94  High
WordPress Plugin Display Posts Shortcode Unspecified Vulnerability (1.9) High
WordPress Plugin Display Widgets Cross-Site Scripting (2.03) CWE-79  High
WordPress Plugin Display posts in grid layout without coding-Content Views Cross-Site Scripting (1.6.1) CWE-79  High
WordPress Plugin Disqus Comment System Cross-Site Scripting (2.68) CWE-79  High
WordPress Plugin Disqus Comment System Multiple Cross-Site Request Forgery Vulnerabilities (2.77) CVE-2014-5346  CWE-352  High
WordPress Plugin Disqus Comment System Multiple Vulnerabilities (2.75) CVE-2014-5345  CVE-2014-5347  CWE-79  CWE-95  CWE-352  High
WordPress Plugin Ditty News Ticker Unspecified Vulnerability (1.5.1) High
WordPress Plugin Divi Builder Security Bypass (1.2.3) CWE-264  High
WordPress Plugin Donate by BestWebSoft Cross-Site Scripting (2.0.1) CWE-79  High
WordPress Plugin Donation with Goals and Paypal IPN by NonprofitCMS.org 'exporttocsv.php' SQL Injection (1.0) CWE-89  High
WordPress Plugin Double Opt-In for Download SQL Injection (2.0.8) CVE-2015-7517  CWE-89  High
WordPress Plugin Download Monitor 'dlsearch' Parameter Cross-Site Scripting (3.3.5.8) CVE-2012-4768  CWE-79  High
WordPress Plugin Download Monitor Cross-Site Scripting (1.7.0) CWE-79  High
WordPress Plugin Download Monitor Cross-Site Scripting (3.3.6.1) CVE-2013-3262  CVE-2013-5098  CWE-79  High
WordPress Plugin Download Monitor Information Disclosure (1.6.3) CWE-538  High
WordPress Plugin Download Shortcode Arbitrary File Disclosure (0.1) CWE-22  High
WordPress Plugin Download Shortcode Local File Inclusion (0.2.3) CVE-2014-5465  CWE-22  High
WordPress Plugin Download Zip Attachments Arbitrary File Download (1.0.0) CVE-2015-4704  CWE-22  High
WordPress Plugin Downloads Manager 'upload.php' Arbitrary File Upload (0.2) CVE-2008-3362  CWE-20  High
WordPress Plugin Drag & Drop File Uploader 'dnd-upload.php' Arbitrary File Upload (0.1) CWE-434  High
WordPress Plugin Dropdown Menu Widget Cross-Site Request Forgery (1.9.1) CVE-2013-2704  CWE-352  High
WordPress Plugin DukaPress Directory Traversal (2.5.2) CVE-2014-8799  CWE-22  High
WordPress Plugin DukaPress Multiple Cross-Site Scripting Vulnerabilities (2.5.9) CWE-79  High
WordPress Plugin DukaPress SQL Injection (2.5.9) CWE-89  High
WordPress Plugin DukaPress TimThumb Arbitrary File Upload (2.3.2) CVE-2011-4106  CWE-20  High
WordPress Plugin Duo Two-Factor Authentication Security Bypass (1.8.1) CWE-592  High
WordPress Plugin Duplicate Post Multiple Vulnerabilities (2.4.1) CWE-79  CWE-89  High
WordPress Plugin Duplicate Theme Unspecified Vulnerability (0.1.4) High
WordPress Plugin Duplicator Arbitrary File Disclosure (0.3.0) CWE-22  High
WordPress Plugin Duplicator Cross-Site Request Forgery (1.1.2) CWE-352  High
WordPress Plugin Duplicator Cross-Site Scripting (0.4.4) CVE-2013-4625   CWE-79  High
WordPress Plugin Duplicator Cross-Site Scripting (0.5.26) CWE-79  High
WordPress Plugin Duplicator SQL Injection (0.5.14) CWE-89  High
WordPress Plugin Duplicator Security Bypass (0.5.8) CVE-2014-9262  CWE-264  High
WordPress Plugin Dynamic Widgets 'id' Parameter Cross-Site Scripting (1.5.1) CWE-79  High
WordPress Plugin Dynamic Widgets Multiple Cross-Site Scripting Vulnerabilities (1.5.10) CWE-79  High
WordPress Plugin Dynamic Widgets Multiple Unspecified Vulnerabilities (1.5.7) High
WordPress Plugin E-Search Multiple Cross-Site Scripting Vulnerabilities (1.0) CWE-79  High
WordPress Plugin EDD Favorites Cross-Site Scripting (1.0.6) CWE-79  High
WordPress Plugin EELV Newsletter Cross-Site Scripting (3.3.0) CWE-79  High
WordPress Plugin EMC2 Custom Help Videos Cross-Site Scripting (1.2) CWE-79  High
WordPress Plugin ENL Newsletter SQL Injection (1.0.1) CVE-2014-4939  CWE-89  High
WordPress Plugin EWWW Image Optimizer Cloud Cross-Site Scripting (2.0.1) CWE-79  High
WordPress Plugin EWWW Image Optimizer Cross-Site Scripting (2.0.1) CVE-2014-6243  CWE-79  High
WordPress Plugin EZ Google Analytics Cross-Site Scripting (4.1.06) CWE-79  High
WordPress Plugin EZ Portfolio Multiple Cross-Site Scripting Vulnerabilities (1.0.1) CWE-79  High
WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup Multiple Vulnerabilities (4.11.33) CWE-22  CWE-94  High
WordPress Plugin EZP Coming Soon Page Cross-Site Scripting (1.0.0) CWE-79  High
WordPress Plugin EZPZ One Click Backup 'mail' Parameter Cross-Site Scripting (12.03.10) CWE-79  High
WordPress Plugin EZPZ One Click Backup Remote Code Execution (12.03.10) CVE-2014-3114   CWE-78  High
WordPress Plugin Easing Slider Multiple Cross-Site Scripting Vulnerabilities (2.2.0.6) CVE-2015-1436  CWE-79  High
WordPress Plugin Easy Author Image Information Disclosure (1.5) CWE-200  High
WordPress Plugin Easy Banners Cross-Site Scripting (1.4) CVE-2014-4723  CWE-79  High
WordPress Plugin Easy Career Openings Cross-Site Scripting (0.4) CVE-2014-4523   CWE-79  High
WordPress Plugin Easy Coming Soon Cross-Site Scripting (1.6.2) CWE-79  High
WordPress Plugin Easy Coming Soon Cross-Site Scripting (1.8.1) CWE-79  High
WordPress Plugin Easy Comment Uploads 'upload.php' Arbitrary File Upload (0.61) CWE-434  High
WordPress Plugin Easy Contact Form Builder Cross-Site Scripting (1.0) CWE-79  High
WordPress Plugin Easy Contact Form Lite 'sort_row.request.php' SQL Injection (1.0.7) CWE-89  High
WordPress Plugin Easy Contact Form Solution Cross-Site Scripting (1.6) CVE-2014-7240  CWE-79  High
WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure (1.1.0) CWE-22  High
WordPress Plugin Easy Digital Downloads Attach Accounts to Orders Cross-Site Scripting (2.0.1) CWE-79  High
WordPress Plugin Easy Digital Downloads Cross-Site Scripting (2.3.6) CWE-79  High
WordPress Plugin Easy Digital Downloads Multiple Security Bypass Vulnerabilities (2.1.10) CWE-264  High
WordPress Plugin Easy Digital Downloads QR Code Cross-Site Scripting (1.1.0) CWE-79  High
WordPress Plugin Easy Digital Downloads Unspecified Vulnerability (2.4.9) High
WordPress Plugin Easy Digital Downloads-htaccess Editor Cross-Site Scripting (1.0.0) CWE-79  High
WordPress Plugin Easy FancyBox Unspecified Vulnerability (1.3.4.9) High
WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (6.0.3.2) High
WordPress Plugin Easy Google Fonts Cross-Site Scripting (1.3.6) CWE-79  High
WordPress Plugin Easy Image Gallery Cross-Site Scripting (1.1.1) CWE-79  High
WordPress Plugin Easy MailChimp Forms Cross-Site Scripting (5.0.6) CVE-2014-7152  CWE-79  High
WordPress Plugin Easy Plugin for AdSense Cross-Site Request Forgery (6.06) CVE-2013-2702  CWE-352  High
WordPress Plugin Easy Property Listings Unspecified Vulnerability (2.0) High
WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.2) CVE-2015-2084  CWE-79  CWE-352  High
WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.3.1) CWE-79  CWE-89  High
WordPress Plugin Easy Social Share Buttons for WordPress Multiple Cross-Site Scripting Vulnerabilities (3.4.1) CWE-79  High
WordPress Plugin Easy Table Cross-Site Scripting (1.5.2) CWE-79  High
WordPress Plugin Easy2Map Multiple SQL Injection Vulnerabilities (1.2.4) CVE-2015-4614  CVE-2015-4616  CWE-89  High
WordPress Plugin Easy2Map Multiple Vulnerabilities (1.2.9) CVE-2015-7668  CVE-2015-7669  CWE-22  CWE-79  High
WordPress Plugin Easy2Map Photos Multiple Vulnerabilities (1.0.9) CVE-2015-4615  CVE-2015-4617  CWE-22  CWE-89  High
WordPress Plugin Echo Sign Multiple Cross-Site Scripting Vulnerabilities (1.1) CWE-79  High
WordPress Plugin Edit Author Slug Cross-Site Scripting (1.0.5.1) CWE-79  High
WordPress Plugin EditorMonkey Remote File Upload (2.5) CWE-20  High
WordPress Plugin Editorial Calendar Multiple Vulnerabilities (2.6) CWE-79  CWE-89  CWE-264  High
WordPress Plugin Efence Multiple Cross-Site Scripting Vulnerabilities (1.3.2) CVE-2014-4526  CWE-79  High
WordPress Plugin Email Encoder Bundle-Protect Email Address Cross-Site Scripting (1.4.1) CWE-79  High
WordPress Plugin Email Encoder Bundle-Protect Email Address Multiple Cross-Site Scripting Vulnerabilities (1.4.3) CWE-79  High
WordPress Plugin Email Queue by BestWebSoft Cross-Site Request Forgery (1.0.0) CWE-352  High
WordPress Plugin Email Subscribers Multiple Vulnerabilities (2.9) CWE-79  CWE-89  High
WordPress Plugin Email Users Cross-Site Scripting (4.7.5) CWE-79  High
WordPress Plugin Email newsletter 'option' Parameter Information Disclosure (8.0) CWE-200  High
WordPress Plugin Email newsletter Cross-Site Scripting (20.13.6) CWE-79  High
WordPress Plugin Embed Articles Multiple Vulnerabilities (7.0.3) CWE-79  CWE-352  High
WordPress Plugin Embedded Video 'lembedded-video.php' Cross-Site Scripting (4.1) CVE-2010-4277  CWE-79  High
WordPress Plugin Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3) CWE-89  CWE-434  High
WordPress Plugin Encrypted Blog Multiple Vulnerabilities (0.0.6.2) CWE-79  CWE-601  High
WordPress Plugin Encrypted Contact Form Multiple Vulnerabilities (1.0.4) CVE-2015-4010   CWE-79  CWE-352  High
WordPress Plugin EnvialoSimple:Email Marketing y Newsletters Multiple Cross-Site Scripting Vulnerabilities (1.97) CVE-2014-4527  CWE-79  High
WordPress Plugin Erident Custom Login and Dashboard Cross-Site Request Forgery (3.4.1) CWE-352  High
WordPress Plugin Eshop Magic Arbitrary File Disclosure (0.1) CWE-22  High
WordPress Plugin Evarisk 'ajax.php' SQL Injection (5.1.3.6) CWE-89  High