| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10755)
|
CVE-2016-10755
CWE-138
|
CWE-138
|
High
|
|
AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521)
|
CVE-2022-26521
CWE-434
|
CWE-434
|
High
|
|
Adminer 4.6.2 file disclosure vulnerability
|
CWE-22
|
CWE-22
|
High
|
|
Adobe Coldfusion 8 multiple linked XSS vulnerabilies
|
CVE-2009-1872
CWE-79
|
CWE-79
|
High
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51484)
|
CVE-2024-51484
CWE-352
|
CWE-352
|
High
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51485)
|
CVE-2024-51485
CWE-352
|
CWE-352
|
High
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51487)
|
CVE-2024-51487
CWE-352
|
CWE-352
|
High
|
|
Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)
|
CVE-2017-18375
CWE-502
|
CWE-502
|
High
|
|
Ampache Improper Access Control Vulnerability (CVE-2021-21399)
|
CVE-2021-21399
CWE-284
|
CWE-284
|
High
|
|
Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929)
|
CVE-2008-3929
CWE-59
|
CWE-59
|
High
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51486)
|
CVE-2024-51486
CWE-707
|
CWE-707
|
High
|
|
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385)
|
CVE-2019-12385
CWE-138
|
CWE-138
|
High
|
|
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771)
|
CVE-2023-0771
CWE-138
|
CWE-138
|
High
|
|
Ampache Other Vulnerability (CVE-2006-5668)
|
CVE-2006-5668
|
|
High
|
|
Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665)
|
CVE-2022-4665
CWE-434
|
CWE-434
|
High
|
|
Angular Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
|
CVE-2024-21490
CWE-1333
|
CWE-1333
|
High
|
|
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768)
|
CVE-2019-10768
CWE-20
|
CWE-20
|
High
|
|
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25844)
|
CVE-2022-25844
CWE-1333
|
CWE-1333
|
High
|
|
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
|
CVE-2024-21490
CWE-1333
|
CWE-1333
|
High
|
|
Apache 2.2.14 mod_isapi Dangling Pointer
|
CVE-2010-0425
CWE-20
|
CWE-20
|
High
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
|
CVE-2019-9517
CWE-770
|
CWE-770
|
High
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-30522)
|
CVE-2022-30522
CWE-770
|
CWE-770
|
High
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-27316)
|
CVE-2024-27316
CWE-770
|
CWE-770
|
High
|
|
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217)
|
CVE-2019-0217
CWE-362
|
CWE-362
|
High
|
|
Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2016-0736)
|
CVE-2016-0736
|
|
High
|
|
Apache HTTP Server CVE-2002-0392 Vulnerability (CVE-2002-0392)
|
CVE-2002-0392
|
|
High
|
|
Apache HTTP Server CVE-2002-0839 Vulnerability (CVE-2002-0839)
|
CVE-2002-0839
|
|
High
|
|
Apache HTTP Server CVE-2013-2249 Vulnerability (CVE-2013-2249)
|
CVE-2013-2249
|
|
High
|
|
Apache HTTP Server CVE-2016-5387 Vulnerability (CVE-2016-5387)
|
CVE-2016-5387
|
|
High
|
|
Apache HTTP Server CVE-2016-8743 Vulnerability (CVE-2016-8743)
|
CVE-2016-8743
|
|
High
|
|
Apache HTTP Server CVE-2019-0190 Vulnerability (CVE-2019-0190)
|
CVE-2019-0190
|
|
High
|
|
Apache HTTP Server CVE-2019-0215 Vulnerability (CVE-2019-0215)
|
CVE-2019-0215
|
|
High
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-30556)
|
CVE-2022-30556
CWE-200
|
CWE-200
|
High
|
|
Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979)
|
CVE-2016-4979
CWE-284
|
CWE-284
|
High
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2016-2161)
|
CVE-2016-2161
CWE-20
|
CWE-20
|
High
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-15715)
|
CVE-2017-15715
CWE-20
|
CWE-20
|
High
|
|
Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-41773)
|
CVE-2021-41773
CWE-22
|
CWE-22
|
High
|
|
Apache HTTP Server Improper Locking Vulnerability (CVE-2002-1850)
|
CVE-2002-1850
CWE-667
|
CWE-667
|
High
|
|
Apache HTTP Server Improper Locking Vulnerability (CVE-2004-0174)
|
CVE-2004-0174
CWE-667
|
CWE-667
|
High
|
|
Apache HTTP Server Improper Locking Vulnerability (CVE-2009-2699)
|
CVE-2009-2699
CWE-667
|
CWE-667
|
High
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2002-2272)
|
CVE-2002-2272
CWE-119
|
CWE-119
|
High
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0542)
|
CVE-2003-0542
CWE-119
|
CWE-119
|
High
|
|
Apache HTTP Server Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2009-1955)
|
CVE-2009-1955
CWE-776
|
CWE-776
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27522)
|
CVE-2023-27522
|
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-9490)
|
CVE-2020-9490
CWE-444
|
CWE-444
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11993)
|
CVE-2020-11993
CWE-444
|
CWE-444
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-26377)
|
CVE-2022-26377
CWE-444
|
CWE-444
|
High
|
|
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0747)
|
CVE-2004-0747
CWE-131
|
CWE-131
|
High
|
|
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0940)
|
CVE-2004-0940
CWE-131
|
CWE-131
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-7659)
|
CVE-2017-7659
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-8011)
|
CVE-2018-8011
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-13950)
|
CVE-2020-13950
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-26690)
|
CVE-2021-26690
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-31618)
|
CVE-2021-31618
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-41524)
|
CVE-2021-41524
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2023-28625)
|
CVE-2023-28625
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)
|
CVE-2024-38477
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server Numeric Errors Vulnerability (CVE-2006-3747)
|
CVE-2006-3747
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-0045)
|
CVE-1999-0045
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-0071)
|
CVE-1999-0071
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-1053)
|
CVE-1999-1053
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-1449)
|
CVE-2001-1449
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0061)
|
CVE-2002-0061
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0257)
|
CVE-2002-0257
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0661)
|
CVE-2002-0661
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0843)
|
CVE-2002-0843
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-2029)
|
CVE-2002-2029
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0016)
|
CVE-2003-0016
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0987)
|
CVE-2003-0987
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0993)
|
CVE-2003-0993
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0811)
|
CVE-2004-0811
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0885)
|
CVE-2004-0885
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-1082)
|
CVE-2004-1082
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-2343)
|
CVE-2004-2343
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2005-1344)
|
CVE-2005-1344
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2021-33193)
|
CVE-2021-33193
|
|
High
|
|
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2017-7668)
|
CVE-2017-7668
CWE-125
|
CWE-125
|
High
|
|
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2018-1303)
|
CVE-2018-1303
CWE-125
|
CWE-125
|
High
|
|
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2023-31122)
|
CVE-2023-31122
CWE-125
|
CWE-125
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2004-0488)
|
CVE-2004-0488
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2006-20001)
|
CVE-2006-20001
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2017-15710)
|
CVE-2017-15710
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10081)
|
CVE-2019-10081
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)
|
CVE-2019-10097
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)
|
CVE-2020-35452
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6423)
|
CVE-2007-6423
|
|
High
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-8740)
|
CVE-2016-8740
|
|
High
|
|
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898)
|
CVE-2024-40898
CWE-918
|
CWE-918
|
High
|
|
Apache HTTP Server Session Fixation Vulnerability (CVE-2018-17199)
|
CVE-2018-17199
CWE-384
|
CWE-384
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1890)
|
CVE-2009-1890
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1891)
|
CVE-2009-1891
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3192)
|
CVE-2011-3192
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-1333)
|
CVE-2018-1333
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-43622)
|
CVE-2023-43622
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9789)
|
CVE-2017-9789
CWE-416
|
CWE-416
|
High
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9798)
|
CVE-2017-9798
CWE-416
|
CWE-416
|
High
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0211)
|
CVE-2019-0211
CWE-416
|
CWE-416
|
High
|
|
Apache mod_rewrite off-by-one buffer overflow vulnerability
|
CVE-2006-3747
CWE-189
|
CWE-189
|
High
|
|
Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)
|
CVE-2016-8745
|
|
High
|
|
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493)
|
CVE-2002-0493
|
|
High
|
|
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)
|
CVE-2024-38286
CWE-770
|
CWE-770
|
High
|
|
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
|
CVE-2009-3548
|
|
High
|
|
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351)
|
CVE-2015-5351
CWE-352
|
CWE-352
|
High
|
|
Apache Tomcat CVE-2020-0822 Vulnerability (CVE-2020-0822)
|
CVE-2020-0822
|
|
High
|
|
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
|
CVE-2022-29885
|
|
High
|
|
Apache Tomcat CVE-2023-34981 Vulnerability (CVE-2023-34981)
|
CVE-2023-34981
|
|
High
|
|
Apache Tomcat CVE-2023-44487 Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
|
|
High
|
|
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2020-9484)
|
CVE-2020-9484
CWE-502
|
CWE-502
|
High
|
|
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329)
|
CVE-2021-25329
CWE-502
|
CWE-502
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4836)
|
CVE-2005-4836
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747)
|
CVE-2016-8747
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5647)
|
CVE-2017-5647
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12616)
|
CVE-2017-12616
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-17527)
|
CVE-2020-17527
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-25122)
|
CVE-2021-25122
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Improper Access Control Vulnerability (CVE-2016-5388)
|
CVE-2016-5388
CWE-284
|
CWE-284
|
High
|
|
Apache Tomcat Improper Certificate Validation Vulnerability (CVE-2018-8034)
|
CVE-2018-8034
CWE-295
|
CWE-295
|
High
|
|
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2022-45143)
|
CVE-2022-45143
CWE-116
|
CWE-116
|
High
|
|
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)
|
CVE-2017-5664
CWE-755
|
CWE-755
|
High
|
|
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2021-30639)
|
CVE-2021-30639
CWE-755
|
CWE-755
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-2185)
|
CVE-2013-2185
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-1240)
|
CVE-2016-1240
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-3092)
|
CVE-2016-3092
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-6816)
|
CVE-2016-6816
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-7675)
|
CVE-2017-7675
CWE-22
|
CWE-22
|
High
|
|
Apache Tomcat Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-9774)
|
CVE-2016-9774
CWE-59
|
CWE-59
|
High
|
|
Apache Tomcat Improper Locking Vulnerability (CVE-2019-10072)
|
CVE-2019-10072
CWE-667
|
CWE-667
|
High
|
|
Apache Tomcat Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-0232)
|
CVE-2019-0232
CWE-138
|
CWE-138
|
High
|
|
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2017-5650)
|
CVE-2017-5650
CWE-404
|
CWE-404
|
High
|
|
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2022-25762)
|
CVE-2022-25762
CWE-404
|
CWE-404
|
High
|
|
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2002-2272)
|
CVE-2002-2272
CWE-119
|
CWE-119
|
High
|
|
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6817)
|
CVE-2016-6817
CWE-119
|
CWE-119
|
High
|
|
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-13934)
|
CVE-2020-13934
CWE-119
|
CWE-119
|
High
|
|
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-42252)
|
CVE-2022-42252
|
|
High
|
|
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46589)
|
CVE-2023-46589
|
|
High
|
|
Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797)
|
CVE-2016-6797
CWE-863
|
CWE-863
|
High
|
|
Apache Tomcat Incorrect Default Permissions Vulnerability (CVE-2020-8022)
|
CVE-2020-8022
CWE-276
|
CWE-276
|
High
|
|
Apache Tomcat Insufficiently Protected Credentials Vulnerability (CVE-2019-12418)
|
CVE-2019-12418
CWE-522
|
CWE-522
|
High
|
|
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2015-8751)
|
CVE-2015-8751
CWE-190
|
CWE-190
|
High
|
|
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
|
CVE-2018-1336
CWE-835
|
CWE-835
|
High
|
|
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2020-13935)
|
CVE-2020-13935
CWE-835
|
CWE-835
|
High
|
|
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-41079)
|
CVE-2021-41079
CWE-835
|
CWE-835
|
High
|
|
Apache Tomcat Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2021-42340)
|
CVE-2021-42340
CWE-772
|
CWE-772
|
High
|
|
Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709)
|
CVE-2023-28709
CWE-193
|
CWE-193
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2001-1563)
|
CVE-2001-1563
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2002-0682)
|
CVE-2002-0682
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2002-1394)
|
CVE-2002-1394
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2006-7197)
|
CVE-2006-7197
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2015-5346)
|
CVE-2015-5346
|
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3190)
|
CVE-2011-3190
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0050)
|
CVE-2014-0050
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0714)
|
CVE-2016-0714
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9775)
|
CVE-2016-9775
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2014-0230)
|
CVE-2014-0230
|
|
High
|
|
Apache Tomcat Session Fixation Vulnerability (CVE-2019-17563)
|
CVE-2019-17563
CWE-384
|
CWE-384
|
High
|
|
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)
|
CVE-2022-23181
CWE-367
|
CWE-367
|
High
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2019-0199)
|
CVE-2019-0199
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2020-11996)
|
CVE-2020-11996
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615)
|
CVE-2017-12615
CWE-434
|
CWE-434
|
High
|
|
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
|
CVE-2017-12617
CWE-434
|
CWE-434
|
High
|
|
Apache Tomcat version older than 6.0.35
|
CVE-2011-3190
CVE-2011-3375
CVE-2012-0022
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat version older than 6.0.36
|
CVE-2012-2733
CVE-2012-3439
CVE-2012-3546
CVE-2012-4431
CVE-2012-4534
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat version older than 7.0.21
|
CVE-2011-3190
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat version older than 7.0.23
|
CVE-2012-0022
CWE-189
|
CWE-189
|
High
|
|
Apache Tomcat version older than 7.0.28
|
CVE-2012-2733
CVE-2012-4534
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat version older than 7.0.30
|
CVE-2012-3439
CVE-2012-3544
CVE-2012-3546
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
|
CVE-2019-9511
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)
|
CVE-2019-9514
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515)
|
CVE-2019-9515
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
|
CVE-2019-9517
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)
|
CVE-2019-9518
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)
|
CVE-2022-47184
|
|
High
|
|
Apache Traffic Server CVE-2022-47185 Vulnerability (CVE-2022-47185)
|
CVE-2022-47185
|
|
High
|
|
Apache Traffic Server CVE-2023-30631 Vulnerability (CVE-2023-30631)
|
CVE-2023-30631
|
|
High
|
|
Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)
|
CVE-2023-33933
|
|
High
|
|
Apache Traffic Server CVE-2023-41752 Vulnerability (CVE-2023-41752)
|
CVE-2023-41752
|
|
High
|
|
Apache Traffic Server CVE-2023-44487 Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
|
|
High
|
|
Apache Traffic Server CVE-2024-35296 Vulnerability (CVE-2024-35296)
|
CVE-2024-35296
|
|
High
|
|
Apache Traffic Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-11783)
|
CVE-2018-11783
CWE-200
|
CWE-200
|
High
|
|
Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 )
|
CVE-2020-17509
|
|
High
|
|
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161)
|
CVE-2021-38161
CWE-287
|
CWE-287
|
High
|
|
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)
|
CVE-2021-44759
CWE-287
|
CWE-287
|
High
|
|
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749)
|
CVE-2022-32749
CWE-754
|
CWE-754
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5659)
|
CVE-2017-5659
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5660)
|
CVE-2017-5660
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-7671)
|
CVE-2017-7671
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-1318)
|
CVE-2018-1318
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-8022)
|
CVE-2018-8022
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2019-10079)
|
CVE-2019-10079
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32566)
|
CVE-2021-32566
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32567)
|
CVE-2021-32567
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37147)
|
CVE-2021-37147
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37148)
|
CVE-2021-37148
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37149)
|
CVE-2021-37149
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37150)
|
CVE-2021-37150
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-41585)
|
CVE-2021-41585
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-44040)
|
CVE-2021-44040
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-25763)
|
CVE-2022-25763
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129)
|
CVE-2022-28129
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31778)
|
CVE-2022-31778
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31779)
|
CVE-2022-31779
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31780)
|
CVE-2022-31780
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2023-39456)
|
CVE-2023-39456
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-9494)
|
CVE-2020-9494
CWE-119
|
CWE-119
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-38522)
|
CVE-2023-38522
|
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-35161)
|
CVE-2024-35161
|
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-27577)
|
CVE-2021-27577
CWE-444
|
CWE-444
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-32565)
|
CVE-2021-32565
CWE-444
|
CWE-444
|
High
|
|
Apache Traffic Server Memory Disclosure Vulnerability (CVE-2020-17508)
|
CVE-2020-17508
|
|
High
|
|
Apache Traffic Server Other Vulnerability (CVE-2019-9513)
|
CVE-2019-9513
|
|
High
|
|
Apache Traffic Server Remote DOS Attack (CVE-2021-27737)
|
CVE-2021-27737
|
|
High
|
|
Apache Traffic Server Resource Management Errors Vulnerability (CVE-2016-5396)
|
CVE-2016-5396
|
|
High
|
|
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2019-9512)
|
CVE-2019-9512
CWE-400
|
CWE-400
|
High
|
|
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2020-9481)
|
CVE-2020-9481
CWE-400
|
CWE-400
|
High
|
|
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)
|
CVE-2018-1000206
CWE-352
|
CWE-352
|
High
|
|
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
|
CVE-2021-23163
CWE-352
|
CWE-352
|
High
|
|
Artifactory CVE-2020-7931 Vulnerability (CVE-2020-7931)
|
CVE-2020-7931
|
|
High
|
|
Artifactory CVE-2023-42661 Vulnerability (CVE-2023-42661)
|
CVE-2023-42661
|
|
High
|
|
Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)
|
CVE-2022-0573
CWE-502
|
CWE-502
|
High
|
|
Artifactory Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-42509)
|
CVE-2023-42509
CWE-755
|
CWE-755
|
High
|
|
Artifactory Improper Input Validation Vulnerability (CVE-2019-19937)
|
CVE-2019-19937
CWE-20
|
CWE-20
|
High
|
|
Artifactory Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000623)
|
CVE-2018-1000623
CWE-22
|
CWE-22
|
High
|
|
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424)
|
CVE-2018-1000424
CWE-522
|
CWE-522
|
High
|
|
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165)
|
CVE-2020-2165
CWE-522
|
CWE-522
|
High
|
|
ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171)
|
CVE-2018-8171
CWE-287
|
CWE-287
|
High
|
|
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247)
|
CVE-2017-0247
CWE-20
|
CWE-20
|
High
|
|
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249)
|
CVE-2017-0249
CWE-20
|
CWE-20
|
High
|
|
Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505)
|
CVE-2023-22505
|
|
High
|
|
Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508)
|
CVE-2023-22508
|
|
High
|
|
Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683)
|
CVE-2024-21683
|
|
High
|
|
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668)
|
CVE-2016-6668
CWE-200
|
CWE-200
|
High
|
|
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415)
|
CVE-2017-7415
CWE-200
|
CWE-200
|
High
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-22526)
|
CVE-2023-22526
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21672)
|
CVE-2024-21672
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21673)
|
CVE-2024-21673
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21674)
|
CVE-2024-21674
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3394)
|
CVE-2019-3394
CWE-22
|
CWE-22
|
High
|
|
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3398)
|
CVE-2019-3398
CWE-22
|
CWE-22
|
High
|
|
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21677)
|
CVE-2024-21677
CWE-22
|
CWE-22
|
High
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21686)
|
CVE-2024-21686
CWE-707
|
CWE-707
|
High
|
|
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39114)
|
CVE-2021-39114
CWE-138
|
CWE-138
|
High
|
|
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-22522)
|
CVE-2023-22522
CWE-138
|
CWE-138
|
High
|
|
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2019-20406)
|
CVE-2019-20406
CWE-427
|
CWE-427
|
High
|
|
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2021-43940)
|
CVE-2021-43940
CWE-427
|
CWE-427
|
High
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41305)
|
CVE-2021-41305
CWE-639
|
CWE-639
|
High
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41306)
|
CVE-2021-41306
CWE-639
|
CWE-639
|
High
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41307)
|
CVE-2021-41307
CWE-639
|
CWE-639
|
High
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-4319)
|
CVE-2016-4319
CWE-352
|
CWE-352
|
High
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-39124)
|
CVE-2021-39124
CWE-352
|
CWE-352
|
High
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-39126)
|
CVE-2021-39126
CWE-352
|
CWE-352
|
High
|
|
Atlassian Jira CVE-2018-5231 Vulnerability (CVE-2018-5231)
|
CVE-2018-5231
|
|
High
|
|
Atlassian Jira CVE-2019-8442 Vulnerability (CVE-2019-8442)
|
CVE-2019-8442
|
|
High
|
|
Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)
|
CVE-2019-20413
|
|
High
|
|
Atlassian Jira CVE-2019-20898 Vulnerability (CVE-2019-20898)
|
CVE-2019-20898
|
|
High
|
|
Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167)
|
CVE-2020-14167
|
|
High
|
|
Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)
|
CVE-2020-14178
|
|
High
|
|
Atlassian Jira CVE-2021-39123 Vulnerability (CVE-2021-39123)
|
CVE-2021-39123
|
|
High
|
|
Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947)
|
CVE-2021-43947
|
|
High
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-8443)
|
CVE-2019-8443
CWE-287
|
CWE-287
|
High
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070)
|
CVE-2021-26070
CWE-287
|
CWE-287
|
High
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41312)
|
CVE-2021-41312
CWE-287
|
CWE-287
|
High
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113)
|
CVE-2017-18113
CWE-94
|
CWE-94
|
High
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001)
|
CVE-2019-15001
CWE-94
|
CWE-94
|
High
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43944)
|
CVE-2021-43944
CWE-94
|
CWE-94
|
High
|
|
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39128)
|
CVE-2021-39128
CWE-138
|
CWE-138
|
High
|
|
Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113)
|
CVE-2021-39113
CWE-613
|
CWE-613
|
High
|
|
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399)
|
CVE-2019-3399
CWE-862
|
CWE-862
|
High
|
|
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)
|
CVE-2007-6619
CWE-264
|
CWE-264
|
High
|
|
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400)
|
CVE-2019-20400
CWE-427
|
CWE-427
|
High
|
|
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419)
|
CVE-2019-20419
CWE-427
|
CWE-427
|
High
|
|
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583)
|
CVE-2015-1583
CWE-352
|
CWE-352
|
High
|
|
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539)
|
CVE-2016-2539
CWE-352
|
CWE-352
|
High
|
|
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400)
|
CVE-2016-10400
CWE-22
|
CWE-22
|
High
|
|
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)
|
CVE-2019-11446
CWE-434
|
CWE-434
|
High
|
|
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169)
|
CVE-2019-12169
CWE-434
|
CWE-434
|
High
|
|
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)
|
CVE-2019-12170
CWE-434
|
CWE-434
|
High
|
|
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)
|
CVE-2021-43498
CWE-640
|
CWE-640
|
High
|
|
axios Improper Input Validation Vulnerability (CVE-2019-10742)
|
CVE-2019-10742
CWE-20
|
CWE-20
|
High
|
|
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)
|
CVE-2024-39338
CWE-918
|
CWE-918
|
High
|
|
axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749)
|
CVE-2021-3749
CWE-400
|
CWE-400
|
High
|
|
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)
|
CVE-2016-9479
|
|
High
|
|
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480)
|
CVE-2017-5480
CWE-22
|
CWE-22
|
High
|
|
b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242)
|
CVE-2021-28242
CWE-138
|
CWE-138
|
High
|
|
b2evolution Other Vulnerability (CVE-2006-6417)
|
CVE-2006-6417
|
|
High
|
|
b2evolution Other Vulnerability (CVE-2007-2358)
|
CVE-2007-2358
|
|
High
|
|
b2evolution Other Vulnerability (CVE-2007-2681)
|
CVE-2007-2681
|
|
High
|
|
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)
|
CVE-2024-40464
CWE-295
|
CWE-295
|
High
|
|
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116)
|
CVE-2021-27116
CWE-59
|
CWE-59
|
High
|
|
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117)
|
CVE-2021-27117
CWE-59
|
CWE-59
|
High
|
|
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)
|
CVE-2024-40465
CWE-327
|
CWE-327
|
High
|
|
Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037)
|
CVE-2022-34037
CWE-125
|
CWE-125
|
High
|
|
Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379)
|
CVE-2015-8379
CWE-352
|
CWE-352
|
High
|
|
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239)
|
CVE-2020-35239
CWE-352
|
CWE-352
|
High
|
|
CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458)
|
CVE-2019-11458
CWE-502
|
CWE-502
|
High
|
|
CakePHP Improper Input Validation Vulnerability (CVE-2010-4335)
|
CVE-2010-4335
CWE-20
|
CWE-20
|
High
|
|
CakePHP Improper Input Validation Vulnerability (CVE-2016-4793)
|
CVE-2016-4793
CWE-20
|
CWE-20
|
High
|
|
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127)
|
CVE-2020-23127
CWE-352
|
CWE-352
|
High
|
|
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-40662)
|
CVE-2021-40662
CWE-352
|
CWE-352
|
High
|
|
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)
|
CVE-2022-27427
CWE-94
|
CWE-94
|
High
|
|
Chamilo Improper Input Validation Vulnerability (CVE-2012-4030)
|
CVE-2012-4030
CWE-20
|
CWE-20
|
High
|
|
Chamilo Improper Input Validation Vulnerability (CVE-2021-31933)
|
CVE-2021-31933
CWE-20
|
CWE-20
|
High
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35413)
|
CVE-2021-35413
CWE-707
|
CWE-707
|
High
|
|
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4221)
|
CVE-2023-4221
CWE-138
|
CWE-138
|
High
|
|
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4222)
|
CVE-2023-4222
CWE-138
|
CWE-138
|
High
|
|
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20329)
|
CVE-2018-20329
CWE-138
|
CWE-138
|
High
|
|
Chamilo Improper Privilege Management Vulnerability (CVE-2022-27421)
|
CVE-2022-27421
CWE-269
|
CWE-269
|
High
|
|
Chamilo Other Vulnerability (CVE-2023-34962)
|
CVE-2023-34962
|
|
High
|
|
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27426)
|
CVE-2022-27426
CWE-918
|
CWE-918
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407)
|
CVE-2022-40407
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)
|
CVE-2022-42029
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)
|
CVE-2023-4223
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4224)
|
CVE-2023-4224
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225)
|
CVE-2023-4225
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4226)
|
CVE-2023-4226
CWE-434
|
CWE-434
|
High
|
|
Chart.js Improper Input Validation Vulnerability (CVE-2020-7746)
|
CVE-2020-7746
CWE-20
|
CWE-20
|
High
|
|
Check for apache versions up to 1.3.25, 2.0.38
|
CVE-2002-0392
CWE-119
|
CWE-119
|
High
|
|
Cherokee Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20798)
|
CVE-2019-20798
CWE-707
|
CWE-707
|
High
|
|
Cherokee Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-20799)
|
CVE-2019-20799
CWE-119
|
CWE-119
|
High
|
|
Cherokee NULL Pointer Dereference Vulnerability (CVE-2020-12845)
|
CVE-2020-12845
CWE-476
|
CWE-476
|
High
|
|
CherryPy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0252)
|
CVE-2008-0252
CWE-22
|
CWE-22
|
High
|
|
CKEditor Other Vulnerability (CVE-2022-24729)
|
CVE-2022-24729
|
|
High
|
|
Claroline Other Vulnerability (CVE-2005-1375)
|
CVE-2005-1375
|
|
High
|
|
Claroline Other Vulnerability (CVE-2005-1376)
|
CVE-2005-1376
|
|
High
|
|
Claroline Other Vulnerability (CVE-2005-1377)
|
CVE-2005-1377
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-1594)
|
CVE-2006-1594
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-1596)
|
CVE-2006-1596
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-5256)
|
CVE-2006-5256
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-7048)
|
CVE-2006-7048
|
|
High
|
|
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849)
|
CVE-2012-5849
CWE-138
|
CWE-138
|
High
|
|
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643)
|
CVE-2012-6643
CWE-138
|
CWE-138
|
High
|
|
ColdFusion 8 FCKEditor file upload vulnerability
|
CVE-2009-2265
CWE-22
|
CWE-22
|
High
|
|
ColdFusion 9 solr service exposed
|
CVE-2010-0185
CWE-264
|
CWE-264
|
High
|
|
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
|
CVE-2023-26359
CVE-2023-26360
CWE-502
|
CWE-502
|
High
|
|
ColdFusion directory traversal
|
CVE-2010-2861
CWE-22
|
CWE-22
|
High
|
|
ColdFusion User-Agent cross-site scripting
|
CVE-2007-0817
CWE-79
|
CWE-79
|
High
|
|
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4269)
|
CVE-2010-4269
CWE-138
|
CWE-138
|
High
|
|
Collabtive Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2015-0258)
|
CVE-2015-0258
CWE-434
|
CWE-434
|
High
|
|
concrete5 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4724)
|
CVE-2015-4724
CWE-138
|
CWE-138
|
High
|
|
concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13790)
|
CVE-2018-13790
CWE-918
|
CWE-918
|
High
|
|
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11476)
|
CVE-2020-11476
CWE-434
|
CWE-434
|
High
|
|
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986)
|
CVE-2020-24986
CWE-434
|
CWE-434
|
High
|
|
Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10642)
|
CVE-2019-10642
CWE-352
|
CWE-352
|
High
|
|
Contao Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-37626)
|
CVE-2021-37626
CWE-94
|
CWE-94
|
High
|
|
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-10993)
|
CVE-2017-10993
CWE-22
|
CWE-22
|
High
|
|
Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4383)
|
CVE-2012-4383
CWE-138
|
CWE-138
|
High
|
|
Contao Improper Privilege Management Vulnerability (CVE-2021-37627)
|
CVE-2021-37627
CWE-269
|
CWE-269
|
High
|
|
Contao Insufficient Session Expiration Vulnerability (CVE-2024-30262)
|
CVE-2024-30262
CWE-613
|
CWE-613
|
High
|
|
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)
|
CVE-2019-19745
CWE-434
|
CWE-434
|
High
|
|
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-45398)
|
CVE-2024-45398
CWE-434
|
CWE-434
|
High
|
|
Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481)
|
CVE-2008-3481
CWE-94
|
CWE-94
|
High
|
|
Coppermine Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3486)
|
CVE-2008-3486
CWE-22
|
CWE-22
|
High
|
|
Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622)
|
CVE-2024-21622
|
|
High
|
|
Craft CMS Improper Authentication Vulnerability (CVE-2024-41800)
|
CVE-2024-41800
CWE-287
|
CWE-287
|
High
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)
|
CVE-2023-30130
CWE-94
|
CWE-94
|
High
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179)
|
CVE-2023-30179
CWE-94
|
CWE-94
|
High
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-23209)
|
CVE-2025-23209
CWE-94
|
CWE-94
|
High
|
|
Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52291)
|
CVE-2024-52291
CWE-22
|
CWE-22
|
High
|
|
Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52293)
|
CVE-2024-52293
CWE-22
|
CWE-22
|
High
|
|
Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)
|
CVE-2021-41824
CWE-1236
|
CWE-1236
|
High
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757)
|
CVE-2020-9757
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679)
|
CVE-2023-32679
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36260)
|
CVE-2023-36260
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-40035)
|
CVE-2023-40035
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2018-20465)
|
CVE-2018-20465
CWE-311
|
CWE-311
|
High
|
|
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2022-37783)
|
CVE-2022-37783
CWE-311
|
CWE-311
|
High
|
|
Craft CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-3814)
|
CVE-2018-3814
CWE-434
|
CWE-434
|
High
|
|
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-29933)
|
CVE-2022-29933
CWE-640
|
CWE-640
|
High
|
|
CubeCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-38130)
|
CVE-2023-38130
CWE-352
|
CWE-352
|
High
|
|
CubeCart Improper Input Validation Vulnerability (CVE-2013-1465)
|
CVE-2013-1465
CWE-20
|
CWE-20
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-47675)
|
CVE-2023-47675
CWE-138
|
CWE-138
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4060)
|
CVE-2009-4060
CWE-138
|
CWE-138
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1931)
|
CVE-2010-1931
CWE-138
|
CWE-138
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4903)
|
CVE-2010-4903
CWE-138
|
CWE-138
|
High
|
|
CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)
|
CVE-2009-3904
CWE-264
|
CWE-264
|
High
|
|
D3.js Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16044)
|
CVE-2017-16044
CWE-200
|
CWE-200
|
High
|
|
DataTables Prototype Pollution Vulnerability (CVE-2020-28458)
|
CVE-2020-28458
|
|
High
|
|
Django 7PK - Security Features Vulnerability (CVE-2016-7401)
|
CVE-2016-7401
|
|
High
|
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-6975)
|
CVE-2019-6975
CWE-770
|
CWE-770
|
High
|
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-23969)
|
CVE-2023-23969
CWE-770
|
CWE-770
|
High
|
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-46695)
|
CVE-2023-46695
CWE-770
|
CWE-770
|
High
|
|
Django CVE-2024-24680 Vulnerability (CVE-2024-24680)
|
CVE-2024-24680
|
|
High
|
|
Django CVE-2024-41989 Vulnerability (CVE-2024-41989)
|
CVE-2024-41989
|
|
High
|
|
Django CVE-2024-41990 Vulnerability (CVE-2024-41990)
|
CVE-2024-41990
|
|
High
|
|
Django CVE-2024-45230 Vulnerability (CVE-2024-45230)
|
CVE-2024-45230
|
|
High
|
|
Django Download of Code Without Integrity Check Vulnerability (CVE-2022-36359)
|
CVE-2022-36359
CWE-494
|
CWE-494
|
High
|
|
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
|
CVE-2021-45116
CWE-668
|
CWE-668
|
High
|
|
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-6188)
|
CVE-2018-6188
CWE-200
|
CWE-200
|
High
|
|
Django Improper Authentication Vulnerability (CVE-2021-44420)
|
CVE-2021-44420
CWE-287
|
CWE-287
|
High
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2011-0698)
|
CVE-2011-0698
CWE-22
|
CWE-22
|
High
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-33203)
|
CVE-2021-33203
CWE-22
|
CWE-22
|
High
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2512)
|
CVE-2016-2512
CWE-707
|
CWE-707
|
High
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-9402)
|
CVE-2020-9402
CWE-138
|
CWE-138
|
High
|
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-41164)
|
CVE-2023-41164
CWE-1284
|
CWE-1284
|
High
|
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-43665)
|
CVE-2023-43665
CWE-1284
|
CWE-1284
|
High
|
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2024-41991)
|
CVE-2024-41991
CWE-1284
|
CWE-1284
|
High
|
|
Django Incorrect Default Permissions Vulnerability (CVE-2020-24583)
|
CVE-2020-24583
CWE-276
|
CWE-276
|
High
|
|
Django Incorrect Default Permissions Vulnerability (CVE-2020-24584)
|
CVE-2020-24584
CWE-276
|
CWE-276
|
High
|
|
Django Inefficient Regular Expression Complexity Vulnerability (CVE-2023-36053)
|
CVE-2023-36053
CWE-1333
|
CWE-1333
|
High
|
|
Django Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23833)
|
CVE-2022-23833
CWE-835
|
CWE-835
|
High
|
|
Django Other Vulnerability (CVE-2022-41323)
|
CVE-2022-41323
|
|
High
|
|
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
|
CVE-2016-9014
CWE-264
|
CWE-264
|
High
|
|
Django Resource Management Errors Vulnerability (CVE-2015-5143)
|
CVE-2015-5143
|
|
High
|
|
Django Resource Management Errors Vulnerability (CVE-2015-5145)
|
CVE-2015-5145
|
|
High
|
|
Django Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33571)
|
CVE-2021-33571
CWE-918
|
CWE-918
|
High
|
|
Django Uncontrolled Recursion Vulnerability (CVE-2019-14235)
|
CVE-2019-14235
CWE-674
|
CWE-674
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14232)
|
CVE-2019-14232
CWE-400
|
CWE-400
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14233)
|
CVE-2019-14233
CWE-400
|
CWE-400
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2021-45115)
|
CVE-2021-45115
CWE-400
|
CWE-400
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)
|
CVE-2023-24580
CWE-400
|
CWE-400
|
High
|
|
Django Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-31542)
|
CVE-2021-31542
CWE-434
|
CWE-434
|
High
|
|
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
|
CVE-2020-5258
CWE-1321
|
CWE-1321
|
High
|
|
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1010054)
|
CVE-2019-1010054
CWE-352
|
CWE-352
|
High
|
|
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11825)
|
CVE-2020-11825
CWE-352
|
CWE-352
|
High
|
|
Dolibarr CVE-2019-11200 Vulnerability (CVE-2019-11200)
|
CVE-2019-11200
|
|
High
|
|
Dolibarr CVE-2023-38886 Vulnerability (CVE-2023-38886)
|
CVE-2023-38886
|
|
High
|
|
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-14240)
|
CVE-2017-14240
CWE-200
|
CWE-200
|
High
|
|
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-17898)
|
CVE-2017-17898
CWE-200
|
CWE-200
|
High
|
|
Dolibarr Files or Directories Accessible to External Parties Vulnerability (CVE-2023-33568)
|
CVE-2023-33568
CWE-552
|
CWE-552
|
High
|
|
Dolibarr Improper Authentication Vulnerability (CVE-2021-25956)
|
CVE-2021-25956
CWE-287
|
CWE-287
|
High
|
|
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-11201)
|
CVE-2019-11201
CWE-94
|
CWE-94
|
High
|
|
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-0819)
|
CVE-2022-0819
CWE-94
|
CWE-94
|
High
|
|
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-29477)
|
CVE-2024-29477
CWE-94
|
CWE-94
|
High
|
|
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-4197)
|
CVE-2023-4197
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-35136)
|
CVE-2020-35136
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-30253)
|
CVE-2023-30253
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1225)
|
CVE-2012-1225
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9839)
|
CVE-2017-9839
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-18260)
|
CVE-2017-18260
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19994)
|
CVE-2018-19994
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19998)
|
CVE-2018-19998
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)
|
CVE-2019-19209
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14443)
|
CVE-2020-14443
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36625)
|
CVE-2021-36625
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)
|
CVE-2020-12669
CWE-863
|
CWE-863
|
High
|
|
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-37517)
|
CVE-2021-37517
CWE-863
|
CWE-863
|
High
|
|
Dolibarr Missing Authorization Vulnerability (CVE-2018-10092)
|
CVE-2018-10092
CWE-862
|
CWE-862
|
High
|
|
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)
|
CVE-2017-9840
CWE-434
|
CWE-434
|
High
|
|
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-14209)
|
CVE-2020-14209
CWE-434
|
CWE-434
|
High
|
|
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-38887)
|
CVE-2023-38887
CWE-434
|
CWE-434
|
High
|
|
Dolibarr Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-25957)
|
CVE-2021-25957
CWE-640
|
CWE-640
|
High
|
|
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3638)
|
CVE-2013-3638
CWE-138
|
CWE-138
|
High
|
|
Dotclear Improper Access Control Vulnerability (CVE-2015-8832)
|
CVE-2015-8832
CWE-284
|
CWE-284
|
High
|
|
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-1613)
|
CVE-2014-1613
CWE-94
|
CWE-94
|
High
|
|
Dotclear Other Vulnerability (CVE-2005-3963)
|
CVE-2005-3963
|
|
High
|
|
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5083)
|
CVE-2011-5083
CWE-264
|
CWE-264
|
High
|
|
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)
|
CVE-2016-7902
CWE-434
|
CWE-434
|
High
|
|
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)
|
CVE-2016-9268
CWE-434
|
CWE-434
|
High
|
|
Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-3187)
|
CVE-2017-3187
CWE-352
|
CWE-352
|
High
|
|
Dot CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-18875)
|
CVE-2020-18875
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-4040)
|
CVE-2016-4040
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8903)
|
CVE-2016-8903
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)
|
CVE-2016-8904
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)
|
CVE-2016-8905
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8906)
|
CVE-2016-8906
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8907)
|
CVE-2016-8907
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8908)
|
CVE-2016-8908
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10007)
|
CVE-2016-10007
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10008)
|
CVE-2016-10008
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12872)
|
CVE-2019-12872
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-27848)
|
CVE-2020-27848
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Other Vulnerability (CVE-2016-4803)
|
CVE-2016-4803
|
|
High
|
|
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600)
|
CVE-2016-8600
CWE-264
|
CWE-264
|
High
|
|
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-3189)
|
CVE-2017-3189
CWE-434
|
CWE-434
|
High
|
|
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466)
|
CVE-2017-11466
CWE-434
|
CWE-434
|
High
|
|
Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-45782)
|
CVE-2022-45782
CWE-338
|
CWE-338
|
High
|
|
Drupal 7PK - Security Features Vulnerability (CVE-2016-3163)
|
CVE-2016-3163
|
|
High
|
|
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1)
|
CVE-2005-0682
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5)
|
CVE-2005-3973
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7)
|
CVE-2006-1226
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.5.x Mail Header Injection (4.5.0 - 4.5.7)
|
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.5.x Multiple Vulnerabilities (4.5.0 - 4.5.5)
|
CWE-79
CWE-113
|
CWE-79
CWE-113
|
High
|
|
Drupal Core 4.5.x Security Bypass (4.5.0 - 4.5.7)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 4.5.x Session Fixation (4.5.0 - 4.5.7)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6)
|
CVE-2006-2743
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7)
|
CVE-2006-2831
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 - 4.6.9)
|
CVE-2006-5476
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3)
|
CVE-2005-3973
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5)
|
CVE-2006-1226
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7)
|
CVE-2006-2833
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8)
|
CVE-2006-4002
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.10)
|
CVE-2007-0136
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10)
|
CVE-2007-0124
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9)
|
CVE-2006-5477
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5)
|
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.6.x Multiple Cross-Site Scripting Vulnerabilities (4.6.0 - 4.6.9)
|
CVE-2006-5475
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Multiple Vulnerabilities (4.6.0 - 4.6.3)
|
CWE-79
CWE-113
|
CWE-79
CWE-113
|
High
|
|
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3)
|
CVE-2005-3974
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.5)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 4.6.x Session Fixation (4.6.0 - 4.6.5)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6)
|
CVE-2006-2742
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5)
|
CVE-2007-0626
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0)
|
CVE-2006-2743
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.3)
|
CVE-2006-5476
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.10)
|
CVE-2008-0272
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1)
|
CVE-2006-2833
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2)
|
CVE-2006-4002
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4)
|
CVE-2007-0136
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7)
|
CVE-2007-5596
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10)
|
CVE-2008-0274
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4)
|
CVE-2007-0124
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3)
|
CVE-2006-5477
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.7.x HTTP Response Splitting (4.7.0 - 4.7.7)
|
CVE-2007-5595
CWE-113
|
CWE-113
|
High
|
|
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.3)
|
CVE-2006-5475
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.6)
|
CVE-2007-4064
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Multiple Vulnerabilities (4.7.0 - 4.7.1)
|
CVE-2006-2831
CVE-2006-2832
CWE-79
CWE-95
|
CWE-79
CWE-95
|
High
|
|
Drupal Core 4.7.x Security Bypass (4.7.0 - 4.7.7)
|
CVE-2007-5597
CWE-702
|
CWE-702
|
High
|
|
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8)
|
CVE-2007-6299
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 4.7.x SQL Injection (4.7.0)
|
CVE-2006-2742
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2)
|
CVE-2007-5593
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 5.x Arbitrary Code Execution (5.0)
|
CVE-2007-0626
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.2)
|
CVE-2007-5594
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.5)
|
CVE-2008-0272
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.2)
|
CVE-2007-5596
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5)
|
CVE-2008-0273
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.16)
|
CVE-2009-1575
CVE-2009-1576
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.17)
|
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.20)
|
CVE-2009-4369
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x HTTP Response Splitting (5.0 - 5.2)
|
CVE-2007-5595
CWE-113
|
CWE-113
|
High
|
|
Drupal Core 5.x Information Disclosure (5.0 - 5.18)
|
CVE-2009-2374
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 5.x Local File Inclusion (5.0 - 5.11)
|
CVE-2008-6171
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 5.x Local File Inclusion (5.0 - 5.15)
|
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 5.x Multiple Cross-Site Request Forgery Vulnerabilities (5.0 - 5.1)
|
CVE-2007-4063
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 5.x Multiple Cross-Site Scripting Vulnerabilities (5.0 - 5.1)
|
CVE-2007-4064
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.10)
|
CVE-2008-4790
CVE-2008-4791
CVE-2008-4792
CVE-2008-4793
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.22)
|
CVE-2010-3092
CVE-2010-3093
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.7)
|
CVE-2008-3219
CVE-2008-3220
CVE-2008-3222
CWE-352
CWE-384
|
CWE-352
CWE-384
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.9)
|
CVE-2008-3740
CVE-2008-3741
CVE-2008-3742
CVE-2008-3744
CWE-79
CWE-352
CWE-434
|
CWE-79
CWE-352
CWE-434
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.12)
|
CVE-2008-6532
CVE-2008-6533
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.21)
|
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
Drupal Core 5.x Security Bypass (5.0 - 5.2)
|
CVE-2007-5597
CWE-702
|
CWE-702
|
High
|
|
Drupal Core 5.x Session Fixation (5.0 - 5.8)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 5.x Session Fixation (5.0 - 5.19)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 5.x SQL Injection (5.0 - 5.3)
|
CVE-2007-6299
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 5.x SQL Injection (5.0 - 5.14)
|
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.10)
|
CVE-2009-1575
CVE-2009-1576
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11)
|
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Denial of Service (6.0 - 6.32)
|
CVE-2014-5265
CVE-2014-5266
CVE-2014-5267
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 6.x Information Disclosure (6.0 - 6.30)
|
CVE-2014-2983
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 6.x Local File Inclusion (6.0 - 6.9)
|
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.14)
|
CVE-2009-4369
CVE-2009-4370
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.20)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0)
|
CVE-2008-1131
CVE-2008-1133
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Security Bypass Vulnerabilities (6.0 - 6.4)
|
CVE-2008-4789
CVE-2008-4791
CVE-2008-4792
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.2)
|
CVE-2008-3218
CVE-2008-3219
CVE-2008-3220
CVE-2008-3221
CVE-2008-3222
CVE-2008-3223
CWE-79
CWE-89
CWE-352
CWE-384
|
CWE-79
CWE-89
CWE-352
CWE-384
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.3)
|
CVE-2008-3740
CVE-2008-3741
CVE-2008-3742
CVE-2008-3743
CVE-2008-3744
CVE-2008-3745
CWE-79
CWE-264
CWE-352
CWE-434
|
CWE-79
CWE-264
CWE-352
CWE-434
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.5)
|
CVE-2008-6170
CVE-2008-6171
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.6)
|
CVE-2008-6532
CVE-2008-6533
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.8)
|
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.12)
|
CVE-2009-2372
CVE-2009-2373
CVE-2009-2374
CWE-79
CWE-200
CWE-264
|
CWE-79
CWE-200
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.13)
|
CWE-264
CWE-352
CWE-434
|
CWE-264
CWE-352
CWE-434
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.15)
|
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.17)
|
CVE-2010-3091
CVE-2010-3092
CVE-2010-3093
CVE-2010-3094
CVE-2010-3685
CVE-2010-3686
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.22)
|
CVE-2012-0825
CVE-2012-0826
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.26)
|
CVE-2012-5651
CVE-2012-5652
CVE-2012-5653
CWE-95
CWE-264
|
CWE-95
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.27)
|
CVE-2013-0244
CVE-2013-0245
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.28)
|
CVE-2013-6385
CVE-2013-6386
CWE-95
CWE-264
CWE-330
|
CWE-95
CWE-264
CWE-330
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.31)
|
CVE-2014-5019
CVE-2014-5021
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.34)
|
CVE-2015-2559
CVE-2015-2749
CVE-2015-2750
CWE-264
CWE-601
|
CWE-264
CWE-601
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.36)
|
CVE-2015-6658
CVE-2015-6660
CVE-2015-6661
CWE-79
CWE-200
CWE-352
|
CWE-79
CWE-200
CWE-352
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.37)
|
CVE-2016-3163
CVE-2016-3164
CVE-2016-3165
CVE-2016-3166
CVE-2016-3167
CVE-2016-3168
CVE-2016-3169
CVE-2016-3171
CWE-113
CWE-287
CWE-405
CWE-601
|
CWE-113
CWE-287
CWE-405
CWE-601
|
High
|
|
Drupal Core 6.x Remote Code Execution (6.0 - 6.38)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 6.x Security Bypass (6.0 - 6.1)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 6.x Security Bypass (6.0 - 6.29)
|
CVE-2014-1475
CWE-287
|
CWE-287
|
High
|
|
Drupal Core 6.x Security Bypass (6.0 - 6.35)
|
CVE-2015-3234
CWE-287
|
CWE-287
|
High
|
|
Drupal Core 6.x Session Hijacking (6.0 - 6.33)
|
CVE-2014-9015
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 7.x Arbitrary File Overwrite (7.0 - 7.77)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 7.x Cross-Site Request Forgery (7.0 - 7.12)
|
CVE-2007-6752
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 7.x Cross-Site Request Forgery (7.0 - 7.71)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.64)
|
CVE-2019-6341
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.65)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.69)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.72)
|
CVE-2020-13666
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.79)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Denial of Service (7.0 - 7.19)
|
CVE-2013-0316
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 7.x Denial of Service (7.0 - 7.30)
|
CVE-2014-5265
CVE-2014-5266
CVE-2014-5267
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 7.x Directory Traversal (7.0 - 7.66)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 7.x Directory Traversal (7.0 - 7.81)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 7.x Information Disclosure (7.0 - 7.14)
|
CVE-2012-2922
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 7.x Information Disclosure (7.0 - 7.26)
|
CVE-2014-2983
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 7.x Multiple Cross-Site Scripting Vulnerabilities (7.0 - 7.85)
|
CVE-2010-5312
CVE-2016-7103
CVE-2021-41182
CVE-2021-41183
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Multiple Security Bypass Vulnerabilities (7.0 - 7.25)
|
CVE-2014-1475
CVE-2014-1476
CWE-264
CWE-287
|
CWE-264
CWE-287
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.10)
|
CVE-2012-0825
CVE-2012-0826
CVE-2012-0827
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.12)
|
CVE-2012-1588
CVE-2012-1589
CVE-2012-1590
CVE-2012-1591
CVE-2012-2153
CWE-264
CWE-400
CWE-601
|
CWE-264
CWE-400
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.15)
|
CVE-2012-4553
CVE-2012-4554
CWE-95
CWE-538
|
CWE-95
CWE-538
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.17)
|
CVE-2012-5651
CVE-2012-5653
CWE-95
CWE-264
|
CWE-95
CWE-264
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.18)
|
CVE-2013-0244
CVE-2013-0245
CVE-2013-0246
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.23)
|
CVE-2013-6385
CVE-2013-6386
CVE-2013-6387
CVE-2013-6388
CVE-2013-6389
CWE-79
CWE-95
CWE-264
CWE-330
CWE-601
|
CWE-79
CWE-95
CWE-264
CWE-330
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.28)
|
CVE-2014-5019
CVE-2014-5020
CVE-2014-5021
CVE-2014-5022
CWE-79
CWE-264
CWE-400
|
CWE-79
CWE-264
CWE-400
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.33)
|
CVE-2014-9015
CVE-2014-9016
CWE-384
CWE-400
|
CWE-384
CWE-400
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.34)
|
CVE-2015-2559
CVE-2015-2749
CVE-2015-2750
CWE-264
CWE-601
|
CWE-264
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.37)
|
CVE-2015-3231
CVE-2015-3232
CVE-2015-3233
CVE-2015-3234
CWE-200
CWE-287
CWE-601
|
CWE-200
CWE-287
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.38)
|
CVE-2015-6658
CVE-2015-6659
CVE-2015-6660
CVE-2015-6661
CVE-2015-6665
CWE-79
CWE-89
CWE-200
CWE-352
|
CWE-79
CWE-89
CWE-200
CWE-352
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.42)
|
CVE-2016-3162
CVE-2016-3163
CVE-2016-3164
CVE-2016-3168
CVE-2016-3169
CVE-2016-3170
CWE-200
CWE-287
CWE-400
CWE-405
CWE-601
|
CWE-200
CWE-287
CWE-400
CWE-405
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.51)
|
CVE-2016-9449
CVE-2016-9451
CWE-200
CWE-601
|
CWE-200
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.56)
|
CVE-2017-6927
CVE-2017-6928
CVE-2017-6929
CVE-2017-6932
CWE-79
CWE-264
CWE-610
|
CWE-79
CWE-264
CWE-610
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.59)
|
CWE-94
CWE-601
|
CWE-94
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.61)
|
CVE-2018-1000888
CVE-2019-6339
CWE-94
CWE-915
|
CWE-94
CWE-915
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 7.x Open Redirect (7.0 - 7.40)
|
CVE-2015-7943
CWE-601
|
CWE-601
|
High
|
|
Drupal Core 7.x Open Redirect (7.0 - 7.69)
|
CVE-2020-13662
CWE-601
|
CWE-601
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.57)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.58)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.73)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.74)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.2)
|
CVE-2011-2687
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.4)
|
CVE-2011-2726
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.43)
|
CVE-2016-6211
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.55)
|
CVE-2017-6922
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.68)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.87)
|
CVE-2022-25271
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.90)
|
CVE-2022-25275
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x SQL Injection (7.0 - 7.31)
|
CVE-2014-3704
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 8.0.x Multiple Vulnerabilities (8.0.0 - 8.0.3)
|
CVE-2016-3162
CVE-2016-3164
CVE-2016-3170
CWE-200
CWE-287
CWE-400
CWE-601
|
CWE-200
CWE-287
CWE-400
CWE-601
|
High
|
|
Drupal Core 8.3.0 Security Bypass (8.3.0)
|
CVE-2017-6919
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.5)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.7)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.0 Remote Code Execution (8.5.0)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.13)
|
CVE-2019-6341
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.14)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.7)
|
CWE-94
CWE-264
CWE-601
|
CWE-94
CWE-264
CWE-601
|
High
|
|
Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.8)
|
CVE-2018-1000888
CVE-2019-6339
CWE-94
CWE-915
|
CWE-94
CWE-915
|
High
|
|
Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.14)
|
CVE-2019-10909
CVE-2019-10910
CVE-2019-10911
CWE-79
CWE-94
CWE-264
|
CWE-79
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.10)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.6.x Cross-Site Scripting (8.6.0 - 8.6.12)
|
CVE-2019-6341
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.6.x Cross-Site Scripting (8.6.0 - 8.6.14)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.6.x Directory Traversal (8.6.0 - 8.6.15)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.1)
|
CWE-94
CWE-264
CWE-601
|
CWE-94
CWE-264
CWE-601
|
High
|
|
Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.5)
|
CVE-2018-1000888
CVE-2019-6339
CWE-94
CWE-915
|
CWE-94
CWE-915
|
High
|
|
Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.14)
|
CVE-2019-10909
CVE-2019-10910
CVE-2019-10911
CWE-79
CWE-94
CWE-264
|
CWE-79
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.7.0 Directory Traversal (8.7.0)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.7.4 Security Bypass (8.7.4)
|
CVE-2019-6342
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.7.x Cross-Site Scripting (8.7.0 - 8.7.11)
|
CVE-2020-9281
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.7.x Cross-Site Scripting (8.7.0 - 8.7.13)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10)
|
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 8.7.x Security Bypass (8.7.0 - 8.7.10)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.8.0 Denial of Service (8.8.0)
|
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 8.8.0 Security Bypass (8.8.0)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.8.x Arbitrary File Overwrite (8.8.0 - 8.8.12)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 8.8.x Cross-Site Request Forgery (8.8.0 - 8.8.7)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.8.x Cross-Site Scripting (8.8.0 - 8.8.3)
|
CVE-2020-9281
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.8.x Cross-Site Scripting (8.8.0 - 8.8.5)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.8.x Information Disclosure (8.8.0 - 8.8.9)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 8.8.x Multiple Cross-Site Scripting Vulnerabilities (8.8.0 - 8.8.9)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.7)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.10)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.11)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.8.x Security Bypass (8.8.0 - 8.8.7)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.8.x Security Bypass (8.8.0 - 8.8.9)
|
CVE-2020-13667
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.9.0 Cross-Site Request Forgery (8.9.0)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.9.0 Remote Code Execution (8.9.0)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.9.0 Security Bypass (8.9.0)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.9.x Arbitrary File Overwrite (8.9.0 - 8.9.12)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 8.9.x Cross-Site Request Forgery (8.9.0 - 8.9.18)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.13)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.15)
|
CVE-2021-33829
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.17)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.19)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Directory Traversal (8.9.0 - 8.9.16)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.9.x Information Disclosure (8.9.0 - 8.9.5)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 8.9.x Multiple Cross-Site Scripting Vulnerabilities (8.9.0 - 8.9.5)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Multiple Security Bypass Vulnerabilities (8.9.0 - 8.9.18)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.8)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.9)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.9.x Security Bypass (8.9.0 - 8.9.5)
|
CVE-2020-13667
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x.x Arbitrary File Overwrite (8.0.0 - 8.7.14)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 8.x.x Cross-Site Request Forgery (8.0.0 - 8.7.14)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.x.x Cross-Site Request Forgery (8.0.0 - 8.8.12)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.4.6)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.4.8)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.6.18)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.8.12)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18)
|
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 8.x.x Directory Traversal (8.0.0 - 8.5.15)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.x.x Directory Traversal (8.0.0 - 8.8.12)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.x.x Information Disclosure (8.0.0 - 8.7.14)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 8.x.x Multiple Cross-Site Scripting Vulnerabilities (8.0.0 - 8.7.14)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Multiple Security Bypass Vulnerabilities (8.0.0 - 8.8.12)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 8.x.x Multiple Vulnerabilities (8.0.0 - 8.4.8)
|
CVE-2019-10909
CVE-2019-10910
CVE-2019-10911
CWE-79
CWE-94
CWE-264
|
CWE-79
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.3.8)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.4.8)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Security Bypass (8.0.0 - 8.6.18)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x.x Security Bypass (8.0.0 - 8.7.14)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Security Bypass Vulnerabilities (8.0.0 - 8.3.6)
|
CVE-2017-6923
CVE-2017-6924
CVE-2017-6925
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.1.9)
|
CVE-2016-7570
CVE-2016-7571
CVE-2016-7572
CWE-79
CWE-200
CWE-264
|
CWE-79
CWE-200
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.2.2)
|
CVE-2016-9449
CVE-2016-9450
CVE-2016-9452
CWE-200
CWE-400
|
CWE-200
CWE-400
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.2.6)
|
CVE-2017-6377
CVE-2017-6379
CVE-2017-6381
CWE-94
CWE-264
CWE-352
|
CWE-94
CWE-264
CWE-352
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.3.3)
|
CVE-2017-6920
CVE-2017-6921
CVE-2017-6922
CWE-94
CWE-264
|
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.4.4)
|
CVE-2017-6926
CVE-2017-6927
CVE-2017-6930
CVE-2017-6931
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.1.2)
|
CVE-2016-6212
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.1.6)
|
CVE-2016-5385
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.2.7)
|
CVE-2017-6919
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.5.5)
|
CVE-2018-14773
CWE-749
|
CWE-749
|
High
|
|
Drupal Core 9.0.0 Cross-Site Request Forgery (9.0.0)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.0.0 Remote Code Execution (9.0.0)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 9.0.0 Security Bypass (9.0.0)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.0.x Arbitrary File Overwrite (9.0.0 - 9.0.10)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 9.0.x Cross-Site Request Forgery (9.0.0 - 9.0.14)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.11)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.13)
|
CVE-2021-33829
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.14)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Directory Traversal (9.0.0 - 9.0.14)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 9.0.x Information Disclosure (9.0.0 - 9.0.5)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 9.0.x Multiple Cross-Site Scripting Vulnerabilities (9.0.0 - 9.0.5)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Multiple Security Bypass Vulnerabilities (9.0.0 - 9.0.14)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.7)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.8)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.0.x Security Bypass (9.0.0 - 9.0.5)
|
CVE-2020-13667
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.1.x Arbitrary File Overwrite (9.1.0 - 9.1.2)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 9.1.x Cross-Site Request Forgery (9.1.0 - 9.1.12)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.6)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.8)
|
CVE-2021-33829
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.11)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.13)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Directory Traversal (9.1.0 - 9.1.10)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 9.1.x Multiple Security Bypass Vulnerabilities (9.1.0 - 9.1.12)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.2.x Cross-Site Request Forgery (9.2.0 - 9.2.5)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.10)
|
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.2.x Directory Traversal (9.2.0 - 9.2.1)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 9.2.x Multiple Security Bypass Vulnerabilities (9.2.0 - 9.2.5)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.2.x Multiple Vulnerabilities (9.2.0 - 9.2.14)
|
CVE-2022-24728
CVE-2022-24729
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.12)
|
CVE-2022-25270
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.15)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.17)
|
CVE-2022-25273
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.19)
|
CVE-2022-29248
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.20)
|
CVE-2022-31042
CVE-2022-31043
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.2)
|
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.18)
|
CVE-2022-25276
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.3.x Multiple Vulnerabilities (9.3.0 - 9.3.7)
|
CVE-2022-24728
CVE-2022-24729
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.5)
|
CVE-2022-25271
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.8)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.11)
|
CVE-2022-25274
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.13)
|
CVE-2022-29248
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.15)
|
CVE-2022-31042
CVE-2022-31043
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.18)
|
CVE-2022-25278
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.4.x Cross-Site Scripting (9.4.0 - 9.4.2)
|
CVE-2022-25276
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.4.x Remote Code Execution (9.4.0 - 9.4.2)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.4.x Security Bypass (9.4.0 - 9.4.2)
|
CVE-2022-25275
CWE-264
|
CWE-264
|
High
|
|
Drupal Core Cross-Site Scripting (8.0.0 - 9.1.15)
|
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core Cross-Site Scripting (8.0.0 - 9.2.21)
|
CVE-2022-25276
CWE-79
|
CWE-79
|
High
|
|
Drupal Core Multiple Vulnerabilities (8.0.0 - 9.1.15)
|
CVE-2022-24728
CVE-2022-24729
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core Remote Code Execution (8.0.0 - 9.2.21)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core Security Bypass (8.0.0 - 9.1.15)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Core Security Bypass (8.0.0 - 9.2.21)
|
CVE-2022-25275
CWE-264
|
CWE-264
|
High
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-6379)
|
CVE-2017-6379
CWE-352
|
CWE-352
|
High
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13663)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal CVE-2008-4793 Vulnerability (CVE-2008-4793)
|
CVE-2008-4793
|
|
High
|
|
Drupal CVE-2014-1475 Vulnerability (CVE-2014-1475)
|
CVE-2014-1475
|
|
High
|
|
Drupal CVE-2017-6919 Vulnerability (CVE-2017-6919)
|
CVE-2017-6919
|
|
High
|
|
Drupal CVE-2017-6930 Vulnerability (CVE-2017-6930)
|
CVE-2017-6930
|
|
High
|
|
Drupal CVE-2020-28949 Vulnerability (CVE-2020-28949)
|
CVE-2020-28949
|
|
High
|
|
Drupal Data Processing Errors Vulnerability (CVE-2016-3171)
|
CVE-2016-3171
|
|
High
|
|
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338)
|
CVE-2019-6338
CWE-502
|
CWE-502
|
High
|
|
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6340)
|
CVE-2019-6340
CWE-502
|
CWE-502
|
High
|
|
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2020-28948)
|
CVE-2020-28948
CWE-502
|
CWE-502
|
High
|
|
Drupal Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-13670)
|
CVE-2020-13670
CWE-668
|
CWE-668
|
High
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6926)
|
CVE-2017-6926
CWE-200
|
CWE-200
|
High
|
|
Drupal Improper Access Control Vulnerability (CVE-2016-3162)
|
CVE-2016-3162
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Access Control Vulnerability (CVE-2016-3165)
|
CVE-2016-3165
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Access Control Vulnerability (CVE-2016-5385)
|
CVE-2016-5385
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Access Control Vulnerability (CVE-2020-13677)
|
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Authentication Vulnerability (CVE-2019-10911)
|
CVE-2019-10911
CWE-287
|
CWE-287
|
High
|
|
Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-1921)
|
CVE-2005-1921
CWE-94
|
CWE-94
|
High
|
|
Drupal Improper Input Validation Vulnerability (CVE-2007-6299)
|
CVE-2007-6299
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Input Validation Vulnerability (CVE-2022-24775)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Input Validation Vulnerability (CVE-2022-25271)
|
CVE-2022-25271
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Input Validation Vulnerability (CVE-2022-25273)
|
CVE-2022-25273
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-39261)
|
CVE-2022-39261
CWE-22
|
CWE-22
|
High
|
|
Drupal Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2020-36193)
|
CVE-2020-36193
CWE-59
|
CWE-59
|
High
|
|
Drupal Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-13664)
|
CVE-2020-13664
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2999)
|
CVE-2008-2999
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3223)
|
CVE-2008-3223
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3704)
|
CVE-2014-3704
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659)
|
CVE-2015-6659
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Privilege Management Vulnerability (CVE-2017-6924)
|
CVE-2017-6924
CWE-269
|
CWE-269
|
High
|
|
Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)
|
CVE-2017-6381
CWE-829
|
CWE-829
|
High
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)
|
CVE-2011-2726
CWE-863
|
CWE-863
|
High
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2017-6377)
|
CVE-2017-6377
CWE-863
|
CWE-863
|
High
|
|
Drupal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-24729)
|
CVE-2022-24729
CWE-1333
|
CWE-1333
|
High
|
|
Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450)
|
CVE-2016-9450
CWE-345
|
CWE-345
|
High
|
|
Drupal Other Vulnerability (CVE-2005-1871)
|
CVE-2005-1871
|
|
High
|
|
Drupal Other Vulnerability (CVE-2006-2742)
|
CVE-2006-2742
|
|
High
|
|
Drupal Other Vulnerability (CVE-2006-2831)
|
CVE-2006-2831
|
|
High
|
|
Drupal Other Vulnerability (CVE-2006-5476)
|
CVE-2006-5476
|
|
High
|
|
Drupal Other Vulnerability (CVE-2016-3164)
|
CVE-2016-3164
|
|
High
|
|
Drupal Other Vulnerability (CVE-2016-3167)
|
CVE-2016-3167
|
|
High
|
|
Drupal Other Vulnerability (CVE-2022-25275)
|
CVE-2022-25275
|
|
High
|
|
Drupal Other Vulnerability (CVE-2024-22362)
|
CVE-2024-22362
|
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2687)
|
CVE-2011-2687
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3169)
|
CVE-2016-3169
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)
|
CVE-2016-6211
CWE-264
|
CWE-264
|
High
|
|
Drupal Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2022-29248)
|
CVE-2022-29248
CWE-565
|
CWE-565
|
High
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13671)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)
|
CVE-2018-15901
CWE-352
|
CWE-352
|
High
|
|
e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753)
|
CVE-2016-10753
CWE-502
|
CWE-502
|
High
|
|
e107 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2011-1513)
|
CVE-2011-1513
CWE-138
|
CWE-138
|
High
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4084)
|
CVE-2009-4084
CWE-138
|
CWE-138
|
High
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10378)
|
CVE-2016-10378
CWE-138
|
CWE-138
|
High
|
|
e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885)
|
CVE-2021-27885
CWE-326
|
CWE-326
|
High
|
|
e107 Other Vulnerability (CVE-2004-2042)
|
CVE-2004-2042
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-1949)
|
CVE-2005-1949
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-1966)
|
CVE-2005-1966
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-2559)
|
CVE-2005-2559
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-3521)
|
CVE-2005-3521
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-4224)
|
CVE-2005-4224
|
|
High
|
|
e107 Other Vulnerability (CVE-2006-4548)
|
CVE-2006-4548
|
|
High
|
|
e107 Other Vulnerability (CVE-2006-5786)
|
CVE-2006-5786
|
|
High
|
|
e107 Other Vulnerability (CVE-2010-2098)
|
CVE-2010-2098
|
|
High
|
|
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-2099)
|
CVE-2010-2099
CWE-264
|
CWE-264
|
High
|
|
e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16388)
|
CVE-2018-16388
CWE-434
|
CWE-434
|
High
|
|
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)
|
CVE-2021-3980
CWE-359
|
CWE-359
|
High
|
|
Envoy mishandles dropped and truncated datagrams Issue (CVE-2020-35471)
|
CVE-2020-35471
|
|
High
|
|
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)
|
CVE-2019-15225
CWE-770
|
CWE-770
|
High
|
|
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655)
|
CVE-2022-21655
CWE-670
|
CWE-670
|
High
|
|
Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018)
|
CVE-2020-25018
|
|
High
|
|
Envoy Proxy CVE-2023-27496 Vulnerability (CVE-2023-27496)
|
CVE-2023-27496
|
|
High
|
|
Envoy Proxy CVE-2024-23324 Vulnerability (CVE-2024-23324)
|
CVE-2024-23324
|
|
High
|
|
Envoy Proxy CVE-2024-45807 Vulnerability (CVE-2024-45807)
|
CVE-2024-45807
|
|
High
|
|
Envoy Proxy CVE-2024-45810 Vulnerability (CVE-2024-45810)
|
CVE-2024-45810
|
|
High
|
|
Envoy Proxy CVE-2025-30157 Vulnerability (CVE-2025-30157)
|
CVE-2025-30157
|
|
High
|
|
Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-32778)
|
CVE-2021-32778
CWE-834
|
CWE-834
|
High
|
|
Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-39204)
|
CVE-2021-39204
CWE-834
|
CWE-834
|
High
|
|
Envoy Proxy Improper Authentication Vulnerability (CVE-2021-21378)
|
CVE-2021-21378
CWE-287
|
CWE-287
|
High
|
|
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-32780)
|
CVE-2021-32780
CWE-754
|
CWE-754
|
High
|
|
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-39162)
|
CVE-2021-39162
CWE-754
|
CWE-754
|
High
|
|
Envoy Proxy Improper Handling of Exceptional Conditions Vulnerability (CVE-2024-23325)
|
CVE-2024-23325
CWE-755
|
CWE-755
|
High
|
|
Envoy Proxy Improper Handling of Highly Compressed Data (Data Amplification) Vulnerability (CVE-2022-29225)
|
CVE-2022-29225
CWE-409
|
CWE-409
|
High
|
|
Envoy Proxy Improper Input Validation Vulnerability (CVE-2019-9900)
|
CVE-2019-9900
CWE-20
|
CWE-20
|
High
|
|
Envoy Proxy Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-12604)
|
CVE-2020-12604
CWE-119
|
CWE-119
|
High
|
|
Envoy Proxy Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32781)
|
CVE-2021-32781
CWE-119
|
CWE-119
|
High
|
|
Envoy Proxy Incomplete Cleanup Vulnerability (CVE-2023-35945)
|
CVE-2023-35945
CWE-459
|
CWE-459
|
High
|
|
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-23326)
|
CVE-2024-23326
|
|
High
|
|
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-32777)
|
CVE-2021-32777
CWE-863
|
CWE-863
|
High
|
|
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-32779)
|
CVE-2021-32779
CWE-863
|
CWE-863
|
High
|
|
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-39206)
|
CVE-2021-39206
CWE-863
|
CWE-863
|
High
|
|
Envoy Proxy Integer Overflow or Wraparound Vulnerability (CVE-2021-28682)
|
CVE-2021-28682
CWE-190
|
CWE-190
|
High
|
|
Envoy Proxy Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2024-32975)
|
CVE-2024-32975
CWE-191
|
CWE-191
|
High
|
|
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-18836)
|
CVE-2019-18836
CWE-835
|
CWE-835
|
High
|
|
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)
|
CVE-2024-32976
CWE-835
|
CWE-835
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2019-18838)
|
CVE-2019-18838
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683)
|
CVE-2021-28683
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-43824)
|
CVE-2021-43824
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-23327)
|
CVE-2024-23327
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-45809)
|
CVE-2024-45809
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy Other Vulnerability (CVE-2020-25017)
|
CVE-2020-25017
|
|
High
|
|
Envoy Proxy Other Vulnerability (CVE-2024-34363)
|
CVE-2024-34363
|
|
High
|
|
Envoy Proxy Reachable Assertion Vulnerability (CVE-2021-29258)
|
CVE-2021-29258
CWE-617
|
CWE-617
|
High
|
|
Envoy Proxy Reachable Assertion Vulnerability (CVE-2022-29228)
|
CVE-2022-29228
CWE-617
|
CWE-617
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2019-15226)
|
CVE-2019-15226
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-8663)
|
CVE-2020-8663
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12603)
|
CVE-2020-12603
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12605)
|
CVE-2020-12605
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2021-43825)
|
CVE-2021-43825
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2021-43826)
|
CVE-2021-43826
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2022-29227)
|
CVE-2022-29227
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2023-35943)
|
CVE-2023-35943
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2024-23322)
|
CVE-2024-23322
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2024-32974)
|
CVE-2024-32974
CWE-416
|
CWE-416
|
High
|
|
Envoy Wrong DOWNSTREAM_REMOTE_ADDRESS logged Issue (CVE-2020-35470)
|
CVE-2020-35470
|
|
High
|
|
EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38844)
|
CVE-2022-38844
CWE-1236
|
CWE-1236
|
High
|
|
EspoCRM Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2019-14351)
|
CVE-2019-14351
CWE-307
|
CWE-307
|
High
|
|
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-38843)
|
CVE-2022-38843
CWE-434
|
CWE-434
|
High
|
|
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5965)
|
CVE-2023-5965
CWE-434
|
CWE-434
|
High
|
|
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5966)
|
CVE-2023-5966
CWE-434
|
CWE-434
|
High
|
|
Ext JS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2007-6758)
|
CVE-2007-6758
CWE-918
|
CWE-918
|
High
|
|
Family Connections Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0699)
|
CVE-2012-0699
CWE-352
|
CWE-352
|
High
|
|
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-3419)
|
CVE-2010-3419
CWE-94
|
CWE-94
|
High
|
|
FluxBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-10029)
|
CVE-2014-10029
CWE-138
|
CWE-138
|
High
|
|
FluxBB Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2020-28873)
|
CVE-2020-28873
CWE-916
|
CWE-916
|
High
|
|
FrontAccounting Cross-site Request Forgery (CSRF) Vulnerability (CVE-2018-7176)
|
CVE-2018-7176
|
|
High
|
|
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4037)
|
CVE-2009-4037
CWE-138
|
CWE-138
|
High
|
|
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4045)
|
CVE-2009-4045
CWE-138
|
CWE-138
|
High
|
|
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-1000890)
|
CVE-2018-1000890
CWE-138
|
CWE-138
|
High
|
|
FrontAccounting Multiple SQL Injection Vulnerabilities (CVE-2014-3973)
|
CVE-2014-3973
|
|
High
|
|
Frontaccounting Other Vulnerability (CVE-2007-4279)
|
CVE-2007-4279
|
|
High
|
|
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-41877)
|
CVE-2023-41877
CWE-22
|
CWE-22
|
High
|
|
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-24749)
|
CVE-2024-24749
CWE-22
|
CWE-22
|
High
|
|
GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)
|
CVE-2023-51444
CWE-434
|
CWE-434
|
High
|
|
GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-45880)
|
CVE-2023-45880
CWE-22
|
CWE-22
|
High
|
|
GibbonEdu Session Fixation Vulnerability (CVE-2022-27305)
|
CVE-2022-27305
CWE-384
|
CWE-384
|
High
|
|
GlassFish CVE-2011-3559 Vulnerability (CVE-2011-3559)
|
CVE-2011-3559
|
|
High
|
|
GlassFish CVE-2016-5519 Vulnerability (CVE-2016-5519)
|
CVE-2016-5519
|
|
High
|
|
GlassFish CVE-2017-3249 Vulnerability (CVE-2017-3249)
|
CVE-2017-3249
|
|
High
|
|
GlassFish CVE-2017-10391 Vulnerability (CVE-2017-10391)
|
CVE-2017-10391
|
|
High
|
|
GlassFish CVE-2018-2911 Vulnerability (CVE-2018-2911)
|
CVE-2018-2911
|
|
High
|
|
GlassFish CVE-2018-3152 Vulnerability (CVE-2018-3152)
|
CVE-2018-3152
|
|
High
|
|
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3250)
|
CVE-2017-3250
CWE-200
|
CWE-200
|
High
|
|
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000029)
|
CVE-2017-1000029
CWE-200
|
CWE-200
|
High
|
|
GlassFish Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000028)
|
CVE-2017-1000028
CWE-22
|
CWE-22
|
High
|
|
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1950)
|
CVE-2016-1950
CWE-119
|
CWE-119
|
High
|
|
Grafana Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-39328)
|
CVE-2022-39328
CWE-362
|
CWE-362
|
High
|
|
Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703)
|
CVE-2022-21703
CWE-352
|
CWE-352
|
High
|
|
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
|
CVE-2021-27358
|
|
High
|
|
Grafana CVE-2022-39201 Vulnerability (CVE-2022-39201)
|
CVE-2022-39201
|
|
High
|
|
Grafana CVE-2023-1387 Vulnerability (CVE-2023-1387)
|
CVE-2023-1387
|
|
High
|
|
Grafana CVE-2023-4399 Vulnerability (CVE-2023-4399)
|
CVE-2023-4399
|
|
High
|
|
Grafana CVE-2023-4822 Vulnerability (CVE-2023-4822)
|
CVE-2023-4822
|
|
High
|
|
Grafana CVE-2024-1442 Vulnerability (CVE-2024-1442)
|
CVE-2024-1442
|
|
High
|
|
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498)
|
CVE-2022-23498
CWE-200
|
CWE-200
|
High
|
|
Grafana Improper Authentication Vulnerability (CVE-2021-28148)
|
CVE-2021-28148
CWE-287
|
CWE-287
|
High
|
|
Grafana Improper Authentication Vulnerability (CVE-2021-39226)
|
CVE-2021-39226
CWE-287
|
CWE-287
|
High
|
|
Grafana Improper Authentication Vulnerability (CVE-2022-32276)
|
CVE-2022-32276
CWE-287
|
CWE-287
|
High
|
|
Grafana Improper Input Validation Vulnerability (CVE-2022-39306)
|
CVE-2022-39306
CWE-20
|
CWE-20
|
High
|
|
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43798)
|
CVE-2021-43798
CWE-22
|
CWE-22
|
High
|
|
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-32275)
|
CVE-2022-32275
CWE-22
|
CWE-22
|
High
|
|
Grafana Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-9264)
|
CVE-2024-9264
CWE-138
|
CWE-138
|
High
|
|
Grafana Improper Verification of Cryptographic Signature Vulnerability (CVE-2022-31123)
|
CVE-2022-31123
CWE-347
|
CWE-347
|
High
|
|
Grafana Incorrect Authorization Vulnerability (CVE-2022-31107)
|
CVE-2022-31107
CWE-863
|
CWE-863
|
High
|
|
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)
|
CVE-2021-27962
CWE-732
|
CWE-732
|
High
|
|
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130)
|
CVE-2022-31130
CWE-522
|
CWE-522
|
High
|
|
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043)
|
CVE-2019-15043
CWE-306
|
CWE-306
|
High
|
|
Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379)
|
CVE-2020-13379
CWE-918
|
CWE-918
|
High
|
|
Grafana URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29170)
|
CVE-2022-29170
CWE-601
|
CWE-601
|
High
|
|
GSAP CVE-2020-28478 Vulnerability (CVE-2020-28478)
|
CVE-2020-28478
|
|
High
|
|
Gunicorn Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2018-1000164)
|
CVE-2018-1000164
CWE-707
|
CWE-707
|
High
|
|
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920)
|
CVE-2019-20920
CWE-94
|
CWE-94
|
High
|
|
Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)
|
CVE-2019-20922
CWE-835
|
CWE-835
|
High
|
|
Hiawatha Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8358)
|
CVE-2019-8358
CWE-22
|
CWE-22
|
High
|
|
Highcharts JS Incorrect Regular Expression Vulnerability (CVE-2018-20801)
|
CVE-2018-20801
CWE-185
|
CWE-185
|
High
|
|
Horde remote code execution
|
CVE-2014-1691
CWE-94
|
CWE-94
|
High
|
|
IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281)
|
CVE-2023-26281
CWE-20
|
CWE-20
|
High
|
|
IBMHttpServer Observable Discrepancy Vulnerability (CVE-2023-32342)
|
CVE-2023-32342
CWE-203
|
CWE-203
|
High
|
|
IBMHttpServer Other Vulnerability (CVE-2000-1168)
|
CVE-2000-1168
|
|
High
|
|
IBMHttpServer Other Vulnerability (CVE-2004-1082)
|
CVE-2004-1082
|
|
High
|
|
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities
|
CVE-2012-3301
CVE-2012-3302
CWE-79
|
CWE-79
|
High
|
|
IBM RTC Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-4252)
|
CVE-2019-4252
CWE-22
|
CWE-22
|
High
|
|
IBM RTC Improper Privilege Management Vulnerability (CVE-2021-29774)
|
CVE-2021-29774
CWE-269
|
CWE-269
|
High
|
|
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-9707)
|
CVE-2016-9707
CWE-611
|
CWE-611
|
High
|
|
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-1103)
|
CVE-2017-1103
CWE-611
|
CWE-611
|
High
|
|
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-20502)
|
CVE-2021-20502
CWE-611
|
CWE-611
|
High
|
|
IBM RTC Inadequate Encryption Strength Vulnerability (CVE-2017-1701)
|
CVE-2017-1701
CWE-326
|
CWE-326
|
High
|
|
IBM RTC Inadequate Encryption Strength Vulnerability (CVE-2020-4965)
|
CVE-2020-4965
CWE-326
|
CWE-326
|
High
|
|
IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7440)
|
CVE-2015-7440
CWE-264
|
CWE-264
|
High
|
|
IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-29844)
|
CVE-2021-29844
CWE-918
|
CWE-918
|
High
|
|
IBM WebSEAL 7PK - Security Features Vulnerability (CVE-2016-3025)
|
CVE-2016-3025
|
|
High
|
|
IBM WebSEAL CVE-2018-1850 Vulnerability (CVE-2018-1850)
|
CVE-2018-1850
|
|
High
|
|
IBM WebSEAL CVE-2019-4135 Vulnerability (CVE-2019-4135)
|
CVE-2019-4135
|
|
High
|
|
IBM WebSEAL CVE-2019-4145 Vulnerability (CVE-2019-4145)
|
CVE-2019-4145
|
|
High
|
|
IBM WebSEAL Improper Input Validation Vulnerability (CVE-2019-4036)
|
CVE-2019-4036
CWE-20
|
CWE-20
|
High
|
|
IBM WebSEAL Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-4707)
|
CVE-2019-4707
CWE-611
|
CWE-611
|
High
|
|
IBM WebSEAL Inadequate Encryption Strength Vulnerability (CVE-2018-1814)
|
CVE-2018-1814
CWE-326
|
CWE-326
|
High
|
|
IBM WebSEAL Insufficiently Protected Credentials Vulnerability (CVE-2021-20439)
|
CVE-2021-20439
CWE-522
|
CWE-522
|
High
|
|
IBM WebSEAL Other Vulnerability (CVE-2023-30997)
|
CVE-2023-30997
|
|
High
|
|
IBM WebSEAL Other Vulnerability (CVE-2023-30998)
|
CVE-2023-30998
|
|
High
|
|
IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2023-38371)
|
CVE-2023-38371
CWE-327
|
CWE-327
|
High
|
|
IBM WebSEAL Use of Hard-coded Credentials Vulnerability (CVE-2018-1887)
|
CVE-2018-1887
CWE-798
|
CWE-798
|
High
|
|
Internet Information Services Configuration Vulnerability (CVE-1999-0725)
|
CVE-1999-0725
|
|
High
|
|
Internet Information Services CVE-2006-6578 Vulnerability (CVE-2006-6578)
|
CVE-2006-6578
|
|
High
|
|
Internet Information Services CVE-2008-0074 Vulnerability (CVE-2008-0074)
|
CVE-2008-0074
|
|
High
|
|
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1122)
|
CVE-2009-1122
CWE-287
|
CWE-287
|
High
|
|
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1535)
|
CVE-2009-1535
CWE-287
|
CWE-287
|
High
|
|
Internet Information Services Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1256)
|
CVE-2010-1256
CWE-94
|
CWE-94
|
High
|
|
Internet Information Services Improper Input Validation Vulnerability (CVE-2000-0258)
|
CVE-2000-0258
CWE-20
|
CWE-20
|
High
|
|
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0349)
|
CVE-1999-0349
CWE-119
|
CWE-119
|
High
|
|
Internet Information Services Other Vulnerability (CVE-1999-0253)
|
CVE-1999-0253
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-1999-0412)
|
CVE-1999-0412
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-1999-0449)
|
CVE-1999-0449
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-1999-0450)
|
CVE-1999-0450
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-1999-1233)
|
CVE-1999-1233
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2000-0457)
|
CVE-2000-0457
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2000-0746)
|
CVE-2000-0746
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2000-0884)
|
CVE-2000-0884
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2000-0886)
|
CVE-2000-0886
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2000-0970)
|
CVE-2000-0970
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2000-1104)
|
CVE-2000-1104
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2001-0333)
|
CVE-2001-0333
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2001-0506)
|
CVE-2001-0506
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2001-0507)
|
CVE-2001-0507
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2001-0902)
|
CVE-2001-0902
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0071)
|
CVE-2002-0071
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0074)
|
CVE-2002-0074
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0075)
|
CVE-2002-0075
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0079)
|
CVE-2002-0079
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0147)
|
CVE-2002-0147
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0148)
|
CVE-2002-0148
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0149)
|
CVE-2002-0149
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0150)
|
CVE-2002-0150
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0364)
|
CVE-2002-0364
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0862)
|
CVE-2002-0862
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-0869)
|
CVE-2002-0869
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2002-1180)
|
CVE-2002-1180
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2004-0205)
|
CVE-2004-0205
|
|
High
|
|
Internet Information Services Other Vulnerability (CVE-2007-2897)
|
CVE-2007-2897
|
|
High
|
|
Internet Information Services Permissions, Privileges, and Access Controls Vulnerability (CVE-1999-0777)
|
CVE-1999-0777
CWE-264
|
CWE-264
|
High
|
|
Internet Information Services Unchecked Return Value Vulnerability (CVE-2005-4360)
|
CVE-2005-4360
CWE-252
|
CWE-252
|
High
|
|
Invision Power Board version 3.3.4 unserialize PHP code execution
|
CVE-2012-5692
CWE-20
|
CWE-20
|
High
|
|
Java Unspesificed Vulnerability (CVE-2018-2941)
|
CVE-2018-2941
|
|
High
|
|
Java Unspesificed Vulnerability (CVE-2018-2964)
|
CVE-2018-2964
|
|
High
|
|
Java Unspesificed Vulnerability (CVE-2018-3149)
|
CVE-2018-3149
|
|
High
|
|
Java Unspesificed Vulnerability (CVE-2018-3169)
|
CVE-2018-3169
|
|
High
|
|
Java Unspesificed Vulnerability (CVE-2019-2602)
|
CVE-2019-2602
|
|
High
|
|
JBoss Application Server Directory Traversal Vulnerability (CVE-2006-5750)
|
CVE-2006-5750
|
|
High
|
|
JBoss Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1094)
|
CVE-2012-1094
CWE-200
|
CWE-200
|
High
|
|
JBoss Application Server Improper Privilege Management Vulnerability (CVE-2012-2312)
|
CVE-2012-2312
CWE-269
|
CWE-269
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
|
CVE-2019-9511
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)
|
CVE-2019-9514
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515)
|
CVE-2019-9515
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
|
CVE-2019-9517
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)
|
CVE-2019-9518
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-10705)
|
CVE-2020-10705
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-3171)
|
CVE-2023-3171
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-5379)
|
CVE-2023-5379
CWE-770
|
CWE-770
|
High
|
|
Jboss EAP CVE-2012-5626 Vulnerability (CVE-2012-5626)
|
CVE-2012-5626
|
|
High
|
|
Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)
|
CVE-2016-6796
|
|
High
|
|
Jboss EAP CVE-2017-12189 Vulnerability (CVE-2017-12189)
|
CVE-2017-12189
|
|
High
|
|
Jboss EAP CVE-2022-1259 Vulnerability (CVE-2022-1259)
|
CVE-2022-1259
|
|
High
|
|
Jboss EAP CVE-2023-3223 Vulnerability (CVE-2023-3223)
|
CVE-2023-3223
|
|
High
|
|
Jboss EAP CVE-2024-7885 Vulnerability (CVE-2024-7885)
|
CVE-2024-7885
|
|
High
|
|
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-4978)
|
CVE-2016-4978
CWE-502
|
CWE-502
|
High
|
|
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-7065)
|
CVE-2016-7065
CWE-502
|
CWE-502
|
High
|
|
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12022)
|
CVE-2018-12022
CWE-502
|
CWE-502
|
High
|
|
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12023)
|
CVE-2018-12023
CWE-502
|
CWE-502
|
High
|
|
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
|
CVE-2019-10086
CWE-502
|
CWE-502
|
High
|
|
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
|
CVE-2021-4104
CWE-502
|
CWE-502
|
High
|
|
Jboss EAP Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)
|
CVE-2021-3859
CWE-668
|
CWE-668
|
High
|
|
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3530)
|
CVE-2014-3530
CWE-200
|
CWE-200
|
High
|
|
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)
|
CVE-2016-2183
CWE-200
|
CWE-200
|
High
|
|
Jboss EAP Files or Directories Accessible to External Parties Vulnerability (CVE-2021-3717)
|
CVE-2021-3717
CWE-552
|
CWE-552
|
High
|
|
Jboss EAP Improper Handling of Exceptional Conditions Vulnerability (CVE-2018-8039)
|
CVE-2018-8039
CWE-755
|
CWE-755
|
High
|
|
Jboss EAP Improper Initialization Vulnerability (CVE-2023-4503)
|
CVE-2023-4503
CWE-665
|
CWE-665
|
High
|
|
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3708)
|
CVE-2010-3708
CWE-20
|
CWE-20
|
High
|
|
Jboss EAP Improper Input Validation Vulnerability (CVE-2013-2185)
|
CVE-2013-2185
CWE-20
|
CWE-20
|
High
|
|
Jboss EAP Improper Input Validation Vulnerability (CVE-2016-3110)
|
CVE-2016-3110
CWE-20
|
CWE-20
|
High
|
|
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1757)
|
CVE-2020-1757
CWE-20
|
CWE-20
|
High
|
|
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1048)
|
CVE-2018-1048
CWE-22
|
CWE-22
|
High
|
|
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10234)
|
CVE-2024-10234
CWE-707
|
CWE-707
|
High
|
|
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)
|
CVE-2021-32027
CWE-119
|
CWE-119
|
High
|
|
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-10172)
|
CVE-2019-10172
CWE-611
|
CWE-611
|
High
|
|
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
|
CVE-2014-0224
CWE-326
|
CWE-326
|
High
|
|
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-5968)
|
CVE-2018-5968
CWE-184
|
CWE-184
|
High
|
|
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7561)
|
CVE-2017-7561
CWE-444
|
CWE-444
|
High
|
|
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
|
CVE-2017-12165
CWE-444
|
CWE-444
|
High
|
|
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-16869)
|
CVE-2019-16869
CWE-444
|
CWE-444
|
High
|
|
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-7238)
|
CVE-2020-7238
CWE-444
|
CWE-444
|
High
|
|
Jboss EAP Incorrect Authorization Vulnerability (CVE-2019-14843)
|
CVE-2019-14843
CWE-863
|
CWE-863
|
High
|
|
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
|
CVE-2017-2670
CWE-835
|
CWE-835
|
High
|
|
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1041)
|
CVE-2018-1041
CWE-835
|
CWE-835
|
High
|
|
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
|
CVE-2018-1336
CWE-835
|
CWE-835
|
High
|
|
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-0205)
|
CVE-2019-0205
CWE-835
|
CWE-835
|
High
|
|
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
|
CVE-2023-1108
CWE-835
|
CWE-835
|
High
|
|
Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184)
|
CVE-2019-10184
CWE-862
|
CWE-862
|
High
|
|
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)
|
CVE-2022-0853
CWE-401
|
CWE-401
|
High
|
|
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)
|
CVE-2022-3143
CWE-203
|
CWE-203
|
High
|
|
Jboss EAP Other Vulnerability (CVE-2014-3490)
|
CVE-2014-3490
|
|
High
|
|
Jboss EAP Other Vulnerability (CVE-2019-9513)
|
CVE-2019-9513
|
|
High
|
|
Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)
|
CVE-2019-0210
CWE-125
|
CWE-125
|
High
|
|
Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)
|
CVE-2016-7066
|
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4605)
|
CVE-2011-4605
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4608)
|
CVE-2011-4608
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5629)
|
CVE-2012-5629
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)
|
CVE-2013-2165
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)
|
CVE-2016-5406
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)
|
CVE-2016-8656
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)
|
CVE-2016-8657
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2019-3894)
|
CVE-2019-3894
CWE-264
|
CWE-264
|
High
|
|
Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)
|
CVE-2020-25710
CWE-617
|
CWE-617
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
|
CVE-2016-8610
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)
|
CVE-2017-12174
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)
|
CVE-2019-14888
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)
|
CVE-2019-19343
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)
|
CVE-2020-14384
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)
|
CVE-2020-25644
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629)
|
CVE-2021-3629
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690)
|
CVE-2021-3690
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
Jboss EAP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
|
CVE-2017-12617
CWE-434
|
CWE-434
|
High
|
|
Jboss EAP Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)
|
CVE-2018-1000180
CWE-327
|
CWE-327
|
High
|
|
Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2017-7536)
|
CVE-2017-7536
CWE-470
|
CWE-470
|
High
|
|
Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2019-10174)
|
CVE-2019-10174
CWE-470
|
CWE-470
|
High
|
|
Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)
|
CVE-2018-1000632
CWE-91
|
CWE-91
|
High
|
|
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)
|
CVE-2023-27900
CWE-770
|
CWE-770
|
High
|
|
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27901)
|
CVE-2023-27901
CWE-770
|
CWE-770
|
High
|
|
Jenkins Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-1000503)
|
CVE-2017-1000503
CWE-362
|
CWE-362
|
High
|
|
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7537)
|
CVE-2015-7537
CWE-352
|
CWE-352
|
High
|
|
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000356)
|
CVE-2017-1000356
CWE-352
|
CWE-352
|
High
|
|
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000504)
|
CVE-2017-1000504
CWE-352
|
CWE-352
|
High
|
|
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10353)
|
CVE-2019-10353
CWE-352
|
CWE-352
|
High
|
|
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10384)
|
CVE-2019-10384
CWE-352
|
CWE-352
|
High
|
|
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-2160)
|
CVE-2020-2160
CWE-352
|
CWE-352
|
High
|
|
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35141)
|
CVE-2023-35141
CWE-352
|
CWE-352
|
High
|
|
Jenkins CVE-2013-0329 Vulnerability (CVE-2013-0329)
|
CVE-2013-0329
|
|
High
|
|
Jenkins CVE-2014-2063 Vulnerability (CVE-2014-2063)
|
CVE-2014-2063
|
|
High
|
|
Jenkins CVE-2015-7538 Vulnerability (CVE-2015-7538)
|
CVE-2015-7538
|
|
High
|
|
Jenkins CVE-2023-43498 Vulnerability (CVE-2023-43498)
|
CVE-2023-43498
|
|
High
|
|
Jenkins CVE-2023-44487 Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
|
|
High
|
|
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-2608)
|
CVE-2017-2608
CWE-502
|
CWE-502
|
High
|
|
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2021-21604)
|
CVE-2021-21604
CWE-502
|
CWE-502
|
High
|
|
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2022-0538)
|
CVE-2022-0538
CWE-502
|
CWE-502
|
High
|
|
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)
|
CVE-2018-1000410
CWE-200
|
CWE-200
|
High
|
|
Jenkins Improper Access Control Vulnerability (CVE-2015-5325)
|
CVE-2015-5325
CWE-284
|
CWE-284
|
High
|
|
Jenkins Improper Authentication Vulnerability (CVE-2017-1000354)
|
CVE-2017-1000354
CWE-287
|
CWE-287
|
High
|
|
Jenkins Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43044)
|
CVE-2024-43044
CWE-754
|
CWE-754
|
High
|
|
Jenkins Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3666)
|
CVE-2014-3666
CWE-94
|
CWE-94
|
High
|
|
Jenkins Improper Input Validation Vulnerability (CVE-2012-4438)
|
CVE-2012-4438
CWE-20
|
CWE-20
|
High
|
|
Jenkins Improper Input Validation Vulnerability (CVE-2016-0792)
|
CVE-2016-0792
CWE-20
|
CWE-20
|
High
|
|
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000391)
|
CVE-2017-1000391
CWE-20
|
CWE-20
|
High
|
|
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000394)
|
CVE-2017-1000394
CWE-20
|
CWE-20
|
High
|
|
Jenkins Improper Input Validation Vulnerability (CVE-2018-1999001)
|
CVE-2018-1999001
CWE-20
|
CWE-20
|
High
|
|
Jenkins Improper Input Validation Vulnerability (CVE-2018-1999002)
|
CVE-2018-1999002
CWE-20
|
CWE-20
|
High
|
|
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000194)
|
CVE-2018-1000194
CWE-22
|
CWE-22
|
High
|
|
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000863)
|
CVE-2018-1000863
CWE-22
|
CWE-22
|
High
|
|
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21605)
|
CVE-2021-21605
CWE-22
|
CWE-22
|
High
|
|
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21686)
|
CVE-2021-21686
CWE-59
|
CWE-59
|
High
|
|
Jenkins Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-1000393)
|
CVE-2017-1000393
CWE-138
|
CWE-138
|
High
|
|
Jenkins Incorrect Authorization Vulnerability (CVE-2022-34175)
|
CVE-2022-34175
CWE-863
|
CWE-863
|
High
|
|
Jenkins Incorrect Authorization Vulnerability (CVE-2023-27899)
|
CVE-2023-27899
CWE-863
|
CWE-863
|
High
|
|
Jenkins Incorrect Default Permissions Vulnerability (CVE-2023-43496)
|
CVE-2023-43496
CWE-276
|
CWE-276
|
High
|
|
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003003)
|
CVE-2019-1003003
CWE-613
|
CWE-613
|
High
|
|
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003004)
|
CVE-2019-1003004
CWE-613
|
CWE-613
|
High
|
|
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003049)
|
CVE-2019-1003049
CWE-613
|
CWE-613
|
High
|
|
Jenkins Insufficient Verification of Data Authenticity Vulnerability (CVE-2015-7539)
|
CVE-2015-7539
CWE-345
|
CWE-345
|
High
|
|
Jenkins Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)
|
CVE-2023-36478
CWE-190
|
CWE-190
|
High
|
|
Jenkins Missing Authorization Vulnerability (CVE-2021-21688)
|
CVE-2021-21688
CWE-862
|
CWE-862
|
High
|
|
Jenkins Missing Authorization Vulnerability (CVE-2021-21695)
|
CVE-2021-21695
CWE-862
|
CWE-862
|
High
|
|
Jenkins Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-1999043)
|
CVE-2018-1999043
CWE-772
|
CWE-772
|
High
|
|
Jenkins Observable Discrepancy Vulnerability (CVE-2022-34174)
|
CVE-2022-34174
CWE-203
|
CWE-203
|
High
|
|
Jenkins Origin Validation Error Vulnerability (CVE-2024-23898)
|
CVE-2024-23898
CWE-346
|
CWE-346
|
High
|
|
Jenkins Other Vulnerability (CVE-2016-3726)
|
CVE-2016-3726
|
|
High
|
|
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-1814)
|
CVE-2015-1814
CWE-264
|
CWE-264
|
High
|
|
Jenkins Session Fixation Vulnerability (CVE-2021-21671)
|
CVE-2021-21671
CWE-384
|
CWE-384
|
High
|
|
Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2012-0785)
|
CVE-2012-0785
CWE-400
|
CWE-400
|
High
|
|
Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)
|
CVE-2021-28165
CWE-400
|
CWE-400
|
High
|
|
Jenkins Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-43497)
|
CVE-2023-43497
CWE-434
|
CWE-434
|
High
|
|
Jenkins Use of Insufficiently Random Values Vulnerability (CVE-2020-2099)
|
CVE-2020-2099
CWE-330
|
CWE-330
|
High
|
|
Jetpack 2.9.3: Critical Security Update
|
CVE-2014-0173
CWE-287
|
CWE-287
|
High
|
|
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-22201)
|
CVE-2024-22201
CWE-770
|
CWE-770
|
High
|
|
Jetty CVE-2017-7656 Vulnerability (CVE-2017-7656)
|
CVE-2017-7656
|
|
High
|
|
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-5045)
|
CVE-2009-5045
CWE-200
|
CWE-200
|
High
|
|
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080)
|
CVE-2015-2080
CWE-200
|
CWE-200
|
High
|
|
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2022-2191)
|
CVE-2022-2191
CWE-404
|
CWE-404
|
High
|
|
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)
|
CVE-2023-36478
CWE-190
|
CWE-190
|
High
|
|
Jetty Observable Discrepancy Vulnerability (CVE-2017-9735)
|
CVE-2017-9735
CWE-203
|
CWE-203
|
High
|
|
Jetty Other Vulnerability (CVE-2020-27216)
|
CVE-2020-27216
|
|
High
|
|
Jetty Session Fixation Vulnerability (CVE-2018-12538)
|
CVE-2018-12538
CWE-384
|
CWE-384
|
High
|
|
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2020-27223)
|
CVE-2020-27223
CWE-400
|
CWE-400
|
High
|
|
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)
|
CVE-2021-28165
CWE-400
|
CWE-400
|
High
|
|
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2022-2048)
|
CVE-2022-2048
CWE-400
|
CWE-400
|
High
|
|
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
Jolokia Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-10899)
|
CVE-2018-10899
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 1.0 Remote File Inclusion (1.0.0)
|
CVE-2006-2960
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 1.0.5 Security Bypass (1.0.5)
|
CVE-2006-0114
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.0.x Cross-Site Scripting (1.0.0 - 1.0.11)
|
CVE-2006-6832
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.0.x Cross-Site Scripting (1.0.0 - 1.0.15)
|
CVE-2011-0005
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.0.x Multiple Cross-Site Scripting Vulnerabilities (1.0.0 - 1.0.10)
|
CVE-2006-4474
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.0.x Multiple Cross-Site Scripting Vulnerabilities (1.0.0 - 1.0.12)
|
CVE-2007-4189
CVE-2007-4190
CVE-2007-5577
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.5)
|
CVE-2006-0303
|
|
High
|
|
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.7)
|
CVE-2006-1030
CVE-2006-1047
|
|
High
|
|
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.9)
|
CVE-2006-7008
CVE-2006-7009
|
|
High
|
|
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.10)
|
CVE-2006-4466
CVE-2006-4468
CVE-2006-4469
CVE-2006-4470
CVE-2006-4472
CVE-2006-4473
CVE-2006-4475
CVE-2006-4476
|
|
High
|
|
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.11)
|
CVE-2006-6833
CVE-2006-6834
|
|
High
|
|
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.3)
|
CVE-2005-3771
CVE-2005-3772
CVE-2005-4650
CWE-79
CWE-89
CWE-400
|
CWE-79
CWE-89
CWE-400
|
High
|
|
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.7)
|
CVE-2006-1027
CVE-2006-1028
CVE-2006-1029
CVE-2006-1048
CVE-2006-1049
CWE-89
CWE-200
CWE-264
CWE-400
|
CWE-89
CWE-200
CWE-264
CWE-400
|
High
|
|
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.9)
|
CVE-2006-3480
CVE-2006-3481
CVE-2006-7010
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.12)
|
CVE-2007-4184
CVE-2007-4185
CWE-89
CWE-200
|
CWE-89
CWE-200
|
High
|
|
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.13)
|
CVE-2007-5427
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
Joomla! Core 1.0.x Remote File Inclusion (1.0.11 - 1.0.14)
|
CVE-2008-5671
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 1.0.x Security Bypass (1.0.0 - 1.0.10)
|
CVE-2006-4471
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.0.x Session Fixation (1.0.0 - 1.0.12)
|
CVE-2007-4188
CWE-287
|
CWE-287
|
High
|
|
Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11)
|
CVE-2007-0374
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 1.0.x Unspecified Vulnerability (1.0.0 - 1.0.3)
|
CVE-2005-3773
|
|
High
|
|
Joomla! Core 1.5.12 Arbitrary File Upload (1.5.12)
|
CVE-2011-4906
CVE-2011-4908
CWE-434
|
CWE-434
|
High
|
|
Joomla! Core 1.5.x Arbitrary File Upload (1.5.0 - 1.5.15)
|
CVE-2010-1433
CWE-434
|
CWE-434
|
High
|
|
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.7)
|
CVE-2008-6299
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.9)
|
CVE-2009-1279
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.10)
|
CVE-2009-1938
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.11)
|
CVE-2011-4910
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.5.x Directory Traversal (1.5.0 - 1.5.8)
|
CVE-2009-0113
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.11)
|
CVE-2011-4911
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.12)
|
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.14)
|
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.15)
|
CVE-2010-1432
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.23)
|
CVE-2011-3629
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.25)
|
CVE-2012-1599
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.5.x Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 1.5.20)
|
CVE-2010-3712
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.5.x Multiple SQL Injection Vulnerabilities (1.5.0 - 1.5.21)
|
CVE-2010-4166
CVE-2010-4696
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 1.5.x Multiple Vulnerabilities (1.5.0 - 1.5.3)
|
CVE-2008-3225
CVE-2008-3226
CVE-2008-3227
CVE-2008-3228
CWE-16
CWE-59
CWE-264
|
CWE-16
CWE-59
CWE-264
|
High
|
|
Joomla! Core 1.5.x Multiple Vulnerabilities (1.5.0 - 1.5.9)
|
CVE-2009-1279
CVE-2009-1280
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
Joomla! Core 1.5.x Open Redirect (1.5.0 - 1.5.6)
|
CVE-2008-4104
CWE-601
|
CWE-601
|
High
|
|
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.5)
|
CVE-2008-3681
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.6)
|
CVE-2008-4102
CWE-330
|
CWE-330
|
High
|
|
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.13)
|
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.14)
|
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.15)
|
CVE-2010-1435
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.24)
|
CVE-2011-4321
CWE-310
|
CWE-310
|
High
|
|
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.25)
|
CVE-2012-1598
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.5.x Session Fixation (1.5.0 - 1.5.15)
|
CVE-2010-1434
CWE-384
|
CWE-384
|
High
|
|
Joomla! Core 1.5.x Session Hijacking (1.5.0 - 1.5.8)
|
CVE-2008-4122
CWE-310
|
CWE-310
|
High
|
|
Joomla! Core 1.5.x Spam (1.5.0 - 1.5.6)
|
CVE-2008-4103
CWE-20
|
CWE-20
|
High
|
|
Joomla! Core 1.5.x Spam (1.5.0 - 1.5.22)
|
CWE-20
|
CWE-20
|
High
|
|
Joomla! Core 1.5.x Variable Injection (1.5.0 - 1.5.6)
|
CVE-2008-4105
CWE-20
|
CWE-20
|
High
|
|
Joomla! Core 1.6.0 Multiple Vulnerabilities (1.6.0)
|
CVE-2010-3712
CWE-79
CWE-89
CWE-200
|
CWE-79
CWE-89
CWE-200
|
High
|
|
Joomla! Core 1.6.0 Spam (1.6.0)
|
CWE-20
|
CWE-20
|
High
|
|
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.3)
|
CVE-2011-4332
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.5)
|
CVE-2011-2710
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6)
|
CVE-2012-0820
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.3)
|
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.6)
|
CVE-2012-0821
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.6.x Multiple Cross-Site Scripting Vulnerabilities (1.6.0 - 1.6.3)
|
CVE-2011-2509
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.3)
|
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.6)
|
CVE-2012-1563
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0)
|
CVE-2011-3595
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.7.0 Information Disclosure (1.7.0)
|
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.3)
|
CVE-2012-0820
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.1)
|
CVE-2011-4937
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.3)
|
CVE-2012-0819
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4)
|
CVE-2012-0836
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.2)
|
CWE-330
|
CWE-330
|
High
|
|
Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.5)
|
CVE-2012-1563
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 1.7.x SQL Injection (1.7.0 - 1.7.4)
|
CVE-2012-1116
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 2.5.0 Information Disclosure (2.5.0)
|
CVE-2012-0835
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 2.5.x Arbitrary File Upload (2.5.0 - 2.5.13)
|
CVE-2013-5576
CWE-434
|
CWE-434
|
High
|
|
Joomla! Core 2.5.x Clickjacking Vulnerability (2.5.0 - 2.5.7)
|
CVE-2012-5827
CWE-693
|
CWE-693
|
High
|
|
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.1)
|
CVE-2012-1117
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.3)
|
CVE-2012-1612
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.6)
|
CVE-2012-4532
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9)
|
CVE-2013-3059
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.14)
|
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.18)
|
CVE-2014-7982
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9)
|
CVE-2013-3242
CWE-400
|
CWE-400
|
High
|
|
Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25)
|
CVE-2014-7229
CWE-400
|
CWE-400
|
High
|
|
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.3)
|
CVE-2012-1611
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.4)
|
CVE-2012-2748
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.8)
|
CVE-2013-1453
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.9)
|
CVE-2013-3057
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 2.5.x Remote File Inclusion (2.5.4 - 2.5.25)
|
CVE-2014-7228
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.2)
|
CVE-2012-1562
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.4)
|
CVE-2012-2747
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.9)
|
CVE-2013-3056
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.18)
|
CVE-2014-7984
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.24)
|
CVE-2014-6632
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1)
|
CVE-2012-1116
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 3.0.0 Cross-Site Scripting (3.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.0.x Clickjacking Vulnerability (3.0.0 - 3.0.1)
|
CVE-2012-5827
CWE-693
|
CWE-693
|
High
|
|
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3)
|
CVE-2013-3267
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3)
|
CVE-2013-3242
CWE-400
|
CWE-400
|
High
|
|
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2)
|
CVE-2013-1455
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.3)
|
CVE-2013-3057
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.0.x Security Bypass (3.0.0 - 3.0.3)
|
CVE-2013-3056
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.2.x Cross-Site Scripting (3.2.0 - 3.2.4)
|
CVE-2014-6631
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.3.x Cross-Site Scripting (3.3.0 - 3.3.3)
|
CVE-2014-6631
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4)
|
CVE-2014-7229
CWE-400
|
CWE-400
|
High
|
|
Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - 3.3.4)
|
CVE-2014-7228
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 3.3.x Security Bypass (3.3.0 - 3.3.3)
|
CVE-2014-6632
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.4.x Cross-Site Scripting (3.4.0 - 3.4.3)
|
CVE-2015-6939
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.4.x Directory Traversal (3.4.0 - 3.4.5)
|
CVE-2015-8564
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core 3.6.0 Cross-Site Request Forgery (3.6.0)
|
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.7.0 SQL Injection (3.7.0)
|
CVE-2017-8917
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 3.7.x Information Disclosure (3.7.0 - 3.7.5)
|
CVE-2017-14595
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.9.x Cross-Site Request Forgery (3.9.0 - 3.9.19)
|
CVE-2020-15695
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.9.x Cross-Site Request Forgery (3.9.0 - 3.9.22)
|
CVE-2020-35615
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.9.x Cross-Site Scripting (3.9.0 - 3.9.14)
|
CVE-2020-8421
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.9.x Cross-Site Scripting (3.9.0 - 3.9.20)
|
CVE-2020-24599
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.9.x Cross-Site Scripting (3.9.0 - 3.9.23)
|
CVE-2021-23124
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.9.x CSV Injection (3.9.0 - 3.9.6)
|
CVE-2019-12765
CWE-20
|
CWE-20
|
High
|
|
Joomla! Core 3.9.x Directory Traversal (3.9.3 - 3.9.5)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core 3.9.x Information Disclosure (3.9.0 - 3.9.22)
|
CVE-2020-35614
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.9.x Remote Code Execution (3.9.7 - 3.9.8)
|
CVE-2019-14654
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 3.x.x Arbitrary File Upload (3.0.0 - 3.1.4)
|
CVE-2013-5576
CWE-434
|
CWE-434
|
High
|
|
Joomla! Core 3.x.x Cross-Site Request Forgery (3.0.0 - 3.9.26)
|
CVE-2021-26033
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.4.1)
|
CVE-2015-5397
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.4.5)
|
CVE-2015-8563
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.9.12)
|
CVE-2019-18650
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Cross-Site Request Forgery (3.7.0 - 3.9.18)
|
CVE-2020-13760
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Cross-Site Request Forgery (3.7.0 - 3.9.19)
|
CVE-2020-15700
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.2.2)
|
CVE-2014-7982
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.8.3)
|
CVE-2018-6380
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.11)
|
CVE-2019-16725
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.15)
|
CVE-2020-10242
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.18)
|
CVE-2020-13761
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.19)
|
CVE-2020-15696
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.25)
|
CVE-2021-26030
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.26)
|
CVE-2021-26032
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.27)
|
CVE-2021-26039
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.1.0 - 3.9.23)
|
CVE-2021-23125
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.1.2 - 3.2.2)
|
CVE-2014-7983
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.1.2 - 3.8.7)
|
CVE-2018-11328
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.2.0 - 3.9.3)
|
CVE-2019-9712
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.6.0 - 3.9.6)
|
CVE-2019-12766
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Cross-Site Scripting (3.7.0 - 3.10.6)
|
CVE-2022-23796
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5)
|
CVE-2014-7229
CWE-400
|
CWE-400
|
High
|
|
Joomla! Core 3.x.x Directory Traversal (3.0.0 - 3.9.24)
|
CVE-2021-23132
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core 3.x.x Directory Traversal (3.2.0 - 3.4.5)
|
CVE-2015-8565
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.8.7)
|
CVE-2018-11325
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.9.19)
|
CVE-2020-15698
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.x.x Information Disclosure (3.1.0 - 3.8.7)
|
CVE-2018-11327
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.x.x Information Disclosure (3.4.0 - 3.6.5)
|
CVE-2017-8057
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.x.x Information Disclosure (3.6.0 - 3.9.12)
|
CVE-2019-18674
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.x.x Information Disclosure (3.7.0 - 3.8.1)
|
CVE-2017-16633
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.x.x Information Disclosure (3.8.0 - 3.9.13)
|
CVE-2019-19845
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 3.x.x Local File Inclusion (3.0.0 - 3.9.25)
|
CVE-2021-26031
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core 3.x.x Multiple Cross-Site Request Forgery Vulnerabilities (3.0.0 - 3.9.14)
|
CVE-2020-8419
CVE-2020-8420
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Multiple Cross-Site Request Forgery Vulnerabilities (3.2.0 - 3.9.15)
|
CVE-2020-10241
CWE-352
|
CWE-352
|
High
|
|
Joomla! Core 3.x.x Multiple Cross-Site Scripting Vulnerabilities (3.0.0 - 3.8.7)
|
CVE-2018-11326
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Multiple Cross-Site Scripting Vulnerabilities (3.0.0 - 3.9.3)
|
CVE-2019-9711
CVE-2019-9714
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 3.x.x Multiple Vulnerabilities (3.0.0 - 3.6.4)
|
CVE-2016-9836
CVE-2016-9837
CWE-200
CWE-434
|
CWE-200
CWE-434
|
High
|
|
Joomla! Core 3.x.x Multiple Vulnerabilities (3.0.0 - 3.10.6)
|
CVE-2022-23793
CVE-2022-23794
CVE-2022-23797
CWE-22
CWE-89
CWE-200
|
CWE-22
CWE-89
CWE-200
|
High
|
|
Joomla! Core 3.x.x Multiple Vulnerabilities (3.2.0 - 3.6.5)
|
CVE-2017-7984
CVE-2017-7987
CVE-2017-7989
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Joomla! Core 3.x.x Multiple Vulnerabilities (3.4.4 - 3.6.3)
|
CVE-2016-8869
CVE-2016-8870
CVE-2016-9081
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Multiple Vulnerabilities (3.7.0 - 3.8.3)
|
CVE-2018-6376
CVE-2018-6377
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
Joomla! Core 3.x.x Open Redirect (3.0.0 - 3.4.1)
|
CVE-2015-5608
CWE-601
|
CWE-601
|
High
|
|
Joomla! Core 3.x.x Open Redirect (3.0.0 - 3.9.20)
|
CVE-2020-24598
CWE-601
|
CWE-601
|
High
|
|
Joomla! Core 3.x.x Prototype Pollution (3.0.0 - 3.9.4)
|
CVE-2019-11358
CWE-610
|
CWE-610
|
High
|
|
Joomla! Core 3.x.x Race Condition (3.0.0 - 3.8.7)
|
CVE-2018-11324
CWE-362
|
CWE-362
|
High
|
|
Joomla! Core 3.x.x Remote Code Execution (3.7.0 - 3.8.7)
|
CVE-2018-11321
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 3.x.x Remote File Inclusion (3.0.0 - 3.2.5)
|
CVE-2014-7228
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.2)
|
CVE-2014-7984
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.4)
|
CVE-2014-6632
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.4.4)
|
CVE-2015-7899
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.15)
|
CVE-2020-10240
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.19)
|
CVE-2020-15697
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.23)
|
CVE-2021-23123
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.24)
|
CVE-2021-26027
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.1.0 - 3.8.12)
|
CVE-2018-17857
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.4.4)
|
CVE-2015-7859
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.8.1)
|
CVE-2017-16634
CWE-287
|
CWE-287
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.9.4)
|
CVE-2019-10946
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.9.24)
|
CVE-2021-23128
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.7.0 - 3.8.11)
|
CVE-2018-15881
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.7.0 - 3.9.15)
|
CVE-2020-10239
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.8.0 - 3.9.3)
|
CVE-2019-9713
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.8.8 - 3.9.16)
|
CVE-2020-11891
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x Security Bypass (3.8.13 - 3.9.6)
|
CVE-2019-12764
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.4.6)
|
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.9.22)
|
CVE-2020-35613
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 3.x.x SQL Injection (3.1.0 - 3.2.2)
|
CVE-2014-7981
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 3.x.x SQL Injection (3.2.0 - 3.4.4)
|
CVE-2015-7297
CVE-2015-7857
CVE-2015-7858
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 3.x.x SQL Injection (3.5.0 - 3.8.5)
|
CVE-2018-8045
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core 4.0.0 Security Bypass (4.0.0)
|
CVE-2021-26040
CWE-284
|
CWE-284
|
High
|
|
Joomla! Core 4.2.0 Information Disclosure (4.2.0)
|
CVE-2022-27911
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core 4.x.x Cross-Site Scripting (4.0.0 - 4.2.4)
|
CVE-2022-27914
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core 4.x.x Multiple Vulnerabilities (4.0.0 - 4.1.0)
|
CVE-2022-23793
CVE-2022-23794
CVE-2022-23795
CVE-2022-23797
CVE-2022-23798
CVE-2022-23799
CVE-2022-23800
CVE-2022-23801
CWE-22
CWE-79
CWE-89
CWE-200
CWE-287
CWE-601
|
CWE-22
CWE-79
CWE-89
CWE-200
CWE-287
CWE-601
|
High
|
|
Joomla! Core 4.x.x Multiple Vulnerabilities (4.0.0 - 4.2.3)
|
CVE-2022-27912
CVE-2022-27913
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
Joomla! Core 4.x.x Multiple Vulnerabilities (4.0.0 - 4.2.6)
|
CVE-2023-23750
CVE-2023-23751
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
Joomla! Core 4.x.x Security Bypass (4.0.0 - 4.2.7)
|
CVE-2023-23752
CWE-287
|
CWE-287
|
High
|
|
Joomla! Core Arbitrary File Upload (2.5.0 - 3.8.7)
|
CVE-2018-11322
CWE-434
|
CWE-434
|
High
|
|
Joomla! Core Cross-Site Scripting (1.0.0 - 3.9.2)
|
CVE-2019-7742
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Cross-Site Scripting (1.5.0 - 3.7.3)
|
CVE-2017-11612
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Cross-Site Scripting (1.5.0 - 3.8.3)
|
CVE-2018-6379
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Cross-Site Scripting (1.6.0 - 3.6.0)
|
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Cross-Site Scripting (1.6.0 - 3.8.8)
|
CVE-2018-12711
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Cross-Site Scripting (1.7.0 - 3.9.5)
|
CVE-2019-11809
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Cross-Site Scripting (2.5.0 - 3.9.24)
|
CVE-2021-23129
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Denial of Service (2.5.0 - 3.9.27)
|
CVE-2021-26036
CWE-400
|
CWE-400
|
High
|
|
Joomla! Core Directory Traversal (1.5.0 - 3.9.4)
|
CVE-2019-10945
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core Directory Traversal (2.5.0 - 3.9.20)
|
CVE-2020-24597
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core Directory Traversal (2.5.0 - 3.9.22)
|
CVE-2020-35612
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core Information Disclosure (1.5.0 - 3.7.5)
|
CVE-2017-14596
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core Information Disclosure (1.5.0 - 3.8.1)
|
CVE-2017-14596
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core Information Disclosure (2.5.0 - 3.9.22)
|
CVE-2020-35611
CWE-200
|
CWE-200
|
High
|
|
Joomla! Core Local File Inclusion (2.5.0 - 3.8.8)
|
CVE-2018-12712
CWE-22
|
CWE-22
|
High
|
|
Joomla! Core Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 3.8.7)
|
CVE-2018-6378
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Multiple Cross-Site Scripting Vulnerabilities (2.5.0 - 3.9.1)
|
CVE-2019-6261
CVE-2019-6262
CVE-2019-6263
CVE-2019-6264
CWE-79
|
CWE-79
|
High
|
|
Joomla! Core Multiple SQL Injection Vulnerabilities (2.5.0 - 3.9.13)
|
CVE-2019-19846
CWE-89
|
CWE-89
|
High
|
|
Joomla! Core Multiple Vulnerabilities (1.5.0 - 3.7.2)
|
CVE-2017-7983
CVE-2017-7985
CVE-2017-7986
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
Joomla! Core Multiple Vulnerabilities (1.5.0 - 3.8.11)
|
CVE-2018-15880
CVE-2018-15882
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
Joomla! Core Multiple Vulnerabilities (1.7.3 - 3.7.2)
|
CVE-2017-9933
CVE-2017-9934
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.8.12)
|
CVE-2018-17858
CVE-2018-17859
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.9.2)
|
CVE-2019-7739
CVE-2019-7740
CVE-2019-7741
CVE-2019-7743
CVE-2019-7744
CWE-79
CWE-915
|
CWE-79
CWE-915
|
High
|
|
Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.10.6)
|
CVE-2022-23795
CVE-2022-23798
CWE-287
CWE-601
|
CWE-287
CWE-601
|
High
|
|
Joomla! Core PHP Object Injection (2.5.4 - 3.8.12)
|
CVE-2018-17856
CWE-915
|
CWE-915
|
High
|
|
Joomla! Core Privilege Escalation (1.6.0 - 3.6.4)
|
CVE-2016-9838
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Remote Code Execution (1.5.0 - 3.4.5)
|
CVE-2015-8562
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core Security Bypass (1.5.0 - 3.8.12)
|
CVE-2018-17855
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (1.6.0 - 3.6.0)
|
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (1.6.0 - 3.6.5)
|
CVE-2017-7988
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (1.6.0 - 3.9.24)
|
CVE-2021-26029
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (1.6.2 - 3.9.10)
|
CVE-2019-15028
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (1.7.0 - 3.9.22)
|
CVE-2020-35616
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (2.5.0 - 3.8.7)
|
CVE-2018-11323
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (2.5.0 - 3.9.15)
|
CVE-2020-10238
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (2.5.0 - 3.9.16)
|
CVE-2020-11890
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (2.5.0 - 3.9.18)
|
CVE-2020-13763
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (2.5.0 - 3.9.19)
|
CVE-2020-15699
CWE-264
|
CWE-264
|
High
|
|
Joomla! Core Security Bypass (2.5.0 - 3.9.27)
|
CVE-2021-26038
CWE-284
|
CWE-284
|
High
|
|
Joomla! Core SQL Injection (1.7.0 - 3.9.15)
|
CVE-2020-10243
CWE-89
|
CWE-89
|
High
|
|
Joomla Configuration Vulnerability (CVE-2008-3228)
|
CVE-2008-3228
|
|
High
|
|
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17858)
|
CVE-2018-17858
CWE-352
|
CWE-352
|
High
|
|
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18650)
|
CVE-2019-18650
CWE-352
|
CWE-352
|
High
|
|
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8419)
|
CVE-2020-8419
CWE-352
|
CWE-352
|
High
|
|
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8420)
|
CVE-2020-8420
CWE-352
|
CWE-352
|
High
|
|
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-10241)
|
CVE-2020-10241
CWE-352
|
CWE-352
|
High
|
|
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13760)
|
CVE-2020-13760
CWE-352
|
CWE-352
|
High
|
|
Joomla Cryptographic Issues Vulnerability (CVE-2014-7228)
|
CVE-2014-7228
|
|
High
|
|
Joomla CVE-2006-4469 Vulnerability (CVE-2006-4469)
|
CVE-2006-4469
|
|
High
|
|
Joomla CVE-2006-4470 Vulnerability (CVE-2006-4470)
|
CVE-2006-4470
|
|
High
|
|
Joomla CVE-2006-4472 Vulnerability (CVE-2006-4472)
|
CVE-2006-4472
|
|
High
|
|
Joomla CVE-2012-2747 Vulnerability (CVE-2012-2747)
|
CVE-2012-2747
|
|
High
|
|
Joomla CVE-2018-15881 Vulnerability (CVE-2018-15881)
|
CVE-2018-15881
|
|
High
|
|
Joomla CVE-2018-17856 Vulnerability (CVE-2018-17856)
|
CVE-2018-17856
|
|
High
|
|
Joomla CVE-2019-14654 Vulnerability (CVE-2019-14654)
|
CVE-2019-14654
|
|
High
|
|
Joomla CVE-2020-35610 Vulnerability (CVE-2020-35610)
|
CVE-2020-35610
|
|
High
|
|
Joomla CVE-2021-23132 Vulnerability (CVE-2021-23132)
|
CVE-2021-23132
|
|
High
|
|
Joomla CVE-2023-40626 Vulnerability (CVE-2023-40626)
|
CVE-2023-40626
|
|
High
|
|
Joomla Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-10238)
|
CVE-2020-10238
CWE-668
|
CWE-668
|
High
|
|
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1432)
|
CVE-2010-1432
CWE-200
|
CWE-200
|
High
|
|
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4937)
|
CVE-2011-4937
CWE-200
|
CWE-200
|
High
|
|
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9933)
|
CVE-2017-9933
CWE-200
|
CWE-200
|
High
|
|
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35611)
|
CVE-2020-35611
CWE-200
|
CWE-200
|
High
|
|
Joomla Improper Access Control Vulnerability (CVE-2016-9838)
|
CVE-2016-9838
CWE-284
|
CWE-284
|
High
|
|
Joomla Improper Authentication Vulnerability (CVE-2014-6632)
|
CVE-2014-6632
CWE-287
|
CWE-287
|
High
|
|
Joomla Improper Certificate Validation Vulnerability (CVE-2017-11364)
|
CVE-2017-11364
CWE-295
|
CWE-295
|
High
|
|
Joomla Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-26038)
|
CVE-2021-26038
CWE-754
|
CWE-754
|
High
|
|
Joomla Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-5671)
|
CVE-2008-5671
CWE-94
|
CWE-94
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2008-4105)
|
CVE-2008-4105
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2015-8562)
|
CVE-2015-8562
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2015-8564)
|
CVE-2015-8564
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2015-8565)
|
CVE-2015-8565
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2016-8870)
|
CVE-2016-8870
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2018-12712)
|
CVE-2018-12712
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2020-35616)
|
CVE-2020-35616
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2021-23131)
|
CVE-2021-23131
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Input Validation Vulnerability (CVE-2021-26036)
|
CVE-2021-26036
CWE-20
|
CWE-20
|
High
|
|
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-35612)
|
CVE-2020-35612
CWE-22
|
CWE-22
|
High
|
|
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-23793)
|
CVE-2022-23793
CWE-22
|
CWE-22
|
High
|
|
Joomla Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3227)
|
CVE-2008-3227
CWE-59
|
CWE-59
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-1049)
|
CVE-2006-1049
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0795)
|
CVE-2008-0795
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-1935)
|
CVE-2008-1935
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6852)
|
CVE-2008-6852
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1499)
|
CVE-2009-1499
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-2679)
|
CVE-2010-2679
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4166)
|
CVE-2010-4166
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4696)
|
CVE-2010-4696
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1116)
|
CVE-2012-1116
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)
|
CVE-2014-7981
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)
|
CVE-2015-4654
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7297)
|
CVE-2015-7297
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7857)
|
CVE-2015-7857
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7858)
|
CVE-2015-7858
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)
|
CVE-2015-8769
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8045)
|
CVE-2018-8045
CWE-138
|
CWE-138
|
High
|
|
Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)
|
CVE-2020-13763
CWE-281
|
CWE-281
|
High
|
|
Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)
|
CVE-2012-1563
CWE-269
|
CWE-269
|
High
|
|
Joomla Improper Privilege Management Vulnerability (CVE-2018-11323)
|
CVE-2018-11323
CWE-269
|
CWE-269
|
High
|
|
Joomla Improper Privilege Management Vulnerability (CVE-2018-17855)
|
CVE-2018-17855
CWE-269
|
CWE-269
|
High
|
|
Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)
|
CVE-2023-23755
CWE-307
|
CWE-307
|
High
|
|
Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)
|
CVE-2011-3629
CWE-326
|
CWE-326
|
High
|
|
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)
|
CVE-2019-10946
CWE-306
|
CWE-306
|
High
|
|
Joomla Missing Authorization Vulnerability (CVE-2019-9713)
|
CVE-2019-9713
CWE-862
|
CWE-862
|
High
|
|
Joomla Missing Authorization Vulnerability (CVE-2020-10239)
|
CVE-2020-10239
CWE-862
|
CWE-862
|
High
|
|
Joomla Numeric Errors Vulnerability (CVE-2008-4102)
|
CVE-2008-4102
|
|
High
|
|
Joomla Other Vulnerability (CVE-2005-3772)
|
CVE-2005-3772
|
|
High
|
|
Joomla Other Vulnerability (CVE-2006-1028)
|
CVE-2006-1028
|
|
High
|
|
Joomla Other Vulnerability (CVE-2006-2960)
|
CVE-2006-2960
|
|
High
|
|
Joomla Other Vulnerability (CVE-2006-3481)
|
CVE-2006-3481
|
|
High
|
|
Joomla Other Vulnerability (CVE-2006-6833)
|
CVE-2006-6833
|
|
High
|
|
Joomla Other Vulnerability (CVE-2006-7008)
|
CVE-2006-7008
|
|
High
|
|
Joomla Other Vulnerability (CVE-2006-7009)
|
CVE-2006-7009
|
|
High
|
|
Joomla Other Vulnerability (CVE-2006-7010)
|
CVE-2006-7010
|
|
High
|
|
Joomla Other Vulnerability (CVE-2007-0374)
|
CVE-2007-0374
|
|
High
|
|
Joomla Other Vulnerability (CVE-2007-4184)
|
CVE-2007-4184
|
|
High
|
|
Joomla Other Vulnerability (CVE-2013-1453)
|
CVE-2013-1453
|
|
High
|
|
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4475)
|
CVE-2006-4475
CWE-264
|
CWE-264
|
High
|
|
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)
|
CVE-2006-4476
CWE-264
|
CWE-264
|
High
|
|
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)
|
CVE-2012-1598
CWE-264
|
CWE-264
|
High
|
|
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)
|
CVE-2014-7984
CWE-264
|
CWE-264
|
High
|
|
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)
|
CVE-2016-9837
CWE-264
|
CWE-264
|
High
|
|
Joomla Session Fixation Vulnerability (CVE-2010-1434)
|
CVE-2010-1434
CWE-384
|
CWE-384
|
High
|
|
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)
|
CVE-2018-11322
CWE-434
|
CWE-434
|
High
|
|
Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)
|
CVE-2012-1562
CWE-330
|
CWE-330
|
High
|
|
jQuery Validation Other Vulnerability (CVE-2021-43306)
|
CVE-2021-43306
|
|
High
|
|
jQuery Validation Other Vulnerability (CVE-2022-31147)
|
CVE-2022-31147
|
|
High
|
|
jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)
|
CVE-2021-21252
CWE-400
|
CWE-400
|
High
|
|
jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)
|
CVE-2022-48285
CWE-22
|
CWE-22
|
High
|
|
Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)
|
CVE-2021-27306
CWE-863
|
CWE-863
|
High
|
|
Kong Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
|
CVE-2024-26271
CWE-352
|
CWE-352
|
High
|
|
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
|
CVE-2024-26272
CWE-352
|
CWE-352
|
High
|
|
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)
|
CVE-2024-26273
CWE-352
|
CWE-352
|
High
|
|
Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266)
|
CVE-2021-38266
|
|
High
|
|
Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)
|
CVE-2024-25148
|
|
High
|
|
Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)
|
CVE-2020-15842
CWE-502
|
CWE-502
|
High
|
|
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
|
CVE-2022-42123
CWE-22
|
CWE-22
|
High
|
|
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)
|
CVE-2022-42121
CWE-138
|
CWE-138
|
High
|
|
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)
|
CVE-2023-33945
CWE-138
|
CWE-138
|
High
|
|
Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)
|
CVE-2024-25606
CWE-611
|
CWE-611
|
High
|
|
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002)
|
CVE-2024-38002
CWE-863
|
CWE-863
|
High
|
|
Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
|
CVE-2022-42124
CWE-1333
|
CWE-1333
|
High
|
|
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)
|
CVE-2023-33949
CWE-1188
|
CWE-1188
|
High
|
|
Liferay DXP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607)
|
CVE-2024-25607
CWE-916
|
CWE-916
|
High
|
|
Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)
|
CVE-2020-13445
CWE-138
|
CWE-138
|
High
|
|
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444)
|
CVE-2019-11444
CWE-138
|
CWE-138
|
High
|
|
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884)
|
CVE-2020-28884
CWE-138
|
CWE-138
|
High
|
|
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885)
|
CVE-2020-28885
CWE-138
|
CWE-138
|
High
|
|
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)
|
CVE-2021-33323
CWE-312
|
CWE-312
|
High
|
|
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)
|
CVE-2021-33338
CWE-352
|
CWE-352
|
High
|
|
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)
|
CVE-2023-35030
CWE-352
|
CWE-352
|
High
|
|
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
|
CVE-2024-26271
CWE-352
|
CWE-352
|
High
|
|
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
|
CVE-2024-26272
CWE-352
|
CWE-352
|
High
|
|
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)
|
CVE-2024-26273
CWE-352
|
CWE-352
|
High
|
|
Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)
|
CVE-2020-15841
|
|
High
|
|
Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)
|
CVE-2021-38266
|
|
High
|
|
Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)
|
CVE-2024-25148
|
|
High
|
|
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)
|
CVE-2019-16891
CWE-502
|
CWE-502
|
High
|
|
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)
|
CVE-2020-15842
CWE-502
|
CWE-502
|
High
|
|
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)
|
CVE-2021-29047
CWE-287
|
CWE-287
|
High
|
|
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)
|
CVE-2022-28981
CWE-22
|
CWE-22
|
High
|
|
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
|
CVE-2022-42123
CWE-22
|
CWE-22
|
High
|
|
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)
|
CVE-2022-42125
CWE-22
|
CWE-22
|
High
|
|
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-29053)
|
CVE-2021-29053
CWE-138
|
CWE-138
|
High
|
|
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)
|
CVE-2022-42121
CWE-138
|
CWE-138
|
High
|
|
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)
|
CVE-2023-33945
CWE-138
|
CWE-138
|
High
|
|
Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)
|
CVE-2024-25606
CWE-611
|
CWE-611
|
High
|
|
Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335)
|
CVE-2021-33335
CWE-863
|
CWE-863
|
High
|
|
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)
|
CVE-2024-38002
CWE-863
|
CWE-863
|
High
|
|
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
|
CVE-2022-42124
CWE-1333
|
CWE-1333
|
High
|
|
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950)
|
CVE-2023-33950
CWE-1333
|
CWE-1333
|
High
|
|
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)
|
CVE-2023-33949
CWE-1188
|
CWE-1188
|
High
|
|
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2021-33322)
|
CVE-2021-33322
CWE-613
|
CWE-613
|
High
|
|
Liferay Portal Missing Authorization Vulnerability (CVE-2023-33948)
|
CVE-2023-33948
CWE-862
|
CWE-862
|
High
|
|
Liferay Portal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5327)
|
CVE-2010-5327
CWE-264
|
CWE-264
|
High
|
|
Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-10795)
|
CVE-2018-10795
CWE-434
|
CWE-434
|
High
|
|
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24554)
|
CVE-2020-24554
CWE-601
|
CWE-601
|
High
|
|
Liferay Portal Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607)
|
CVE-2024-25607
CWE-916
|
CWE-916
|
High
|
|
Liferay Portal Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-33321)
|
CVE-2021-33321
CWE-640
|
CWE-640
|
High
|
|
Liferay version older than 7.0
|
CWE-502
|
CWE-502
|
High
|
|
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4359)
|
CVE-2008-4359
CWE-200
|
CWE-200
|
High
|
|
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4360)
|
CVE-2008-4360
CWE-200
|
CWE-200
|
High
|
|
Lighttpd Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-19052)
|
CVE-2018-19052
CWE-22
|
CWE-22
|
High
|
|
Lighttpd Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2015-3200)
|
CVE-2015-3200
CWE-138
|
CWE-138
|
High
|
|
Lighttpd Inadequate Encryption Strength Vulnerability (CVE-2013-4508)
|
CVE-2013-4508
CWE-326
|
CWE-326
|
High
|
|
Lighttpd Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-41556)
|
CVE-2022-41556
CWE-401
|
CWE-401
|
High
|
|
Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)
|
CVE-2022-37797
CWE-476
|
CWE-476
|
High
|
|
Lighttpd Other Vulnerability (CVE-2007-1870)
|
CVE-2007-1870
|
|
High
|
|
Lighttpd Other Vulnerability (CVE-2007-3949)
|
CVE-2007-3949
|
|
High
|
|
Lighttpd Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4559)
|
CVE-2013-4559
CWE-264
|
CWE-264
|
High
|
|
Lighttpd Uncontrolled Resource Consumption Vulnerability (CVE-2022-30780)
|
CVE-2022-30780
CWE-400
|
CWE-400
|
High
|
|
LimeSurvey CVE-2009-1604 Vulnerability (CVE-2009-1604)
|
CVE-2009-1604
|
|
High
|
|
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16177)
|
CVE-2019-16177
CWE-200
|
CWE-200
|
High
|
|
LimeSurvey Improper Input Validation Vulnerability (CVE-2019-15640)
|
CVE-2019-15640
CWE-20
|
CWE-20
|
High
|
|
LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000659)
|
CVE-2018-1000659
CWE-22
|
CWE-22
|
High
|
|
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4927)
|
CVE-2012-4927
CWE-138
|
CWE-138
|
High
|
|
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-5017)
|
CVE-2014-5017
CWE-138
|
CWE-138
|
High
|
|
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43279)
|
CVE-2022-43279
CWE-138
|
CWE-138
|
High
|
|
LimeSurvey Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-16174)
|
CVE-2019-16174
CWE-611
|
CWE-611
|
High
|
|
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16185)
|
CVE-2019-16185
CWE-276
|
CWE-276
|
High
|
|
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16186)
|
CVE-2019-16186
CWE-276
|
CWE-276
|
High
|
|
LimeSurvey Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-16187)
|
CVE-2019-16187
CWE-732
|
CWE-732
|
High
|
|
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-1000658)
|
CVE-2018-1000658
CWE-434
|
CWE-434
|
High
|
|
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-44967)
|
CVE-2021-44967
CWE-434
|
CWE-434
|
High
|
|
Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-8203)
|
CVE-2020-8203
CWE-1321
|
CWE-1321
|
High
|
|
Lodash Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-23337)
|
CVE-2021-23337
CWE-138
|
CWE-138
|
High
|
|
Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7854)
|
CVE-2019-7854
CWE-639
|
CWE-639
|
High
|
|
Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7890)
|
CVE-2019-7890
CWE-639
|
CWE-639
|
High
|
|
Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7950)
|
CVE-2019-7950
CWE-639
|
CWE-639
|
High
|
|
Magento Cacheleak
|
CWE-200
|
CWE-200
|
High
|
|
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-7865)
|
CVE-2019-7865
CWE-352
|
CWE-352
|
High
|
|
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8109)
|
CVE-2019-8109
CWE-352
|
CWE-352
|
High
|
|
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8155)
|
CVE-2019-8155
CWE-352
|
CWE-352
|
High
|
|
Magento Cryptographic Issues Vulnerability (CVE-2019-7858)
|
CVE-2019-7858
|
|
High
|
|
Magento Cryptographic Issues Vulnerability (CVE-2019-7860)
|
CVE-2019-7860
|
|
High
|
|
Magento Cryptographic Issues Vulnerability (CVE-2019-7886)
|
CVE-2019-7886
|
|
High
|
|
Magento CVE-2019-7876 Vulnerability (CVE-2019-7876)
|
CVE-2019-7876
|
|
High
|
|
Magento CVE-2019-7895 Vulnerability (CVE-2019-7895)
|
CVE-2019-7895
|
|
High
|
|
Magento CVE-2019-7896 Vulnerability (CVE-2019-7896)
|
CVE-2019-7896
|
|
High
|
|
Magento CVE-2019-7915 Vulnerability (CVE-2019-7915)
|
CVE-2019-7915
|
|
High
|
|
Magento CVE-2019-7928 Vulnerability (CVE-2019-7928)
|
CVE-2019-7928
|
|
High
|
|
Magento CVE-2019-8091 Vulnerability (CVE-2019-8091)
|
CVE-2019-8091
|
|
High
|
|
Magento CVE-2019-8110 Vulnerability (CVE-2019-8110)
|
CVE-2019-8110
|
|
High
|
|
Magento CVE-2019-8111 Vulnerability (CVE-2019-8111)
|
CVE-2019-8111
|
|
High
|
|
Magento CVE-2019-8119 Vulnerability (CVE-2019-8119)
|
CVE-2019-8119
|
|
High
|
|
Magento CVE-2019-8122 Vulnerability (CVE-2019-8122)
|
CVE-2019-8122
|
|
High
|
|
Magento CVE-2019-8125 Vulnerability (CVE-2019-8125)
|
CVE-2019-8125
|
|
High
|
|
Magento CVE-2019-8137 Vulnerability (CVE-2019-8137)
|
CVE-2019-8137
|
|
High
|
|
Magento CVE-2019-8150 Vulnerability (CVE-2019-8150)
|
CVE-2019-8150
|
|
High
|
|
Magento CVE-2019-8229 Vulnerability (CVE-2019-8229)
|
CVE-2019-8229
|
|
High
|
|
Magento CVE-2019-8230 Vulnerability (CVE-2019-8230)
|
CVE-2019-8230
|
|
High
|
|
Magento CVE-2019-8231 Vulnerability (CVE-2019-8231)
|
CVE-2019-8231
|
|
High
|
|
Magento CVE-2021-36021 Vulnerability (CVE-2021-36021)
|
CVE-2021-36021
|
|
High
|
|
Magento Deserialization of Untrusted Data Vulnerability (CVE-2019-8141)
|
CVE-2019-8141
CWE-502
|
CWE-502
|
High
|
|
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7951)
|
CVE-2019-7951
CWE-200
|
CWE-200
|
High
|
|
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)
|
CVE-2020-9591
CWE-200
|
CWE-200
|
High
|
|
Magento Improper Access Control Vulnerability (CVE-2021-36036)
|
CVE-2021-36036
CWE-284
|
CWE-284
|
High
|
|
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7871)
|
CVE-2019-7871
CWE-94
|
CWE-94
|
High
|
|
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7903)
|
CVE-2019-7903
CWE-94
|
CWE-94
|
High
|
|
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7932)
|
CVE-2019-7932
CWE-94
|
CWE-94
|
High
|
|
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7942)
|
CVE-2019-7942
CWE-94
|
CWE-94
|
High
|
|
Magento Improper Input Validation Vulnerability (CVE-2015-6497)
|
CVE-2015-6497
CWE-20
|
CWE-20
|
High
|
|
Magento Improper Input Validation Vulnerability (CVE-2019-7885)
|
CVE-2019-7885
CWE-20
|
CWE-20
|
High
|
|
Magento Improper Input Validation Vulnerability (CVE-2022-42344)
|
CVE-2022-42344
CWE-20
|
CWE-20
|
High
|
|
Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-7859)
|
CVE-2019-7859
CWE-22
|
CWE-22
|
High
|
|
Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28584)
|
CVE-2021-28584
CWE-22
|
CWE-22
|
High
|
|
Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-34254)
|
CVE-2022-34254
CWE-22
|
CWE-22
|
High
|
|
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21030)
|
CVE-2021-21030
CWE-707
|
CWE-707
|
High
|
|
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-8159)
|
CVE-2019-8159
CWE-138
|
CWE-138
|
High
|
|
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21015)
|
CVE-2021-21015
CWE-138
|
CWE-138
|
High
|
|
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-36023)
|
CVE-2021-36023
CWE-138
|
CWE-138
|
High
|
|
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8127)
|
CVE-2019-8127
CWE-138
|
CWE-138
|
High
|
|
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8130)
|
CVE-2019-8130
CWE-138
|
CWE-138
|
High
|
|
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8134)
|
CVE-2019-8134
CWE-138
|
CWE-138
|
High
|
|
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-3719)
|
CVE-2020-3719
CWE-138
|
CWE-138
|
High
|
|
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-24400)
|
CVE-2020-24400
CWE-138
|
CWE-138
|
High
|
|
Magento Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2019-8154)
|
CVE-2019-8154
CWE-829
|
CWE-829
|
High
|
|
Magento Incorrect Authorization Vulnerability (CVE-2020-9587)
|
CVE-2020-9587
CWE-863
|
CWE-863
|
High
|
|
Magento Incorrect Authorization Vulnerability (CVE-2022-34255)
|
CVE-2022-34255
CWE-863
|
CWE-863
|
High
|
|
Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8112)
|
CVE-2019-8112
CWE-345
|
CWE-345
|
High
|
|
Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8124)
|
CVE-2019-8124
CWE-345
|
CWE-345
|
High
|
|
Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9588)
|
CVE-2020-9588
|
|
High
|
|
Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-15151)
|
CVE-2020-15151
|
|
High
|
|
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7892)
|
CVE-2019-7892
CWE-918
|
CWE-918
|
High
|
|
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7911)
|
CVE-2019-7911
CWE-918
|
CWE-918
|
High
|
|
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7913)
|
CVE-2019-7913
CWE-918
|
CWE-918
|
High
|
|
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7923)
|
CVE-2019-7923
CWE-918
|
CWE-918
|
High
|
|
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8151)
|
CVE-2019-8151
CWE-918
|
CWE-918
|
High
|
|
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8156)
|
CVE-2019-8156
CWE-918
|
CWE-918
|
High
|
|
Magento Session Fixation Vulnerability (CVE-2019-7849)
|
CVE-2019-7849
CWE-384
|
CWE-384
|
High
|
|
Magento Session Fixation Vulnerability (CVE-2019-8116)
|
CVE-2019-8116
CWE-384
|
CWE-384
|
High
|
|
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7861)
|
CVE-2019-7861
CWE-434
|
CWE-434
|
High
|
|
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912)
|
CVE-2019-7912
CWE-434
|
CWE-434
|
High
|
|
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7930)
|
CVE-2019-7930
CWE-434
|
CWE-434
|
High
|
|
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8093)
|
CVE-2019-8093
CWE-434
|
CWE-434
|
High
|
|
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8114)
|
CVE-2019-8114
CWE-434
|
CWE-434
|
High
|
|
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2022-34253)
|
CVE-2022-34253
CWE-91
|
CWE-91
|
High
|
|
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6893)
|
CVE-2016-6893
CWE-352
|
CWE-352
|
High
|
|
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-42097)
|
CVE-2021-42097
CWE-352
|
CWE-352
|
High
|
|
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-44227)
|
CVE-2021-44227
CWE-352
|
CWE-352
|
High
|
|
Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2775)
|
CVE-2015-2775
CWE-22
|
CWE-22
|
High
|
|
Mailman Other Vulnerability (CVE-2000-0861)
|
CVE-2000-0861
|
|
High
|
|
Mailman Other Vulnerability (CVE-2001-1132)
|
CVE-2001-1132
|
|
High
|
|
Mailman Other Vulnerability (CVE-2002-0388)
|
CVE-2002-0388
|
|
High
|
|
Mailman Other Vulnerability (CVE-2002-0855)
|
CVE-2002-0855
|
|
High
|
|
Mailman Other Vulnerability (CVE-2004-1143)
|
CVE-2004-1143
|
|
High
|
|
Mailman Other Vulnerability (CVE-2005-4153)
|
CVE-2005-4153
|
|
High
|
|
Mailman Other Vulnerability (CVE-2006-2191)
|
CVE-2006-2191
|
|
High
|
|
markdown-it Inefficient Regular Expression Complexity Vulnerability (CVE-2015-10005)
|
CVE-2015-10005
CWE-1333
|
CWE-1333
|
High
|
|
Masa CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-42183)
|
CVE-2021-42183
CWE-22
|
CWE-22
|
High
|
|
math.js Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2020-7743)
|
CVE-2020-7743
CWE-915
|
CWE-915
|
High
|
|
MathJax Inefficient Regular Expression Complexity Vulnerability (CVE-2023-39663)
|
CVE-2023-39663
CWE-1333
|
CWE-1333
|
High
|
|
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41799)
|
CVE-2021-41799
CWE-770
|
CWE-770
|
High
|
|
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-34750)
|
CVE-2022-34750
CWE-770
|
CWE-770
|
High
|
|
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-45371)
|
CVE-2023-45371
CWE-770
|
CWE-770
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6728)
|
CVE-2015-6728
CWE-352
|
CWE-352
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8623)
|
CVE-2015-8623
CWE-352
|
CWE-352
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8624)
|
CVE-2015-8624
CWE-352
|
CWE-352
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-0362)
|
CVE-2017-0362
CWE-352
|
CWE-352
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12466)
|
CVE-2019-12466
CWE-352
|
CWE-352
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-29004)
|
CVE-2020-29004
CWE-352
|
CWE-352
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35626)
|
CVE-2020-35626
CWE-352
|
CWE-352
|
High
|
|
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-46147)
|
CVE-2021-46147
CWE-352
|
CWE-352
|
High
|
|
MediaWiki CVE-2017-0371 Vulnerability (CVE-2017-0371)
|
CVE-2017-0371
|
|
High
|
|
MediaWiki CVE-2019-12472 Vulnerability (CVE-2019-12472)
|
CVE-2019-12472
|
|
High
|
|
MediaWiki CVE-2019-12473 Vulnerability (CVE-2019-12473)
|
CVE-2019-12473
|
|
High
|
|
MediaWiki CVE-2019-12474 Vulnerability (CVE-2019-12474)
|
CVE-2019-12474
|
|
High
|
|
MediaWiki CVE-2022-28204 Vulnerability (CVE-2022-28204)
|
CVE-2022-28204
|
|
High
|
|
MediaWiki CVE-2022-28323 Vulnerability (CVE-2022-28323)
|
CVE-2022-28323
|
|
High
|
|
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-0367)
|
CVE-2017-0367
CWE-668
|
CWE-668
|
High
|
|
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-35197)
|
CVE-2021-35197
CWE-668
|
CWE-668
|
High
|
|
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0046)
|
CVE-2012-0046
CWE-200
|
CWE-200
|
High
|
|
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1817)
|
CVE-2013-1817
CWE-200
|
CWE-200
|
High
|
|
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8625)
|
CVE-2015-8625
CWE-200
|
CWE-200
|
High
|
|
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6332)
|
CVE-2016-6332
CWE-200
|
CWE-200
|
High
|
|
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6335)
|
CVE-2016-6335
CWE-200
|
CWE-200
|
High
|
|
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-0361)
|
CVE-2017-0361
CWE-200
|
CWE-200
|
High
|
|
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8810)
|
CVE-2017-8810
CWE-200
|
CWE-200
|
High
|
|
MediaWiki Improper Access Control Vulnerability (CVE-2012-4380)
|
CVE-2012-4380
CWE-284
|
CWE-284
|
High
|
|
MediaWiki Improper Access Control Vulnerability (CVE-2015-8008)
|
CVE-2015-8008
CWE-284
|
CWE-284
|
High
|
|
MediaWiki Improper Access Control Vulnerability (CVE-2016-6331)
|
CVE-2016-6331
CWE-284
|
CWE-284
|
High
|
|
MediaWiki Improper Access Control Vulnerability (CVE-2016-6337)
|
CVE-2016-6337
CWE-284
|
CWE-284
|
High
|
|
MediaWiki Improper Authentication Vulnerability (CVE-2013-4304)
|
CVE-2013-4304
CWE-287
|
CWE-287
|
High
|
|
MediaWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-35475)
|
CVE-2020-35475
CWE-116
|
CWE-116
|
High
|
|
MediaWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-25869)
|
CVE-2020-25869
CWE-755
|
CWE-755
|
High
|
|
MediaWiki Improper Input Validation Vulnerability (CVE-2013-1816)
|
CVE-2013-1816
CWE-20
|
CWE-20
|
High
|
|
MediaWiki Improper Input Validation Vulnerability (CVE-2013-6453)
|
CVE-2013-6453
CWE-20
|
CWE-20
|
High
|
|
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8814)
|
CVE-2017-8814
CWE-20
|
CWE-20
|
High
|
|
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8815)
|
CVE-2017-8815
CWE-20
|
CWE-20
|
High
|
|
MediaWiki Improper Input Validation Vulnerability (CVE-2021-31555)
|
CVE-2021-31555
CWE-20
|
CWE-20
|
High
|
|
MediaWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2011-0537)
|
CVE-2011-0537
CWE-22
|
CWE-22
|
High
|
|
MediaWiki Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2014-9277)
|
CVE-2014-9277
CWE-138
|
CWE-138
|
High
|
|
MediaWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2020-25827)
|
CVE-2020-25827
CWE-307
|
CWE-307
|
High
|
|
MediaWiki Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4571)
|
CVE-2013-4571
CWE-119
|
CWE-119
|
High
|
|
MediaWiki Incorrect Authorization Vulnerability (CVE-2020-26121)
|
CVE-2020-26121
CWE-863
|
CWE-863
|
High
|
|
MediaWiki Incorrect Authorization Vulnerability (CVE-2021-36132)
|
CVE-2021-36132
CWE-863
|
CWE-863
|
High
|
|
MediaWiki Incorrect Authorization Vulnerability (CVE-2021-41801)
|
CVE-2021-41801
CWE-863
|
CWE-863
|
High
|
|
MediaWiki Incorrect Default Permissions Vulnerability (CVE-2021-44858)
|
CVE-2021-44858
CWE-276
|
CWE-276
|
High
|
|
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-35625)
|
CVE-2020-35625
CWE-732
|
CWE-732
|
High
|
|
MediaWiki Insufficiently Protected Credentials Vulnerability (CVE-2020-29005)
|
CVE-2020-29005
CWE-522
|
CWE-522
|
High
|
|
MediaWiki Insufficiently Protected Credentials Vulnerability (CVE-2020-35623)
|
CVE-2020-35623
CWE-522
|
CWE-522
|
High
|
|
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-36125)
|
CVE-2021-36125
CWE-835
|
CWE-835
|
High
|
|
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-42040)
|
CVE-2021-42040
CWE-835
|
CWE-835
|
High
|
|
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-45363)
|
CVE-2023-45363
CWE-835
|
CWE-835
|
High
|
|
MediaWiki Other Vulnerability (CVE-2004-1405)
|
CVE-2004-1405
|
|
High
|
|
MediaWiki Other Vulnerability (CVE-2004-2186)
|
CVE-2004-2186
|
|
High
|
|
MediaWiki Other Vulnerability (CVE-2005-0535)
|
CVE-2005-0535
|
|
High
|
|
MediaWiki Other Vulnerability (CVE-2005-4031)
|
CVE-2005-4031
|
|
High
|
|
MediaWiki Release of Invalid Pointer or Reference Vulnerability (CVE-2022-28203)
|
CVE-2022-28203
CWE-763
|
CWE-763
|
High
|
|
MediaWiki remote code execution
|
CVE-2014-1610
CWE-20
|
CWE-20
|
High
|
|
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2936)
|
CVE-2015-2936
|
|
High
|
|
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2937)
|
CVE-2015-2937
|
|
High
|
|
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2942)
|
CVE-2015-2942
|
|
High
|
|
MediaWiki Session Fixation Vulnerability (CVE-2013-4572)
|
CVE-2013-4572
CWE-384
|
CWE-384
|
High
|
|
MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2021-46149)
|
CVE-2021-46149
CWE-400
|
CWE-400
|
High
|
|
MediaWiki Use of Hard-coded Credentials Vulnerability (CVE-2012-4381)
|
CVE-2012-4381
CWE-798
|
CWE-798
|
High
|
|
Microsoft IIS5 NTLM and Basic authentication bypass
|
CVE-2007-2815
CWE-264
|
CWE-264
|
High
|
|
Microsoft SQL Server CVE-2023-21528 Vulnerability (CVE-2023-21528)
|
CVE-2023-21528
|
|
High
|
|
Microsoft SQL Server CVE-2023-21704 Vulnerability (CVE-2023-21704)
|
CVE-2023-21704
|
|
High
|
|
Microsoft SQL Server CVE-2023-21705 Vulnerability (CVE-2023-21705)
|
CVE-2023-21705
|
|
High
|
|
Microsoft SQL Server CVE-2023-21713 Vulnerability (CVE-2023-21713)
|
CVE-2023-21713
|
|
High
|
|
Microsoft SQL Server CVE-2023-21718 Vulnerability (CVE-2023-21718)
|
CVE-2023-21718
|
|
High
|
|
Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)
|
CVE-2023-23384
|
|
High
|
|
Microsoft SQL Server CVE-2023-29349 Vulnerability (CVE-2023-29349)
|
CVE-2023-29349
|
|
High
|
|
Microsoft SQL Server CVE-2023-29356 Vulnerability (CVE-2023-29356)
|
CVE-2023-29356
|
|
High
|
|
Microsoft SQL Server CVE-2023-32025 Vulnerability (CVE-2023-32025)
|
CVE-2023-32025
|
|
High
|
|
Microsoft SQL Server CVE-2023-32026 Vulnerability (CVE-2023-32026)
|
CVE-2023-32026
|
|
High
|
|
Microsoft SQL Server CVE-2023-32027 Vulnerability (CVE-2023-32027)
|
CVE-2023-32027
|
|
High
|
|
Microsoft SQL Server CVE-2023-32028 Vulnerability (CVE-2023-32028)
|
CVE-2023-32028
|
|
High
|
|
Microsoft SQL Server CVE-2023-36417 Vulnerability (CVE-2023-36417)
|
CVE-2023-36417
|
|
High
|
|
Microsoft SQL Server CVE-2023-36420 Vulnerability (CVE-2023-36420)
|
CVE-2023-36420
|
|
High
|
|
Microsoft SQL Server CVE-2023-36730 Vulnerability (CVE-2023-36730)
|
CVE-2023-36730
|
|
High
|
|
Microsoft SQL Server CVE-2023-38169 Vulnerability (CVE-2023-38169)
|
CVE-2023-38169
|
|
High
|
|
Microsoft SQL Server CVE-2024-0056 Vulnerability (CVE-2024-0056)
|
CVE-2024-0056
|
|
High
|
|
Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2021-1636)
|
CVE-2021-1636
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-1999-1556)
|
CVE-1999-1556
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2000-0199)
|
CVE-2000-0199
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2000-0202)
|
CVE-2000-0202
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2001-0344)
|
CVE-2001-0344
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2001-0542)
|
CVE-2001-0542
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2002-0056)
|
CVE-2002-0056
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2002-0154)
|
CVE-2002-0154
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2002-1137)
|
CVE-2002-1137
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2002-1138)
|
CVE-2002-1138
|
|
High
|
|
Microsoft SQL Server Other Vulnerability (CVE-2003-0232)
|
CVE-2003-0232
|
|
High
|
|
Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2003-0230)
|
CVE-2003-0230
CWE-264
|
CWE-264
|
High
|
|
Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5090)
|
CVE-2007-5090
CWE-264
|
CWE-264
|
High
|
|
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2019-1068)
|
CVE-2019-1068
|
|
High
|
|
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2020-0618)
|
CVE-2020-0618
|
|
High
|
|
Missing Authentication Check in SAP Solution Manager
|
CVE-2020-6207
CWE-287
|
CWE-287
|
High
|
|
MODX CVE-2017-7323 Vulnerability (CVE-2017-7323)
|
CVE-2017-7323
|
|
High
|
|
MODX Improper Certificate Validation Vulnerability (CVE-2017-7322)
|
CVE-2017-7322
CWE-295
|
CWE-295
|
High
|
|
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10037)
|
CVE-2016-10037
CWE-22
|
CWE-22
|
High
|
|
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10038)
|
CVE-2016-10038
CWE-22
|
CWE-22
|
High
|
|
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10039)
|
CVE-2016-10039
CWE-22
|
CWE-22
|
High
|
|
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)
|
CVE-2017-9067
CWE-22
|
CWE-22
|
High
|
|
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000208)
|
CVE-2018-1000208
CWE-22
|
CWE-22
|
High
|
|
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2311)
|
CVE-2014-2311
CWE-138
|
CWE-138
|
High
|
|
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2736)
|
CVE-2014-2736
CWE-138
|
CWE-138
|
High
|
|
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000067)
|
CVE-2017-1000067
CWE-138
|
CWE-138
|
High
|
|
MODX Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1000207)
|
CVE-2018-1000207
CWE-732
|
CWE-732
|
High
|
|
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9069)
|
CVE-2017-9069
CWE-434
|
CWE-434
|
High
|
|
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1010123)
|
CVE-2019-1010123
CWE-434
|
CWE-434
|
High
|
|
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26149)
|
CVE-2022-26149
CWE-434
|
CWE-434
|
High
|
|
mod_ssl Other Vulnerability (CVE-2002-0082)
|
CVE-2002-0082
|
|
High
|
|
mod_ssl Other Vulnerability (CVE-2004-0700)
|
CVE-2004-0700
|
|
High
|
|
Moment.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-24785)
|
CVE-2022-24785
CWE-22
|
CWE-22
|
High
|
|
Moment.js Other Vulnerability (CVE-2022-31129)
|
CVE-2022-31129
|
|
High
|
|
Moment.js Uncontrolled Resource Consumption Vulnerability (CVE-2017-18214)
|
CVE-2017-18214
CWE-400
|
CWE-400
|
High
|
|
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-32036)
|
CVE-2021-32036
CWE-770
|
CWE-770
|
High
|
|
MongoDb CVE-2019-2390 Vulnerability (CVE-2019-2390)
|
CVE-2019-2390
|
|
High
|
|
MongoDb CVE-2024-7553 Vulnerability (CVE-2024-7553)
|
CVE-2024-7553
|
|
High
|
|
MongoDb Improper Authentication Vulnerability (CVE-2015-7882)
|
CVE-2015-7882
CWE-287
|
CWE-287
|
High
|
|
MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)
|
CVE-2023-1409
CWE-295
|
CWE-295
|
High
|
|
MongoDb Improper Input Validation Vulnerability (CVE-2020-7925)
|
CVE-2020-7925
CWE-20
|
CWE-20
|
High
|
|
MongoDb Incorrect Comparison Vulnerability (CVE-2019-20925)
|
CVE-2019-20925
CWE-697
|
CWE-697
|
High
|
|
MongoDb Insufficient Session Expiration Vulnerability (CVE-2019-2386)
|
CVE-2019-2386
CWE-613
|
CWE-613
|
High
|
|
MongoDb Out-of-bounds Read Vulnerability (CVE-2017-14227)
|
CVE-2017-14227
CWE-125
|
CWE-125
|
High
|
|
MongoDb Out-of-bounds Write Vulnerability (CVE-2021-32040)
|
CVE-2021-32040
CWE-787
|
CWE-787
|
High
|
|
MongoDb Uncontrolled Resource Consumption Vulnerability (CVE-2016-3104)
|
CVE-2016-3104
CWE-400
|
CWE-400
|
High
|
|
Moodle 7PK - Security Features Vulnerability (CVE-2015-5267)
|
CVE-2015-5267
|
|
High
|
|
Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-14322)
|
CVE-2020-14322
CWE-770
|
CWE-770
|
High
|
|
Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25978)
|
CVE-2024-25978
CWE-770
|
CWE-770
|
High
|
|
Moodle Credentials Management Errors Vulnerability (CVE-2009-4304)
|
CVE-2009-4304
|
|
High
|
|
Moodle Credentials Management Errors Vulnerability (CVE-2014-7845)
|
CVE-2014-7845
|
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5338)
|
CVE-2015-5338
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2157)
|
CVE-2016-2157
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-3734)
|
CVE-2016-3734
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-16854)
|
CVE-2018-16854
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10186)
|
CVE-2019-10186
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43559)
|
CVE-2021-43559
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0335)
|
CVE-2022-0335
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-2986)
|
CVE-2022-2986
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-28335)
|
CVE-2023-28335
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-25982)
|
CVE-2024-25982
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34008)
|
CVE-2024-34008
CWE-352
|
CWE-352
|
High
|
|
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-38276)
|
CVE-2024-38276
CWE-352
|
CWE-352
|
High
|
|
Moodle CVE-2018-10891 Vulnerability (CVE-2018-10891)
|
CVE-2018-10891
|
|
High
|
|
Moodle CVE-2020-25698 Vulnerability (CVE-2020-25698)
|
CVE-2020-25698
|
|
High
|
|
Moodle CVE-2023-23923 Vulnerability (CVE-2023-23923)
|
CVE-2023-23923
|
|
High
|
|
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1155)
|
CVE-2012-1155
CWE-200
|
CWE-200
|
High
|
|
Moodle Improper Access Control Vulnerability (CVE-2020-25629)
|
CVE-2020-25629
CWE-284
|
CWE-284
|
High
|
|
Moodle Improper Authentication Vulnerability (CVE-2018-1082)
|
CVE-2018-1082
CWE-287
|
CWE-287
|
High
|
|
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-5674)
|
CVE-2013-5674
CWE-94
|
CWE-94
|
High
|
|
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3541)
|
CVE-2014-3541
CWE-94
|
CWE-94
|
High
|
|
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-1133)
|
CVE-2018-1133
CWE-94
|
CWE-94
|
High
|
|
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-14630)
|
CVE-2018-14630
CWE-94
|
CWE-94
|
High
|
|
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-20187)
|
CVE-2021-20187
CWE-94
|
CWE-94
|
High
|
|
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5539)
|
CVE-2023-5539
CWE-94
|
CWE-94
|
High
|
|
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5540)
|
CVE-2023-5540
CWE-94
|
CWE-94
|
High
|
|
Moodle Improper Input Validation Vulnerability (CVE-2012-0801)
|
CVE-2012-0801
CWE-20
|
CWE-20
|
High
|
|
Moodle Improper Input Validation Vulnerability (CVE-2012-1168)
|
CVE-2012-1168
CWE-20
|
CWE-20
|
High
|
|
Moodle Improper Input Validation Vulnerability (CVE-2018-1137)
|
CVE-2018-1137
CWE-20
|
CWE-20
|
High
|
|
Moodle Improper Input Validation Vulnerability (CVE-2019-3847)
|
CVE-2019-3847
CWE-20
|
CWE-20
|
High
|
|
Moodle Improper Input Validation Vulnerability (CVE-2020-1756)
|
CVE-2020-1756
CWE-20
|
CWE-20
|
High
|
|
Moodle Improper Input Validation Vulnerability (CVE-2020-10738)
|
CVE-2020-10738
CWE-20
|
CWE-20
|
High
|
|
Moodle Improper Input Validation Vulnerability (CVE-2022-35650)
|
CVE-2022-35650
CWE-20
|
CWE-20
|
High
|
|
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40313)
|
CVE-2022-40313
CWE-707
|
CWE-707
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0146)
|
CVE-2006-0146
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-4785)
|
CVE-2006-4785
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6124)
|
CVE-2008-6124
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1615)
|
CVE-2010-1615
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-4313)
|
CVE-2013-4313
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-7919)
|
CVE-2016-7919
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32474)
|
CVE-2021-32474
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0983)
|
CVE-2022-0983
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-28329)
|
CVE-2023-28329
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30944)
|
CVE-2023-30944
CWE-138
|
CWE-138
|
High
|
|
Moodle Improper Privilege Management Vulnerability (CVE-2019-3849)
|
CVE-2019-3849
CWE-269
|
CWE-269
|
High
|
|
Moodle Improper Privilege Management Vulnerability (CVE-2020-25699)
|
CVE-2020-25699
CWE-269
|
CWE-269
|
High
|
|
Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2012-1170)
|
CVE-2012-1170
CWE-354
|
CWE-354
|
High
|
|
Moodle Incorrect Authorization Vulnerability (CVE-2020-14321)
|
CVE-2020-14321
CWE-863
|
CWE-863
|
High
|
|
Moodle Insertion of Sensitive Information into Log File Vulnerability (CVE-2012-1156)
|
CVE-2012-1156
CWE-532
|
CWE-532
|
High
|
|
Moodle Other Vulnerability (CVE-2004-2232)
|
CVE-2004-2232
|
|
High
|
|
Moodle Other Vulnerability (CVE-2005-3648)
|
CVE-2005-3648
|
|
High
|
|
Moodle Other Vulnerability (CVE-2006-0147)
|
CVE-2006-0147
|
|
High
|
|
Moodle Other Vulnerability (CVE-2007-1429)
|
CVE-2007-1429
|
|
High
|
|
Moodle Other Vulnerability (CVE-2007-1647)
|
CVE-2007-1647
|
|
High
|
|
Moodle Other Vulnerability (CVE-2015-3272)
|
CVE-2015-3272
|
|
High
|
|
Moodle Other Vulnerability (CVE-2019-10154)
|
CVE-2019-10154
|
|
High
|
|
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-6970)
|
CVE-2019-6970
CWE-918
|
CWE-918
|
High
|
|
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-36396)
|
CVE-2021-36396
CWE-918
|
CWE-918
|
High
|
|
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-35133)
|
CVE-2023-35133
CWE-918
|
CWE-918
|
High
|
|
Moodle Uncontrolled Recursion Vulnerability (CVE-2021-36395)
|
CVE-2021-36395
CWE-674
|
CWE-674
|
High
|
|
Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2020-25630)
|
CVE-2020-25630
CWE-400
|
CWE-400
|
High
|
|
Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2021-32476)
|
CVE-2021-32476
CWE-400
|
CWE-400
|
High
|
|
Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9186)
|
CVE-2016-9186
CWE-434
|
CWE-434
|
High
|
|
Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9187)
|
CVE-2016-9187
CWE-434
|
CWE-434
|
High
|
|
Moodle Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2016-7038)
|
CVE-2016-7038
CWE-640
|
CWE-640
|
High
|
|
Multiple SugarCRM Products Remote Code Execution Vulnerability (CVE-2023-22952)
|
CVE-2023-22952
|
|
High
|
|
MyBB CVE-2008-3070 Vulnerability (CVE-2008-3070)
|
CVE-2008-3070
|
|
High
|
|
MyBB CVE-2015-2352 Vulnerability (CVE-2015-2352)
|
CVE-2015-2352
|
|
High
|
|
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9410)
|
CVE-2016-9410
CWE-200
|
CWE-200
|
High
|
|
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9414)
|
CVE-2016-9414
CWE-200
|
CWE-200
|
High
|
|
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9418)
|
CVE-2016-9418
CWE-200
|
CWE-200
|
High
|
|
MyBB Improper Access Control Vulnerability (CVE-2015-8973)
|
CVE-2015-8973
CWE-284
|
CWE-284
|
High
|
|
MyBB Improper Access Control Vulnerability (CVE-2016-9415)
|
CVE-2016-9415
CWE-284
|
CWE-284
|
High
|
|
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43281)
|
CVE-2021-43281
CWE-94
|
CWE-94
|
High
|
|
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-24734)
|
CVE-2022-24734
CWE-94
|
CWE-94
|
High
|
|
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41362)
|
CVE-2023-41362
CWE-94
|
CWE-94
|
High
|
|
MyBB Improper Input Validation Vulnerability (CVE-2019-12831)
|
CVE-2019-12831
CWE-20
|
CWE-20
|
High
|
|
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3071)
|
CVE-2008-3071
CWE-22
|
CWE-22
|
High
|
|
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45867)
|
CVE-2022-45867
CWE-22
|
CWE-22
|
High
|
|
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12830)
|
CVE-2019-12830
CWE-707
|
CWE-707
|
High
|
|
MyBB Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-39265)
|
CVE-2022-39265
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0383)
|
CVE-2008-0383
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3965)
|
CVE-2008-3965
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5096)
|
CVE-2010-5096
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2324)
|
CVE-2012-2324
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2325)
|
CVE-2012-2325
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5909)
|
CVE-2012-5909
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-9240)
|
CVE-2014-9240
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27890)
|
CVE-2021-27890
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27946)
|
CVE-2021-27946
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27947)
|
CVE-2021-27947
CWE-138
|
CWE-138
|
High
|
|
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27948)
|
CVE-2021-27948
CWE-138
|
CWE-138
|
High
|
|
MyBB Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2018-1000502)
|
CVE-2018-1000502
CWE-829
|
CWE-829
|
High
|
|
MyBB Insertion of Sensitive Information into Log File Vulnerability (CVE-2015-8977)
|
CVE-2015-8977
CWE-532
|
CWE-532
|
High
|
|
MyBB Other Vulnerability (CVE-2007-1963)
|
CVE-2007-1963
|
|
High
|
|
MyBB Other Vulnerability (CVE-2007-2212)
|
CVE-2007-2212
|
|
High
|
|
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3967)
|
CVE-2008-3967
CWE-264
|
CWE-264
|
High
|
|
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9417)
|
CVE-2016-9417
CWE-918
|
CWE-918
|
High
|
|
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7566)
|
CVE-2017-7566
CWE-918
|
CWE-918
|
High
|
|
MySQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2016-6663)
|
CVE-2016-6663
CWE-362
|
CWE-362
|
High
|
|
MySQL CVE-2012-3158 Vulnerability (CVE-2012-3158)
|
CVE-2012-3158
|
|
High
|
|
MySQL CVE-2014-6491 Vulnerability (CVE-2014-6491)
|
CVE-2014-6491
|
|
High
|
|
MySQL CVE-2014-6500 Vulnerability (CVE-2014-6500)
|
CVE-2014-6500
|
|
High
|
|
MySQL CVE-2015-0411 Vulnerability (CVE-2015-0411)
|
CVE-2015-0411
|
|
High
|
|
MySQL CVE-2015-4819 Vulnerability (CVE-2015-4819)
|
CVE-2015-4819
|
|
High
|
|
MySQL CVE-2016-0546 Vulnerability (CVE-2016-0546)
|
CVE-2016-0546
|
|
High
|
|
MySQL CVE-2016-3440 Vulnerability (CVE-2016-3440)
|
CVE-2016-3440
|
|
High
|
|
MySQL CVE-2016-3471 Vulnerability (CVE-2016-3471)
|
CVE-2016-3471
|
|
High
|
|
MySQL CVE-2016-3477 Vulnerability (CVE-2016-3477)
|
CVE-2016-3477
|
|
High
|
|
MySQL CVE-2016-5625 Vulnerability (CVE-2016-5625)
|
CVE-2016-5625
|
|
High
|
|
MySQL CVE-2016-9840 Vulnerability (CVE-2016-9840)
|
CVE-2016-9840
|
|
High
|
|
MySQL CVE-2016-9842 Vulnerability (CVE-2016-9842)
|
CVE-2016-9842
|
|
High
|
|
MySQL CVE-2017-3308 Vulnerability (CVE-2017-3308)
|
CVE-2017-3308
|
|
High
|
|
MySQL CVE-2017-3309 Vulnerability (CVE-2017-3309)
|
CVE-2017-3309
|
|
High
|
|
MySQL CVE-2017-3329 Vulnerability (CVE-2017-3329)
|
CVE-2017-3329
|
|
High
|
|
MySQL CVE-2017-3450 Vulnerability (CVE-2017-3450)
|
CVE-2017-3450
|
|
High
|
|
MySQL CVE-2017-10155 Vulnerability (CVE-2017-10155)
|
CVE-2017-10155
|
|
High
|
|
MySQL CVE-2018-2562 Vulnerability (CVE-2018-2562)
|
CVE-2018-2562
|
|
High
|
|
MySQL CVE-2018-2696 Vulnerability (CVE-2018-2696)
|
CVE-2018-2696
|
|
High
|
|
MySQL CVE-2018-2755 Vulnerability (CVE-2018-2755)
|
CVE-2018-2755
|
|
High
|
|
MySQL CVE-2018-3064 Vulnerability (CVE-2018-3064)
|
CVE-2018-3064
|
|
High
|
|
MySQL CVE-2018-3155 Vulnerability (CVE-2018-3155)
|
CVE-2018-3155
|
|
High
|
|
MySQL CVE-2019-2534 Vulnerability (CVE-2019-2534)
|
CVE-2019-2534
|
|
High
|
|
MySQL CVE-2019-2632 Vulnerability (CVE-2019-2632)
|
CVE-2019-2632
|
|
High
|
|
MySQL CVE-2019-2800 Vulnerability (CVE-2019-2800)
|
CVE-2019-2800
|
|
High
|
|
MySQL CVE-2019-2822 Vulnerability (CVE-2019-2822)
|
CVE-2019-2822
|
|
High
|
|
MySQL CVE-2020-14663 Vulnerability (CVE-2020-14663)
|
CVE-2020-14663
|
|
High
|
|
MySQL CVE-2020-14678 Vulnerability (CVE-2020-14678)
|
CVE-2020-14678
|
|
High
|
|
MySQL CVE-2020-14697 Vulnerability (CVE-2020-14697)
|
CVE-2020-14697
|
|
High
|
|
MySQL CVE-2020-14828 Vulnerability (CVE-2020-14828)
|
CVE-2020-14828
|
|
High
|
|
MySQL CVE-2020-14878 Vulnerability (CVE-2020-14878)
|
CVE-2020-14878
|
|
High
|
|
MySQL CVE-2021-2144 Vulnerability (CVE-2021-2144)
|
CVE-2021-2144
|
|
High
|
|
MySQL CVE-2021-35610 Vulnerability (CVE-2021-35610)
|
CVE-2021-35610
|
|
High
|
|
MySQL CVE-2022-21278 Vulnerability (CVE-2022-21278)
|
CVE-2022-21278
|
|
High
|
|
MySQL CVE-2022-21351 Vulnerability (CVE-2022-21351)
|
CVE-2022-21351
|
|
High
|
|
MySQL CVE-2022-21600 Vulnerability (CVE-2022-21600)
|
CVE-2022-21600
|
|
High
|
|
MySQL CVE-2023-21980 Vulnerability (CVE-2023-21980)
|
CVE-2023-21980
|
|
High
|
|
MySQL CVE-2023-22102 Vulnerability (CVE-2023-22102)
|
CVE-2023-22102
|
|
High
|
|
MySQL CVE-2024-21090 Vulnerability (CVE-2024-21090)
|
CVE-2024-21090
|
|
High
|
|
MySQL CVE-2024-21272 Vulnerability (CVE-2024-21272)
|
CVE-2024-21272
|
|
High
|
|
MySQL Improper Initialization Vulnerability (CVE-2020-11655)
|
CVE-2020-11655
CWE-665
|
CWE-665
|
High
|
|
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-6664)
|
CVE-2016-6664
CWE-59
|
CWE-59
|
High
|
|
MySQL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5398)
|
CVE-2020-5398
CWE-707
|
CWE-707
|
High
|
|
MySQL Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')Vulnerability (CVE-2020-5258)
|
CVE-2020-5258
CWE-138
|
CWE-138
|
High
|
|
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-0226)
|
CVE-2008-0226
CWE-119
|
CWE-119
|
High
|
|
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-0553)
|
CVE-2012-0553
CWE-119
|
CWE-119
|
High
|
|
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-0882)
|
CVE-2012-0882
CWE-119
|
CWE-119
|
High
|
|
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-1492)
|
CVE-2013-1492
CWE-119
|
CWE-119
|
High
|
|
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0001)
|
CVE-2014-0001
CWE-119
|
CWE-119
|
High
|
|
MySQL Integer Overflow or Wraparound Vulnerability (CVE-2017-3599)
|
CVE-2017-3599
CWE-190
|
CWE-190
|
High
|
|
MySQL NULL Pointer Dereference Vulnerability (CVE-2020-1967)
|
CVE-2020-1967
CWE-476
|
CWE-476
|
High
|
|
MySQL Numeric Errors Vulnerability (CVE-2016-2105)
|
CVE-2016-2105
|
|
High
|
|
MySQL Other Vulnerability (CVE-2000-0148)
|
CVE-2000-0148
|
|
High
|
|
MySQL Other Vulnerability (CVE-2000-0981)
|
CVE-2000-0981
|
|
High
|
|
MySQL Other Vulnerability (CVE-2001-1274)
|
CVE-2001-1274
|
|
High
|
|
MySQL Other Vulnerability (CVE-2001-1275)
|
CVE-2001-1275
|
|
High
|
|
MySQL Other Vulnerability (CVE-2001-1453)
|
CVE-2001-1453
|
|
High
|
|
MySQL Other Vulnerability (CVE-2001-1454)
|
CVE-2001-1454
|
|
High
|
|
MySQL Other Vulnerability (CVE-2002-1374)
|
CVE-2002-1374
|
|
High
|
|
MySQL Other Vulnerability (CVE-2002-1375)
|
CVE-2002-1375
|
|
High
|
|
MySQL Other Vulnerability (CVE-2002-1376)
|
CVE-2002-1376
|
|
High
|
|
MySQL Other Vulnerability (CVE-2002-1809)
|
CVE-2002-1809
|
|
High
|
|
MySQL Other Vulnerability (CVE-2002-1921)
|
CVE-2002-1921
|
|
High
|
|
MySQL Other Vulnerability (CVE-2002-1923)
|
CVE-2002-1923
|
|
High
|
|
MySQL Other Vulnerability (CVE-2004-0835)
|
CVE-2004-0835
|
|
High
|
|
MySQL Other Vulnerability (CVE-2005-2572)
|
CVE-2005-2572
|
|
High
|
|
MySQL Other Vulnerability (CVE-2006-2753)
|
CVE-2006-2753
|
|
High
|
|
MySQL Out-of-bounds Write Vulnerability (CVE-2009-4484)
|
CVE-2009-4484
CWE-787
|
CWE-787
|
High
|
|
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2020-11080)
|
CVE-2020-11080
CWE-400
|
CWE-400
|
High
|
|
MySQL Use After Free Vulnerability (CVE-2017-3302)
|
CVE-2017-3302
CWE-416
|
CWE-416
|
High
|
|
MySQL Use of Externally-Controlled Format String Vulnerability (CVE-2009-2446)
|
CVE-2009-2446
CWE-134
|
CWE-134
|
High
|
|
Next.js CVE-2021-43803 Vulnerability (CVE-2021-43803)
|
CVE-2021-43803
|
|
High
|
|
Next.js CVE-2022-21721 Vulnerability (CVE-2022-21721)
|
CVE-2022-21721
|
|
High
|
|
Next.js CVE-2023-46298 Vulnerability (CVE-2023-46298)
|
CVE-2023-46298
|
|
High
|
|
Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-16877)
|
CVE-2017-16877
CWE-22
|
CWE-22
|
High
|
|
Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6184)
|
CVE-2018-6184
CWE-22
|
CWE-22
|
High
|
|
Next.js Uncontrolled Recursion Vulnerability (CVE-2024-47831)
|
CVE-2024-47831
CWE-674
|
CWE-674
|
High
|
|
Next.js User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2022-23646)
|
CVE-2022-23646
CWE-451
|
CWE-451
|
High
|
|
Nexus Repository Manager CVE-2019-15893 Vulnerability (CVE-2019-15893)
|
CVE-2019-15893
|
|
High
|
|
Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-15012)
|
CVE-2020-15012
CWE-22
|
CWE-22
|
High
|
|
Nexus Repository Manager Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') Vulnerability (CVE-2018-16621)
|
CVE-2018-16621
CWE-138
|
CWE-138
|
High
|
|
Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-5475)
|
CVE-2019-5475
CWE-138
|
CWE-138
|
High
|
|
Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-15588)
|
CVE-2019-15588
CWE-138
|
CWE-138
|
High
|
|
Nexus Repository Manager Incorrect Authorization Vulnerability (CVE-2018-16620)
|
CVE-2018-16620
CWE-863
|
CWE-863
|
High
|
|
Nexus Repository Manager Incorrect Default Permissions Vulnerability (CVE-2019-9630)
|
CVE-2019-9630
CWE-276
|
CWE-276
|
High
|
|
Nexus Repository Manager Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-16530)
|
CVE-2019-16530
CWE-434
|
CWE-434
|
High
|
|
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
|
CVE-2019-9511
CWE-770
|
CWE-770
|
High
|
|
Nginx buffer underflow vulnerability
|
CVE-2009-2629
CWE-119
|
CWE-119
|
High
|
|
Nginx CVE-2023-27729 Vulnerability (CVE-2023-27729)
|
CVE-2023-27729
|
|
High
|
|
Nginx Improper Certificate Validation Vulnerability (CVE-2021-3618)
|
CVE-2021-3618
CWE-295
|
CWE-295
|
High
|
|
Nginx Improper Encoding or Escaping of Output Vulnerability (CVE-2013-4547)
|
CVE-2013-4547
CWE-116
|
CWE-116
|
High
|
|
Nginx Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-1247)
|
CVE-2016-1247
CWE-59
|
CWE-59
|
High
|
|
Nginx Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0088)
|
CVE-2014-0088
CWE-119
|
CWE-119
|
High
|
|
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-7529)
|
CVE-2017-7529
CWE-190
|
CWE-190
|
High
|
|
Nginx Off-by-one Error Vulnerability (CVE-2021-23017)
|
CVE-2021-23017
CWE-193
|
CWE-193
|
High
|
|
Nginx Other Vulnerability (CVE-2016-0742)
|
CVE-2016-0742
|
|
High
|
|
Nginx Other Vulnerability (CVE-2016-4450)
|
CVE-2016-4450
|
|
High
|
|
Nginx Other Vulnerability (CVE-2019-9513)
|
CVE-2019-9513
|
|
High
|
|
Nginx Out-of-bounds Read Vulnerability (CVE-2022-38890)
|
CVE-2022-38890
CWE-125
|
CWE-125
|
High
|
|
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27727)
|
CVE-2023-27727
CWE-125
|
CWE-125
|
High
|
|
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27728)
|
CVE-2023-27728
CWE-125
|
CWE-125
|
High
|
|
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27730)
|
CVE-2023-27730
CWE-125
|
CWE-125
|
High
|
|
Nginx Out-of-bounds Write Vulnerability (CVE-2009-2629)
|
CVE-2009-2629
CWE-787
|
CWE-787
|
High
|
|
Nginx Out-of-bounds Write Vulnerability (CVE-2013-2028)
|
CVE-2013-2028
CWE-787
|
CWE-787
|
High
|
|
Nginx Out-of-bounds Write Vulnerability (CVE-2014-0133)
|
CVE-2014-0133
CWE-787
|
CWE-787
|
High
|
|
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)
|
CVE-2022-41741
CWE-787
|
CWE-787
|
High
|
|
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742)
|
CVE-2022-41742
CWE-787
|
CWE-787
|
High
|
|
Nginx Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0337)
|
CVE-2013-0337
CWE-264
|
CWE-264
|
High
|
|
Nginx stack-based buffer overflow
|
CVE-2013-2028
CWE-189
|
CWE-189
|
High
|
|
Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16843)
|
CVE-2018-16843
CWE-400
|
CWE-400
|
High
|
|
Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16844)
|
CVE-2018-16844
CWE-400
|
CWE-400
|
High
|
|
Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071)
|
CVE-2012-6071
CWE-295
|
CWE-295
|
High
|
|
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-13067)
|
CVE-2018-13067
CWE-352
|
CWE-352
|
High
|
|
Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519)
|
CVE-2024-21519
|
|
High
|
|
Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-47444)
|
CVE-2023-47444
CWE-94
|
CWE-94
|
High
|
|
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11494)
|
CVE-2018-11494
CWE-22
|
CWE-22
|
High
|
|
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-2315)
|
CVE-2023-2315
CWE-22
|
CWE-22
|
High
|
|
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21518)
|
CVE-2024-21518
CWE-22
|
CWE-22
|
High
|
|
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1027)
|
CVE-2009-1027
CWE-138
|
CWE-138
|
High
|
|
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-0956)
|
CVE-2010-0956
CWE-138
|
CWE-138
|
High
|
|
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-20491)
|
CVE-2020-20491
CWE-138
|
CWE-138
|
High
|
|
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-21514)
|
CVE-2024-21514
CWE-138
|
CWE-138
|
High
|
|
Open Resty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11724)
|
CVE-2020-11724
CWE-444
|
CWE-444
|
High
|
|
Open Resty Off-by-one Error Vulnerability (CVE-2021-23017)
|
CVE-2021-23017
CWE-193
|
CWE-193
|
High
|
|
Open Resty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)
|
CVE-2023-0286
CWE-843
|
CWE-843
|
High
|
|
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-3786)
|
CVE-2022-3786
CWE-120
|
CWE-120
|
High
|
|
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-3864)
|
CVE-2010-3864
CWE-362
|
CWE-362
|
High
|
|
OpenSSL Cryptographic Issues Vulnerability (CVE-2000-1254)
|
CVE-2000-1254
|
|
High
|
|
OpenSSL Cryptographic Issues Vulnerability (CVE-2010-0742)
|
CVE-2010-0742
|
|
High
|
|
OpenSSL Cryptographic Issues Vulnerability (CVE-2019-1543)
|
CVE-2019-1543
|
|
High
|
|
OpenSSL CVE-2023-4807 Vulnerability (CVE-2023-4807)
|
CVE-2023-4807
|
|
High
|
|
OpenSSL CVE-2023-5363 Vulnerability (CVE-2023-5363)
|
CVE-2023-5363
|
|
High
|
|
OpenSSL Double Free Vulnerability (CVE-2022-4450)
|
CVE-2022-4450
CWE-415
|
CWE-415
|
High
|
|
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3193)
|
CVE-2015-3193
CWE-200
|
CWE-200
|
High
|
|
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)
|
CVE-2016-2183
CWE-200
|
CWE-200
|
High
|
|
OpenSSL Improper Access Control Vulnerability (CVE-2016-7054)
|
CVE-2016-7054
CWE-284
|
CWE-284
|
High
|
|
OpenSSL Improper Authentication Vulnerability (CVE-2009-0653)
|
CVE-2009-0653
CWE-287
|
CWE-287
|
High
|
|
OpenSSL Improper Authentication Vulnerability (CVE-2010-4252)
|
CVE-2010-4252
CWE-287
|
CWE-287
|
High
|
|
OpenSSL Improper Certificate Validation Vulnerability (CVE-2021-3450)
|
CVE-2021-3450
CWE-295
|
CWE-295
|
High
|
|
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0464)
|
CVE-2023-0464
CWE-295
|
CWE-295
|
High
|
|
OpenSSL Improper Input Validation Vulnerability (CVE-2014-3513)
|
CVE-2014-3513
CWE-20
|
CWE-20
|
High
|
|
OpenSSL Improper Input Validation Vulnerability (CVE-2014-3567)
|
CVE-2014-3567
CWE-20
|
CWE-20
|
High
|
|
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6302)
|
CVE-2016-6302
CWE-20
|
CWE-20
|
High
|
|
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6305)
|
CVE-2016-6305
CWE-20
|
CWE-20
|
High
|
|
OpenSSL Improper Input Validation Vulnerability (CVE-2017-3733)
|
CVE-2017-3733
CWE-20
|
CWE-20
|
High
|
|
OpenSSL Improper Locking Vulnerability (CVE-2022-3996)
|
CVE-2022-3996
CWE-667
|
CWE-667
|
High
|
|
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2110)
|
CVE-2012-2110
CWE-119
|
CWE-119
|
High
|
|
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3512)
|
CVE-2014-3512
CWE-119
|
CWE-119
|
High
|
|
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8176)
|
CVE-2014-8176
CWE-119
|
CWE-119
|
High
|
|
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-0292)
|
CVE-2015-0292
CWE-119
|
CWE-119
|
High
|
|
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-1789)
|
CVE-2015-1789
CWE-119
|
CWE-119
|
High
|
|
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-2176)
|
CVE-2016-2176
CWE-119
|
CWE-119
|
High
|
|
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
|
CVE-2014-0224
CWE-326
|
CWE-326
|
High
|
|
OpenSSL Incomplete Cleanup Vulnerability (CVE-2022-1473)
|
CVE-2022-1473
CWE-459
|
CWE-459
|
High
|
|
OpenSSL Integer Overflow or Wraparound Vulnerability (CVE-2021-23840)
|
CVE-2021-23840
CWE-190
|
CWE-190
|
High
|
|
OpenSSL Key Management Errors Vulnerability (CVE-2018-0732)
|
CVE-2018-0732
|
|
High
|
|
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
|
CVE-2021-4044
CWE-835
|
CWE-835
|
High
|
|
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-0778)
|
CVE-2022-0778
CWE-835
|
CWE-835
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2004-0079)
|
CVE-2004-0079
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2016-7052)
|
CVE-2016-7052
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2016-7053)
|
CVE-2016-7053
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2017-3730)
|
CVE-2017-3730
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2020-1967)
|
CVE-2020-1967
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)
|
CVE-2022-3358
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0216)
|
CVE-2023-0216
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0217)
|
CVE-2023-0217
CWE-476
|
CWE-476
|
High
|
|
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0401)
|
CVE-2023-0401
CWE-476
|
CWE-476
|
High
|
|
OpenSSL Numeric Errors Vulnerability (CVE-2012-2131)
|
CVE-2012-2131
|
|
High
|
|
OpenSSL Numeric Errors Vulnerability (CVE-2016-2105)
|
CVE-2016-2105
|
|
High
|
|
OpenSSL Numeric Errors Vulnerability (CVE-2016-2106)
|
CVE-2016-2106
|
|
High
|
|
OpenSSL Numeric Errors Vulnerability (CVE-2016-2181)
|
CVE-2016-2181
|
|
High
|
|
OpenSSL Other Vulnerability (CVE-2002-0655)
|
CVE-2002-0655
|
|
High
|
|
OpenSSL Other Vulnerability (CVE-2002-0656)
|
CVE-2002-0656
|
|
High
|
|
OpenSSL Other Vulnerability (CVE-2003-0131)
|
CVE-2003-0131
|
|
High
|
|
OpenSSL Other Vulnerability (CVE-2015-3194)
|
CVE-2015-3194
|
|
High
|
|
OpenSSL Other Vulnerability (CVE-2016-0797)
|
CVE-2016-0797
|
|
High
|
|
OpenSSL Out-of-bounds Read Vulnerability (CVE-2014-0160)
|
CVE-2014-0160
CWE-125
|
CWE-125
|
High
|
|
OpenSSL Out-of-bounds Read Vulnerability (CVE-2016-2180)
|
CVE-2016-2180
CWE-125
|
CWE-125
|
High
|
|
OpenSSL Out-of-bounds Read Vulnerability (CVE-2017-3731)
|
CVE-2017-3731
CWE-125
|
CWE-125
|
High
|
|
OpenSSL Out-of-bounds Read Vulnerability (CVE-2021-3712)
|
CVE-2021-3712
CWE-125
|
CWE-125
|
High
|
|
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-3602)
|
CVE-2022-3602
CWE-787
|
CWE-787
|
High
|
|
OpenSSL Resource Management Errors Vulnerability (CVE-2006-2937)
|
CVE-2006-2937
|
|
High
|
|
OpenSSL Resource Management Errors Vulnerability (CVE-2006-2940)
|
CVE-2006-2940
|
|
High
|
|
OpenSSL Resource Management Errors Vulnerability (CVE-2016-0798)
|
CVE-2016-0798
|
|
High
|
|
OpenSSL Resource Management Errors Vulnerability (CVE-2016-2109)
|
CVE-2016-2109
|
|
High
|
|
OpenSSL Resource Management Errors Vulnerability (CVE-2016-2179)
|
CVE-2016-2179
|
|
High
|
|
OpenSSL Resource Management Errors Vulnerability (CVE-2016-6304)
|
CVE-2016-6304
|
|
High
|
|
OpenSSL Session Fixation Vulnerability (CVE-1999-0428)
|
CVE-1999-0428
CWE-384
|
CWE-384
|
High
|
|
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
|
CVE-2016-8610
CWE-400
|
CWE-400
|
High
|
|
OpenSSL Use After Free Vulnerability (CVE-2023-0215)
|
CVE-2023-0215
CWE-416
|
CWE-416
|
High
|
|
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)
|
CVE-2005-2946
CWE-327
|
CWE-327
|
High
|
|
OpenSSL Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2008-0166)
|
CVE-2008-0166
CWE-338
|
CWE-338
|
High
|
|
OpenVPN AS Divide By Zero Vulnerability (CVE-2023-46849)
|
CVE-2023-46849
CWE-369
|
CWE-369
|
High
|
|
OpenVPN AS Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2020-36382)
|
CVE-2020-36382
CWE-754
|
CWE-754
|
High
|
|
OpenVPN AS Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2020-11462)
|
CVE-2020-11462
CWE-776
|
CWE-776
|
High
|
|
OpenVPN AS Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-33737)
|
CVE-2022-33737
CWE-532
|
CWE-532
|
High
|
|
OpenVPN AS Insufficient Session Expiration Vulnerability (CVE-2020-15074)
|
CVE-2020-15074
CWE-613
|
CWE-613
|
High
|
|
OpenVPN AS Other Vulnerability (CVE-2005-3393)
|
CVE-2005-3393
|
|
High
|
|
OpenVPN AS Other Vulnerability (CVE-2021-4234)
|
CVE-2021-4234
|
|
High
|
|
OpenVPN AS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-33738)
|
CVE-2022-33738
CWE-338
|
CWE-338
|
High
|
|
Oracle Application Server Credentials Management Errors Vulnerability (CVE-2002-2345)
|
CVE-2002-2345
|
|
High
|
|
Oracle Application Server CVE-2004-1368 Vulnerability (CVE-2004-1368)
|
CVE-2004-1368
|
|
High
|
|
Oracle Application Server CVE-2006-0435 Vulnerability (CVE-2006-0435)
|
CVE-2006-0435
|
|
High
|
|
Oracle Application Server CVE-2007-0280 Vulnerability (CVE-2007-0280)
|
CVE-2007-0280
|
|
High
|
|
Oracle Application Server CVE-2007-5516 Vulnerability (CVE-2007-5516)
|
CVE-2007-5516
|
|
High
|
|
Oracle Application Server CVE-2007-5517 Vulnerability (CVE-2007-5517)
|
CVE-2007-5517
|
|
High
|
|
Oracle Application Server CVE-2007-5518 Vulnerability (CVE-2007-5518)
|
CVE-2007-5518
|
|
High
|
|
Oracle Application Server CVE-2007-5519 Vulnerability (CVE-2007-5519)
|
CVE-2007-5519
|
|
High
|
|
Oracle Application Server CVE-2007-5520 Vulnerability (CVE-2007-5520)
|
CVE-2007-5520
|
|
High
|
|
Oracle Application Server CVE-2007-5521 Vulnerability (CVE-2007-5521)
|
CVE-2007-5521
|
|
High
|
|
Oracle Application Server CVE-2007-5523 Vulnerability (CVE-2007-5523)
|
CVE-2007-5523
|
|
High
|
|
Oracle Application Server CVE-2007-5524 Vulnerability (CVE-2007-5524)
|
CVE-2007-5524
|
|
High
|
|
Oracle Application Server CVE-2007-5525 Vulnerability (CVE-2007-5525)
|
CVE-2007-5525
|
|
High
|
|
Oracle Application Server CVE-2009-0993 Vulnerability (CVE-2009-0993)
|
CVE-2009-0993
|
|
High
|
|
Oracle Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2004-1364)
|
CVE-2004-1364
CWE-22
|
CWE-22
|
High
|
|
Oracle Application Server Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0586)
|
CVE-2006-0586
CWE-138
|
CWE-138
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2000-0169)
|
CVE-2000-0169
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2000-1236)
|
CVE-2000-1236
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2001-0419)
|
CVE-2001-0419
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2001-0591)
|
CVE-2001-0591
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2001-1216)
|
CVE-2001-1216
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0559)
|
CVE-2002-0559
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0561)
|
CVE-2002-0561
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0564)
|
CVE-2002-0564
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0569)
|
CVE-2002-0569
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0655)
|
CVE-2002-0655
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0656)
|
CVE-2002-0656
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0842)
|
CVE-2002-0842
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0843)
|
CVE-2002-0843
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-0947)
|
CVE-2002-0947
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-1630)
|
CVE-2002-1630
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-1631)
|
CVE-2002-1631
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2002-2153)
|
CVE-2002-2153
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2004-1362)
|
CVE-2004-1362
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2004-1370)
|
CVE-2004-1370
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2004-1707)
|
CVE-2004-1707
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2004-1774)
|
CVE-2004-1774
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2005-1383)
|
CVE-2005-1383
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2005-1495)
|
CVE-2005-1495
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2006-0552)
|
CVE-2006-0552
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2007-3859)
|
CVE-2007-3859
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2007-3861)
|
CVE-2007-3861
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2007-3862)
|
CVE-2007-3862
|
|
High
|
|
Oracle Application Server Other Vulnerability (CVE-2007-3863)
|
CVE-2007-3863
|
|
High
|
|
Oracle Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2001-1371)
|
CVE-2001-1371
CWE-264
|
CWE-264
|
High
|
|
Oracle Application Server Resource Management Errors Vulnerability (CVE-2007-2120)
|
CVE-2007-2120
|
|
High
|
|
Oracle Database Server CVE-2006-1874 Vulnerability (CVE-2006-1874)
|
CVE-2006-1874
|
|
High
|
|
Oracle Database Server CVE-2006-1877 Vulnerability (CVE-2006-1877)
|
CVE-2006-1877
|
|
High
|
|
Oracle Database Server CVE-2006-5333 Vulnerability (CVE-2006-5333)
|
CVE-2006-5333
|
|
High
|
|
Oracle Database Server CVE-2006-5334 Vulnerability (CVE-2006-5334)
|
CVE-2006-5334
|
|
High
|
|
Oracle Database Server CVE-2006-5340 Vulnerability (CVE-2006-5340)
|
CVE-2006-5340
|
|
High
|
|
Oracle Database Server CVE-2006-5342 Vulnerability (CVE-2006-5342)
|
CVE-2006-5342
|
|
High
|
|
Oracle Database Server CVE-2007-2118 Vulnerability (CVE-2007-2118)
|
CVE-2007-2118
|
|
High
|
|
Oracle Database Server CVE-2007-3858 Vulnerability (CVE-2007-3858)
|
CVE-2007-3858
|
|
High
|
|
Oracle Database Server CVE-2007-5505 Vulnerability (CVE-2007-5505)
|
CVE-2007-5505
|
|
High
|
|
Oracle Database Server CVE-2007-5512 Vulnerability (CVE-2007-5512)
|
CVE-2007-5512
|
|
High
|
|
Oracle Database Server CVE-2007-5520 Vulnerability (CVE-2007-5520)
|
CVE-2007-5520
|
|
High
|
|
Oracle Database Server CVE-2008-1819 Vulnerability (CVE-2008-1819)
|
CVE-2008-1819
|
|
High
|
|
Oracle Database Server CVE-2009-1019 Vulnerability (CVE-2009-1019)
|
CVE-2009-1019
|
|
High
|
|
Oracle Database Server CVE-2009-1963 Vulnerability (CVE-2009-1963)
|
CVE-2009-1963
|
|
High
|
|
Oracle Database Server CVE-2010-0853 Vulnerability (CVE-2010-0853)
|
CVE-2010-0853
|
|
High
|
|
Oracle Database Server CVE-2010-0860 Vulnerability (CVE-2010-0860)
|
CVE-2010-0860
|
|
High
|
|
Oracle Database Server CVE-2010-0903 Vulnerability (CVE-2010-0903)
|
CVE-2010-0903
|
|
High
|
|
Oracle Database Server CVE-2010-0911 Vulnerability (CVE-2010-0911)
|
CVE-2010-0911
|
|
High
|
|
Oracle Database Server CVE-2010-2390 Vulnerability (CVE-2010-2390)
|
CVE-2010-2390
|
|
High
|
|
Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)
|
CVE-2010-3600
|
|
High
|
|
Oracle Database Server CVE-2011-2239 Vulnerability (CVE-2011-2239)
|
CVE-2011-2239
|
|
High
|
|
Oracle Database Server CVE-2011-2253 Vulnerability (CVE-2011-2253)
|
CVE-2011-2253
|
|
High
|
|
Oracle Database Server CVE-2011-2301 Vulnerability (CVE-2011-2301)
|
CVE-2011-2301
|
|
High
|
|
Oracle Database Server CVE-2012-0519 Vulnerability (CVE-2012-0519)
|
CVE-2012-0519
|
|
High
|
|
Oracle Database Server CVE-2013-3760 Vulnerability (CVE-2013-3760)
|
CVE-2013-3760
|
|
High
|
|
Oracle Database Server CVE-2013-3771 Vulnerability (CVE-2013-3771)
|
CVE-2013-3771
|
|
High
|
|
Oracle Database Server CVE-2013-3774 Vulnerability (CVE-2013-3774)
|
CVE-2013-3774
|
|
High
|
|
Oracle Database Server CVE-2014-2406 Vulnerability (CVE-2014-2406)
|
CVE-2014-2406
|
|
High
|
|
Oracle Database Server CVE-2015-4873 Vulnerability (CVE-2015-4873)
|
CVE-2015-4873
|
|
High
|
|
Oracle Database Server CVE-2018-2680 Vulnerability (CVE-2018-2680)
|
CVE-2018-2680
|
|
High
|
|
Oracle Database Server CVE-2018-2841 Vulnerability (CVE-2018-2841)
|
CVE-2018-2841
|
|
High
|
|
Oracle Database Server CVE-2018-2939 Vulnerability (CVE-2018-2939)
|
CVE-2018-2939
|
|
High
|
|
Oracle Database Server CVE-2019-2516 Vulnerability (CVE-2019-2516)
|
CVE-2019-2516
|
|
High
|
|
Oracle Database Server CVE-2019-2518 Vulnerability (CVE-2019-2518)
|
CVE-2019-2518
|
|
High
|
|
Oracle Database Server CVE-2019-2776 Vulnerability (CVE-2019-2776)
|
CVE-2019-2776
|
|
High
|
|
Oracle Database Server CVE-2019-2799 Vulnerability (CVE-2019-2799)
|
CVE-2019-2799
|
|
High
|
|
Oracle Database Server CVE-2020-2510 Vulnerability (CVE-2020-2510)
|
CVE-2020-2510
|
|
High
|
|
Oracle Database Server CVE-2020-2511 Vulnerability (CVE-2020-2511)
|
CVE-2020-2511
|
|
High
|
|
Oracle Database Server CVE-2020-2518 Vulnerability (CVE-2020-2518)
|
CVE-2020-2518
|
|
High
|
|
Oracle Database Server CVE-2020-2735 Vulnerability (CVE-2020-2735)
|
CVE-2020-2735
|
|
High
|
|
Oracle Database Server CVE-2020-2968 Vulnerability (CVE-2020-2968)
|
CVE-2020-2968
|
|
High
|
|
Oracle Database Server CVE-2024-21184 Vulnerability (CVE-2024-21184)
|
CVE-2024-21184
|
|
High
|
|
Oracle Database Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5554)
|
CVE-2007-5554
CWE-200
|
CWE-200
|
High
|
|
Oracle Database Server Improper Input Validation Vulnerability (CVE-2016-2381)
|
CVE-2016-2381
CWE-20
|
CWE-20
|
High
|
|
Oracle Database Server Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-2113)
|
CVE-2007-2113
CWE-138
|
CWE-138
|
High
|
|
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-1868)
|
CVE-2006-1868
CWE-119
|
CWE-119
|
High
|
|
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-0272)
|
CVE-2007-0272
CWE-119
|
CWE-119
|
High
|
|
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-5897)
|
CVE-2007-5897
CWE-119
|
CWE-119
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2001-0833)
|
CVE-2001-0833
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2001-0943)
|
CVE-2001-0943
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2002-0567)
|
CVE-2002-0567
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2002-0843)
|
CVE-2002-0843
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2002-0857)
|
CVE-2002-0857
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2002-1767)
|
CVE-2002-1767
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2005-0297)
|
CVE-2005-0297
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2005-1197)
|
CVE-2005-1197
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2005-3641)
|
CVE-2005-3641
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2006-0551)
|
CVE-2006-0551
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2006-0552)
|
CVE-2006-0552
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2006-1872)
|
CVE-2006-1872
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2007-1442)
|
CVE-2007-1442
|
|
High
|
|
Oracle Database Server Other Vulnerability (CVE-2007-3859)
|
CVE-2007-3859
|
|
High
|
|
Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1675)
|
CVE-2012-1675
CWE-264
|
CWE-264
|
High
|
|
Oracle Database Server Resource Management Errors Vulnerability (CVE-2007-5506)
|
CVE-2007-5506
|
|
High
|
|
Oracle HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716)
|
CVE-2022-21716
CWE-120
|
CWE-120
|
High
|
|
Oracle HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217)
|
CVE-2019-0217
CWE-362
|
CWE-362
|
High
|
|
Oracle HTTP Server CVE-2006-0435 Vulnerability (CVE-2006-0435)
|
CVE-2006-0435
|
|
High
|
|
Oracle HTTP Server CVE-2007-0280 Vulnerability (CVE-2007-0280)
|
CVE-2007-0280
|
|
High
|
|
Oracle HTTP Server CVE-2019-2414 Vulnerability (CVE-2019-2414)
|
CVE-2019-2414
|
|
High
|
|
Oracle HTTP Server CVE-2021-35666 Vulnerability (CVE-2021-35666)
|
CVE-2021-35666
|
|
High
|
|
Oracle HTTP Server CVE-2022-21593 Vulnerability (CVE-2022-21593)
|
CVE-2022-21593
|
|
High
|
|
Oracle HTTP Server CVE-2023-22019 Vulnerability (CVE-2023-22019)
|
CVE-2023-22019
|
|
High
|
|
Oracle HTTP Server Improper Certificate Validation Vulnerability (CVE-2020-26184)
|
CVE-2020-26184
CWE-295
|
CWE-295
|
High
|
|
Oracle HTTP Server Improper Initialization Vulnerability (CVE-2022-22719)
|
CVE-2022-22719
CWE-665
|
CWE-665
|
High
|
|
Oracle HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43818)
|
CVE-2021-43818
CWE-707
|
CWE-707
|
High
|
|
Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-4181)
|
CVE-2021-4181
CWE-138
|
CWE-138
|
High
|
|
Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391)
|
CVE-2022-0391
CWE-138
|
CWE-138
|
High
|
|
Oracle HTTP Server Improper Restriction of XML External Entity Reference Vulnerability (CVE-2018-20843)
|
CVE-2018-20843
CWE-611
|
CWE-611
|
High
|
|
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-25314)
|
CVE-2022-25314
CWE-190
|
CWE-190
|
High
|
|
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4182)
|
CVE-2021-4182
CWE-835
|
CWE-835
|
High
|
|
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4184)
|
CVE-2021-4184
CWE-835
|
CWE-835
|
High
|
|
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4185)
|
CVE-2021-4185
CWE-835
|
CWE-835
|
High
|
|
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2019-10097)
|
CVE-2019-10097
CWE-476
|
CWE-476
|
High
|
|
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-1967)
|
CVE-2020-1967
CWE-476
|
CWE-476
|
High
|
|
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-34798)
|
CVE-2021-34798
CWE-476
|
CWE-476
|
High
|
|
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-44224)
|
CVE-2021-44224
CWE-476
|
CWE-476
|
High
|
|
Oracle HTTP Server Other Vulnerability (CVE-2002-0655)
|
CVE-2002-0655
|
|
High
|
|
Oracle HTTP Server Other Vulnerability (CVE-2002-0656)
|
CVE-2002-0656
|
|
High
|
|
Oracle HTTP Server Other Vulnerability (CVE-2006-5346)
|
CVE-2006-5346
|
|
High
|
|
Oracle HTTP Server Other Vulnerability (CVE-2006-5350)
|
CVE-2006-5350
|
|
High
|
|
Oracle HTTP Server Other Vulnerability (CVE-2007-0279)
|
CVE-2007-0279
|
|
High
|
|
Oracle HTTP Server Other Vulnerability (CVE-2020-35164)
|
CVE-2020-35164
|
|
High
|
|
Oracle HTTP Server Other Vulnerability (CVE-2021-41617)
|
CVE-2021-41617
|
|
High
|
|
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2018-16890)
|
CVE-2018-16890
CWE-125
|
CWE-125
|
High
|
|
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2019-3823)
|
CVE-2019-3823
CWE-125
|
CWE-125
|
High
|
|
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-5360)
|
CVE-2020-5360
CWE-125
|
CWE-125
|
High
|
|
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-26185)
|
CVE-2020-26185
CWE-125
|
CWE-125
|
High
|
|
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-35940)
|
CVE-2021-35940
CWE-125
|
CWE-125
|
High
|
|
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-36160)
|
CVE-2021-36160
CWE-125
|
CWE-125
|
High
|
|
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-4034)
|
CVE-2021-4034
CWE-787
|
CWE-787
|
High
|
|
Oracle HTTP Server Uncontrolled Recursion Vulnerability (CVE-2021-42717)
|
CVE-2021-42717
CWE-674
|
CWE-674
|
High
|
|
Oracle HTTP Server Uncontrolled Search Path Element Vulnerability (CVE-2019-5443)
|
CVE-2019-5443
CWE-427
|
CWE-427
|
High
|
|
Oracle HTTP Server Use After Free Vulnerability (CVE-2019-0211)
|
CVE-2019-0211
CWE-416
|
CWE-416
|
High
|
|
Oracle JRE CVE-2012-0503 Vulnerability (CVE-2012-0503)
|
CVE-2012-0503
|
|
High
|
|
Oracle JRE CVE-2012-0505 Vulnerability (CVE-2012-0505)
|
CVE-2012-0505
|
|
High
|
|
Oracle JRE CVE-2012-3159 Vulnerability (CVE-2012-3159)
|
CVE-2012-3159
|
|
High
|
|
Oracle JRE CVE-2012-5068 Vulnerability (CVE-2012-5068)
|
CVE-2012-5068
|
|
High
|
|
Oracle JRE CVE-2012-5084 Vulnerability (CVE-2012-5084)
|
CVE-2012-5084
|
|
High
|
|
Oracle JRE CVE-2012-5089 Vulnerability (CVE-2012-5089)
|
CVE-2012-5089
|
|
High
|
|
Oracle JRE CVE-2013-0351 Vulnerability (CVE-2013-0351)
|
CVE-2013-0351
|
|
High
|
|
Oracle JRE CVE-2013-0419 Vulnerability (CVE-2013-0419)
|
CVE-2013-0419
|
|
High
|
|
Oracle JRE CVE-2013-0423 Vulnerability (CVE-2013-0423)
|
CVE-2013-0423
|
|
High
|
|
Oracle JRE CVE-2013-0429 Vulnerability (CVE-2013-0429)
|
CVE-2013-0429
|
|
High
|
|
Oracle JRE CVE-2013-0444 Vulnerability (CVE-2013-0444)
|
CVE-2013-0444
|
|
High
|
|
Oracle JRE CVE-2013-1563 Vulnerability (CVE-2013-1563)
|
CVE-2013-1563
|
|
High
|
|
Oracle JRE CVE-2013-2394 Vulnerability (CVE-2013-2394)
|
CVE-2013-2394
|
|
High
|
|
Oracle JRE CVE-2013-2429 Vulnerability (CVE-2013-2429)
|
CVE-2013-2429
|
|
High
|
|
Oracle JRE CVE-2013-2430 Vulnerability (CVE-2013-2430)
|
CVE-2013-2430
|
|
High
|
|
Oracle JRE CVE-2013-2442 Vulnerability (CVE-2013-2442)
|
CVE-2013-2442
|
|
High
|
|
Oracle JRE CVE-2013-2445 Vulnerability (CVE-2013-2445)
|
CVE-2013-2445
|
|
High
|
|
Oracle JRE CVE-2013-2448 Vulnerability (CVE-2013-2448)
|
CVE-2013-2448
|
|
High
|
|
Oracle JRE CVE-2013-2461 Vulnerability (CVE-2013-2461)
|
CVE-2013-2461
|
|
High
|
|
Oracle JRE CVE-2013-5775 Vulnerability (CVE-2013-5775)
|
CVE-2013-5775
|
|
High
|
|
Oracle JRE CVE-2013-5802 Vulnerability (CVE-2013-5802)
|
CVE-2013-5802
|
|
High
|
|
Oracle JRE CVE-2013-5852 Vulnerability (CVE-2013-5852)
|
CVE-2013-5852
|
|
High
|
|
Oracle JRE CVE-2014-0446 Vulnerability (CVE-2014-0446)
|
CVE-2014-0446
|
|
High
|
|
Oracle JRE CVE-2014-0448 Vulnerability (CVE-2014-0448)
|
CVE-2014-0448
|
|
High
|
|
Oracle JRE CVE-2014-0451 Vulnerability (CVE-2014-0451)
|
CVE-2014-0451
|
|
High
|
|
Oracle JRE CVE-2014-0452 Vulnerability (CVE-2014-0452)
|
CVE-2014-0452
|
|
High
|
|
Oracle JRE CVE-2014-0454 Vulnerability (CVE-2014-0454)
|
CVE-2014-0454
|
|
High
|
|
Oracle JRE CVE-2014-0458 Vulnerability (CVE-2014-0458)
|
CVE-2014-0458
|
|
High
|
|
Oracle JRE CVE-2014-2402 Vulnerability (CVE-2014-2402)
|
CVE-2014-2402
|
|
High
|
|
Oracle JRE CVE-2014-2412 Vulnerability (CVE-2014-2412)
|
CVE-2014-2412
|
|
High
|
|
Oracle JRE CVE-2014-2414 Vulnerability (CVE-2014-2414)
|
CVE-2014-2414
|
|
High
|
|
Oracle JRE CVE-2014-2423 Vulnerability (CVE-2014-2423)
|
CVE-2014-2423
|
|
High
|
|
Oracle JRE CVE-2014-2427 Vulnerability (CVE-2014-2427)
|
CVE-2014-2427
|
|
High
|
|
Oracle JRE CVE-2014-2428 Vulnerability (CVE-2014-2428)
|
CVE-2014-2428
|
|
High
|
|
Oracle JRE CVE-2017-10309 Vulnerability (CVE-2017-10309)
|
CVE-2017-10309
|
|
High
|
|
Oracle JRE CVE-2017-10388 Vulnerability (CVE-2017-10388)
|
CVE-2017-10388
|
|
High
|
|
Oracle JRE CVE-2018-2627 Vulnerability (CVE-2018-2627)
|
CVE-2018-2627
|
|
High
|
|
Oracle JRE CVE-2018-2633 Vulnerability (CVE-2018-2633)
|
CVE-2018-2633
|
|
High
|
|
Oracle JRE CVE-2018-2637 Vulnerability (CVE-2018-2637)
|
CVE-2018-2637
|
|
High
|
|
Oracle JRE CVE-2018-2638 Vulnerability (CVE-2018-2638)
|
CVE-2018-2638
|
|
High
|
|
Oracle JRE CVE-2018-2639 Vulnerability (CVE-2018-2639)
|
CVE-2018-2639
|
|
High
|
|
Oracle JRE CVE-2018-2794 Vulnerability (CVE-2018-2794)
|
CVE-2018-2794
|
|
High
|
|
Oracle JRE CVE-2018-2811 Vulnerability (CVE-2018-2811)
|
CVE-2018-2811
|
|
High
|
|
Oracle JRE CVE-2018-2814 Vulnerability (CVE-2018-2814)
|
CVE-2018-2814
|
|
High
|
|
Oracle JRE CVE-2018-2825 Vulnerability (CVE-2018-2825)
|
CVE-2018-2825
|
|
High
|
|
Oracle JRE CVE-2018-2826 Vulnerability (CVE-2018-2826)
|
CVE-2018-2826
|
|
High
|
|
Oracle JRE CVE-2020-2803 Vulnerability (CVE-2020-2803)
|
CVE-2020-2803
|
|
High
|
|
Oracle JRE CVE-2020-2805 Vulnerability (CVE-2020-2805)
|
CVE-2020-2805
|
|
High
|
|
Oracle JRE CVE-2020-2816 Vulnerability (CVE-2020-2816)
|
CVE-2020-2816
|
|
High
|
|
Oracle JRE CVE-2023-21930 Vulnerability (CVE-2023-21930)
|
CVE-2023-21930
|
|
High
|
|
Oracle JRE CVE-2024-20918 Vulnerability (CVE-2024-20918)
|
CVE-2024-20918
|
|
High
|
|
Oracle JRE CVE-2024-20932 Vulnerability (CVE-2024-20932)
|
CVE-2024-20932
|
|
High
|
|
Oracle JRE CVE-2024-20952 Vulnerability (CVE-2024-20952)
|
CVE-2024-20952
|
|
High
|
|
Oracle JRE Improper Certificate Validation Vulnerability (CVE-2003-1229)
|
CVE-2003-1229
CWE-295
|
CWE-295
|
High
|
|
Oracle JRE Incorrect Conversion between Numeric Types Vulnerability (CVE-2022-34169)
|
CVE-2022-34169
CWE-681
|
CWE-681
|
High
|
|
Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-8084)
|
CVE-2014-8084
CWE-22
|
CWE-22
|
High
|
|
Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10751)
|
CVE-2016-10751
CWE-22
|
CWE-22
|
High
|
|
Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-0973)
|
CVE-2012-0973
CWE-138
|
CWE-138
|
High
|
|
Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-8083)
|
CVE-2014-8083
CWE-138
|
CWE-138
|
High
|
|
osCommerce Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-27975)
|
CVE-2020-27975
CWE-352
|
CWE-352
|
High
|
|
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-1991)
|
CVE-2002-1991
CWE-94
|
CWE-94
|
High
|
|
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-2019)
|
CVE-2002-2019
CWE-94
|
CWE-94
|
High
|
|
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18573)
|
CVE-2018-18573
CWE-94
|
CWE-94
|
High
|
|
osCommerce Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0719)
|
CVE-2008-0719
CWE-138
|
CWE-138
|
High
|
|
osCommerce Other Vulnerability (CVE-2004-2638)
|
CVE-2004-2638
|
|
High
|
|
osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-18572)
|
CVE-2018-18572
CWE-434
|
CWE-434
|
High
|
|
osTicket CVE-2018-7195 Vulnerability (CVE-2018-7195)
|
CVE-2018-7195
|
|
High
|
|
osTicket Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-14749)
|
CVE-2019-14749
CWE-1236
|
CWE-1236
|
High
|
|
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-0605)
|
CVE-2010-0605
CWE-138
|
CWE-138
|
High
|
|
osTicket Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-30082)
|
CVE-2023-30082
CWE-1284
|
CWE-1284
|
High
|
|
osTicket Other Vulnerability (CVE-2005-1438)
|
CVE-2005-1438
|
|
High
|
|
osTicket Other Vulnerability (CVE-2005-1439)
|
CVE-2005-1439
|
|
High
|
|
osTicket Other Vulnerability (CVE-2006-5407)
|
CVE-2006-5407
|
|
High
|
|
osTicket Session Fixation Vulnerability (CVE-2022-31888)
|
CVE-2022-31888
CWE-384
|
CWE-384
|
High
|
|
ownCloud Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-31649)
|
CVE-2022-31649
CWE-668
|
CWE-668
|
High
|
|
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1499)
|
CVE-2016-1499
CWE-200
|
CWE-200
|
High
|
|
ownCloud Improper Authentication Vulnerability (CVE-2012-4392)
|
CVE-2012-4392
CWE-287
|
CWE-287
|
High
|
|
ownCloud Improper Authentication Vulnerability (CVE-2016-9463)
|
CVE-2016-9463
CWE-287
|
CWE-287
|
High
|
|
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2044)
|
CVE-2014-2044
CWE-94
|
CWE-94
|
High
|
|
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2051)
|
CVE-2014-2051
CWE-94
|
CWE-94
|
High
|
|
ownCloud Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-44537)
|
CVE-2021-44537
CWE-138
|
CWE-138
|
High
|
|
ownCloud Other Vulnerability (CVE-2014-2053)
|
CVE-2014-2053
|
|
High
|
|
ownCloud Other Vulnerability (CVE-2014-2054)
|
CVE-2014-2054
|
|
High
|
|
ownCloud Other Vulnerability (CVE-2014-2055)
|
CVE-2014-2055
|
|
High
|
|
ownCloud Other Vulnerability (CVE-2014-2056)
|
CVE-2014-2056
|
|
High
|
|
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3834)
|
CVE-2014-3834
CWE-264
|
CWE-264
|
High
|
|
ownCloud Resource Management Errors Vulnerability (CVE-2015-4717)
|
CVE-2015-4717
|
|
High
|
|
ownCloud Resource Management Errors Vulnerability (CVE-2015-6500)
|
CVE-2015-6500
|
|
High
|
|
ownCloud Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-10252)
|
CVE-2020-10252
CWE-918
|
CWE-918
|
High
|
|
Payara Files or Directories Accessible to External Parties Vulnerability (CVE-2022-45129)
|
CVE-2022-45129
CWE-552
|
CWE-552
|
High
|
|
Payara Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-37422)
|
CVE-2022-37422
CWE-22
|
CWE-22
|
High
|
|
Payara Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-8215)
|
CVE-2024-8215
CWE-707
|
CWE-707
|
High
|
|
Perl Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-12723)
|
CVE-2020-12723
CWE-120
|
CWE-120
|
High
|
|
Perl CVE-2016-6185 Vulnerability (CVE-2016-6185)
|
CVE-2016-6185
|
|
High
|
|
Perl Improper Certificate Validation Vulnerability (CVE-2023-31484)
|
CVE-2023-31484
CWE-295
|
CWE-295
|
High
|
|
Perl Improper Certificate Validation Vulnerability (CVE-2023-31486)
|
CVE-2023-31486
CWE-295
|
CWE-295
|
High
|
|
Perl Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-6329)
|
CVE-2012-6329
CWE-94
|
CWE-94
|
High
|
|
Perl Improper Input Validation Vulnerability (CVE-2015-8853)
|
CVE-2015-8853
CWE-20
|
CWE-20
|
High
|
|
Perl Improper Input Validation Vulnerability (CVE-2016-2381)
|
CVE-2016-2381
CWE-20
|
CWE-20
|
High
|
|
Perl Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-12015)
|
CVE-2018-12015
CWE-59
|
CWE-59
|
High
|
|
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-5195)
|
CVE-2012-5195
CWE-119
|
CWE-119
|
High
|
|
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12837)
|
CVE-2017-12837
CWE-119
|
CWE-119
|
High
|
|
Perl Integer Overflow or Wraparound Vulnerability (CVE-2020-10878)
|
CVE-2020-10878
CWE-190
|
CWE-190
|
High
|
|
Perl Numeric Errors Vulnerability (CVE-2013-7422)
|
CVE-2013-7422
|
|
High
|
|
Perl Out-of-bounds Read Vulnerability (CVE-2018-6798)
|
CVE-2018-6798
CWE-125
|
CWE-125
|
High
|
|
Perl Out-of-bounds Write Vulnerability (CVE-2023-47038)
|
CVE-2023-47038
CWE-787
|
CWE-787
|
High
|
|
Perl Out-of-bounds Write Vulnerability (CVE-2023-47039)
|
CVE-2023-47039
CWE-787
|
CWE-787
|
High
|
|
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-1238)
|
CVE-2016-1238
CWE-264
|
CWE-264
|
High
|
|
Perl Resource Management Errors Vulnerability (CVE-2013-1667)
|
CVE-2013-1667
|
|
High
|
|
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5946)
|
CVE-2008-5946
CWE-138
|
CWE-138
|
High
|
|
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1803)
|
CVE-2013-1803
CWE-138
|
CWE-138
|
High
|
|
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-7375)
|
CVE-2013-7375
CWE-138
|
CWE-138
|
High
|
|
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-12461)
|
CVE-2020-12461
CWE-138
|
CWE-138
|
High
|
|
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14960)
|
CVE-2020-14960
CWE-138
|
CWE-138
|
High
|
|
PHP-Fusion Improper Privilege Management Vulnerability (CVE-2020-24949)
|
CVE-2020-24949
CWE-269
|
CWE-269
|
High
|
|
PHP-Fusion Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-3172)
|
CVE-2021-3172
CWE-732
|
CWE-732
|
High
|
|
PHP4 multiple vulnerabilities
|
CVE-2003-0860
CVE-2003-0861
CWE-119
|
CWE-119
|
High
|
|
PHP 5.3.9 remote code execution
|
CVE-2012-0830
CWE-399
|
CWE-399
|
High
|
|
PHP Address Book Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-2778)
|
CVE-2013-2778
CWE-352
|
CWE-352
|
High
|
|
PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1911)
|
CVE-2012-1911
CWE-138
|
CWE-138
|
High
|
|
PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-0135)
|
CVE-2013-0135
CWE-138
|
CWE-138
|
High
|
|
PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1748)
|
CVE-2013-1748
CWE-138
|
CWE-138
|
High
|
|
PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2017-7963)
|
CVE-2017-7963
CWE-770
|
CWE-770
|
High
|
|
PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568)
|
CVE-2023-0568
CWE-770
|
CWE-770
|
High
|
|
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16993)
|
CVE-2019-16993
CWE-352
|
CWE-352
|
High
|
|
phpBB CVE-2010-1630 Vulnerability (CVE-2010-1630)
|
CVE-2010-1630
|
|
High
|
|
phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16108)
|
CVE-2019-16108
CWE-94
|
CWE-94
|
High
|
|
phpBB Improper Initialization Vulnerability (CVE-2001-1471)
|
CVE-2001-1471
CWE-665
|
CWE-665
|
High
|
|
phpBB Improper Input Validation Vulnerability (CVE-2019-9826)
|
CVE-2019-9826
CWE-20
|
CWE-20
|
High
|
|
phpBB Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2018-19274)
|
CVE-2018-19274
CWE-915
|
CWE-915
|
High
|
|
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2003-1530)
|
CVE-2003-1530
CWE-138
|
CWE-138
|
High
|
|
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-4653)
|
CVE-2007-4653
CWE-138
|
CWE-138
|
High
|
|
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-5688)
|
CVE-2007-5688
CWE-138
|
CWE-138
|
High
|
|
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000419)
|
CVE-2017-1000419
CWE-918
|
CWE-918
|
High
|
|
PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2007-0455)
|
CVE-2007-0455
CWE-120
|
CWE-120
|
High
|
|
PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-31626)
|
CVE-2022-31626
CWE-120
|
CWE-120
|
High
|
|
PHP Configuration Vulnerability (CVE-2008-5844)
|
CVE-2008-5844
|
|
High
|
|
PHP Cryptographic Issues Vulnerability (CVE-2015-8867)
|
CVE-2015-8867
|
|
High
|
|
PHP CVE-2006-5706 Vulnerability (CVE-2006-5706)
|
CVE-2006-5706
|
|
High
|
|
PHP CVE-2009-3292 Vulnerability (CVE-2009-3292)
|
CVE-2009-3292
|
|
High
|
|
PHP CVE-2009-3293 Vulnerability (CVE-2009-3293)
|
CVE-2009-3293
|
|
High
|
|
PHP CVE-2009-3559 Vulnerability (CVE-2009-3559)
|
CVE-2009-3559
|
|
High
|
|
PHP CVE-2014-3515 Vulnerability (CVE-2014-3515)
|
CVE-2014-3515
|
|
High
|
|
PHP CVE-2016-6174 Vulnerability (CVE-2016-6174)
|
CVE-2016-6174
|
|
High
|
|
PHP Data Processing Errors Vulnerability (CVE-2015-4025)
|
CVE-2015-4025
|
|
High
|
|
PHP Data Processing Errors Vulnerability (CVE-2015-4026)
|
CVE-2015-4026
|
|
High
|
|
PHP Data Processing Errors Vulnerability (CVE-2015-4147)
|
CVE-2015-4147
|
|
High
|
|
PHP DEPRECATED: Code Vulnerability (CVE-2014-9426)
|
CVE-2014-9426
|
|
High
|
|
PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)
|
CVE-2017-11143
CWE-502
|
CWE-502
|
High
|
|
PHP Deserialization of Untrusted Data Vulnerability (CVE-2018-19396)
|
CVE-2018-19396
CWE-502
|
CWE-502
|
High
|
|
PHP error logging format string vulnerability
|
CVE-2000-0967
CWE-20
|
CWE-20
|
High
|
|
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8393)
|
CVE-2015-8393
CWE-200
|
CWE-200
|
High
|
|
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-11145)
|
CVE-2017-11145
CWE-200
|
CWE-200
|
High
|
|
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-15132)
|
CVE-2018-15132
CWE-200
|
CWE-200
|
High
|
|
PHPFusion Code Execution Vulnerability (CVE-2019-12099)
|
CVE-2019-12099
|
|
High
|
|
PHPFusion Multiple SQL Injection Vulnerabilities (CVE-2014-8596)
|
CVE-2014-8596
|
|
High
|
|
PHP HTML entity encoder heap overflow vulnerability
|
CVE-2006-5465
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Access Control Vulnerability (CVE-2016-5385)
|
CVE-2016-5385
CWE-284
|
CWE-284
|
High
|
|
PHP Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2017-11144)
|
CVE-2017-11144
CWE-754
|
CWE-754
|
High
|
|
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1868)
|
CVE-2010-1868
CWE-94
|
CWE-94
|
High
|
|
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3379)
|
CVE-2011-3379
CWE-94
|
CWE-94
|
High
|
|
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-19520)
|
CVE-2018-19520
CWE-94
|
CWE-94
|
High
|
|
PHP Improper Encoding or Escaping of Output Vulnerability (CVE-2024-5585)
|
CVE-2024-5585
CWE-116
|
CWE-116
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2009-3291)
|
CVE-2009-3291
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2010-1129)
|
CVE-2010-1129
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2014-9653)
|
CVE-2014-9653
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2015-4604)
|
CVE-2015-4604
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2015-4605)
|
CVE-2015-4605
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2015-8873)
|
CVE-2015-8873
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2015-8879)
|
CVE-2015-8879
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2016-3185)
|
CVE-2016-3185
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2016-10397)
|
CVE-2016-10397
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2016-10712)
|
CVE-2016-10712
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Input Validation Vulnerability (CVE-2017-7189)
|
CVE-2017-7189
CWE-20
|
CWE-20
|
High
|
|
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-4663)
|
CVE-2007-4663
CWE-22
|
CWE-22
|
High
|
|
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-4825)
|
CVE-2007-4825
CWE-22
|
CWE-22
|
High
|
|
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-5658)
|
CVE-2008-5658
CWE-22
|
CWE-22
|
High
|
|
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-6833)
|
CVE-2015-6833
CWE-22
|
CWE-22
|
High
|
|
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)
|
CVE-2017-9067
CWE-22
|
CWE-22
|
High
|
|
PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2001-1246)
|
CVE-2001-1246
CWE-707
|
CWE-707
|
High
|
|
PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2002-0985)
|
CVE-2002-0985
CWE-707
|
CWE-707
|
High
|
|
PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2018-19518)
|
CVE-2018-19518
CWE-707
|
CWE-707
|
High
|
|
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-7125)
|
CVE-2016-7125
CWE-138
|
CWE-138
|
High
|
|
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-11234)
|
CVE-2024-11234
CWE-138
|
CWE-138
|
High
|
|
PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2311)
|
CVE-2012-2311
CWE-138
|
CWE-138
|
High
|
|
PHP Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415)
|
CVE-2015-3415
CWE-404
|
CWE-404
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-0097)
|
CVE-2006-0097
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-0906)
|
CVE-2007-0906
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-1381)
|
CVE-2007-1381
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-1413)
|
CVE-2007-1413
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-1864)
|
CVE-2007-1864
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-3294)
|
CVE-2007-3294
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-4033)
|
CVE-2007-4033
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-4586)
|
CVE-2007-4586
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-4661)
|
CVE-2007-4661
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-4662)
|
CVE-2007-4662
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3658)
|
CVE-2008-3658
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2011-1938)
|
CVE-2011-1938
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-6420)
|
CVE-2013-6420
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8626)
|
CVE-2014-8626
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-9427)
|
CVE-2014-9427
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-9705)
|
CVE-2014-9705
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3307)
|
CVE-2015-3307
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3329)
|
CVE-2015-3329
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5590)
|
CVE-2015-5590
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-8865)
|
CVE-2015-8865
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-8874)
|
CVE-2015-8874
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3142)
|
CVE-2016-3142
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4342)
|
CVE-2016-4342
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6297)
|
CVE-2016-6297
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7412)
|
CVE-2016-7412
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7416)
|
CVE-2016-7416
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7418)
|
CVE-2016-7418
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-11628)
|
CVE-2017-11628
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9638)
|
CVE-2019-9638
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9639)
|
CVE-2019-9639
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9640)
|
CVE-2019-9640
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9675)
|
CVE-2019-9675
CWE-119
|
CWE-119
|
High
|
|
PHP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-3823)
|
CVE-2023-3823
CWE-611
|
CWE-611
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
|
CVE-2015-3416
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-8387)
|
CVE-2015-8387
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5094)
|
CVE-2016-5094
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5095)
|
CVE-2016-5095
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5096)
|
CVE-2016-5096
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-6289)
|
CVE-2016-6289
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-7133)
|
CVE-2016-7133
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-10159)
|
CVE-2016-10159
CWE-190
|
CWE-190
|
High
|
|
PHP Integer Overflow or Wraparound Vulnerability (CVE-2018-14883)
|
CVE-2018-14883
CWE-190
|
CWE-190
|
High
|
|
phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)
|
CVE-2008-6178
CWE-94
|
CWE-94
|
High
|
|
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2740)
|
CVE-2012-2740
CWE-138
|
CWE-138
|
High
|
|
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-3953)
|
CVE-2012-3953
CWE-138
|
CWE-138
|
High
|
|
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20030)
|
CVE-2017-20030
CWE-138
|
CWE-138
|
High
|
|
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15072)
|
CVE-2020-15072
CWE-138
|
CWE-138
|
High
|
|
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-35708)
|
CVE-2020-35708
CWE-138
|
CWE-138
|
High
|
|
PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-10546)
|
CVE-2018-10546
CWE-835
|
CWE-835
|
High
|
|
PHP Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2010-4657)
|
CVE-2010-4657
CWE-772
|
CWE-772
|
High
|
|
PHP multiple vulnerabilities
|
CVE-2004-1018
CVE-2004-1019
CVE-2004-1020
CVE-2004-1063
CVE-2004-1064
CVE-2004-1065
CWE-119
|
CWE-119
|
High
|
|
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-1927)
|
CVE-2016-1927
|
|
High
|
|
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-2041)
|
CVE-2016-2041
|
|
High
|
|
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9861)
|
CVE-2016-9861
|
|
High
|
|
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000499)
|
CVE-2017-1000499
CWE-352
|
CWE-352
|
High
|
|
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-10188)
|
CVE-2018-10188
CWE-352
|
CWE-352
|
High
|
|
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-19969)
|
CVE-2018-19969
CWE-352
|
CWE-352
|
High
|
|
phpMyAdmin CVE-2016-6633 Vulnerability (CVE-2016-6633)
|
CVE-2016-6633
|
|
High
|
|
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5739)
|
CVE-2016-5739
CWE-200
|
CWE-200
|
High
|
|
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6606)
|
CVE-2016-6606
CWE-200
|
CWE-200
|
High
|
|
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-0813)
|
CVE-2022-0813
CWE-200
|
CWE-200
|
High
|
|
phpMyAdmin Improper Authentication Vulnerability (CVE-2018-12613)
|
CVE-2018-12613
CWE-287
|
CWE-287
|
High
|
|
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1285)
|
CVE-2009-1285
CWE-94
|
CWE-94
|
High
|
|
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-2506)
|
CVE-2011-2506
CWE-94
|
CWE-94
|
High
|
|
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5159)
|
CVE-2012-5159
CWE-94
|
CWE-94
|
High
|
|
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-9862)
|
CVE-2016-9862
CWE-94
|
CWE-94
|
High
|
|
phpMyAdmin Improper Input Validation Vulnerability (CVE-2008-4096)
|
CVE-2008-4096
CWE-20
|
CWE-20
|
High
|
|
phpMyAdmin Improper Input Validation Vulnerability (CVE-2009-1149)
|
CVE-2009-1149
CWE-20
|
CWE-20
|
High
|
|
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9863)
|
CVE-2016-9863
CWE-20
|
CWE-20
|
High
|
|
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000014)
|
CVE-2017-1000014
CWE-20
|
CWE-20
|
High
|
|
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000016)
|
CVE-2017-1000016
CWE-20
|
CWE-20
|
High
|
|
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000018)
|
CVE-2017-1000018
CWE-20
|
CWE-20
|
High
|
|
phpMyAdmin Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2020-22278)
|
CVE-2020-22278
CWE-1236
|
CWE-1236
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-6609)
|
CVE-2016-6609
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-6631)
|
CVE-2016-6631
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3697)
|
CVE-2009-3697
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6611)
|
CVE-2016-6611
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6616)
|
CVE-2016-6616
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6617)
|
CVE-2016-6617
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6619)
|
CVE-2016-6619
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-9864)
|
CVE-2016-9864
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-5504)
|
CVE-2020-5504
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10802)
|
CVE-2020-10802
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10804)
|
CVE-2020-10804
CWE-138
|
CWE-138
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2001-0478)
|
CVE-2001-0478
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2001-1060)
|
CVE-2001-1060
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2004-2630)
|
CVE-2004-2630
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2004-2631)
|
CVE-2004-2631
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2004-2632)
|
CVE-2004-2632
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2005-0567)
|
CVE-2005-0567
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2006-1804)
|
CVE-2006-1804
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2006-6944)
|
CVE-2006-6944
|
|
High
|
|
phpMyAdmin Other Vulnerability (CVE-2007-1325)
|
CVE-2007-1325
|
|
High
|
|
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3055)
|
CVE-2010-3055
CWE-264
|
CWE-264
|
High
|
|
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5469)
|
CVE-2012-5469
CWE-264
|
CWE-264
|
High
|
|
phpMyAdmin Resource Management Errors Vulnerability (CVE-2016-5706)
|
CVE-2016-5706
|
|
High
|
|
phpMyAdmin Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-6621)
|
CVE-2016-6621
CWE-918
|
CWE-918
|
High
|
|
phpMyAdmin Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000017)
|
CVE-2017-1000017
CWE-918
|
CWE-918
|
High
|
|
phpMyFAQ Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-4409)
|
CVE-2022-4409
CWE-319
|
CWE-319
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-6046)
|
CVE-2014-6046
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15729)
|
CVE-2017-15729
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15730)
|
CVE-2017-15730
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15731)
|
CVE-2017-15731
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15732)
|
CVE-2017-15732
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15733)
|
CVE-2017-15733
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15734)
|
CVE-2017-15734
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15735)
|
CVE-2017-15735
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15808)
|
CVE-2017-15808
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-16650)
|
CVE-2018-16650
CWE-352
|
CWE-352
|
High
|
|
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)
|
CVE-2010-4558
CWE-94
|
CWE-94
|
High
|
|
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4825)
|
CVE-2011-4825
CWE-94
|
CWE-94
|
High
|
|
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-16651)
|
CVE-2018-16651
CWE-1236
|
CWE-1236
|
High
|
|
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3608)
|
CVE-2022-3608
CWE-707
|
CWE-707
|
High
|
|
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-6912)
|
CVE-2006-6912
CWE-138
|
CWE-138
|
High
|
|
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-6045)
|
CVE-2014-6045
CWE-138
|
CWE-138
|
High
|
|
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-27299)
|
CVE-2024-27299
CWE-138
|
CWE-138
|
High
|
|
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-28107)
|
CVE-2024-28107
CWE-138
|
CWE-138
|
High
|
|
phpMyFAQ Improper Privilege Management Vulnerability (CVE-2023-1762)
|
CVE-2023-1762
CWE-269
|
CWE-269
|
High
|
|
phpMyFAQ Other Vulnerability (CVE-2006-6913)
|
CVE-2006-6913
|
|
High
|
|
phpMyFAQ Uncaught Exception Vulnerability (CVE-2023-0790)
|
CVE-2023-0790
CWE-248
|
CWE-248
|
High
|
|
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-28105)
|
CVE-2024-28105
CWE-434
|
CWE-434
|
High
|
|
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0793)
|
CVE-2023-0793
CWE-521
|
CWE-521
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7130)
|
CVE-2016-7130
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7131)
|
CVE-2016-7131
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7132)
|
CVE-2016-7132
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2016-9934)
|
CVE-2016-9934
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2016-10162)
|
CVE-2016-10162
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2017-6441)
|
CVE-2017-6441
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2017-9229)
|
CVE-2017-9229
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2018-10548)
|
CVE-2018-10548
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2018-14884)
|
CVE-2018-14884
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2018-19395)
|
CVE-2018-19395
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2018-19935)
|
CVE-2018-19935
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2020-7062)
|
CVE-2020-7062
CWE-476
|
CWE-476
|
High
|
|
PHP NULL Pointer Dereference Vulnerability (CVE-2021-21702)
|
CVE-2021-21702
CWE-476
|
CWE-476
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2007-4657)
|
CVE-2007-4657
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2008-2107)
|
CVE-2008-2107
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2011-1092)
|
CVE-2011-1092
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2012-2386)
|
CVE-2012-2386
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2014-3669)
|
CVE-2014-3669
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2015-2331)
|
CVE-2015-2331
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2015-4022)
|
CVE-2015-4022
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2016-1904)
|
CVE-2016-1904
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2016-4070)
|
CVE-2016-4070
|
|
High
|
|
PHP Numeric Errors Vulnerability (CVE-2016-10158)
|
CVE-2016-10158
|
|
High
|
|
PHP Other Vulnerability (CVE-1999-0058)
|
CVE-1999-0058
|
|
High
|
|
PHP Other Vulnerability (CVE-1999-0068)
|
CVE-1999-0068
|
|
High
|
|
PHP Other Vulnerability (CVE-2002-0081)
|
CVE-2002-0081
|
|
High
|
|
PHP Other Vulnerability (CVE-2002-0229)
|
CVE-2002-0229
|
|
High
|
|
PHP Other Vulnerability (CVE-2002-0717)
|
CVE-2002-0717
|
|
High
|
|
PHP Other Vulnerability (CVE-2002-1396)
|
CVE-2002-1396
|
|
High
|
|
PHP Other Vulnerability (CVE-2003-0097)
|
CVE-2003-0097
|
|
High
|
|
PHP Other Vulnerability (CVE-2003-0166)
|
CVE-2003-0166
|
|
High
|
|
PHP Other Vulnerability (CVE-2003-0172)
|
CVE-2003-0172
|
|
High
|
|
PHP Other Vulnerability (CVE-2003-0249)
|
CVE-2003-0249
|
|
High
|
|
PHP Other Vulnerability (CVE-2003-0863)
|
CVE-2003-0863
|
|
High
|
|
PHP Other Vulnerability (CVE-2005-1042)
|
CVE-2005-1042
|
|
High
|
|
PHP Other Vulnerability (CVE-2005-3390)
|
CVE-2005-3390
|
|
High
|
|
PHP Other Vulnerability (CVE-2005-3391)
|
CVE-2005-3391
|
|
High
|
|
PHP Other Vulnerability (CVE-2005-3392)
|
CVE-2005-3392
|
|
High
|
|
PHP Other Vulnerability (CVE-2006-4433)
|
CVE-2006-4433
|
|
High
|
|
PHP Other Vulnerability (CVE-2006-4481)
|
CVE-2006-4481
|
|
High
|
|
PHP Other Vulnerability (CVE-2006-5465)
|
CVE-2006-5465
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-0905)
|
CVE-2007-0905
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-0909)
|
CVE-2007-0909
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-0911)
|
CVE-2007-0911
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1376)
|
CVE-2007-1376
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1412)
|
CVE-2007-1412
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1453)
|
CVE-2007-1453
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1649)
|
CVE-2007-1649
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1700)
|
CVE-2007-1700
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1718)
|
CVE-2007-1718
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1777)
|
CVE-2007-1777
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1825)
|
CVE-2007-1825
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1883)
|
CVE-2007-1883
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1885)
|
CVE-2007-1885
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1887)
|
CVE-2007-1887
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1888)
|
CVE-2007-1888
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1889)
|
CVE-2007-1889
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-1890)
|
CVE-2007-1890
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-2511)
|
CVE-2007-2511
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-4255)
|
CVE-2007-4255
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-4658)
|
CVE-2007-4658
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-4659)
|
CVE-2007-4659
|
|
High
|
|
PHP Other Vulnerability (CVE-2007-5424)
|
CVE-2007-5424
|
|
High
|
|
PHP Other Vulnerability (CVE-2014-0236)
|
CVE-2014-0236
|
|
High
|
|
PHP Other Vulnerability (CVE-2014-8142)
|
CVE-2014-8142
|
|
High
|
|
PHP Other Vulnerability (CVE-2014-9425)
|
CVE-2014-9425
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-0231)
|
CVE-2015-0231
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-0273)
|
CVE-2015-0273
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-2301)
|
CVE-2015-2301
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-2787)
|
CVE-2015-2787
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-4644)
|
CVE-2015-4644
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-6832)
|
CVE-2015-6832
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-6836)
|
CVE-2015-6836
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-6837)
|
CVE-2015-6837
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-6838)
|
CVE-2015-6838
|
|
High
|
|
PHP Other Vulnerability (CVE-2015-8616)
|
CVE-2015-8616
|
|
High
|
|
PHP Other Vulnerability (CVE-2016-4343)
|
CVE-2016-4343
|
|
High
|
|
PHP Other Vulnerability (CVE-2016-7478)
|
CVE-2016-7478
|
|
High
|
|
PHP Other Vulnerability (CVE-2019-11044)
|
CVE-2019-11044
|
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2015-2325)
|
CVE-2015-2325
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2016-5093)
|
CVE-2016-5093
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2016-10161)
|
CVE-2016-10161
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2017-9118)
|
CVE-2017-9118
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2017-16642)
|
CVE-2017-16642
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2018-10549)
|
CVE-2018-10549
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2018-20783)
|
CVE-2018-20783
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2019-9022)
|
CVE-2019-9022
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2019-9024)
|
CVE-2019-9024
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)
|
CVE-2019-11041
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2019-11042)
|
CVE-2019-11042
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2019-11046)
|
CVE-2019-11046
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2019-19246)
|
CVE-2019-19246
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2020-7067)
|
CVE-2020-7067
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Read Vulnerability (CVE-2022-31630)
|
CVE-2022-31630
CWE-125
|
CWE-125
|
High
|
|
PHP Out-of-bounds Write Vulnerability (CVE-2008-2371)
|
CVE-2008-2371
CWE-787
|
CWE-787
|
High
|
|
PHP Out-of-bounds Write Vulnerability (CVE-2016-5399)
|
CVE-2016-5399
CWE-787
|
CWE-787
|
High
|
|
PHP Out-of-bounds Write Vulnerability (CVE-2019-6977)
|
CVE-2019-6977
CWE-787
|
CWE-787
|
High
|
|
PHP Out-of-bounds Write Vulnerability (CVE-2020-7065)
|
CVE-2020-7065
CWE-787
|
CWE-787
|
High
|
|
PHP Out-of-bounds Write Vulnerability (CVE-2021-21703)
|
CVE-2021-21703
CWE-787
|
CWE-787
|
High
|
|
PHP Out-of-bounds Write Vulnerability (CVE-2024-11233)
|
CVE-2024-11233
CWE-787
|
CWE-787
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-1461)
|
CVE-2007-1461
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-3997)
|
CVE-2007-3997
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0145)
|
CVE-2008-0145
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5624)
|
CVE-2008-5624
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5625)
|
CVE-2008-5625
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7002)
|
CVE-2008-7002
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4018)
|
CVE-2009-4018
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2335)
|
CVE-2012-2335
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1635)
|
CVE-2013-1635
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0185)
|
CVE-2014-0185
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-8994)
|
CVE-2015-8994
CWE-264
|
CWE-264
|
High
|
|
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2019-9637)
|
CVE-2019-9637
CWE-264
|
CWE-264
|
High
|
|
PHP POST file upload buffer overflow vulnerabilities
|
CVE-2002-0081
CWE-119
|
CWE-119
|
High
|
|
PHP Release of Invalid Pointer or Reference Vulnerability (CVE-2022-31625)
|
CVE-2022-31625
CWE-763
|
CWE-763
|
High
|
|
PHP Resource Management Errors Vulnerability (CVE-2002-2309)
|
CVE-2002-2309
|
|
High
|
|
PHP Resource Management Errors Vulnerability (CVE-2007-4660)
|
CVE-2007-4660
|
|
High
|
|
PHP Resource Management Errors Vulnerability (CVE-2010-2225)
|
CVE-2010-2225
|
|
High
|
|
PHP Resource Management Errors Vulnerability (CVE-2011-1148)
|
CVE-2011-1148
|
|
High
|
|
PHP Resource Management Errors Vulnerability (CVE-2012-0830)
|
CVE-2012-0830
|
|
High
|
|
PHP Resource Management Errors Vulnerability (CVE-2015-8877)
|
CVE-2015-8877
|
|
High
|
|
PHP Safedir restriction bypass vulnerabilities
|
CWE-20
|
CWE-20
|
High
|
|
PHP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7272)
|
CVE-2017-7272
CWE-918
|
CWE-918
|
High
|
|
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2011-3336)
|
CVE-2011-3336
CWE-400
|
CWE-400
|
High
|
|
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2017-11142)
|
CVE-2017-11142
CWE-400
|
CWE-400
|
High
|
|
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2023-0662)
|
CVE-2023-0662
CWE-400
|
CWE-400
|
High
|
|
PHP Use After Free Vulnerability (CVE-2015-1351)
|
CVE-2015-1351
CWE-416
|
CWE-416
|
High
|
|
PHP Use After Free Vulnerability (CVE-2015-6831)
|
CVE-2015-6831
CWE-416
|
CWE-416
|
High
|
|
PHP Use After Free Vulnerability (CVE-2017-12934)
|
CVE-2017-12934
CWE-416
|
CWE-416
|
High
|
|
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2011-1153)
|
CVE-2011-1153
CWE-134
|
CWE-134
|
High
|
|
PHP Use of Uninitialized Resource Vulnerability (CVE-2015-3414)
|
CVE-2015-3414
CWE-908
|
CWE-908
|
High
|
|
PHP version older than 4.4.1
|
CVE-2005-3388
CVE-2006-0097
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.1
|
CVE-2007-1376
CVE-2007-1380
CVE-2007-1453
CVE-2007-1454
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.3
|
CVE-2007-1900
CVE-2007-2756
CVE-2007-2872
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.5
|
CVE-2007-4840
CVE-2007-4887
CVE-2007-5898
CVE-2007-5899
CVE-2007-5900
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.6
|
CVE-2007-4850
CVE-2008-0599
CVE-2008-0674
CVE-2008-1384
CVE-2008-2050
CVE-2008-2051
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.8
|
CVE-2008-2371
CVE-2008-2665
CVE-2008-2666
CVE-2008-2829
CVE-2008-3658
CVE-2008-3659
CVE-2008-3660
CWE-1104
|
CWE-1104
|
High
|
|
PHP Zend_Hash_Del_Key_Or_Index vulnerability
|
CVE-2006-3017
CWE-702
|
CWE-702
|
High
|
|
Phusion Passenger Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-12029)
|
CVE-2018-12029
CWE-362
|
CWE-362
|
High
|
|
Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-12027)
|
CVE-2018-12027
CWE-200
|
CWE-200
|
High
|
|
Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12028)
|
CVE-2018-12028
CWE-732
|
CWE-732
|
High
|
|
Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-10345)
|
CVE-2016-10345
CWE-264
|
CWE-264
|
High
|
|
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-1468)
|
CVE-2013-1468
CWE-352
|
CWE-352
|
High
|
|
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678)
|
CVE-2017-10678
CWE-352
|
CWE-352
|
High
|
|
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10680)
|
CVE-2017-10680
CWE-352
|
CWE-352
|
High
|
|
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681)
|
CVE-2017-10681
CWE-352
|
CWE-352
|
High
|
|
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17774)
|
CVE-2017-17774
CWE-352
|
CWE-352
|
High
|
|
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17827)
|
CVE-2017-17827
CWE-352
|
CWE-352
|
High
|
|
Piwigo Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-26267)
|
CVE-2022-26267
CWE-668
|
CWE-668
|
High
|
|
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10679)
|
CVE-2017-10679
CWE-200
|
CWE-200
|
High
|
|
Piwigo Improper Access Control Vulnerability (CVE-2016-10084)
|
CVE-2016-10084
CWE-284
|
CWE-284
|
High
|
|
Piwigo Improper Access Control Vulnerability (CVE-2016-10085)
|
CVE-2016-10085
CWE-284
|
CWE-284
|
High
|
|
Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2012-2208)
|
CVE-2012-2208
CWE-22
|
CWE-22
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-40553)
|
CVE-2021-40553
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2933)
|
CVE-2009-2933
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-9115)
|
CVE-2014-9115
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1441)
|
CVE-2015-1441
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19215)
|
CVE-2020-19215
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19216)
|
CVE-2020-19216
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19217)
|
CVE-2020-19217
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27973)
|
CVE-2021-27973
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-40313)
|
CVE-2021-40313
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-40317)
|
CVE-2021-40317
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-26266)
|
CVE-2022-26266
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-32297)
|
CVE-2022-32297
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-26876)
|
CVE-2023-26876
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-27233)
|
CVE-2023-27233
CWE-138
|
CWE-138
|
High
|
|
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-37270)
|
CVE-2023-37270
CWE-138
|
CWE-138
|
High
|
|
Piwigo Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2016-3735)
|
CVE-2016-3735
CWE-335
|
CWE-335
|
High
|
|
Play Framework Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2022-31023)
|
CVE-2022-31023
CWE-209
|
CWE-209
|
High
|
|
Play Framework Improper Input Validation Vulnerability (CVE-2015-2156)
|
CVE-2015-2156
CWE-20
|
CWE-20
|
High
|
|
Play Framework Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-13864)
|
CVE-2018-13864
CWE-22
|
CWE-22
|
High
|
|
Play Framework Inadequate Encryption Strength Vulnerability (CVE-2019-17598)
|
CVE-2019-17598
CWE-326
|
CWE-326
|
High
|
|
Play Framework Out-of-bounds Write Vulnerability (CVE-2020-27196)
|
CVE-2020-27196
CWE-787
|
CWE-787
|
High
|
|
Play Framework Uncontrolled Recursion Vulnerability (CVE-2020-26882)
|
CVE-2020-26882
CWE-674
|
CWE-674
|
High
|
|
Play Framework Uncontrolled Recursion Vulnerability (CVE-2020-26883)
|
CVE-2020-26883
CWE-674
|
CWE-674
|
High
|
|
Play Framework Uncontrolled Resource Consumption Vulnerability (CVE-2022-31018)
|
CVE-2022-31018
CWE-400
|
CWE-400
|
High
|
|
PleskLin Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-43784)
|
CVE-2023-43784
CWE-668
|
CWE-668
|
High
|
|
PleskLin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1557)
|
CVE-2012-1557
CWE-138
|
CWE-138
|
High
|
|
PleskLin Other Vulnerability (CVE-2013-0133)
|
CVE-2013-0133
|
|
High
|
|
PleskLin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4878)
|
CVE-2013-4878
CWE-264
|
CWE-264
|
High
|
|
PleskWin Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-43784)
|
CVE-2023-43784
CWE-668
|
CWE-668
|
High
|
|
PleskWin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1557)
|
CVE-2012-1557
CWE-138
|
CWE-138
|
High
|
|
PleskWin Other Vulnerability (CVE-2013-0133)
|
CVE-2013-0133
|
|
High
|
|
PleskWin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4878)
|
CVE-2013-4878
CWE-264
|
CWE-264
|
High
|
|
Plone arbitrary code execution
|
CVE-2011-3587
CWE-78
|
CWE-78
|
High
|
|
Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7293)
|
CVE-2015-7293
CWE-352
|
CWE-352
|
High
|
|
Plone CMS CVE-2011-0720 Vulnerability (CVE-2011-0720)
|
CVE-2011-0720
|
|
High
|
|
Plone CMS CVE-2011-2528 Vulnerability (CVE-2011-2528)
|
CVE-2011-2528
|
|
High
|
|
Plone CMS CVE-2024-23756 Vulnerability (CVE-2024-23756)
|
CVE-2024-23756
|
|
High
|
|
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5741)
|
CVE-2007-5741
CWE-94
|
CWE-94
|
High
|
|
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5493)
|
CVE-2012-5493
CWE-94
|
CWE-94
|
High
|
|
Plone CMS Improper Input Validation Vulnerability (CVE-2015-7318)
|
CVE-2015-7318
CWE-20
|
CWE-20
|
High
|
|
Plone CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)
|
CVE-2021-32633
CWE-22
|
CWE-22
|
High
|
|
Plone CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7939)
|
CVE-2020-7939
CWE-138
|
CWE-138
|
High
|
|
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7938)
|
CVE-2020-7938
CWE-269
|
CWE-269
|
High
|
|
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)
|
CVE-2024-0669
CWE-1021
|
CWE-1021
|
High
|
|
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)
|
CVE-2020-28734
CWE-611
|
CWE-611
|
High
|
|
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)
|
CVE-2020-28736
CWE-611
|
CWE-611
|
High
|
|
Plone CMS Incorrect Default Permissions Vulnerability (CVE-2024-22889)
|
CVE-2024-22889
CWE-276
|
CWE-276
|
High
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)
|
CVE-2012-5487
CWE-264
|
CWE-264
|
High
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4041)
|
CVE-2016-4041
CWE-264
|
CWE-264
|
High
|
|
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)
|
CVE-2020-28735
CWE-918
|
CWE-918
|
High
|
|
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33511)
|
CVE-2021-33511
CWE-918
|
CWE-918
|
High
|
|
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33926)
|
CVE-2021-33926
CWE-918
|
CWE-918
|
High
|
|
Plone CMS Weak Password Requirements Vulnerability (CVE-2020-7940)
|
CVE-2020-7940
CWE-521
|
CWE-521
|
High
|
|
PmWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4453)
|
CVE-2011-4453
CWE-94
|
CWE-94
|
High
|
|
PostgreSQL 7PK - Security Features Vulnerability (CVE-2016-2193)
|
CVE-2016-2193
|
|
High
|
|
PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)
|
CVE-2020-25696
|
|
High
|
|
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0241)
|
CVE-2015-0241
CWE-120
|
CWE-120
|
High
|
|
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0243)
|
CVE-2015-0243
CWE-120
|
CWE-120
|
High
|
|
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-21469)
|
CVE-2020-21469
CWE-120
|
CWE-120
|
High
|
|
PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-14798)
|
CVE-2017-14798
CWE-362
|
CWE-362
|
High
|
|
PostgreSQL CVE-2017-7547 Vulnerability (CVE-2017-7547)
|
CVE-2017-7547
|
|
High
|
|
PostgreSQL CVE-2017-7548 Vulnerability (CVE-2017-7548)
|
CVE-2017-7548
|
|
High
|
|
PostgreSQL CVE-2018-1058 Vulnerability (CVE-2018-1058)
|
CVE-2018-1058
|
|
High
|
|
PostgreSQL CVE-2023-2454 Vulnerability (CVE-2023-2454)
|
CVE-2023-2454
|
|
High
|
|
PostgreSQL CVE-2024-0985 Vulnerability (CVE-2024-0985)
|
CVE-2024-0985
|
|
High
|
|
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3167)
|
CVE-2015-3167
CWE-200
|
CWE-200
|
High
|
|
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7484)
|
CVE-2017-7484
CWE-200
|
CWE-200
|
High
|
|
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7486)
|
CVE-2017-7486
CWE-200
|
CWE-200
|
High
|
|
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15098)
|
CVE-2017-15098
CWE-200
|
CWE-200
|
High
|
|
PostgreSQL Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2024-10979)
|
CVE-2024-10979
CWE-610
|
CWE-610
|
High
|
|
PostgreSQL Improper Access Control Vulnerability (CVE-2016-0768)
|
CVE-2016-0768
CWE-284
|
CWE-284
|
High
|
|
PostgreSQL Improper Access Control Vulnerability (CVE-2016-7048)
|
CVE-2016-7048
CWE-284
|
CWE-284
|
High
|
|
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10127)
|
CVE-2019-10127
CWE-284
|
CWE-284
|
High
|
|
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10128)
|
CVE-2019-10128
CWE-284
|
CWE-284
|
High
|
|
PostgreSQL Improper Authentication Vulnerability (CVE-2007-6601)
|
CVE-2007-6601
CWE-287
|
CWE-287
|
High
|
|
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43766)
|
CVE-2021-43766
CWE-295
|
CWE-295
|
High
|
|
PostgreSQL Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2022-2625)
|
CVE-2022-2625
CWE-913
|
CWE-913
|
High
|
|
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1169)
|
CVE-2010-1169
CWE-94
|
CWE-94
|
High
|
|
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-5424)
|
CVE-2016-5424
CWE-94
|
CWE-94
|
High
|
|
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)
|
CVE-2019-10210
CWE-20
|
CWE-20
|
High
|
|
PostgreSQL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-9193)
|
CVE-2019-9193
CWE-138
|
CWE-138
|
High
|
|
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-10915)
|
CVE-2018-10915
CWE-138
|
CWE-138
|
High
|
|
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10208)
|
CVE-2019-10208
CWE-138
|
CWE-138
|
High
|
|
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-25695)
|
CVE-2020-25695
CWE-138
|
CWE-138
|
High
|
|
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-23214)
|
CVE-2021-23214
CWE-138
|
CWE-138
|
High
|
|
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-1552)
|
CVE-2022-1552
CWE-138
|
CWE-138
|
High
|
|
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39417)
|
CVE-2023-39417
CWE-138
|
CWE-138
|
High
|
|
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-0773)
|
CVE-2016-0773
CWE-119
|
CWE-119
|
High
|
|
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)
|
CVE-2021-32027
CWE-119
|
CWE-119
|
High
|
|
PostgreSQL Incorrect Authorization Vulnerability (CVE-2018-10925)
|
CVE-2018-10925
CWE-863
|
CWE-863
|
High
|
|
PostgreSQL Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1053)
|
CVE-2018-1053
CWE-732
|
CWE-732
|
High
|
|
PostgreSQL Integer Overflow or Wraparound Vulnerability (CVE-2023-5869)
|
CVE-2023-5869
CWE-190
|
CWE-190
|
High
|
|
PostgreSQL NULL Pointer Dereference Vulnerability (CVE-2016-5423)
|
CVE-2016-5423
CWE-476
|
CWE-476
|
High
|
|
PostgreSQL Numeric Errors Vulnerability (CVE-2013-1900)
|
CVE-2013-1900
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2002-0802)
|
CVE-2002-0802
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2002-1397)
|
CVE-2002-1397
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2002-1400)
|
CVE-2002-1400
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2002-1642)
|
CVE-2002-1642
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2003-0901)
|
CVE-2003-0901
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2005-0245)
|
CVE-2005-0245
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2005-1409)
|
CVE-2005-1409
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2006-2313)
|
CVE-2006-2313
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2006-2314)
|
CVE-2006-2314
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2007-0555)
|
CVE-2007-0555
|
|
High
|
|
PostgreSQL Other Vulnerability (CVE-2012-1618)
|
CVE-2012-1618
|
|
High
|
|
PostgreSQL Out-of-bounds Write Vulnerability (CVE-2015-0242)
|
CVE-2015-0242
CWE-787
|
CWE-787
|
High
|
|
PostgreSQL Out-of-bounds Write Vulnerability (CVE-2019-10164)
|
CVE-2019-10164
CWE-787
|
CWE-787
|
High
|
|
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1447)
|
CVE-2010-1447
CWE-264
|
CWE-264
|
High
|
|
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0766)
|
CVE-2016-0766
CWE-264
|
CWE-264
|
High
|
|
PostgreSQL Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2024-7348)
|
CVE-2024-7348
CWE-367
|
CWE-367
|
High
|
|
PostgreSQL Uncontrolled Search Path Element Vulnerability (CVE-2020-14349)
|
CVE-2020-14349
CWE-427
|
CWE-427
|
High
|
|
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-10733)
|
CVE-2020-10733
CWE-426
|
CWE-426
|
High
|
|
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-14350)
|
CVE-2020-14350
CWE-426
|
CWE-426
|
High
|
|
PostgreSQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2020-25694)
|
CVE-2020-25694
CWE-327
|
CWE-327
|
High
|
|
PrestaShop Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-13461)
|
CVE-2019-13461
CWE-639
|
CWE-639
|
High
|
|
PrestaShop Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-25170)
|
CVE-2023-25170
CWE-352
|
CWE-352
|
High
|
|
PrestaShop CVE-2018-19125 Vulnerability (CVE-2018-19125)
|
CVE-2018-19125
|
|
High
|
|
PrestaShop CVE-2020-26224 Vulnerability (CVE-2020-26224)
|
CVE-2020-26224
|
|
High
|
|
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-20717)
|
CVE-2018-20717
CWE-94
|
CWE-94
|
High
|
|
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-19124)
|
CVE-2018-19124
CWE-22
|
CWE-22
|
High
|
|
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-39528)
|
CVE-2023-39528
CWE-22
|
CWE-22
|
High
|
|
PrestaShop Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-21302)
|
CVE-2021-21302
CWE-1236
|
CWE-1236
|
High
|
|
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30151)
|
CVE-2023-30151
CWE-138
|
CWE-138
|
High
|
|
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30839)
|
CVE-2023-30839
CWE-138
|
CWE-138
|
High
|
|
PrestaShop Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2018-7491)
|
CVE-2018-7491
CWE-1021
|
CWE-1021
|
High
|
|
PrestaShop Other Vulnerability (CVE-2020-15082)
|
CVE-2020-15082
|
|
High
|
|
PrestaShop Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-41651)
|
CVE-2024-41651
CWE-918
|
CWE-918
|
High
|
|
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2013-6358)
|
CVE-2013-6358
CWE-434
|
CWE-434
|
High
|
|
ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-7201)
|
CVE-2018-7201
CWE-1236
|
CWE-1236
|
High
|
|
ProjectSend Improper Privilege Management Vulnerability (CVE-2020-28874)
|
CVE-2020-28874
CWE-269
|
CWE-269
|
High
|
|
ProjectSend Incorrect Authorization Vulnerability (CVE-2021-40884)
|
CVE-2021-40884
CWE-863
|
CWE-863
|
High
|
|
ProjectSend Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-11492)
|
CVE-2019-11492
CWE-532
|
CWE-532
|
High
|
|
ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11378)
|
CVE-2019-11378
CWE-434
|
CWE-434
|
High
|
|
ProjectSend Use of Insufficiently Random Values Vulnerability (CVE-2024-7659)
|
CVE-2024-7659
CWE-330
|
CWE-330
|
High
|
|
Prototype CVE-2008-7220 Vulnerability (CVE-2008-7220)
|
CVE-2008-7220
|
|
High
|
|
Prototype CVE-2020-27511 Vulnerability (CVE-2020-27511)
|
CVE-2020-27511
|
|
High
|
|
Python Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2004-0150)
|
CVE-2004-0150
CWE-120
|
CWE-120
|
High
|
|
Python Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2008-3142)
|
CVE-2008-3142
CWE-120
|
CWE-120
|
High
|
|
Python Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2010-1450)
|
CVE-2010-1450
CWE-120
|
CWE-120
|
High
|
|
Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-48566)
|
CVE-2022-48566
CWE-362
|
CWE-362
|
High
|
|
Python CVE-2013-1753 Vulnerability (CVE-2013-1753)
|
CVE-2013-1753
|
|
High
|
|
Python CVE-2018-1060 Vulnerability (CVE-2018-1060)
|
CVE-2018-1060
|
|
High
|
|
Python CVE-2018-1061 Vulnerability (CVE-2018-1061)
|
CVE-2018-1061
|
|
High
|
|
Python CVE-2019-16056 Vulnerability (CVE-2019-16056)
|
CVE-2019-16056
|
|
High
|
|
Python CVE-2019-17514 Vulnerability (CVE-2019-17514)
|
CVE-2019-17514
|
|
High
|
|
Python CVE-2022-42919 Vulnerability (CVE-2022-42919)
|
CVE-2022-42919
|
|
High
|
|
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)
|
CVE-2016-2183
CWE-200
|
CWE-200
|
High
|
|
Python Files or Directories Accessible to External Parties Vulnerability (CVE-2019-13404)
|
CVE-2019-13404
CWE-552
|
CWE-552
|
High
|
|
Python Improper Encoding or Escaping of Output Vulnerability (CVE-2020-26116)
|
CVE-2020-26116
CWE-116
|
CWE-116
|
High
|
|
Python Improper Input Validation Vulnerability (CVE-2013-7338)
|
CVE-2013-7338
CWE-20
|
CWE-20
|
High
|
|
Python Improper Input Validation Vulnerability (CVE-2023-24329)
|
CVE-2023-24329
CWE-20
|
CWE-20
|
High
|
|
Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-17522)
|
CVE-2017-17522
CWE-138
|
CWE-138
|
High
|
|
Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391)
|
CVE-2022-0391
CWE-138
|
CWE-138
|
High
|
|
Python Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-9287)
|
CVE-2024-9287
CWE-138
|
CWE-138
|
High
|
|
Python Improper Privilege Management Vulnerability (CVE-2020-29396)
|
CVE-2020-29396
CWE-269
|
CWE-269
|
High
|
|
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-1912)
|
CVE-2014-1912
CWE-119
|
CWE-119
|
High
|
|
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4472)
|
CVE-2016-4472
CWE-119
|
CWE-119
|
High
|
|
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-9233)
|
CVE-2017-9233
CWE-611
|
CWE-611
|
High
|
|
Python Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
|
CVE-2014-0224
CWE-326
|
CWE-326
|
High
|
|
Python Incorrect Conversion between Numeric Types Vulnerability (CVE-2008-1721)
|
CVE-2008-1721
CWE-681
|
CWE-681
|
High
|
|
Python Incorrect Type Conversion or Cast Vulnerability (CVE-2020-10735)
|
CVE-2020-10735
CWE-704
|
CWE-704
|
High
|
|
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-6232)
|
CVE-2024-6232
CWE-1333
|
CWE-1333
|
High
|
|
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-7592)
|
CVE-2024-7592
CWE-1333
|
CWE-1333
|
High
|
|
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-2315)
|
CVE-2008-2315
CWE-190
|
CWE-190
|
High
|
|
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-3143)
|
CVE-2008-3143
CWE-190
|
CWE-190
|
High
|
|
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-4864)
|
CVE-2008-4864
CWE-190
|
CWE-190
|
High
|
|
Python Integer Overflow or Wraparound Vulnerability (CVE-2010-1449)
|
CVE-2010-1449
CWE-190
|
CWE-190
|
High
|
|
Python Integer Overflow or Wraparound Vulnerability (CVE-2018-20406)
|
CVE-2018-20406
CWE-190
|
CWE-190
|
High
|
|
Python Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20907)
|
CVE-2019-20907
CWE-835
|
CWE-835
|
High
|
|
Python Missing Initialization of Resource Vulnerability (CVE-2018-14647)
|
CVE-2018-14647
CWE-909
|
CWE-909
|
High
|
|
Python NULL Pointer Dereference Vulnerability (CVE-2019-5010)
|
CVE-2019-5010
CWE-476
|
CWE-476
|
High
|
|
Python Numeric Errors Vulnerability (CVE-2008-2316)
|
CVE-2008-2316
|
|
High
|
|
Python Other Vulnerability (CVE-2005-0089)
|
CVE-2005-0089
|
|
High
|
|
Python Other Vulnerability (CVE-2006-4980)
|
CVE-2006-4980
|
|
High
|
|
Python Other Vulnerability (CVE-2015-5652)
|
CVE-2015-5652
|
|
High
|
|
Python Out-of-bounds Read Vulnerability (CVE-2019-15903)
|
CVE-2019-15903
CWE-125
|
CWE-125
|
High
|
|
Python Out-of-bounds Write Vulnerability (CVE-2018-25032)
|
CVE-2018-25032
CWE-787
|
CWE-787
|
High
|
|
Python Uncontrolled Recursion Vulnerability (CVE-2023-36632)
|
CVE-2023-36632
CWE-674
|
CWE-674
|
High
|
|
Python Uncontrolled Resource Consumption Vulnerability (CVE-2019-9674)
|
CVE-2019-9674
CWE-400
|
CWE-400
|
High
|
|
Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3737)
|
CVE-2021-3737
CWE-400
|
CWE-400
|
High
|
|
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-45061)
|
CVE-2022-45061
CWE-400
|
CWE-400
|
High
|
|
Python Uncontrolled Search Path Element Vulnerability (CVE-2017-20052)
|
CVE-2017-20052
CWE-427
|
CWE-427
|
High
|
|
Python Uncontrolled Search Path Element Vulnerability (CVE-2020-15523)
|
CVE-2020-15523
CWE-427
|
CWE-427
|
High
|
|
Python Untrusted Search Path Vulnerability (CVE-2022-26488)
|
CVE-2022-26488
CWE-426
|
CWE-426
|
High
|
|
Python Untrusted Search Path Vulnerability (CVE-2023-41105)
|
CVE-2023-41105
CWE-426
|
CWE-426
|
High
|
|
Python URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-28861)
|
CVE-2021-28861
CWE-601
|
CWE-601
|
High
|
|
Python Use After Free Vulnerability (CVE-2022-48560)
|
CVE-2022-48560
CWE-416
|
CWE-416
|
High
|
|
qdPM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-26180)
|
CVE-2022-26180
CWE-352
|
CWE-352
|
High
|
|
qdPM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-26165)
|
CVE-2020-26165
CWE-94
|
CWE-94
|
High
|
|
qdPM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-7246)
|
CVE-2020-7246
CWE-22
|
CWE-22
|
High
|
|
qdPM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-45855)
|
CVE-2023-45855
CWE-22
|
CWE-22
|
High
|
|
qdPM Sensitive Information Disclosure Vulnerability (CVE-2015-3881)
|
CVE-2015-3881
|
|
High
|
|
Question2Answer Improper Input Validation Vulnerability (CVE-2017-12775)
|
CVE-2017-12775
CWE-20
|
CWE-20
|
High
|
|
Resin Application Server Improper Input Validation Vulnerability (CVE-2012-2965)
|
CVE-2012-2965
CWE-20
|
CWE-20
|
High
|
|
Resin Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-44138)
|
CVE-2021-44138
CWE-22
|
CWE-22
|
High
|
|
Resin Application Server Other Vulnerability (CVE-2012-2966)
|
CVE-2012-2966
|
|
High
|
|
Resin Application Server Other Vulnerability (CVE-2012-2967)
|
CVE-2012-2967
|
|
High
|
|
Restlet Framework Deserialization of Untrusted Data Vulnerability (CVE-2013-4271)
|
CVE-2013-4271
CWE-502
|
CWE-502
|
High
|
|
Restlet Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-14868)
|
CVE-2017-14868
CWE-611
|
CWE-611
|
High
|
|
Restlet Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-14949)
|
CVE-2017-14949
CWE-611
|
CWE-611
|
High
|
|
Restlet Framework XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2013-4221)
|
CVE-2013-4221
CWE-91
|
CWE-91
|
High
|
|
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127)
|
CVE-2016-9127
CWE-352
|
CWE-352
|
High
|
|
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)
|
CVE-2016-9455
CWE-352
|
CWE-352
|
High
|
|
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9456)
|
CVE-2016-9456
CWE-352
|
CWE-352
|
High
|
|
ReviveAdserver Improper Access Control Vulnerability (CVE-2015-7367)
|
CVE-2015-7367
CWE-284
|
CWE-284
|
High
|
|
ReviveAdserver Improper Access Control Vulnerability (CVE-2015-7369)
|
CVE-2015-7369
CWE-284
|
CWE-284
|
High
|
|
ReviveAdserver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-7372)
|
CVE-2015-7372
CWE-22
|
CWE-22
|
High
|
|
ReviveAdserver Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-7149)
|
CVE-2013-7149
CWE-138
|
CWE-138
|
High
|
|
ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-22948)
|
CVE-2021-22948
CWE-327
|
CWE-327
|
High
|
|
ReviveAdserver Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2019-5440)
|
CVE-2019-5440
CWE-338
|
CWE-338
|
High
|
|
Riot.js Resource Management Errors Vulnerability (CVE-2016-10527)
|
CVE-2016-10527
|
|
High
|
|
Roundcube Cross-site Request Forgery (CSRF) Vulnerability (CVE-2016-4069)
|
CVE-2016-4069
|
|
High
|
|
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5383)
|
CVE-2015-5383
CWE-200
|
CWE-200
|
High
|
|
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19205)
|
CVE-2018-19205
CWE-200
|
CWE-200
|
High
|
|
Roundcube Files or Directories Accessible to External Parties Vulnerability (CVE-2017-16651)
|
CVE-2017-16651
CWE-552
|
CWE-552
|
High
|
|
Roundcube Improper Access Control Vulnerability (CVE-2016-9920)
|
CVE-2016-9920
CWE-284
|
CWE-284
|
High
|
|
Roundcube Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6172)
|
CVE-2013-6172
CWE-138
|
CWE-138
|
High
|
|
Roundcube Improper Privilege Management Vulnerability (CVE-2017-8114)
|
CVE-2017-8114
CWE-269
|
CWE-269
|
High
|
|
Roundcube Multiple Buffer Overflow Vulnerabilities (CVE-2015-2181)
|
CVE-2015-2181
|
|
High
|
|
Roundcube Resource Management Errors Vulnerability (CVE-2008-5620)
|
CVE-2008-5620
|
|
High
|
|
Roundcube Unspesificed Vulnerability (CVE-2018-9846)
|
CVE-2018-9846
|
|
High
|
|
Roundcube Unspesificed Vulnerability (CVE-2018-1000071)
|
CVE-2018-1000071
|
|
High
|
|
Roundcube Unspesificed Vulnerability (CVE-2019-15237)
|
CVE-2019-15237
|
|
High
|
|
Ruby CVE-2018-16396 Vulnerability (CVE-2018-16396)
|
CVE-2018-16396
|
|
High
|
|
Ruby CVE-2021-41819 Vulnerability (CVE-2021-41819)
|
CVE-2021-41819
|
|
High
|
|
RubyGems Deserialization of Untrusted Data Vulnerability (CVE-2018-1000074)
|
CVE-2018-1000074
CWE-502
|
CWE-502
|
High
|
|
RubyGems Improper Authentication Vulnerability (CVE-2022-36073)
|
CVE-2022-36073
CWE-287
|
CWE-287
|
High
|
|
RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8324)
|
CVE-2019-8324
CWE-94
|
CWE-94
|
High
|
|
RubyGems Improper Input Validation Vulnerability (CVE-2017-0900)
|
CVE-2017-0900
CWE-20
|
CWE-20
|
High
|
|
RubyGems Improper Input Validation Vulnerability (CVE-2017-0901)
|
CVE-2017-0901
CWE-20
|
CWE-20
|
High
|
|
RubyGems Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8320)
|
CVE-2019-8320
CWE-22
|
CWE-22
|
High
|
|
RubyGems Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-1000073)
|
CVE-2018-1000073
CWE-59
|
CWE-59
|
High
|
|
RubyGems Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2019-8321)
|
CVE-2019-8321
CWE-707
|
CWE-707
|
High
|
|
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8322)
|
CVE-2019-8322
CWE-138
|
CWE-138
|
High
|
|
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8323)
|
CVE-2019-8323
CWE-138
|
CWE-138
|
High
|
|
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8325)
|
CVE-2019-8325
CWE-138
|
CWE-138
|
High
|
|
RubyGems Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1000075)
|
CVE-2018-1000075
CWE-835
|
CWE-835
|
High
|
|
RubyGems Origin Validation Error Vulnerability (CVE-2017-0902)
|
CVE-2017-0902
CWE-346
|
CWE-346
|
High
|
|
Ruby Improper Authentication Vulnerability (CVE-2017-10784)
|
CVE-2017-10784
CWE-287
|
CWE-287
|
High
|
|
Ruby Improper Authentication Vulnerability (CVE-2019-16201)
|
CVE-2019-16201
CWE-287
|
CWE-287
|
High
|
|
Ruby Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16255)
|
CVE-2019-16255
CWE-94
|
CWE-94
|
High
|
|
Ruby Improper Input Validation Vulnerability (CVE-2008-3657)
|
CVE-2008-3657
CWE-20
|
CWE-20
|
High
|
|
Ruby Improper Input Validation Vulnerability (CVE-2009-5147)
|
CVE-2009-5147
CWE-20
|
CWE-20
|
High
|
|
Ruby Improper Input Validation Vulnerability (CVE-2011-4815)
|
CVE-2011-4815
CWE-20
|
CWE-20
|
High
|
|
Ruby Improper Input Validation Vulnerability (CVE-2015-7551)
|
CVE-2015-7551
CWE-20
|
CWE-20
|
High
|
|
Ruby Improper Input Validation Vulnerability (CVE-2017-6181)
|
CVE-2017-6181
CWE-20
|
CWE-20
|
High
|
|
Ruby Improper Input Validation Vulnerability (CVE-2018-8779)
|
CVE-2018-8779
CWE-20
|
CWE-20
|
High
|
|
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6914)
|
CVE-2018-6914
CWE-22
|
CWE-22
|
High
|
|
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28966)
|
CVE-2021-28966
CWE-22
|
CWE-22
|
High
|
|
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5247)
|
CVE-2020-5247
CWE-138
|
CWE-138
|
High
|
|
Ruby Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-17405)
|
CVE-2017-17405
CWE-138
|
CWE-138
|
High
|
|
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2489)
|
CVE-2010-2489
CWE-119
|
CWE-119
|
High
|
|
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14033)
|
CVE-2017-14033
CWE-119
|
CWE-119
|
High
|
|
Ruby Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-28965)
|
CVE-2021-28965
CWE-611
|
CWE-611
|
High
|
|
Ruby Inadequate Encryption Strength Vulnerability (CVE-2021-32066)
|
CVE-2021-32066
CWE-326
|
CWE-326
|
High
|
|
Ruby Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-25613)
|
CVE-2020-25613
CWE-444
|
CWE-444
|
High
|
|
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
|
CVE-2023-22795
CWE-1333
|
CWE-1333
|
High
|
|
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-28756)
|
CVE-2023-28756
CWE-1333
|
CWE-1333
|
High
|
|
Ruby Interpretation Conflict Vulnerability (CVE-2021-33621)
|
CVE-2021-33621
CWE-436
|
CWE-436
|
High
|
|
Ruby Numeric Errors Vulnerability (CVE-2008-2376)
|
CVE-2008-2376
|
|
High
|
|
Ruby Numeric Errors Vulnerability (CVE-2008-2725)
|
CVE-2008-2725
|
|
High
|
|
Ruby Numeric Errors Vulnerability (CVE-2008-2726)
|
CVE-2008-2726
|
|
High
|
|
Ruby on Rails Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-5419)
|
CVE-2019-5419
CWE-770
|
CWE-770
|
High
|
|
Ruby on Rails CVE-2006-4112 Vulnerability (CVE-2006-4112)
|
CVE-2006-4112
|
|
High
|
|
Ruby on Rails CVE-2019-5418 Vulnerability (CVE-2019-5418)
|
CVE-2019-5418
|
|
High
|
|
Ruby on Rails CVE-2021-22902 Vulnerability (CVE-2021-22902)
|
CVE-2021-22902
|
|
High
|
|
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2018-16476)
|
CVE-2018-16476
CWE-502
|
CWE-502
|
High
|
|
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8164)
|
CVE-2020-8164
CWE-502
|
CWE-502
|
High
|
|
Ruby on Rails Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-22885)
|
CVE-2021-22885
CWE-209
|
CWE-209
|
High
|
|
Ruby on Rails Improper Access Control Vulnerability (CVE-2016-6317)
|
CVE-2016-6317
CWE-284
|
CWE-284
|
High
|
|
Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4111)
|
CVE-2006-4111
CWE-94
|
CWE-94
|
High
|
|
Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-8163)
|
CVE-2020-8163
CWE-94
|
CWE-94
|
High
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-0156)
|
CVE-2013-0156
CWE-20
|
CWE-20
|
High
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-2098)
|
CVE-2016-2098
CWE-20
|
CWE-20
|
High
|
|
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-0752)
|
CVE-2016-0752
CWE-22
|
CWE-22
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4094)
|
CVE-2008-4094
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-0448)
|
CVE-2011-0448
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2930)
|
CVE-2011-2930
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2695)
|
CVE-2012-2695
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6496)
|
CVE-2012-6496
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3482)
|
CVE-2014-3482
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3483)
|
CVE-2014-3483
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17916)
|
CVE-2017-17916
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17917)
|
CVE-2017-17917
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17919)
|
CVE-2017-17919
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17920)
|
CVE-2017-17920
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
|
CVE-2023-22792
CWE-1333
|
CWE-1333
|
High
|
|
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
|
CVE-2023-22795
CWE-1333
|
CWE-1333
|
High
|
|
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2024-26142)
|
CVE-2024-26142
CWE-1333
|
CWE-1333
|
High
|
|
Ruby on Rails Other Vulnerability (CVE-2013-0333)
|
CVE-2013-0333
|
|
High
|
|
Ruby on Rails Other Vulnerability (CVE-2021-22904)
|
CVE-2021-22904
|
|
High
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-0449)
|
CVE-2011-0449
CWE-264
|
CWE-264
|
High
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)
|
CVE-2014-3514
CWE-264
|
CWE-264
|
High
|
|
Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)
|
CVE-2015-7581
|
|
High
|
|
Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)
|
CVE-2016-0751
|
|
High
|
|
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)
|
CVE-2021-22880
CWE-400
|
CWE-400
|
High
|
|
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)
|
CVE-2020-8162
CWE-434
|
CWE-434
|
High
|
|
Ruby Other Vulnerability (CVE-2021-41817)
|
CVE-2021-41817
|
|
High
|
|
Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)
|
CVE-2022-28739
CWE-125
|
CWE-125
|
High
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)
|
CVE-2008-3655
CWE-264
|
CWE-264
|
High
|
|
Ruby Resource Management Errors Vulnerability (CVE-2008-2664)
|
CVE-2008-2664
|
|
High
|
|
Ruby Resource Management Errors Vulnerability (CVE-2008-3656)
|
CVE-2008-3656
|
|
High
|
|
Ruby Resource Management Errors Vulnerability (CVE-2008-4310)
|
CVE-2008-4310
|
|
High
|
|
Ruby Resource Management Errors Vulnerability (CVE-2014-6438)
|
CVE-2014-6438
|
|
High
|
|
Ruby Uncontrolled Resource Consumption Vulnerability (CVE-2018-8777)
|
CVE-2018-8777
CWE-400
|
CWE-400
|
High
|
|
Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2018-8778)
|
CVE-2018-8778
CWE-134
|
CWE-134
|
High
|
|
Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11818)
|
CVE-2020-11818
CWE-352
|
CWE-352
|
High
|
|
Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-30224)
|
CVE-2021-30224
CWE-352
|
CWE-352
|
High
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45020)
|
CVE-2022-45020
CWE-707
|
CWE-707
|
High
|
|
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13587)
|
CVE-2020-13587
CWE-138
|
CWE-138
|
High
|
|
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13588)
|
CVE-2020-13588
CWE-138
|
CWE-138
|
High
|
|
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13589)
|
CVE-2020-13589
CWE-138
|
CWE-138
|
High
|
|
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13590)
|
CVE-2020-13590
CWE-138
|
CWE-138
|
High
|
|
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13591)
|
CVE-2020-13591
CWE-138
|
CWE-138
|
High
|
|
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13592)
|
CVE-2020-13592
CWE-138
|
CWE-138
|
High
|
|
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43288)
|
CVE-2022-43288
CWE-138
|
CWE-138
|
High
|
|
Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-20166)
|
CVE-2018-20166
CWE-434
|
CWE-434
|
High
|
|
Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10839)
|
CVE-2017-10839
CWE-138
|
CWE-138
|
High
|
|
Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-28419)
|
CVE-2021-28419
CWE-138
|
CWE-138
|
High
|
|
Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-34117)
|
CVE-2021-34117
CWE-138
|
CWE-138
|
High
|
|
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5475)
|
CVE-2017-5475
CWE-352
|
CWE-352
|
High
|
|
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5476)
|
CVE-2017-5476
CWE-352
|
CWE-352
|
High
|
|
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8101)
|
CVE-2017-8101
CWE-352
|
CWE-352
|
High
|
|
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2332)
|
CVE-2012-2332
CWE-138
|
CWE-138
|
High
|
|
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2762)
|
CVE-2012-2762
CWE-138
|
CWE-138
|
High
|
|
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5609)
|
CVE-2017-5609
CWE-138
|
CWE-138
|
High
|
|
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000129)
|
CVE-2017-1000129
CWE-138
|
CWE-138
|
High
|
|
Serendipity Other Vulnerability (CVE-2005-1134)
|
CVE-2005-1134
|
|
High
|
|
Serendipity Other Vulnerability (CVE-2005-1450)
|
CVE-2005-1450
|
|
High
|
|
Serendipity Other Vulnerability (CVE-2005-1451)
|
CVE-2005-1451
|
|
High
|
|
Serendipity Other Vulnerability (CVE-2006-2495)
|
CVE-2006-2495
|
|
High
|
|
Serendipity Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1916)
|
CVE-2010-1916
CWE-264
|
CWE-264
|
High
|
|
Serendipity Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9752)
|
CVE-2016-9752
CWE-918
|
CWE-918
|
High
|
|
SharePoint Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1261)
|
CVE-2019-1261
CWE-352
|
CWE-352
|
High
|
|
SharePoint CVE-2017-0281 Vulnerability (CVE-2017-0281)
|
CVE-2017-0281
|
|
High
|
|
SharePoint CVE-2017-8509 Vulnerability (CVE-2017-8509)
|
CVE-2017-8509
|
|
High
|
|
SharePoint CVE-2017-8511 Vulnerability (CVE-2017-8511)
|
CVE-2017-8511
|
|
High
|
|
SharePoint CVE-2018-8161 Vulnerability (CVE-2018-8161)
|
CVE-2018-8161
|
|
High
|
|
SharePoint CVE-2018-8628 Vulnerability (CVE-2018-8628)
|
CVE-2018-8628
|
|
High
|
|
SharePoint CVE-2019-0585 Vulnerability (CVE-2019-0585)
|
CVE-2019-0585
|
|
High
|
|
SharePoint CVE-2019-1034 Vulnerability (CVE-2019-1034)
|
CVE-2019-1034
|
|
High
|
|
SharePoint CVE-2019-1035 Vulnerability (CVE-2019-1035)
|
CVE-2019-1035
|
|
High
|
|
SharePoint CVE-2019-1201 Vulnerability (CVE-2019-1201)
|
CVE-2019-1201
|
|
High
|
|
SharePoint CVE-2019-1205 Vulnerability (CVE-2019-1205)
|
CVE-2019-1205
|
|
High
|
|
SharePoint CVE-2020-0850 Vulnerability (CVE-2020-0850)
|
CVE-2020-0850
|
|
High
|
|
SharePoint CVE-2020-0852 Vulnerability (CVE-2020-0852)
|
CVE-2020-0852
|
|
High
|
|
SharePoint CVE-2020-0892 Vulnerability (CVE-2020-0892)
|
CVE-2020-0892
|
|
High
|
|
SharePoint CVE-2020-0980 Vulnerability (CVE-2020-0980)
|
CVE-2020-0980
|
|
High
|
|
SharePoint CVE-2020-1178 Vulnerability (CVE-2020-1178)
|
CVE-2020-1178
|
|
High
|
|
SharePoint CVE-2020-1181 Vulnerability (CVE-2020-1181)
|
CVE-2020-1181
|
|
High
|
|
SharePoint CVE-2020-1218 Vulnerability (CVE-2020-1218)
|
CVE-2020-1218
|
|
High
|
|
SharePoint CVE-2020-1295 Vulnerability (CVE-2020-1295)
|
CVE-2020-1295
|
|
High
|
|
SharePoint CVE-2020-1335 Vulnerability (CVE-2020-1335)
|
CVE-2020-1335
|
|
High
|
|
SharePoint CVE-2020-1338 Vulnerability (CVE-2020-1338)
|
CVE-2020-1338
|
|
High
|
|
SharePoint CVE-2020-1446 Vulnerability (CVE-2020-1446)
|
CVE-2020-1446
|
|
High
|
|
SharePoint CVE-2020-1447 Vulnerability (CVE-2020-1447)
|
CVE-2020-1447
|
|
High
|
|
SharePoint CVE-2020-1448 Vulnerability (CVE-2020-1448)
|
CVE-2020-1448
|
|
High
|
|
SharePoint CVE-2020-1460 Vulnerability (CVE-2020-1460)
|
CVE-2020-1460
|
|
High
|
|
SharePoint CVE-2020-17016 Vulnerability (CVE-2020-17016)
|
CVE-2020-17016
|
|
High
|
|
SharePoint CVE-2020-17089 Vulnerability (CVE-2020-17089)
|
CVE-2020-17089
|
|
High
|
|
SharePoint CVE-2021-26418 Vulnerability (CVE-2021-26418)
|
CVE-2021-26418
|
|
High
|
|
SharePoint CVE-2021-26420 Vulnerability (CVE-2021-26420)
|
CVE-2021-26420
|
|
High
|
|
SharePoint CVE-2021-28478 Vulnerability (CVE-2021-28478)
|
CVE-2021-28478
|
|
High
|
|
SharePoint CVE-2021-31948 Vulnerability (CVE-2021-31948)
|
CVE-2021-31948
|
|
High
|
|
SharePoint CVE-2021-31963 Vulnerability (CVE-2021-31963)
|
CVE-2021-31963
|
|
High
|
|
SharePoint CVE-2021-31964 Vulnerability (CVE-2021-31964)
|
CVE-2021-31964
|
|
High
|
|
SharePoint CVE-2021-34467 Vulnerability (CVE-2021-34467)
|
CVE-2021-34467
|
|
High
|
|
SharePoint CVE-2021-34468 Vulnerability (CVE-2021-34468)
|
CVE-2021-34468
|
|
High
|
|
SharePoint CVE-2021-40482 Vulnerability (CVE-2021-40482)
|
CVE-2021-40482
|
|
High
|
|
SharePoint CVE-2021-40487 Vulnerability (CVE-2021-40487)
|
CVE-2021-40487
|
|
High
|
|
SharePoint CVE-2021-41344 Vulnerability (CVE-2021-41344)
|
CVE-2021-41344
|
|
High
|
|
SharePoint CVE-2022-21837 Vulnerability (CVE-2022-21837)
|
CVE-2022-21837
|
|
High
|
|
SharePoint CVE-2022-35823 Vulnerability (CVE-2022-35823)
|
CVE-2022-35823
|
|
High
|
|
SharePoint CVE-2022-37961 Vulnerability (CVE-2022-37961)
|
CVE-2022-37961
|
|
High
|
|
SharePoint CVE-2022-38008 Vulnerability (CVE-2022-38008)
|
CVE-2022-38008
|
|
High
|
|
SharePoint CVE-2022-38009 Vulnerability (CVE-2022-38009)
|
CVE-2022-38009
|
|
High
|
|
SharePoint CVE-2022-38053 Vulnerability (CVE-2022-38053)
|
CVE-2022-38053
|
|
High
|
|
SharePoint CVE-2022-41036 Vulnerability (CVE-2022-41036)
|
CVE-2022-41036
|
|
High
|
|
SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)
|
CVE-2022-41037
|
|
High
|
|
SharePoint CVE-2022-41038 Vulnerability (CVE-2022-41038)
|
CVE-2022-41038
|
|
High
|
|
SharePoint CVE-2022-41061 Vulnerability (CVE-2022-41061)
|
CVE-2022-41061
|
|
High
|
|
SharePoint CVE-2022-41062 Vulnerability (CVE-2022-41062)
|
CVE-2022-41062
|
|
High
|
|
SharePoint CVE-2022-44690 Vulnerability (CVE-2022-44690)
|
CVE-2022-44690
|
|
High
|
|
SharePoint CVE-2022-44693 Vulnerability (CVE-2022-44693)
|
CVE-2022-44693
|
|
High
|
|
SharePoint CVE-2023-21717 Vulnerability (CVE-2023-21717)
|
CVE-2023-21717
|
|
High
|
|
SharePoint CVE-2023-21742 Vulnerability (CVE-2023-21742)
|
CVE-2023-21742
|
|
High
|
|
SharePoint CVE-2023-21744 Vulnerability (CVE-2023-21744)
|
CVE-2023-21744
|
|
High
|
|
SharePoint CVE-2023-28288 Vulnerability (CVE-2023-28288)
|
CVE-2023-28288
|
|
High
|
|
SharePoint CVE-2023-33130 Vulnerability (CVE-2023-33130)
|
CVE-2023-33130
|
|
High
|
|
SharePoint CVE-2023-33134 Vulnerability (CVE-2023-33134)
|
CVE-2023-33134
|
|
High
|
|
SharePoint CVE-2023-33157 Vulnerability (CVE-2023-33157)
|
CVE-2023-33157
|
|
High
|
|
SharePoint CVE-2023-33159 Vulnerability (CVE-2023-33159)
|
CVE-2023-33159
|
|
High
|
|
SharePoint CVE-2023-33160 Vulnerability (CVE-2023-33160)
|
CVE-2023-33160
|
|
High
|
|
SharePoint CVE-2023-33165 Vulnerability (CVE-2023-33165)
|
CVE-2023-33165
|
|
High
|
|
SharePoint CVE-2023-36762 Vulnerability (CVE-2023-36762)
|
CVE-2023-36762
|
|
High
|
|
SharePoint CVE-2023-36764 Vulnerability (CVE-2023-36764)
|
CVE-2023-36764
|
|
High
|
|
SharePoint CVE-2023-36891 Vulnerability (CVE-2023-36891)
|
CVE-2023-36891
|
|
High
|
|
SharePoint CVE-2023-36892 Vulnerability (CVE-2023-36892)
|
CVE-2023-36892
|
|
High
|
|
SharePoint CVE-2024-21318 Vulnerability (CVE-2024-21318)
|
CVE-2024-21318
|
|
High
|
|
SharePoint CVE-2024-21426 Vulnerability (CVE-2024-21426)
|
CVE-2024-21426
|
|
High
|
|
SharePoint CVE-2024-30043 Vulnerability (CVE-2024-30043)
|
CVE-2024-30043
|
|
High
|
|
SharePoint CVE-2024-30100 Vulnerability (CVE-2024-30100)
|
CVE-2024-30100
|
|
High
|
|
SharePoint CVE-2024-32987 Vulnerability (CVE-2024-32987)
|
CVE-2024-32987
|
|
High
|
|
SharePoint CVE-2024-38018 Vulnerability (CVE-2024-38018)
|
CVE-2024-38018
|
|
High
|
|
SharePoint CVE-2024-38227 Vulnerability (CVE-2024-38227)
|
CVE-2024-38227
|
|
High
|
|
SharePoint CVE-2024-38228 Vulnerability (CVE-2024-38228)
|
CVE-2024-38228
|
|
High
|
|
SharePoint CVE-2024-43464 Vulnerability (CVE-2024-43464)
|
CVE-2024-43464
|
|
High
|
|
SharePoint CVE-2024-43466 Vulnerability (CVE-2024-43466)
|
CVE-2024-43466
|
|
High
|
|
SharePoint CVE-2024-43503 Vulnerability (CVE-2024-43503)
|
CVE-2024-43503
|
|
High
|
|
SharePoint CVE-2024-49068 Vulnerability (CVE-2024-49068)
|
CVE-2024-49068
|
|
High
|
|
SharePoint CVE-2024-49070 Vulnerability (CVE-2024-49070)
|
CVE-2024-49070
|
|
High
|
|
SharePoint CVE-2025-21344 Vulnerability (CVE-2025-21344)
|
CVE-2025-21344
|
|
High
|
|
SharePoint CVE-2025-21348 Vulnerability (CVE-2025-21348)
|
CVE-2025-21348
|
|
High
|
|
SharePoint CVE-2025-21400 Vulnerability (CVE-2025-21400)
|
CVE-2025-21400
|
|
High
|
|
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2020-1439)
|
CVE-2020-1439
CWE-502
|
CWE-502
|
High
|
|
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2021-34520)
|
CVE-2021-34520
CWE-502
|
CWE-502
|
High
|
|
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-30044)
|
CVE-2024-30044
CWE-502
|
CWE-502
|
High
|
|
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38023)
|
CVE-2024-38023
CWE-502
|
CWE-502
|
High
|
|
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38024)
|
CVE-2024-38024
CWE-502
|
CWE-502
|
High
|
|
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38094)
|
CVE-2024-38094
CWE-502
|
CWE-502
|
High
|
|
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1200)
|
CVE-2020-1200
CWE-494
|
CWE-494
|
High
|
|
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1210)
|
CVE-2020-1210
CWE-494
|
CWE-494
|
High
|
|
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1452)
|
CVE-2020-1452
CWE-494
|
CWE-494
|
High
|
|
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1453)
|
CVE-2020-1453
CWE-494
|
CWE-494
|
High
|
|
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1576)
|
CVE-2020-1576
CWE-494
|
CWE-494
|
High
|
|
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1595)
|
CVE-2020-1595
CWE-494
|
CWE-494
|
High
|
|
SharePoint Improper Certificate Validation Vulnerability (CVE-2019-1006)
|
CVE-2019-1006
CWE-295
|
CWE-295
|
High
|
|
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-24955)
|
CVE-2023-24955
CWE-94
|
CWE-94
|
High
|
|
SharePoint Improper Input Validation Vulnerability (CVE-2019-0594)
|
CVE-2019-0594
CWE-20
|
CWE-20
|
High
|
|
SharePoint Improper Input Validation Vulnerability (CVE-2019-0957)
|
CVE-2019-0957
CWE-20
|
CWE-20
|
High
|
|
SharePoint Improper Input Validation Vulnerability (CVE-2019-1257)
|
CVE-2019-1257
CWE-20
|
CWE-20
|
High
|
|
SharePoint Improper Input Validation Vulnerability (CVE-2019-1295)
|
CVE-2019-1295
CWE-20
|
CWE-20
|
High
|
|
SharePoint Improper Input Validation Vulnerability (CVE-2019-1296)
|
CVE-2019-1296
CWE-20
|
CWE-20
|
High
|
|
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8569)
|
CVE-2017-8569
CWE-707
|
CWE-707
|
High
|
|
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0958)
|
CVE-2019-0958
CWE-707
|
CWE-707
|
High
|
|
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3282)
|
CVE-2016-3282
CWE-119
|
CWE-119
|
High
|
|
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-0254)
|
CVE-2017-0254
CWE-119
|
CWE-119
|
High
|
|
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8501)
|
CVE-2017-8501
CWE-119
|
CWE-119
|
High
|
|
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8742)
|
CVE-2017-8742
CWE-119
|
CWE-119
|
High
|
|
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8743)
|
CVE-2017-8743
CWE-119
|
CWE-119
|
High
|
|
SharePoint NULL Pointer Dereference Vulnerability (CVE-2020-1069)
|
CVE-2020-1069
CWE-476
|
CWE-476
|
High
|
|
SharePoint Origin Validation Error Vulnerability (CVE-2020-16951)
|
CVE-2020-16951
CWE-346
|
CWE-346
|
High
|
|
SharePoint Origin Validation Error Vulnerability (CVE-2020-16952)
|
CVE-2020-16952
CWE-346
|
CWE-346
|
High
|
|
SharePoint Other Vulnerability (CVE-2020-1147)
|
CVE-2020-1147
|
|
High
|
|
SharePoint Out-of-bounds Write Vulnerability (CVE-2012-2539)
|
CVE-2012-2539
CWE-787
|
CWE-787
|
High
|
|
SharePoint Out-of-bounds Write Vulnerability (CVE-2014-1761)
|
CVE-2014-1761
CWE-787
|
CWE-787
|
High
|
|
SharePoint Out-of-bounds Write Vulnerability (CVE-2018-0792)
|
CVE-2018-0792
CWE-787
|
CWE-787
|
High
|
|
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-31950)
|
CVE-2021-31950
CWE-918
|
CWE-918
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0920)
|
CVE-2020-0920
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0929)
|
CVE-2020-0929
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0931)
|
CVE-2020-0931
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0932)
|
CVE-2020-0932
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0971)
|
CVE-2020-0971
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0974)
|
CVE-2020-0974
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1023)
|
CVE-2020-1023
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1024)
|
CVE-2020-1024
CWE-434
|
CWE-434
|
High
|
|
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1102)
|
CVE-2020-1102
CWE-434
|
CWE-434
|
High
|
|
Skipper Incorrect Authorization Vulnerability (CVE-2022-34296)
|
CVE-2022-34296
CWE-863
|
CWE-863
|
High
|
|
Sqlite Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-3717)
|
CVE-2015-3717
CWE-120
|
CWE-120
|
High
|
|
Sqlite CVE-2019-19244 Vulnerability (CVE-2019-19244)
|
CVE-2019-19244
|
|
High
|
|
Sqlite CVE-2019-19603 Vulnerability (CVE-2019-19603)
|
CVE-2019-19603
|
|
High
|
|
Sqlite CVE-2021-36690 Vulnerability (CVE-2021-36690)
|
CVE-2021-36690
|
|
High
|
|
Sqlite Improper Initialization Vulnerability (CVE-2020-11655)
|
CVE-2020-11655
CWE-665
|
CWE-665
|
High
|
|
Sqlite Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-6592)
|
CVE-2008-6592
CWE-22
|
CWE-22
|
High
|
|
Sqlite Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6593)
|
CVE-2008-6593
CWE-138
|
CWE-138
|
High
|
|
Sqlite Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20505)
|
CVE-2018-20505
CWE-138
|
CWE-138
|
High
|
|
Sqlite Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415)
|
CVE-2015-3415
CWE-404
|
CWE-404
|
High
|
|
Sqlite Improper Validation of Array Index Vulnerability (CVE-2022-35737)
|
CVE-2022-35737
CWE-129
|
CWE-129
|
High
|
|
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
|
CVE-2015-3416
CWE-190
|
CWE-190
|
High
|
|
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2018-20346)
|
CVE-2018-20346
CWE-190
|
CWE-190
|
High
|
|
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2018-20506)
|
CVE-2018-20506
CWE-190
|
CWE-190
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2017-15286)
|
CVE-2017-15286
CWE-476
|
CWE-476
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2018-8740)
|
CVE-2018-8740
CWE-476
|
CWE-476
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-9937)
|
CVE-2019-9937
CWE-476
|
CWE-476
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)
|
CVE-2019-19880
CWE-476
|
CWE-476
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19923)
|
CVE-2019-19923
CWE-476
|
CWE-476
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19926)
|
CVE-2019-19926
CWE-476
|
CWE-476
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-9327)
|
CVE-2020-9327
CWE-476
|
CWE-476
|
High
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-35525)
|
CVE-2020-35525
CWE-476
|
CWE-476
|
High
|
|
Sqlite Other Vulnerability (CVE-2019-19959)
|
CVE-2019-19959
|
|
High
|
|
Sqlite Other Vulnerability (CVE-2019-20218)
|
CVE-2019-20218
|
|
High
|
|
Sqlite Out-of-bounds Read Vulnerability (CVE-2019-9936)
|
CVE-2019-9936
CWE-125
|
CWE-125
|
High
|
|
Sqlite Out-of-bounds Read Vulnerability (CVE-2021-31239)
|
CVE-2021-31239
CWE-125
|
CWE-125
|
High
|
|
Sqlite Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19925)
|
CVE-2019-19925
CWE-434
|
CWE-434
|
High
|
|
Sqlite Use After Free Vulnerability (CVE-2019-5018)
|
CVE-2019-5018
CWE-416
|
CWE-416
|
High
|
|
Sqlite Use After Free Vulnerability (CVE-2020-13630)
|
CVE-2020-13630
CWE-416
|
CWE-416
|
High
|
|
Sqlite Use After Free Vulnerability (CVE-2020-13871)
|
CVE-2020-13871
CWE-416
|
CWE-416
|
High
|
|
Sqlite Use of Uninitialized Resource Vulnerability (CVE-2015-3414)
|
CVE-2015-3414
CWE-908
|
CWE-908
|
High
|
|
Squid Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2023-46847)
|
CVE-2023-46847
CWE-120
|
CWE-120
|
High
|
|
Squid CVE-2018-1000024 Vulnerability (CVE-2018-1000024)
|
CVE-2018-1000024
|
|
High
|
|
Squid CVE-2024-45802 Vulnerability (CVE-2024-45802)
|
CVE-2024-45802
|
|
High
|
|
Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-8449)
|
CVE-2020-8449
CWE-668
|
CWE-668
|
High
|
|
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10002)
|
CVE-2016-10002
CWE-200
|
CWE-200
|
High
|
|
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10003)
|
CVE-2016-10003
CWE-200
|
CWE-200
|
High
|
|
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12528)
|
CVE-2019-12528
CWE-200
|
CWE-200
|
High
|
|
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)
|
CVE-2019-18679
CWE-200
|
CWE-200
|
High
|
|
Squid Improper Certificate Validation Vulnerability (CVE-2021-41611)
|
CVE-2021-41611
CWE-295
|
CWE-295
|
High
|
|
Squid Improper Certificate Validation Vulnerability (CVE-2023-46724)
|
CVE-2023-46724
CWE-295
|
CWE-295
|
High
|
|
Squid Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-5824)
|
CVE-2023-5824
CWE-755
|
CWE-755
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2013-1839)
|
CVE-2013-1839
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2016-2569)
|
CVE-2016-2569
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2016-2570)
|
CVE-2016-2570
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2016-2571)
|
CVE-2016-2571
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2016-2572)
|
CVE-2016-2572
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2016-4555)
|
CVE-2016-4555
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2019-12520)
|
CVE-2019-12520
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2020-8517)
|
CVE-2020-8517
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2020-24606)
|
CVE-2020-24606
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Input Validation Vulnerability (CVE-2020-25097)
|
CVE-2020-25097
CWE-20
|
CWE-20
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2005-0211)
|
CVE-2005-0211
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4115)
|
CVE-2013-4115
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3947)
|
CVE-2016-3947
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3948)
|
CVE-2016-3948
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4051)
|
CVE-2016-4051
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4052)
|
CVE-2016-4052
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4054)
|
CVE-2016-4054
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-12854)
|
CVE-2019-12854
CWE-119
|
CWE-119
|
High
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-8450)
|
CVE-2020-8450
CWE-119
|
CWE-119
|
High
|
|
Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-15049)
|
CVE-2020-15049
CWE-444
|
CWE-444
|
High
|
|
Squid Incorrect Conversion between Numeric Types Vulnerability (CVE-2023-46848)
|
CVE-2023-46848
CWE-681
|
CWE-681
|
High
|
|
Squid Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-4553)
|
CVE-2016-4553
CWE-345
|
CWE-345
|
High
|
|
Squid Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-4554)
|
CVE-2016-4554
CWE-345
|
CWE-345
|
High
|
|
Squid NULL Pointer Dereference Vulnerability (CVE-2018-1000027)
|
CVE-2018-1000027
CWE-476
|
CWE-476
|
High
|
|
Squid NULL Pointer Dereference Vulnerability (CVE-2020-14058)
|
CVE-2020-14058
CWE-476
|
CWE-476
|
High
|
|
Squid NULL Pointer Dereference Vulnerability (CVE-2023-46728)
|
CVE-2023-46728
CWE-476
|
CWE-476
|
High
|
|
Squid Other Vulnerability (CVE-2016-4556)
|
CVE-2016-4556
|
|
High
|
|
Squid Other Vulnerability (CVE-2024-25617)
|
CVE-2024-25617
|
|
High
|
|
Squid Out-of-bounds Read Vulnerability (CVE-2022-41318)
|
CVE-2022-41318
CWE-125
|
CWE-125
|
High
|
|
Squid Out-of-bounds Read Vulnerability (CVE-2023-49285)
|
CVE-2023-49285
CWE-125
|
CWE-125
|
High
|
|
Squid Out-of-bounds Write Vulnerability (CVE-2019-12527)
|
CVE-2019-12527
CWE-787
|
CWE-787
|
High
|
|
Squid Out-of-bounds Write Vulnerability (CVE-2019-18676)
|
CVE-2019-18676
CWE-787
|
CWE-787
|
High
|
|
Squid Reachable Assertion Vulnerability (CVE-2023-49286)
|
CVE-2023-49286
CWE-617
|
CWE-617
|
High
|
|
Squid Uncontrolled Recursion Vulnerability (CVE-2023-50269)
|
CVE-2023-50269
CWE-674
|
CWE-674
|
High
|
|
Squid Uncontrolled Recursion Vulnerability (CVE-2024-25111)
|
CVE-2024-25111
CWE-674
|
CWE-674
|
High
|
|
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-28651)
|
CVE-2021-28651
CWE-400
|
CWE-400
|
High
|
|
Squid Use After Free Vulnerability (CVE-2023-49288)
|
CVE-2023-49288
CWE-416
|
CWE-416
|
High
|
|
SugarCRM CVE-2023-35809 Vulnerability (CVE-2023-35809)
|
CVE-2023-35809
|
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17299)
|
CVE-2019-17299
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17300)
|
CVE-2019-17300
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17301)
|
CVE-2019-17301
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17302)
|
CVE-2019-17302
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17303)
|
CVE-2019-17303
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17304)
|
CVE-2019-17304
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305)
|
CVE-2019-17305
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17306)
|
CVE-2019-17306
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17307)
|
CVE-2019-17307
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17308)
|
CVE-2019-17308
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17309)
|
CVE-2019-17309
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310)
|
CVE-2019-17310
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816)
|
CVE-2023-46816
CWE-94
|
CWE-94
|
High
|
|
SugarCRM Improper Input Validation Vulnerability (CVE-2017-14509)
|
CVE-2017-14509
CWE-20
|
CWE-20
|
High
|
|
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17311)
|
CVE-2019-17311
CWE-22
|
CWE-22
|
High
|
|
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17312)
|
CVE-2019-17312
CWE-22
|
CWE-22
|
High
|
|
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17313)
|
CVE-2019-17313
CWE-22
|
CWE-22
|
High
|
|
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17314)
|
CVE-2019-17314
CWE-22
|
CWE-22
|
High
|
|
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315)
|
CVE-2019-17315
CWE-915
|
CWE-915
|
High
|
|
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17316)
|
CVE-2019-17316
CWE-915
|
CWE-915
|
High
|
|
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17317)
|
CVE-2019-17317
CWE-915
|
CWE-915
|
High
|
|
SugarCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-35810)
|
CVE-2023-35810
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2978)
|
CVE-2009-2978
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4833)
|
CVE-2011-4833
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14508)
|
CVE-2017-14508
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17292)
|
CVE-2019-17292
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17293)
|
CVE-2019-17293
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17294)
|
CVE-2019-17294
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17295)
|
CVE-2019-17295
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17296)
|
CVE-2019-17296
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17297)
|
CVE-2019-17297
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17298)
|
CVE-2019-17298
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17318)
|
CVE-2019-17318
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17319)
|
CVE-2019-17319
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-35811)
|
CVE-2023-35811
CWE-138
|
CWE-138
|
High
|
|
SugarCRM Incomplete List of Disallowed Inputs Vulnerability (CVE-2015-5946)
|
CVE-2015-5946
CWE-184
|
CWE-184
|
High
|
|
SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-35808)
|
CVE-2023-35808
CWE-434
|
CWE-434
|
High
|
|
SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-46815)
|
CVE-2023-46815
CWE-434
|
CWE-434
|
High
|
|
Swagger UI DOM XSS vulnerability
|
CWE-80
|
CWE-80
|
High
|
|
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20114)
|
CVE-2021-20114
CWE-200
|
CWE-200
|
High
|
|
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5745)
|
CVE-2020-5745
CWE-707
|
CWE-707
|
High
|
|
Telerik Web UI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2217)
|
CVE-2014-2217
CWE-22
|
CWE-22
|
High
|
|
Three.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-28496)
|
CVE-2020-28496
CWE-400
|
CWE-400
|
High
|
|
Tornado Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-28476)
|
CVE-2020-28476
CWE-444
|
CWE-444
|
High
|
|
Trac CVE-2009-4405 Vulnerability (CVE-2009-4405)
|
CVE-2009-4405
|
|
High
|
|
Trac Incorrect Default Permissions Vulnerability (CVE-2010-5108)
|
CVE-2010-5108
CWE-276
|
CWE-276
|
High
|
|
Twisted Web HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716)
|
CVE-2022-21716
CWE-120
|
CWE-120
|
High
|
|
Twisted Web HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21712)
|
CVE-2022-21712
CWE-200
|
CWE-200
|
High
|
|
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143)
|
CVE-2014-7143
CWE-295
|
CWE-295
|
High
|
|
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2019-12855)
|
CVE-2019-12855
CWE-295
|
CWE-295
|
High
|
|
Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-24801)
|
CVE-2022-24801
CWE-444
|
CWE-444
|
High
|
|
TYPO3 7PK - Security Features Vulnerability (CVE-2016-5091)
|
CVE-2016-5091
|
|
High
|
|
TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104)
|
CVE-2022-36104
CWE-770
|
CWE-770
|
High
|
|
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-26228)
|
CVE-2020-26228
CWE-312
|
CWE-312
|
High
|
|
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-21339)
|
CVE-2021-21339
CWE-312
|
CWE-312
|
High
|
|
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069)
|
CVE-2020-11069
CWE-352
|
CWE-352
|
High
|
|
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-41113)
|
CVE-2021-41113
CWE-352
|
CWE-352
|
High
|
|
TYPO3 CVE-2024-25121 Vulnerability (CVE-2024-25121)
|
CVE-2024-25121
|
|
High
|
|
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
|
CVE-2019-19849
CWE-502
|
CWE-502
|
High
|
|
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-11067)
|
CVE-2020-11067
CWE-502
|
CWE-502
|
High
|
|
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098)
|
CVE-2020-15098
CWE-502
|
CWE-502
|
High
|
|
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4875)
|
CVE-2005-4875
CWE-200
|
CWE-200
|
High
|
|
TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355)
|
CVE-2021-21355
CWE-552
|
CWE-552
|
High
|
|
TYPO3 Improper Authentication Vulnerability (CVE-2009-0256)
|
CVE-2009-0256
CWE-287
|
CWE-287
|
High
|
|
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
|
CVE-2009-3631
CWE-94
|
CWE-94
|
High
|
|
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-23503)
|
CVE-2022-23503
CWE-94
|
CWE-94
|
High
|
|
TYPO3 Improper Input Validation Vulnerability (CVE-2014-9509)
|
CVE-2014-9509
CWE-20
|
CWE-20
|
High
|
|
TYPO3 Improper Input Validation Vulnerability (CVE-2019-11832)
|
CVE-2019-11832
CWE-20
|
CWE-20
|
High
|
|
TYPO3 Improper Input Validation Vulnerability (CVE-2020-15099)
|
CVE-2020-15099
CWE-20
|
CWE-20
|
High
|
|
TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19848)
|
CVE-2019-19848
CWE-22
|
CWE-22
|
High
|
|
TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668)
|
CVE-2010-3668
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855)
|
CVE-2009-4855
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662)
|
CVE-2010-3662
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)
|
CVE-2013-1842
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)
|
CVE-2019-19850
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050)
|
CVE-2022-31050
CWE-613
|
CWE-613
|
High
|
|
TYPO3 Other Vulnerability (CVE-2006-6690)
|
CVE-2006-6690
|
|
High
|
|
TYPO3 Other Vulnerability (CVE-2007-1081)
|
CVE-2007-1081
|
|
High
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714)
|
CVE-2010-3714
CWE-264
|
CWE-264
|
High
|
|
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)
|
CVE-2021-21359
CWE-674
|
CWE-674
|
High
|
|
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500)
|
CVE-2022-23500
CWE-674
|
CWE-674
|
High
|
|
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)
|
CVE-2010-3663
CWE-434
|
CWE-434
|
High
|
|
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251)
|
CVE-2017-14251
CWE-434
|
CWE-434
|
High
|
|
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357)
|
CVE-2021-21357
CWE-434
|
CWE-434
|
High
|
|
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
|
CVE-2021-4229
CWE-829
|
CWE-829
|
High
|
|
UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927)
|
CVE-2022-25927
CWE-1333
|
CWE-1333
|
High
|
|
UAParser.js Other Vulnerability (CVE-2021-27292)
|
CVE-2021-27292
|
|
High
|
|
Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358)
|
CVE-2021-23358
CWE-94
|
CWE-94
|
High
|
|
Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259)
|
CVE-2022-1259
|
|
High
|
|
Undertow CVE-2023-3223 Vulnerability (CVE-2023-3223)
|
CVE-2023-3223
|
|
High
|
|
Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)
|
CVE-2021-3859
CWE-668
|
CWE-668
|
High
|
|
Undertow Improper Input Validation Vulnerability (CVE-2020-1757)
|
CVE-2020-1757
CWE-20
|
CWE-20
|
High
|
|
Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705)
|
CVE-2020-10705
CWE-119
|
CWE-119
|
High
|
|
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
|
CVE-2017-12165
CWE-444
|
CWE-444
|
High
|
|
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
|
CVE-2017-2670
CWE-835
|
CWE-835
|
High
|
|
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
|
CVE-2023-1108
CWE-835
|
CWE-835
|
High
|
|
Undertow Missing Authorization Vulnerability (CVE-2019-10184)
|
CVE-2019-10184
CWE-862
|
CWE-862
|
High
|
|
Undertow Unchecked Return Value Vulnerability (CVE-2022-1319)
|
CVE-2022-1319
CWE-252
|
CWE-252
|
High
|
|
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)
|
CVE-2019-14888
CWE-400
|
CWE-400
|
High
|
|
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)
|
CVE-2019-19343
CWE-400
|
CWE-400
|
High
|
|
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629)
|
CVE-2021-3629
CWE-400
|
CWE-400
|
High
|
|
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690)
|
CVE-2021-3690
CWE-400
|
CWE-400
|
High
|
|
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053)
|
CVE-2022-2053
CWE-400
|
CWE-400
|
High
|
|
Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432)
|
CVE-2017-1000432
CWE-352
|
CWE-352
|
High
|
|
Vanilla Forums CVE-2013-3528 Vulnerability (CVE-2013-3528)
|
CVE-2013-3528
|
|
High
|
|
Vanilla Forums Deserialization of Untrusted Data Vulnerability (CVE-2018-19499)
|
CVE-2018-19499
CWE-502
|
CWE-502
|
High
|
|
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613)
|
CVE-2011-3613
CWE-200
|
CWE-200
|
High
|
|
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10073)
|
CVE-2016-10073
CWE-200
|
CWE-200
|
High
|
|
Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3527)
|
CVE-2013-3527
CWE-138
|
CWE-138
|
High
|
|
Varnish Cache Integer Overflow or Wraparound Vulnerability (CVE-2017-12425)
|
CVE-2017-12425
CWE-190
|
CWE-190
|
High
|
|
Varnish Cache Other Vulnerability (CVE-2013-4090)
|
CVE-2013-4090
|
|
High
|
|
Varnish Cache Other Vulnerability (CVE-2015-8852)
|
CVE-2015-8852
|
|
High
|
|
Varnish Cache Reachable Assertion Vulnerability (CVE-2019-15892)
|
CVE-2019-15892
CWE-617
|
CWE-617
|
High
|
|
VirtueMart access control bypass
|
CWE-287
|
CWE-287
|
High
|
|
VMware directory traversal and privilege escalation vulnerabilities
|
CVE-2009-2267
CVE-2009-3733
CWE-22
|
CWE-22
|
High
|
|
Vulnerable package dependencies [high]
|
CWE-1104
|
CWE-1104
|
High
|
|
Vulnerable project dependencies
|
CWE-937
|
CWE-937
|
High
|
|
W3 Total Cache CVE-2019-6715 Vulnerability (CVE-2019-6715)
|
CVE-2019-6715
|
|
High
|
|
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19434)
|
CVE-2018-19434
CWE-138
|
CWE-138
|
High
|
|
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19435)
|
CVE-2018-19435
CWE-138
|
CWE-138
|
High
|
|
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19436)
|
CVE-2018-19436
CWE-138
|
CWE-138
|
High
|
|
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7755)
|
CVE-2019-7755
CWE-138
|
CWE-138
|
High
|
|
WeBid Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000882)
|
CVE-2018-1000882
CWE-22
|
CWE-22
|
High
|
|
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-7116)
|
CVE-2008-7116
CWE-138
|
CWE-138
|
High
|
|
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-7119)
|
CVE-2008-7119
CWE-138
|
CWE-138
|
High
|
|
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-1000867)
|
CVE-2018-1000867
CWE-138
|
CWE-138
|
High
|
|
WeBid Other Vulnerability (CVE-2014-5114)
|
CVE-2014-5114
|
|
High
|
|
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)
|
CVE-2019-17359
CWE-770
|
CWE-770
|
High
|
|
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-7226)
|
CVE-2020-7226
CWE-770
|
CWE-770
|
High
|
|
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-28491)
|
CVE-2020-28491
CWE-770
|
CWE-770
|
High
|
|
WebLogic CVE-2008-2579 Vulnerability (CVE-2008-2579)
|
CVE-2008-2579
|
|
High
|
|
WebLogic CVE-2016-0572 Vulnerability (CVE-2016-0572)
|
CVE-2016-0572
|
|
High
|
|
WebLogic CVE-2016-0573 Vulnerability (CVE-2016-0573)
|
CVE-2016-0573
|
|
High
|
|
WebLogic CVE-2016-0574 Vulnerability (CVE-2016-0574)
|
CVE-2016-0574
|
|
High
|
|
WebLogic CVE-2016-0577 Vulnerability (CVE-2016-0577)
|
CVE-2016-0577
|
|
High
|
|
WebLogic CVE-2016-3505 Vulnerability (CVE-2016-3505)
|
CVE-2016-3505
|
|
High
|
|
WebLogic CVE-2017-3506 Vulnerability (CVE-2017-3506)
|
CVE-2017-3506
|
|
High
|
|
WebLogic CVE-2017-3531 Vulnerability (CVE-2017-3531)
|
CVE-2017-3531
|
|
High
|
|
WebLogic CVE-2017-10147 Vulnerability (CVE-2017-10147)
|
CVE-2017-10147
|
|
High
|
|
WebLogic CVE-2017-10271 Vulnerability (CVE-2017-10271)
|
CVE-2017-10271
|
|
High
|
|
WebLogic CVE-2018-2935 Vulnerability (CVE-2018-2935)
|
CVE-2018-2935
|
|
High
|
|
WebLogic CVE-2018-3213 Vulnerability (CVE-2018-3213)
|
CVE-2018-3213
|
|
High
|
|
WebLogic CVE-2018-3246 Vulnerability (CVE-2018-3246)
|
CVE-2018-3246
|
|
High
|
|
WebLogic CVE-2018-15756 Vulnerability (CVE-2018-15756)
|
CVE-2018-15756
|
|
High
|
|
WebLogic CVE-2019-2647 Vulnerability (CVE-2019-2647)
|
CVE-2019-2647
|
|
High
|
|
WebLogic CVE-2019-2648 Vulnerability (CVE-2019-2648)
|
CVE-2019-2648
|
|
High
|
|
WebLogic CVE-2019-2649 Vulnerability (CVE-2019-2649)
|
CVE-2019-2649
|
|
High
|
|
WebLogic CVE-2019-2650 Vulnerability (CVE-2019-2650)
|
CVE-2019-2650
|
|
High
|
|
WebLogic CVE-2019-2890 Vulnerability (CVE-2019-2890)
|
CVE-2019-2890
|
|
High
|
|
WebLogic CVE-2019-2891 Vulnerability (CVE-2019-2891)
|
CVE-2019-2891
|
|
High
|
|
WebLogic CVE-2020-2549 Vulnerability (CVE-2020-2549)
|
CVE-2020-2549
|
|
High
|
|
WebLogic CVE-2020-2798 Vulnerability (CVE-2020-2798)
|
CVE-2020-2798
|
|
High
|
|
WebLogic CVE-2020-2828 Vulnerability (CVE-2020-2828)
|
CVE-2020-2828
|
|
High
|
|
WebLogic CVE-2020-2867 Vulnerability (CVE-2020-2867)
|
CVE-2020-2867
|
|
High
|
|
WebLogic CVE-2020-2963 Vulnerability (CVE-2020-2963)
|
CVE-2020-2963
|
|
High
|
|
WebLogic CVE-2020-2967 Vulnerability (CVE-2020-2967)
|
CVE-2020-2967
|
|
High
|
|
WebLogic CVE-2020-14588 Vulnerability (CVE-2020-14588)
|
CVE-2020-14588
|
|
High
|
|
WebLogic CVE-2020-14589 Vulnerability (CVE-2020-14589)
|
CVE-2020-14589
|
|
High
|
|
WebLogic CVE-2020-14639 Vulnerability (CVE-2020-14639)
|
CVE-2020-14639
|
|
High
|
|
WebLogic CVE-2020-14820 Vulnerability (CVE-2020-14820)
|
CVE-2020-14820
|
|
High
|
|
WebLogic CVE-2020-14883 Vulnerability (CVE-2020-14883)
|
CVE-2020-14883
|
|
High
|
|
WebLogic CVE-2021-2018 Vulnerability (CVE-2021-2018)
|
CVE-2021-2018
|
|
High
|
|
WebLogic CVE-2021-2109 Vulnerability (CVE-2021-2109)
|
CVE-2021-2109
|
|
High
|
|
WebLogic CVE-2021-2157 Vulnerability (CVE-2021-2157)
|
CVE-2021-2157
|
|
High
|
|
WebLogic CVE-2021-2376 Vulnerability (CVE-2021-2376)
|
CVE-2021-2376
|
|
High
|
|
WebLogic CVE-2021-2378 Vulnerability (CVE-2021-2378)
|
CVE-2021-2378
|
|
High
|
|
WebLogic CVE-2021-35620 Vulnerability (CVE-2021-35620)
|
CVE-2021-35620
|
|
High
|
|
WebLogic CVE-2022-21292 Vulnerability (CVE-2022-21292)
|
CVE-2022-21292
|
|
High
|
|
WebLogic CVE-2022-21441 Vulnerability (CVE-2022-21441)
|
CVE-2022-21441
|
|
High
|
|
WebLogic CVE-2023-21837 Vulnerability (CVE-2023-21837)
|
CVE-2023-21837
|
|
High
|
|
WebLogic CVE-2023-21838 Vulnerability (CVE-2023-21838)
|
CVE-2023-21838
|
|
High
|
|
WebLogic CVE-2023-21839 Vulnerability (CVE-2023-21839)
|
CVE-2023-21839
|
|
High
|
|
WebLogic CVE-2023-21841 Vulnerability (CVE-2023-21841)
|
CVE-2023-21841
|
|
High
|
|
WebLogic CVE-2023-21842 Vulnerability (CVE-2023-21842)
|
CVE-2023-21842
|
|
High
|
|
WebLogic CVE-2023-21931 Vulnerability (CVE-2023-21931)
|
CVE-2023-21931
|
|
High
|
|
WebLogic CVE-2023-21964 Vulnerability (CVE-2023-21964)
|
CVE-2023-21964
|
|
High
|
|
WebLogic CVE-2023-21979 Vulnerability (CVE-2023-21979)
|
CVE-2023-21979
|
|
High
|
|
WebLogic CVE-2023-21996 Vulnerability (CVE-2023-21996)
|
CVE-2023-21996
|
|
High
|
|
WebLogic CVE-2023-22086 Vulnerability (CVE-2023-22086)
|
CVE-2023-22086
|
|
High
|
|
WebLogic CVE-2023-22101 Vulnerability (CVE-2023-22101)
|
CVE-2023-22101
|
|
High
|
|
WebLogic CVE-2023-22108 Vulnerability (CVE-2023-22108)
|
CVE-2023-22108
|
|
High
|
|
WebLogic CVE-2024-20927 Vulnerability (CVE-2024-20927)
|
CVE-2024-20927
|
|
High
|
|
WebLogic CVE-2024-20931 Vulnerability (CVE-2024-20931)
|
CVE-2024-20931
|
|
High
|
|
WebLogic CVE-2024-21006 Vulnerability (CVE-2024-21006)
|
CVE-2024-21006
|
|
High
|
|
WebLogic CVE-2024-21175 Vulnerability (CVE-2024-21175)
|
CVE-2024-21175
|
|
High
|
|
WebLogic CVE-2024-21182 Vulnerability (CVE-2024-21182)
|
CVE-2024-21182
|
|
High
|
|
WebLogic CVE-2024-21183 Vulnerability (CVE-2024-21183)
|
CVE-2024-21183
|
|
High
|
|
WebLogic CVE-2024-21234 Vulnerability (CVE-2024-21234)
|
CVE-2024-21234
|
|
High
|
|
WebLogic CVE-2024-21260 Vulnerability (CVE-2024-21260)
|
CVE-2024-21260
|
|
High
|
|
WebLogic CVE-2024-21274 Vulnerability (CVE-2024-21274)
|
CVE-2024-21274
|
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
|
CVE-2019-10086
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10968)
|
CVE-2020-10968
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10969)
|
CVE-2020-10969
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11111)
|
CVE-2020-11111
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11112)
|
CVE-2020-11112
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11113)
|
CVE-2020-11113
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11619)
|
CVE-2020-11619
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11620)
|
CVE-2020-11620
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
|
CVE-2021-4104
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2022-23302)
|
CVE-2022-23302
CWE-502
|
CWE-502
|
High
|
|
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2022-23307)
|
CVE-2022-23307
CWE-502
|
CWE-502
|
High
|
|
WebLogic Download of Code Without Integrity Check Vulnerability (CVE-2020-5398)
|
CVE-2020-5398
CWE-494
|
CWE-494
|
High
|
|
WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-40690)
|
CVE-2021-40690
CWE-200
|
CWE-200
|
High
|
|
WebLogic Improper Certificate Validation Vulnerability (CVE-2021-3450)
|
CVE-2021-3450
CWE-295
|
CWE-295
|
High
|
|
WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-21371)
|
CVE-2022-21371
CWE-22
|
CWE-22
|
High
|
|
WebLogic Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
|
CVE-2020-5258
CWE-1321
|
CWE-1321
|
High
|
|
WebLogic Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2018-11040)
|
CVE-2018-11040
CWE-829
|
CWE-829
|
High
|
|
WebLogic Incorrect Authorization Vulnerability (CVE-2018-1258)
|
CVE-2018-1258
CWE-863
|
CWE-863
|
High
|
|
WebLogic Other Vulnerability (CVE-2020-10672)
|
CVE-2020-10672
|
|
High
|
|
WebLogic Other Vulnerability (CVE-2020-10673)
|
CVE-2020-10673
|
|
High
|
|
WebLogic Out-of-bounds Write Vulnerability (CVE-2020-36518)
|
CVE-2020-36518
CWE-787
|
CWE-787
|
High
|
|
WebLogic Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-11987)
|
CVE-2020-11987
CWE-918
|
CWE-918
|
High
|
|
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
|
CVE-2016-8610
CWE-400
|
CWE-400
|
High
|
|
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2022-24839)
|
CVE-2022-24839
CWE-400
|
CWE-400
|
High
|
|
WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)
|
CVE-2018-1000180
CWE-327
|
CWE-327
|
High
|
|
WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-2351)
|
CVE-2021-2351
CWE-327
|
CWE-327
|
High
|
|
WEBrick v.1.3 directory traversal
|
CVE-2008-1145
CWE-22
|
CWE-22
|
High
|
|
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577)
|
CVE-2023-25577
CWE-770
|
CWE-770
|
High
|
|
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767)
|
CVE-2024-49767
CWE-770
|
CWE-770
|
High
|
|
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-14322)
|
CVE-2019-14322
CWE-22
|
CWE-22
|
High
|
|
Werkzeug WSGI Insufficient Entropy Vulnerability (CVE-2019-14806)
|
CVE-2019-14806
CWE-331
|
CWE-331
|
High
|
|
Werkzeug WSGI Out-of-bounds Write Vulnerability (CVE-2023-46136)
|
CVE-2023-46136
CWE-787
|
CWE-787
|
High
|
|
WildFly Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0793)
|
CVE-2016-0793
CWE-200
|
CWE-200
|
High
|
|
WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589)
|
CVE-2016-9589
CWE-400
|
CWE-400
|
High
|
|
WordPress 'admin-ajax.php' SQL Injection Vulnerability (2.1.3)
|
CVE-2007-2821
CWE-89
|
CWE-89
|
High
|
|
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1)
|
CVE-2005-1810
CWE-89
|
CWE-89
|
High
|
|
WordPress 'comment_post_ID' Parameter SQL Injection Vulnerability (3.0.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress 'get_edit_post_link()' and 'get_edit_comment_link()' Multiple Eavesdropping Vulnerabilities (0.6.2 - 2.6)
|
CVE-2008-3747
CWE-264
|
CWE-264
|
High
|
|
WordPress 'index.php' Cross-Site Scripting Vulnerability (1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5)
|
CVE-2006-3389
CWE-89
|
CWE-89
|
High
|
|
WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.5.1)
|
CVE-2008-3233
CWE-79
|
CWE-79
|
High
|
|
WordPress 'press-this.php' Remote Security Bypass Vulnerability (0.7 - 3.1.1)
|
CVE-2011-5270
CWE-264
|
CWE-264
|
High
|
|
WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1)
|
CVE-2012-3414
CWE-79
|
CWE-79
|
High
|
|
WordPress 'templates.php' Cross-Site Scripting Vulnerability (0.6.2 - 2.1)
|
CVE-2007-1049
CWE-79
|
CWE-79
|
High
|
|
WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability (0.6.2 - 2.8)
|
CVE-2009-2334
CWE-287
|
CWE-287
|
High
|
|
WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2)
|
CVE-2008-5695
CWE-20
|
CWE-20
|
High
|
|
WordPress 'wp-db.php' Character Set SQL Injection Vulnerability (2.0 - 2.3.1)
|
CVE-2007-6318
CWE-89
|
CWE-89
|
High
|
|
WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2)
|
CVE-2004-1584
CWE-113
|
CWE-113
|
High
|
|
WordPress 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
|
CVE-2007-5105
CVE-2007-5106
CWE-79
|
CWE-79
|
High
|
|
WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5)
|
CVE-2005-1687
CWE-89
|
CWE-89
|
High
|
|
WordPress 'xmlrpc.php' Remote Security Bypass Vulnerability (3.0.1 - 3.0.2)
|
CVE-2010-5106
CWE-264
|
CWE-264
|
High
|
|
WordPress 0.7 Posts SQL Injection Vulnerability (0.7)
|
CVE-2003-1598
CWE-89
|
CWE-89
|
High
|
|
WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2)
|
CVE-2005-2107
CVE-2005-2108
CVE-2005-2109
CVE-2005-2110
CWE-79
CWE-89
CWE-200
CWE-702
|
CWE-79
CWE-89
CWE-200
CWE-702
|
High
|
|
WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1)
|
CWE-400
|
CWE-400
|
High
|
|
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
|
CVE-2006-2667
CVE-2006-2702
CWE-94
|
CWE-94
|
High
|
|
WordPress 2.0.3 Multiple Unspecified Security Vulnerabilities (2.0 - 2.0.3)
|
CVE-2006-4028
CWE-264
|
CWE-264
|
High
|
|
WordPress 2.0.4 Multiple Security Vulnerabilities (2.0.4)
|
CVE-2006-5705
CVE-2006-6016
CVE-2006-6017
CWE-22
CWE-264
CWE-400
|
CWE-22
CWE-264
CWE-400
|
High
|
|
WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5)
|
CVE-2007-0107
CWE-89
|
CWE-89
|
High
|
|
WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
|
CVE-2006-6808
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
|
CVE-2007-0106
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6)
|
CVE-2007-0233
CWE-89
|
CWE-89
|
High
|
|
WordPress 2.0.9 Multiple Vulnerabilities (2.0 - 2.0.9)
|
CVE-2007-1622
CVE-2007-1893
CVE-2007-1894
CVE-2007-1897
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1)
|
CVE-2007-1277
CWE-94
|
CWE-94
|
High
|
|
WordPress 2.1.1 Cross-Site Scripting Vulnerability (2.1.1)
|
CVE-2007-1244
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.1.2 Multiple Vulnerabilities (2.1 - 2.1.2)
|
CVE-2007-1622
CVE-2007-1893
CVE-2007-1894
CVE-2007-1897
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 2.2 Cross-Site Scripting Vulnerability (2.2)
|
CVE-2007-3238
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.2 Multiple Vulnerabilities (2.2)
|
CVE-2007-3140
CVE-2007-3238
CVE-2007-3543
CWE-79
CWE-89
CWE-434
|
CWE-79
CWE-89
CWE-434
|
High
|
|
WordPress 2.2.1 Multiple Vulnerabilities (2.2.1)
|
CVE-2007-3639
CVE-2007-4139
CVE-2007-4153
CVE-2007-4154
CWE-79
CWE-89
CWE-601
|
CWE-79
CWE-89
CWE-601
|
High
|
|
WordPress 2.2.2 Multiple Vulnerabilities (2.2 - 2.2.2)
|
CVE-2007-4893
CVE-2007-4894
CVE-2008-2146
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 2.3 Cross-Site Scripting Vulnerability (2.3)
|
CVE-2007-5710
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.3.1 Unauthorized Post Access Vulnerability (2.3.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress 2.3.2 Post Edit Unauthorized Access Vulnerability (0.7 - 2.3.2)
|
CVE-2008-0664
CWE-264
|
CWE-264
|
High
|
|
WordPress 2.3.3 Directory Traversal Vulnerability (0.6.2 - 2.3.3)
|
CVE-2008-4769
CWE-22
|
CWE-22
|
High
|
|
WordPress 2.5 Cookie Integrity Protection Unauthorized Access Vulnerability (0.6.2 - 2.5)
|
CVE-2008-1930
CWE-287
|
CWE-287
|
High
|
|
WordPress 2.5 Cross-Site Scripting Vulnerability (2.5)
|
CVE-2008-2068
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability (0.71 - 2.6.1)
|
CVE-2008-4106
CVE-2008-4107
CWE-20
|
CWE-20
|
High
|
|
WordPress 2.6.2 Remote Code Execution Vulnerability (0.70 - 2.6.2)
|
CVE-2008-4796
CWE-94
|
CWE-94
|
High
|
|
WordPress 2.6.3 Cross-Site Scripting Vulnerability (0.6.2 - 2.6.3)
|
CVE-2008-5278
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.8 Multiple Existing/Non-Existing Username Enumeration Weaknesses (0.6.2 - 2.8)
|
CVE-2009-2335
CVE-2009-2336
CWE-16
|
CWE-16
|
High
|
|
WordPress 2.8.1 Comment Author URI Cross-Site Scripting Vulnerability (0.6.2 - 2.8.1)
|
CVE-2009-2851
CWE-79
|
CWE-79
|
High
|
|
WordPress 2.8.2 Multiple Security Bypass Vulnerabilities (2.0 - 2.8.2)
|
CVE-2009-2853
CVE-2009-2854
CWE-264
|
CWE-264
|
High
|
|
WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)
|
CVE-2009-2762
CWE-255
|
CWE-255
|
High
|
|
WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4)
|
CVE-2009-3622
CWE-310
|
CWE-310
|
High
|
|
WordPress 2.8.5 Multiple Vulnerabilities (2.8 - 2.8.5)
|
CVE-2009-3890
CVE-2009-3891
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress 2.9.1 Trashed Posts Security Bypass Vulnerability (2.9 - 2.9.1)
|
CVE-2010-0682
CWE-264
|
CWE-264
|
High
|
|
WordPress 3.0.1 Multiple Vulnerabilities (0.6.2 - 3.0.1)
|
CVE-2010-4257
CVE-2010-5293
CVE-2010-5294
CVE-2010-5295
CVE-2010-5296
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 3.0.3 KSES Library Cross-Site Scripting Vulnerability (0.6.2 - 3.0.3)
|
CVE-2010-4536
CWE-79
|
CWE-79
|
High
|
|
WordPress 3.0.4 Multiple Vulnerabilities (0.6.2 - 3.0.4)
|
CVE-2011-0700
CVE-2011-0701
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 3.1 Multiple Vulnerabilities (0.7 - 3.1)
|
CVE-2011-4956
CVE-2011-4957
CWE-79
CWE-352
CWE-400
|
CWE-79
CWE-352
CWE-400
|
High
|
|
WordPress 3.1.2 Multiple Vulnerabilities (3.0.1 - 3.1.2)
|
CVE-2011-3122
CVE-2011-3125
CVE-2011-3126
CVE-2011-3127
CVE-2011-3128
CVE-2011-3129
CVE-2011-3130
CWE-89
CWE-200
CWE-264
CWE-693
|
CWE-89
CWE-200
CWE-264
CWE-693
|
High
|
|
WordPress 3.1.3 Multiple SQL Injection Vulnerabilities (3.1 - 3.1.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress 3.3 Cross-Site Scripting Vulnerability (3.3)
|
CVE-2012-0287
CWE-79
|
CWE-79
|
High
|
|
WordPress 3.3.1 Multiple Vulnerabilities (2.0 - 3.3.1)
|
CVE-2012-2399
CVE-2012-2400
CVE-2012-2401
CVE-2012-2402
CVE-2012-2403
CVE-2012-2404
CVE-2012-3414
CWE-79
CWE-264
CWE-352
|
CWE-79
CWE-264
CWE-352
|
High
|
|
WordPress 3.3.2 Multiple Vulnerabilities (3.3 - 3.3.2)
|
CVE-2012-6633
CVE-2012-6634
CVE-2012-6635
CWE-79
CWE-200
CWE-264
CWE-352
|
CWE-79
CWE-200
CWE-264
CWE-352
|
High
|
|
WordPress 3.4 Multiple Vulnerabilities (3.4)
|
CVE-2012-3384
CVE-2012-3385
CWE-79
CWE-200
CWE-264
CWE-352
|
CWE-79
CWE-200
CWE-264
CWE-352
|
High
|
|
WordPress 3.4.1 Multiple Vulnerabilities (2.0 - 3.4.1)
|
CVE-2012-3383
CVE-2012-4421
CVE-2012-4422
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 3.5 Multiple Vulnerabilities (1.5 - 3.5)
|
CVE-2013-0235
CVE-2013-0236
CVE-2013-0237
CWE-79
CWE-918
|
CWE-79
CWE-918
|
High
|
|
WordPress 3.5.1 Multiple Vulnerabilities (2.0 - 3.5.1)
|
CVE-2013-2173
CVE-2013-2199
CVE-2013-2200
CVE-2013-2201
CVE-2013-2202
CVE-2013-2203
CVE-2013-2204
CVE-2013-2205
CWE-79
CWE-200
CWE-264
CWE-400
CWE-611
CWE-918
|
CWE-79
CWE-200
CWE-264
CWE-400
CWE-611
CWE-918
|
High
|
|
WordPress 3.6 Multiple Vulnerabilities (2.0 - 3.6)
|
CVE-2013-4338
CVE-2013-4339
CVE-2013-4340
CVE-2013-5738
CVE-2013-5739
CWE-20
CWE-94
CWE-264
|
CWE-20
CWE-94
CWE-264
|
High
|
|
WordPress 3.7.1 Multiple Vulnerabilities (3.7 - 3.7.1)
|
CVE-2014-0165
CVE-2014-0166
CWE-89
CWE-264
CWE-287
|
CWE-89
CWE-264
CWE-287
|
High
|
|
WordPress 3.7.3 Multiple Vulnerabilities (3.7 - 3.7.3)
|
CVE-2014-5204
CVE-2014-5205
CVE-2014-5240
CVE-2014-5265
CVE-2014-5266
CWE-79
CWE-352
CWE-399
CWE-611
|
CWE-79
CWE-352
CWE-399
CWE-611
|
High
|
|
WordPress 3.7.4 Multiple Vulnerabilities (3.7 - 3.7.4)
|
CVE-2014-9031
CVE-2014-9032
CVE-2014-9033
CVE-2014-9034
CVE-2014-9035
CVE-2014-9036
CVE-2014-9037
CVE-2014-9038
CVE-2014-9039
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
High
|
|
WordPress 3.7.x Arbitrary File Deletion Vulnerability (3.7 - 3.7.26)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 3.7.x Cross-Domain Flash Injection Vulnerability (3.7 - 3.7.24)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 3.7.x Cross-Site Request Forgery (3.7 - 3.7.28)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.12)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.14)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.15)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.16)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.17)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.18)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.20)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.21)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.23)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.25)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.27)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.29)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.30)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.31)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.32)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.33)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.34)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.36)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.38)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.39)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 3.7.x PHP Object Injection (3.7 - 3.7.35)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 3.7.x Possible SQL Injection Vulnerability (3.7 - 3.7.22)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 3.7.x Prototype Pollution (3.7 - 3.7.37)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 3.8.1 Multiple Vulnerabilities (3.8 - 3.8.1)
|
CVE-2014-0165
CVE-2014-0166
CWE-89
CWE-264
CWE-287
|
CWE-89
CWE-264
CWE-287
|
High
|
|
WordPress 3.8.3 Multiple Vulnerabilities (3.8 - 3.8.3)
|
CVE-2014-5204
CVE-2014-5205
CVE-2014-5240
CVE-2014-5265
CVE-2014-5266
CWE-79
CWE-352
CWE-399
CWE-611
|
CWE-79
CWE-352
CWE-399
CWE-611
|
High
|
|
WordPress 3.8.4 Multiple Vulnerabilities (3.8 - 3.8.4)
|
CVE-2014-9031
CVE-2014-9032
CVE-2014-9033
CVE-2014-9034
CVE-2014-9035
CVE-2014-9036
CVE-2014-9037
CVE-2014-9038
CVE-2014-9039
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
High
|
|
WordPress 3.8.x Arbitrary File Deletion Vulnerability (3.8 - 3.8.26)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 3.8.x Cross-Domain Flash Injection Vulnerability (3.8 - 3.8.24)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 3.8.x Cross-Site Request Forgery (3.8 - 3.8.28)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 3.8.x Cross-Site Scripting Vulnerability (3.8 - 3.8.11)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.12)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.14)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.15)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.16)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.17)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.18)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.20)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.21)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.23)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.25)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.27)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.29)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.30)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.31)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.32)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.33)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.34)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.36)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.38)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.39)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 3.8.x PHP Object Injection (3.8 - 3.8.35)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 3.8.x Possible SQL Injection Vulnerability (3.8 - 3.8.22)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 3.8.x Prototype Pollution (3.8 - 3.8.37)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 3.8.x Same Origin Method Execution (SOME) Vulnerability (3.8 - 3.8.13)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 3.9.1 Multiple Vulnerabilities (3.9 - 3.9.1)
|
CVE-2014-5203
CVE-2014-5204
CVE-2014-5205
CVE-2014-5240
CVE-2014-5265
CVE-2014-5266
CWE-79
CWE-94
CWE-352
CWE-399
CWE-611
|
CWE-79
CWE-94
CWE-352
CWE-399
CWE-611
|
High
|
|
WordPress 3.9.2 Multiple Vulnerabilities (3.9 - 3.9.2)
|
CVE-2014-9031
CVE-2014-9032
CVE-2014-9033
CVE-2014-9034
CVE-2014-9035
CVE-2014-9036
CVE-2014-9037
CVE-2014-9038
CVE-2014-9039
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
High
|
|
WordPress 3.9.x Arbitrary File Deletion Vulnerability (3.9 - 3.9.24)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 3.9.x Cross-Domain Flash Injection Vulnerability (3.9 - 3.9.22)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 3.9.x Cross-Site Request Forgery (3.9 - 3.9.26)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 3.9.x Cross-Site Scripting Vulnerability (3.9 - 3.9.9)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.10)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.12)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.13)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.14)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.15)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.16)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.18)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.19)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.21)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.23)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.25)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.27)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.28)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.29)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.30)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.31)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.32)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.34)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.36)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.37)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 3.9.x PHP Object Injection (3.9 - 3.9.33)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 3.9.x Possible SQL Injection Vulnerability (3.9 - 3.9.20)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 3.9.x Prototype Pollution (3.9 - 3.9.35)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 3.9.x Same Origin Method Execution (SOME) Vulnerability (3.9 - 3.9.11)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.0 Multiple Vulnerabilities (4.0)
|
CVE-2014-9032
CVE-2014-9033
CVE-2014-9034
CVE-2014-9035
CVE-2014-9036
CVE-2014-9037
CVE-2014-9038
CVE-2014-9039
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
CWE-19
CWE-79
CWE-310
CWE-352
CWE-918
|
High
|
|
WordPress 4.0.x Arbitrary File Deletion Vulnerability (4.0 - 4.0.23)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.0.x Cross-Domain Flash Injection Vulnerability (4.0 - 4.0.21)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.0.x Cross-Site Request Forgery (4.0 - 4.0.25)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.0.x Cross-Site Scripting Vulnerability (4.0 - 4.0.8)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.9)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.11)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.12)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.13)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.14)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.15)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.17)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.18)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.20)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.22)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.24)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.26)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.27)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.28)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.29)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.30)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.31)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.33)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.35)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.36)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.0.x PHP Object Injection (4.0 - 4.0.32)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.0.x Possible SQL Injection Vulnerability (4.0 - 4.0.19)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.0.x Prototype Pollution (4.0 - 4.0.34)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.0.x Same Origin Method Execution (SOME) Vulnerability (4.0 - 4.0.10)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.1.x Arbitrary File Deletion Vulnerability (4.1 - 4.1.23)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.1.x Cross-Domain Flash Injection Vulnerability (4.1 - 4.1.21)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.1.x Cross-Site Request Forgery (4.1 - 4.1.25)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.1.x Cross-Site Scripting Vulnerability (4.1 - 4.1.8)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.1.x Directory Traversal (4.1 - 4.1.40)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.9)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.11)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.12)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.13)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.14)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.15)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.17)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.18)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.20)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.22)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.24)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.26)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.27)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.28)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.29)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.30)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.31)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.33)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.35)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.36)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.37)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.38)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.39)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.1.x PHP Object Injection (4.1 - 4.1.32)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.1.x Possible SQL Injection Vulnerability (4.1 - 4.1.19)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.1.x Prototype Pollution (4.1 - 4.1.34)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.1.x Same Origin Method Execution (SOME) Vulnerability (4.1 - 4.1.10)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.2.2 Multiple Vulnerabilities (0.7 - 4.2.2)
|
CVE-2015-5622
CVE-2015-5623
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3)
|
CVE-2015-2213
CVE-2015-5714
CVE-2015-5715
CVE-2015-5716
CVE-2015-5730
CVE-2015-5731
CVE-2015-5732
CVE-2015-5733
CVE-2015-5734
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.2.x Arbitrary File Deletion Vulnerability (4.2 - 4.2.20)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.2.x Cross-Domain Flash Injection Vulnerability (4.2 - 4.2.18)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.2.x Cross-Site Request Forgery (4.2 - 4.2.22)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.7)
|
CVE-2016-4567
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.2.x Directory Traversal (4.2 - 4.2.37)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.6)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.8)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.9)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.10)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.11)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.12)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.14)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.15)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.17)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.19)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.21)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.23)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.24)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.25)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.26)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.27)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.28)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.30)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.32)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.33)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.34)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.35)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.36)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.2.x PHP Object Injection (4.2 - 4.2.29)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.2.x Possible SQL Injection Vulnerability (4.2 - 4.2.16)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.2.x Prototype Pollution (4.2 - 4.2.31)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.2.x Same Origin Method Execution (SOME) Vulnerability (4.2 - 4.2.7)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.3 Multiple Vulnerabilities (0.7 - 4.3)
|
CVE-2015-5714
CVE-2015-5715
CVE-2015-7989
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.3.x Arbitrary File Deletion Vulnerability (4.3 - 4.3.16)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.3.x Cross-Domain Flash Injection Vulnerability (4.3 - 4.3.14)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.3.x Cross-Site Request Forgery (4.3 - 4.3.18)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.1)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.3)
|
CVE-2016-4567
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.3.x Directory Traversal (4.3 - 4.3.33)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.2)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.4)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.5)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.6)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.7)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.8)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.10)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.11)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.13)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.15)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.17)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.19)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.20)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.21)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.22)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.23)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.24)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.26)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.28)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.29)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.30)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.31)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.32)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.3.x PHP Object Injection (4.3 - 4.3.25)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.3.x Possible SQL Injection Vulnerability (4.3 - 4.3.12)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.3.x Prototype Pollution (4.3 - 4.3.27)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.3.x Same Origin Method Execution (SOME) Vulnerability (4.3 - 4.3.3)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.4 Cross-Site Scripting Vulnerability (4.4)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.4.x Arbitrary File Deletion Vulnerability (4.4 - 4.4.15)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.4.x Cross-Domain Flash Injection Vulnerability (4.4 - 4.4.13)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.4.x Cross-Site Request Forgery (4.4 - 4.4.17)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.4.x Cross-Site Scripting Vulnerability (4.4 - 4.4.2)
|
CVE-2016-4567
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.4.x Directory Traversal (4.4 - 4.4.32)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.1)
|
CVE-2016-2221
CVE-2016-2222
CWE-601
CWE-918
|
CWE-601
CWE-918
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.3)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.4)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.5)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.6)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.7)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.9)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.10)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.12)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.14)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.16)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.18)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.19)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.20)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.21)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.22)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.23)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.25)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.27)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.28)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.29)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.30)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.31)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.4.x PHP Object Injection (4.4 - 4.4.24)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.4.x Possible SQL Injection Vulnerability (4.4 - 4.4.11)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.4.x Prototype Pollution (4.4 - 4.4.26)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.4.x Same Origin Method Execution (SOME) Vulnerability (4.4 - 4.4.2)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.5.3 Directory Traversal Vulnerability (4.5.3)
|
CVE-2016-6896
CVE-2016-10148
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.5.x Arbitrary File Deletion Vulnerability (4.5 - 4.5.14)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.5.x Cross-Domain Flash Injection Vulnerability (4.5 - 4.5.12)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.5.x Cross-Site Request Forgery (4.5 - 4.5.16)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.5.x Cross-Site Scripting Vulnerability (4.5 - 4.5.1)
|
CVE-2016-4567
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.5.x Directory Traversal (4.5 - 4.5.31)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.2)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.3)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.4)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.5)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.6)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.8)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.9)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.11)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.13)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.15)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.17)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.18)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.19)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.20)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.21)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.22)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.24)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.26)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.27)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.28)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.29)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.30)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.5.x PHP Object Injection (4.5 - 4.5.23)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.5.x Possible SQL Injection Vulnerability (4.5 - 4.5.10)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.5.x Prototype Pollution (4.5 - 4.5.25)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.5.x Same Origin Method Execution (SOME) Vulnerability (4.5 - 4.5.1)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress 4.6 Multiple Vulnerabilities (4.6)
|
CVE-2016-7168
CVE-2016-7169
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 4.6.x Arbitrary File Deletion Vulnerability (4.6 - 4.6.11)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.6.x Cross-Domain Flash Injection Vulnerability (4.6 - 4.6.9)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.6.x Cross-Site Request Forgery (4.6 - 4.6.13)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.6.x Directory Traversal (4.6 - 4.6.28)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.1)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.2)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.3)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.5)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.6)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.8)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.10)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.12)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.14)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.15)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.16)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.17)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.18)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.19)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.21)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.23)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.24)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.25)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.26)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.27)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.6.x PHP Object Injection (4.6 - 4.6.20)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.6.x Possible SQL Injection Vulnerability (4.6 - 4.6.7)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.6.x Prototype Pollution (4.6 - 4.6.22)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.7 Multiple Vulnerabilities (4.7)
|
CVE-2016-10033
CVE-2016-10045
CVE-2017-5487
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
CWE-79
CWE-94
CWE-200
CWE-352
|
CWE-79
CWE-94
CWE-200
CWE-352
|
High
|
|
WordPress 4.7.x Arbitrary File Deletion Vulnerability (4.7 - 4.7.10)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.7.x Cross-Domain Flash Injection Vulnerability (4.7 - 4.7.8)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.7.x Cross-Site Request Forgery (4.7 - 4.7.12)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.7.x Directory Traversal (4.7 - 4.7.28)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.1)
|
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
CVE-2017-1001000
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.2)
|
CVE-2017-6814
CVE-2017-6815
CVE-2017-6816
CVE-2017-6817
CVE-2017-6818
CVE-2017-6819
CWE-79
CWE-264
CWE-352
CWE-601
|
CWE-79
CWE-264
CWE-352
CWE-601
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.4)
|
CVE-2017-9061
CVE-2017-9062
CVE-2017-9063
CVE-2017-9064
CVE-2017-9065
CVE-2017-9066
CWE-79
CWE-264
CWE-352
CWE-918
|
CWE-79
CWE-264
CWE-352
CWE-918
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.5)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.7)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.9)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.11)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.13)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.14)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.15)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.16)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.17)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.18)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.19)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.21)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.23)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.24)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.25)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.26)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.27)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.7.x PHP Object Injection (4.7 - 4.7.20)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.7.x Possible SQL Injection Vulnerability (4.7 - 4.7.6)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.7.x Prototype Pollution (4.7 - 4.7.22)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.8.x Arbitrary File Deletion Vulnerability (4.8 - 4.8.6)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.8.x Cross-Domain Flash Injection Vulnerability (4.8 - 4.8.4)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.8.x Cross-Site Request Forgery (4.8 - 4.8.8)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.8.x Directory Traversal (4.8 - 4.8.24)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.1)
|
CVE-2017-14718
CVE-2017-14719
CVE-2017-14720
CVE-2017-14721
CVE-2017-14722
CVE-2017-14723
CVE-2017-14724
CVE-2017-14725
CVE-2017-14726
CWE-22
CWE-79
CWE-601
|
CWE-22
CWE-79
CWE-601
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.3)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.5)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.7)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.9)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.10)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.11)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.12)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.13)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.14)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.15)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.17)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.19)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.20)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.21)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.22)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.23)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.8.x PHP Object Injection (4.8 - 4.8.16)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.8.x Possible SQL Injection Vulnerability (4.8 - 4.8.2)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress 4.8.x Prototype Pollution (4.8 - 4.8.18)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 4.9.x Arbitrary File Deletion Vulnerability (4.9 - 4.9.6)
|
CVE-2018-12895
CWE-73
|
CWE-73
|
High
|
|
WordPress 4.9.x Cross-Domain Flash Injection Vulnerability (4.9 - 4.9.1)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress 4.9.x Cross-Site Request Forgery (4.9 - 4.9.9)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress 4.9.x Directory Traversal (4.9 - 4.9.25)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.4)
|
CVE-2018-10100
CVE-2018-10101
CVE-2018-10102
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.8)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.10)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.11)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.12)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.13)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.14)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.15)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.16)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.18)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.20)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.21)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.22)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.23)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.24)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 4.9.x Multiple Vulnerabilities (4.9)
|
CVE-2017-17091
CVE-2017-17092
CVE-2017-17093
CVE-2017-17094
CWE-79
CWE-330
|
CWE-79
CWE-330
|
High
|
|
WordPress 4.9.x PHP Object Injection (4.9 - 4.9.17)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 4.9.x Prototype Pollution (4.9 - 4.9.19)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.0 Multiple Vulnerabilities (5.0)
|
CVE-2018-20147
CVE-2018-20148
CVE-2018-20149
CVE-2018-20150
CVE-2018-20151
CVE-2018-20152
CVE-2018-20153
CWE-79
CWE-200
CWE-264
CWE-915
|
CWE-79
CWE-200
CWE-264
CWE-915
|
High
|
|
WordPress 5.0.x Cross-Site Request Forgery (5.0 - 5.0.3)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 5.0.x Directory Traversal (5.0 - 5.0.21)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.4)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16219
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.6)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.7)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.8)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.9)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.10)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.11)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.13)
|
CVE-2021-39200
CVE-2021-39201
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.14)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.16)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.17)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.18)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.19)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.20)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.0.x PHP Object Injection (5.0 - 5.0.12)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.0.x Prototype Pollution (5.0 - 5.0.15)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.1.x Cross-Site Request Forgery (5.1)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress 5.1.x Directory Traversal (5.1 - 5.1.18)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.1)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16219
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.2)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.3)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.4)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.5)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.6)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.8)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.10)
|
CVE-2021-39200
CVE-2021-39201
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.11)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.13)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.14)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.15)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.16)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.17)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.1.x PHP Object Injection (5.1 - 5.1.9)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.1.x Prototype Pollution (5.1 - 5.1.12)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.2.x Directory Traversal (5.2 - 5.2.20)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.2)
|
CVE-2019-16217
CVE-2019-16218
CVE-2019-16219
CVE-2019-16220
CVE-2019-16221
CVE-2019-16222
CVE-2019-16223
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.3)
|
CVE-2019-17669
CVE-2019-17670
CVE-2019-17671
CVE-2019-17672
CVE-2019-17673
CVE-2019-17674
CVE-2019-17675
CWE-79
CWE-264
CWE-918
|
CWE-79
CWE-264
CWE-918
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.4)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.5)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.6)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.7)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.9)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.13)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.15)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.16)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.17)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.18)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.19)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.2.x PHP Object Injection (5.2 - 5.2.10)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.2.x Prototype Pollution (5.2 - 5.2.14)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.3.x Directory Traversal (5.3 - 5.3.17)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.2)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.3)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.4)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.6)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.10)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.12)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.13)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.14)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.15)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.16)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.3.x Multiple Vulnerabilities (5.3)
|
CVE-2019-16780
CVE-2019-16781
CVE-2019-20041
CVE-2019-20042
CVE-2019-20043
CWE-79
CWE-269
|
CWE-79
CWE-269
|
High
|
|
WordPress 5.3.x PHP Object Injection (5.3 - 5.3.7)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.3.x Prototype Pollution (5.3 - 5.3.11)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.4 Multiple Vulnerabilities (5.4)
|
CVE-2020-11025
CVE-2020-11026
CVE-2020-11027
CVE-2020-11028
CVE-2020-11029
CVE-2020-11030
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress 5.4.x Directory Traversal (5.4 - 5.4.15)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.1)
|
CVE-2020-4046
CVE-2020-4047
CVE-2020-4048
CVE-2020-4049
CVE-2020-4050
CVE-2020-25286
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.2)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.4)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.6)
|
CVE-2021-39200
CVE-2021-39201
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.8)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.10)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.11)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.12)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.13)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.14)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.4.x PHP Object Injection (5.4 - 5.4.5)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.4.x Prototype Pollution (5.4 - 5.4.9)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.5.x Directory Traversal (5.5 - 5.5.14)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.1)
|
CVE-2020-28032
CVE-2020-28033
CVE-2020-28034
CVE-2020-28035
CVE-2020-28036
CVE-2020-28037
CVE-2020-28038
CVE-2020-28039
CVE-2020-28040
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
CWE-79
CWE-264
CWE-269
CWE-400
CWE-502
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.3)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.5)
|
CVE-2021-39200
CVE-2021-39201
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.7)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.9)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.10)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.11)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.12)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.13)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.5.x PHP Object Injection (5.5 - 5.5.4)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.5.x Prototype Pollution (5.5 - 5.5.8)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.6.x Directory Traversal (5.6 - 5.6.13)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.2)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.4)
|
CVE-2021-39200
CVE-2021-39201
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.6)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.8)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.9)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.10)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.12)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.6.x PHP Object Injection (5.6 - 5.6.3)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.6.x Prototype Pollution (5.6 - 5.6.7)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.7 Multiple Vulnerabilities (5.7)
|
CVE-2021-29447
CVE-2021-29450
CWE-200
CWE-611
|
CWE-200
CWE-611
|
High
|
|
WordPress 5.7.x Directory Traversal (5.7 - 5.7.11)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.7.x Multiple Prototype Pollution Vulnerabilities (5.7 - 5.7.5)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.2)
|
CVE-2021-39200
CVE-2021-39201
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.4)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.6)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.7)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.8)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.9)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.10)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.7.x PHP Object Injection (5.7 - 5.7.1)
|
CVE-2018-19296
CVE-2020-36326
CWE-915
|
CWE-915
|
High
|
|
WordPress 5.8 Multiple Vulnerabilities (5.8)
|
CVE-2021-39200
CVE-2021-39201
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress 5.8.x Directory Traversal (5.8 - 5.8.9)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress 5.8.x Multiple Prototype Pollution Vulnerabilities (5.8 - 5.8.3)
|
CVE-2021-20083
CWE-1321
|
CWE-1321
|
High
|
|
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.2)
|
CVE-2022-21661
CVE-2022-21662
CVE-2022-21663
CVE-2022-21664
CWE-79
CWE-89
CWE-915
|
CWE-79
CWE-89
CWE-915
|
High
|
|
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.4)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.5)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.6)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.7)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.8)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.1)
|
CVE-2021-20083
CWE-79
CWE-1321
|
CWE-79
CWE-1321
|
High
|
|
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.3)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.4)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.5)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.7)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.8)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.9)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 5.9.x Shortcode Execution (5.9 - 5.9.6)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress 6.0.x Cross-Site Scripting (6.0 - 6.0.7)
|
CVE-2024-4439
CWE-79
|
CWE-79
|
High
|
|
WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.2)
|
CVE-2022-43497
CVE-2022-43500
CVE-2022-43504
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
CWE-79
CWE-89
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.3)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.5)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.6)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.8)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 6.0.x Shortcode Execution (6.0 - 6.0.4)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress 6.1.x Cross-Site Scripting (6.1 - 6.1.5)
|
CVE-2024-4439
CWE-79
|
CWE-79
|
High
|
|
WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.1)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.3)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.4)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.6)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 6.1.x Shortcode Execution (6.1 - 6.1.2)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress 6.2 Multiple Vulnerabilities (6.2)
|
CVE-2023-2745
CWE-22
CWE-79
CWE-352
CWE-862
|
CWE-22
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress 6.2.x Cross-Site Scripting (6.2 - 6.2.4)
|
CVE-2024-4439
CWE-79
|
CWE-79
|
High
|
|
WordPress 6.2.x Multiple Vulnerabilities (6.2 - 6.2.2)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 6.2.x Multiple Vulnerabilities (6.2 - 6.2.3)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 6.2.x Multiple Vulnerabilities (6.2 - 6.2.5)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 6.2.x Shortcode Execution (6.2 - 6.2.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress 6.3.x Cross-Site Scripting (6.3 - 6.3.3)
|
CVE-2024-4439
CWE-79
|
CWE-79
|
High
|
|
WordPress 6.3.x Multiple Vulnerabilities (6.3 - 6.3.1)
|
CVE-2023-5561
CVE-2023-38000
CVE-2023-39999
CWE-79
CWE-200
CWE-400
CWE-863
|
CWE-79
CWE-200
CWE-400
CWE-863
|
High
|
|
WordPress 6.3.x Multiple Vulnerabilities (6.3 - 6.3.2)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 6.3.x Multiple Vulnerabilities (6.3 - 6.3.4)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 6.4.x Cross-Site Scripting (6.4 - 6.4.3)
|
CVE-2024-4439
CWE-79
|
CWE-79
|
High
|
|
WordPress 6.4.x Multiple Vulnerabilities (6.4 - 6.4.2)
|
CWE-434
CWE-502
|
CWE-434
CWE-502
|
High
|
|
WordPress 6.4.x Multiple Vulnerabilities (6.4 - 6.4.4)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress 6.4.x Remote Code Execution (6.4 - 6.4.1)
|
CWE-502
|
CWE-502
|
High
|
|
WordPress 6.5 Cross-Site Scripting (6.5)
|
CVE-2024-4439
CWE-79
|
CWE-79
|
High
|
|
WordPress 6.5.x Multiple Vulnerabilities (6.5 - 6.5.4)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-17675)
|
CVE-2019-17675
CWE-843
|
CWE-843
|
High
|
|
WordPress Anti-CSRF Token Security Bypass Weakness (3.3.1)
|
CVE-2012-1936
CWE-352
|
CWE-352
|
High
|
|
WordPress Clickjacking Vulnerability (0.7 - 3.1.2)
|
CVE-2011-3127
CWE-693
|
CWE-693
|
High
|
|
WordPress Comment Post Cross-Site Scripting Vulnerability (2.0)
|
CVE-2006-0733
CWE-79
|
CWE-79
|
High
|
|
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3)
|
CVE-2005-2612
CWE-94
|
CWE-94
|
High
|
|
WordPress Cookies Security Bypass Weakness (1.5 - 2.3.1)
|
CVE-2007-6013
CWE-287
|
CWE-287
|
High
|
|
WordPress Credentials Management Errors Vulnerability (CVE-2009-2762)
|
CVE-2009-2762
|
|
High
|
|
WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)
|
CVE-2016-5838
|
|
High
|
|
WordPress Cross-Domain Flash Injection Vulnerability (0.70 - 3.6.1)
|
CVE-2016-9263
CVE-2018-5776
CWE-269
|
CWE-269
|
High
|
|
WordPress Cross-Site Request Forgery (0.70 - 3.6.1)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6635)
|
CVE-2016-6635
CWE-352
|
CWE-352
|
High
|
|
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5489)
|
CVE-2017-5489
CWE-352
|
CWE-352
|
High
|
|
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5492)
|
CVE-2017-5492
CWE-352
|
CWE-352
|
High
|
|
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-9064)
|
CVE-2017-9064
CWE-352
|
CWE-352
|
High
|
|
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-9787)
|
CVE-2019-9787
CWE-352
|
CWE-352
|
High
|
|
WordPress Cross-Site Scripting Vulnerability (0.70 - 3.7.11)
|
CVE-2016-1564
CWE-79
|
CWE-79
|
High
|
|
WordPress Cross-Site Scripting Vulnerability (0.70 - 4.1.1)
|
CVE-2015-3438
CWE-79
|
CWE-79
|
High
|
|
WordPress Cross-Site Scripting Vulnerability (3.0 - 3.6.1)
|
CVE-2014-9031
CWE-79
|
CWE-79
|
High
|
|
WordPress Cross-Site Scripting Vulnerability (3.9 - 4.1.1)
|
CVE-2015-3439
CWE-79
|
CWE-79
|
High
|
|
WordPress Cross-Site Scripting Vulnerability (3.9.3 - 4.2)
|
CVE-2015-3440
CWE-79
|
CWE-79
|
High
|
|
WordPress CVE-2011-4899 Vulnerability (CVE-2011-4899)
|
CVE-2011-4899
|
|
High
|
|
WordPress CVE-2014-5203 Vulnerability (CVE-2014-5203)
|
CVE-2014-5203
|
|
High
|
|
WordPress CVE-2016-5832 Vulnerability (CVE-2016-5832)
|
CVE-2016-5832
|
|
High
|
|
WordPress CVE-2016-5836 Vulnerability (CVE-2016-5836)
|
CVE-2016-5836
|
|
High
|
|
WordPress CVE-2016-5837 Vulnerability (CVE-2016-5837)
|
CVE-2016-5837
|
|
High
|
|
WordPress CVE-2016-5839 Vulnerability (CVE-2016-5839)
|
CVE-2016-5839
|
|
High
|
|
WordPress CVE-2017-1001000 Vulnerability (CVE-2017-1001000)
|
CVE-2017-1001000
|
|
High
|
|
WordPress CVE-2019-17673 Vulnerability (CVE-2019-17673)
|
CVE-2019-17673
|
|
High
|
|
WordPress CVE-2020-28033 Vulnerability (CVE-2020-28033)
|
CVE-2020-28033
|
|
High
|
|
WordPress Denial of Service Vulnerability (0.70 - 3.6.1)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress Denial of Service Vulnerability (3.5 - 3.6.1)
|
CVE-2014-5265
CWE-399
|
CWE-399
|
High
|
|
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2018-19296)
|
CVE-2018-19296
CWE-502
|
CWE-502
|
High
|
|
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2022-21663)
|
CVE-2022-21663
CWE-502
|
CWE-502
|
High
|
|
WordPress Directory Traversal (3.7 - 5.0.3)
|
CVE-2019-8943
CWE-22
|
CWE-22
|
High
|
|
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)
|
CVE-2016-5835
CWE-200
|
CWE-200
|
High
|
|
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20151)
|
CVE-2018-20151
CWE-200
|
CWE-200
|
High
|
|
WordPress Improper Authentication Vulnerability (CVE-2008-1930)
|
CVE-2008-1930
CWE-287
|
CWE-287
|
High
|
|
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2003-1599)
|
CVE-2003-1599
CWE-94
|
CWE-94
|
High
|
|
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4338)
|
CVE-2013-4338
CWE-94
|
CWE-94
|
High
|
|
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8942)
|
CVE-2019-8942
CWE-94
|
CWE-94
|
High
|
|
WordPress Improper Input Validation Vulnerability (CVE-2007-1277)
|
CVE-2007-1277
CWE-20
|
CWE-20
|
High
|
|
WordPress Improper Input Validation Vulnerability (CVE-2008-5695)
|
CVE-2008-5695
CWE-20
|
CWE-20
|
High
|
|
WordPress Improper Input Validation Vulnerability (CVE-2013-4339)
|
CVE-2013-4339
CWE-20
|
CWE-20
|
High
|
|
WordPress Improper Input Validation Vulnerability (CVE-2017-9065)
|
CVE-2017-9065
CWE-20
|
CWE-20
|
High
|
|
WordPress Improper Input Validation Vulnerability (CVE-2017-1000600)
|
CVE-2017-1000600
CWE-20
|
CWE-20
|
High
|
|
WordPress Improper Input Validation Vulnerability (CVE-2018-1000773)
|
CVE-2018-1000773
CWE-20
|
CWE-20
|
High
|
|
WordPress Improper Input Validation Vulnerability (CVE-2020-26596)
|
CVE-2020-26596
CWE-20
|
CWE-20
|
High
|
|
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0194)
|
CVE-2008-0194
CWE-22
|
CWE-22
|
High
|
|
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-6896)
|
CVE-2016-6896
CWE-22
|
CWE-22
|
High
|
|
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-14719)
|
CVE-2017-14719
CWE-22
|
CWE-22
|
High
|
|
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-14722)
|
CVE-2017-14722
CWE-22
|
CWE-22
|
High
|
|
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-12895)
|
CVE-2018-12895
CWE-22
|
CWE-22
|
High
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9062)
|
CVE-2017-9062
CWE-707
|
CWE-707
|
High
|
|
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-4894)
|
CVE-2007-4894
CWE-138
|
CWE-138
|
High
|
|
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0491)
|
CVE-2008-0491
CWE-138
|
CWE-138
|
High
|
|
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4625)
|
CVE-2008-4625
CWE-138
|
CWE-138
|
High
|
|
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-3130)
|
CVE-2011-3130
CWE-138
|
CWE-138
|
High
|
|
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-2213)
|
CVE-2015-2213
CWE-138
|
CWE-138
|
High
|
|
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-21661)
|
CVE-2022-21661
CWE-138
|
CWE-138
|
High
|
|
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-21664)
|
CVE-2022-21664
CWE-138
|
CWE-138
|
High
|
|
WordPress Inadequate Encryption Strength Vulnerability (CVE-2012-6707)
|
CVE-2012-6707
CWE-326
|
CWE-326
|
High
|
|
WordPress Missing Authentication for Critical Function Vulnerability (CVE-2020-11028)
|
CVE-2020-11028
CWE-306
|
CWE-306
|
High
|
|
WordPress MU 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities (1.0 - 2.5.1)
|
CVE-2008-4671
CWE-79
|
CWE-79
|
High
|
|
WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability (1.0 - 2.6)
|
CVE-2009-1030
CWE-79
|
CWE-79
|
High
|
|
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Multiple Cross-Site Scripting Vulnerabilities (1.2 - 1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
|
CVE-2006-0985
CVE-2006-1796
CWE-79
|
CWE-79
|
High
|
|
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0.11 - 2.3)
|
CVE-2008-0193
CWE-79
|
CWE-79
|
High
|
|
WordPress Multiple Cross-Site Scripting Vulnerabilities (4.1 - 4.2.1)
|
CVE-2015-3429
CVE-2015-8834
CWE-79
|
CWE-79
|
High
|
|
WordPress Multiple Vulnerabilities (0.70 - 3.6.1)
|
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
CWE-79
CWE-200
CWE-264
CWE-400
|
CWE-79
CWE-200
CWE-264
CWE-400
|
High
|
|
WordPress Other Vulnerability (CVE-2005-1687)
|
CVE-2005-1687
|
|
High
|
|
WordPress Other Vulnerability (CVE-2005-1810)
|
CVE-2005-1810
|
|
High
|
|
WordPress Other Vulnerability (CVE-2005-2108)
|
CVE-2005-2108
|
|
High
|
|
WordPress Other Vulnerability (CVE-2005-2612)
|
CVE-2005-2612
|
|
High
|
|
WordPress Other Vulnerability (CVE-2006-1012)
|
CVE-2006-1012
|
|
High
|
|
WordPress Other Vulnerability (CVE-2006-2667)
|
CVE-2006-2667
|
|
High
|
|
WordPress Other Vulnerability (CVE-2007-0233)
|
CVE-2007-0233
|
|
High
|
|
WordPress Other Vulnerability (CVE-2007-0262)
|
CVE-2007-0262
|
|
High
|
|
WordPress Other Vulnerability (CVE-2007-0539)
|
CVE-2007-0539
|
|
High
|
|
WordPress Other Vulnerability (CVE-2007-2821)
|
CVE-2007-2821
|
|
High
|
|
WordPress Other Vulnerability (CVE-2016-2221)
|
CVE-2016-2221
|
|
High
|
|
WordPress Other Vulnerability (CVE-2016-2222)
|
CVE-2016-2222
|
|
High
|
|
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2146)
|
CVE-2008-2146
CWE-264
|
CWE-264
|
High
|
|
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3747)
|
CVE-2008-3747
CWE-264
|
CWE-264
|
High
|
|
WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)
|
CVE-2007-0540
CWE-200
CWE-400
|
CWE-200
CWE-400
|
High
|
|
WordPress Plugin .htaccess Redirect Cross-Site Scripting (0.3.1)
|
CVE-2021-38361
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 0mk Shortener Cross-Site Request Forgery (0.2)
|
CVE-2022-2933
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin 1 Flash Gallery 'upload.php' Arbitrary File Upload (1.5.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities (0.2.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin 1-click Retweet/Share/Like Cross-Site Scripting (5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 1player Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 2 Click Social Media Buttons 'xing-url' Parameter Cross-Site Scripting (0.32.2)
|
CVE-2012-4273
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 2kb Amazon Affiliates Store Cross-Site Scripting (2.1.0)
|
CVE-2017-14622
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (4.41)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (5.2.7)
|
CVE-2021-34656
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 3dady real-time web stats Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin 3D Banner Rotator 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin 3D Cover Carousel Cross-Site Scripting (1.0)
|
CVE-2021-38318
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 3D Flick Slideshow 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin 3DPrint Cross-Site Request Forgery (3.5.4.7)
|
CVE-2022-3899
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin 3DPrint Lite Arbitrary File Upload (1.9.1.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin 3DPrint Lite Cross-Site Scripting (1.9.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 3D Product configurator for WooCommerce Arbitrary File Upload (1.5.531)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin 3D Slider Slice Box Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 3D Tag Cloud Cross-Site Request Forgery (3.8)
|
CVE-2022-36417
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin 3xSocializer Cross-Site Scripting (0.98.22)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 4k Icons for Visual Composer-Free Cross-Site Scripting (1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 5gig Concerts Unspecified Vulnerability (1.0)
|
|
|
High
|
|
WordPress Plugin 10Web AI Assistant-AI content writing assistant Security Bypass (1.0.18)
|
CVE-2023-6985
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin 10WebAnalytics Cross-Site Request Forgery (1.2.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.69)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.71)
|
CVE-2022-4758
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 10Web Map Builder for Google Maps Security Bypass (1.0.63)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin 10Web Map Builder for Google Maps SQL Injection (1.0.72)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin 10Web Social Feed for Instagram Multiple Cross-Site Scripting Vulnerabilities (1.3.0)
|
CVE-2018-10300
CVE-2018-10301
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 10Web Social Feed for Instagram Security Bypass (1.3.18)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin 10Web Social Post Feed Unspecified Vulnerability (1.1.26)
|
|
|
High
|
|
WordPress Plugin 123ContactForm for WordPress Multiple Vulnerabilities (1.5.6)
|
CWE-264
CWE-434
|
CWE-264
CWE-434
|
High
|
|
WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 301 Redirects-Easy Redirect Manager Cross-Site Request Forgery (2.72)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin 301 Redirects-Easy Redirect Manager Security Bypass (2.40)
|
CVE-2019-19915
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin 301 Redirects-Easy Redirect Manager SQL Injection (2.50)
|
CVE-2021-24142
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin 360 Product Rotation Arbitrary File Upload (1.2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin 360 Product Rotation Cross-Site Scripting (1.4.7)
|
CVE-2019-15082
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 360 Product Viewer Cross-Site Scripting (2.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 404 SEO Redirection Cross-Site Scripting (1.3)
|
CVE-2021-24325
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 404 SEO Redirection SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cloaking (2.2.9)
|
|
|
High
|
|
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Request Forgery (3.0.8)
|
CVE-2021-24766
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors SQL Injection (2.0.2)
|
CVE-2015-9323
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin 404page-your smart custom 404 error page Cross-Site Request Forgery (10.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin A. Gallery TimThumb Arbitrary File Upload (0.9rev378511)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin A.M.Y. Cross-Site Scripting (1.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin A/B Test 'action' Parameter Directory Traversal (1.0.6)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin A2 Optimized WP Information Disclosure (2.0.10.8)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Abandoned Cart Lite for WooCommerce Cross-Site Request Forgery (5.8.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Abandoned Cart Lite for WooCommerce Cross-Site Scripting (5.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2)
|
CVE-2023-2986
CWE-326
|
CWE-326
|
High
|
|
WordPress Plugin Abandoned Cart Lite for WooCommerce SQL Injection (1.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Abandoned Cart Lite for WooCommerce SQL Injection (5.8.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Abandoned Cart Pro for WooCommerce Cross-Site Scripting (7.11.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Abandoned Cart Recovery for WooCommerce Cross-Site Request Forgery (1.0.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ABASE Multiple Vulnerabilities (2.6)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin ABC Test 'id' Parameter Cross-Site Scripting (0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AB Google Map Travel (AB-MAP) Multiple Vulnerabilities (3.4)
|
CVE-2015-2755
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin About Author Box Cross-Site Scripting (1.0.1)
|
CVE-2021-24745
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin About Author Cross-Site Scripting (1.3.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin About Me Page Cross-Site Scripting (4.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AB Press Optimizer Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Absolute Privacy 'abpr_authenticateUser()' Security Bypass (2.0.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Absolute Reviews Cross-Site Request Forgery (1.0.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Abstract Submission Local File Inclusion (0.6)
|
CVE-2014-2383
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Information Disclosure (1.9.25)
|
CVE-2024-35171
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Multiple Security Bypass Vulnerabilities (1.9.16)
|
CVE-2024-32714
CVE-2024-33912
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Privilege Escalation (1.9.19)
|
CVE-2024-1505
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3)
|
CVE-2021-24570
CVE-2021-24572
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3.3)
|
CVE-2021-24989
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Accept Donations with PayPal Cross-Site Scripting (1.3.1)
|
CVE-2021-24815
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Accept Signups 'email' Parameter Cross-Site Scripting (0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Accept Stripe Donation-AidWP Cross-Site Request Forgery (3.1.5)
|
CVE-2022-47422
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Accept Stripe Donation-AidWP Security Bypass (2.8)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin AccessAlly Information Disclosure (3.5.6)
|
CVE-2021-24226
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin AccessAlly PHP Code Execution (3.3.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Access Demo Importer Arbitrary File Upload (1.0.6)
|
CVE-2021-39317
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Access Expiration Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Accessibility Suite by Online ADA SQL Injection (2.0.10)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AccessPress Anonymous Post Pro Arbitrary File Upload (3.1.9)
|
CVE-2017-16949
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin AccessPress Custom CSS includes Backdoor [Only if downloaded via the vendor website] (2.0.1)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin AccessPress Custom Post Type includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin AccessPress iFeeds includes Backdoor [Only if downloaded via the vendor website] (4.0.3)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin AccessPress Social Counter Cross-Site Scripting (1.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AccessPress Social Counter includes Backdoor [Only if downloaded via the vendor website] (1.9.1)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin AccessPress Social Icons Cross-Site Scripting (1.6.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AccessPress Social Icons includes Backdoor [Only if downloaded via the vendor website] (1.8.2)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin AccessPress Social Icons Multiple Cross-Site Scripting Vulnerabilities (1.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AccessPress Social Icons Multiple SQL Injection Vulnerabilities (1.6.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AccessPress Social Icons SQL Injection (1.8.0)
|
CVE-2021-24143
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AccessPress Social Login Lite-Social Login WordPress includes Backdoor [Only if downloaded via the vendor website] (3.4.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin AccessPress Social Share includes Backdoor [Only if downloaded via the vendor website] (4.5.5)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Accordion Cross-Site Scripting (2.2.8)
|
CVE-2020-13644
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Accordion Cross-Site Scripting (2.2.29)
|
CVE-2021-24283
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Accordion Shortcodes Cross-Site Scripting (2.4.2)
|
CVE-2022-4781
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AceIDE Local File Inclusion (2.6.2)
|
CVE-2021-24549
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin ACF:Better Search Cross-Site Request Forgery (3.3.0)
|
CVE-2019-14682
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ACF:Better Search SQL Injection (2.0.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ACF Frontend display Arbitrary File Upload (2.0.5)
|
CVE-2015-9479
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin ACF to REST API Information Disclosure (3.2.0)
|
CVE-2020-13700
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Acobot Live Chat & Contact Form Multiple Vulnerabilities (2.0)
|
CVE-2015-2039
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin ActiveCampaign-Forms, Site Tracking, Live Chat Cross-Site Request Forgery (8.0.1)
|
CVE-2021-24133
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ActiveCampaign-Forms, Site Tracking, Live Chat Unspecified Vulnerability (5.7)
|
|
|
High
|
|
WordPress Plugin Active Directory Authentication Integration Cross-Site Scripting (0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Active Directory Integration/LDAP Integration Cross-Site Scripting (3.6.94)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Active Directory Integration/LDAP Integration Unspecified Vulnerability (3.6.95)
|
|
|
High
|
|
WordPress Plugin Active Directory Integration/LDAP Integration Unspecified Vulnerability (3.7.6)
|
|
|
High
|
|
WordPress Plugin Active Directory Integration SQL Injection (1.1.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Active Extra Fields Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ActiveHelper LiveHelp Live Chat Multiple Cross-Site Scripting Vulnerabilities (3.1.0)
|
CVE-2014-4513
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ActiveHelper LiveHelp Live Chat Multiple Cross-Site Scripting Vulnerabilities (4.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Active Products Tables for WooCommerce. Best and Professional products tables for WooCommerce store Cross-Site Scripting (1.0.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Activity Log Cross-Site Scripting (2.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Activity Log Information Disclosure (2.2.12)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.4.0)
|
CVE-2018-8729
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Acumbamail Information Disclosure (1.0.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Acunetix Secure WordPress Cross-Site Request Forgery (3.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Acunetix Secure WordPress Cross-Site Scripting (3.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Acunetix WP Security Cross-Site Request Forgery (4.0.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Acurax On Click Pop Under Multiple Unspecified Vulnerabilities (2.2.1)
|
|
|
High
|
|
WordPress Plugin Ad-Manager Open Redirect (1.1.2)
|
CVE-2014-8754
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Ad-minister Cross-Site Scripting (0.6)
|
CVE-2013-6993
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Adaptive Images for WordPress Multiple Vulnerabilities (0.6.66)
|
CVE-2019-14205
CVE-2019-14206
CWE-22
CWE-73
|
CWE-22
CWE-73
|
High
|
|
WordPress Plugin Adavnced Video embed Local File Inclusion (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Adblock Blocker Arbitrary File Upload (0.0.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ad Blocker Notify Lite Cross-Site Scripting (2.4.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AdButler Unspecified Vulnerability (1.09)
|
|
|
High
|
|
WordPress Plugin Ad Buttons Multiple Vulnerabilities (2.3.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Add-on SweetAlert Contact Form 7 Unspecified Vulnerability (1.0.7)
|
|
|
High
|
|
WordPress Plugin Add Any Extension to Pages Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add Comments Cross-Site Scripting (1.0.1)
|
CVE-2022-3909
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add Custom Link to WordPress Admin Bar Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add Edit Delete Listing Module SQL Injection (1.0)
|
CVE-2017-1002025
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Add From Server Cross-Site Request Forgery (3.3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Add From Server Directory Traversal (3.3.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Additional Variation Images for WooCommerce Cross-Site Scripting (1.1.28)
|
CVE-2019-15778
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.2.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)
|
CVE-2018-5214
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add Link to Facebook Multiple Cross-Site Scripting Vulnerabilities (1.215)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add New Default Avatar [Emrikol's Fork] Multiple Unspecified Vulnerabilities (2.0.1)
|
|
|
High
|
|
WordPress Plugin Add Product Tabs for WooCommerce Security Bypass (1.4.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin AddSearch Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Add Social Share Messenger Buttons Whatsapp and Viber Cross-Site Request Forgery (1.0.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.6.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.7.45)
|
CVE-2021-24568
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.7.47)
|
CVE-2021-24616
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AddToAny Share Buttons Host Header Injection (1.7.14)
|
|
|
High
|
|
WordPress Plugin Adicon Server SQL Injection (1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Adifier System Multiple Vulnerabilities (3.1.3)
|
CVE-2023-49187
CVE-2023-49752
CVE-2023-49753
CWE-22
CWE-79
CWE-89
|
CWE-22
CWE-79
CWE-89
|
High
|
|
WordPress Plugin ADIF Log Search Widget Cross-Site Scripting (1.0e)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Cross-Site Scripting (1.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Directory Traversal (2.4.19)
|
CVE-2019-15323
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Multiple Vulnerabilities (1.5.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Remote Code Execution (2.4.21)
|
CVE-2019-15324
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Unspecified Vulnerability (2.6.21)
|
|
|
High
|
|
WordPress Plugin Ad Invalid Click Protector (AICP) Malicious Code (1.2.9)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin AdKlick Advertising Management Unspecified Vulnerability (1.1)
|
|
|
High
|
|
WordPress Plugin Ad Manager by WD-Advanced Ad Manager Multiple Vulnerabilities (1.0.11)
|
CWE-73
CWE-538
|
CWE-73
CWE-538
|
High
|
|
WordPress Plugin Admin Bar User Switching Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Admin Columns Cross-Site Scripting (4.3.1)
|
CVE-2021-24365
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Admin Columns CSV Injection (3.4.6)
|
CVE-2019-17661
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Admin Columns Pro Cross-Site Scripting (5.5.1)
|
CVE-2021-24365
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Admin Custom Login Cross-Site Request Forgery (3.2.7)
|
CVE-2021-34628
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Admin Custom Login Cross-Site Scripting (2.5.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Adminer Cross-Site Scripting (1.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Adminer Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Adminer Security Bypass (1.4.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Admin Font Editor Cross-Site Scripting (1.8)
|
CVE-2016-1000126
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Adminimize 'page' Parameter Cross-Site Scripting (1.7.21)
|
CVE-2011-4926
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Admin Log Unspecified Vulnerability (1.42)
|
|
|
High
|
|
WordPress Plugin Admin Management Xtended Privilege Escalation (2.4.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Admin Menu Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Admin Menu Tree Page View Multiple Vulnerabilities (2.6.9)
|
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin Admin Pack by SITE CASEIRO Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AdminPad Cross-Site Request Forgery (2.1)
|
CVE-2022-2762
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Admin PHP Eval Unspecified Vulnerability (1.0)
|
|
|
High
|
|
WordPress Plugin Admin renamer extended Cross-Site Request Forgery (3.2.1)
|
CVE-2019-14680
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Admin renamer extended Cross-Site Scripting (3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Admin side data storage for Contact Form 7 Cross-Site Scripting (1.1.1)
|
CVE-2023-24420
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Admin username changer Unspecified Vulnerability (1.0)
|
|
|
High
|
|
WordPress Plugin Adning Advertising-Professional, All In One Ad Manager for Wordpress Arbitrary File Upload (1.5.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin AdPlugg WordPress Ad Cross-Site Scripting (1.1.33)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AdRoll for WooCommerce Stores Unspecified Vulnerability (2.2.5)
|
|
|
High
|
|
WordPress Plugin AdRotate-Ad manager & AdSense Ads 'adrotate-out.php' SQL Injection (3.6.6)
|
CVE-2011-4671
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AdRotate-Ad manager & AdSense Ads 'title' Parameter Multiple Cross-Site Scripting Vulnerabilities (3.7.3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AdRotate-Ad manager & AdSense Ads 'track' Parameter SQL Injection (3.6.5)
|
CVE-2011-4671
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (3.9.4)
|
CVE-2014-1854
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.2)
|
CVE-2019-13570
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.8.3.1)
|
CVE-2021-24138
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AdSanity Arbitrary File Upload (1.8.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Adsense Extreme 'adsensextreme[lang]' Parameter Remote File Include (1.0.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin AdSense Manager Cross-Site Scripting (4.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AdServe 'id' Parameter SQL Injection (0.2)
|
CVE-2008-0507
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ads for WP-Advanced Ads & Adsense Solution for WP & AMP Cross-Site Request Forgery (1.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ads in bottom right Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Ads Pro-Multi-Purpose WordPress Advertising Manager Multiple Vulnerabilities (3.4)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Ad Swapper Cross-Site Scripting (1.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advance Categorizer Cross-Site Scripting (0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Access Manager Arbitrary Code Execution (2.8.2)
|
CVE-2014-6059
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Advanced Access Manager Cross-Site Scripting (6.7.9)
|
CVE-2021-24830
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Access Manager Multiple Vulnerabilities (6.6.1)
|
CVE-2020-35934
CVE-2020-35935
CWE-200
CWE-264
|
CWE-200
CWE-264
|
High
|
|
WordPress Plugin Advanced Access Manager Security Bypass (3.2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Access Manager Unspecified Vulnerability (5.9.8.1)
|
|
|
High
|
|
WordPress Plugin Advanced Ads-Ad Manager & AdSense Cross-Site Scripting (1.17.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Ads-Ad Manager & AdSense Unspecified Vulnerability (1.7.1.1)
|
|
|
High
|
|
WordPress Plugin Advanced ads Management by Inazo Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Advertising System PHP Object Injection (1.3.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Advanced AJAX Page Loader Arbitrary File Upload (2.7.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Advanced AJAX Page Loader Cross-Site Request Forgery (2.7.7)
|
CVE-2024-6310
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Advanced AJAX Product Filters Security Bypass (1.3.6.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Booking Calendar Cross-Site Scripting (1.6.6)
|
CVE-2021-24225
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Booking Calendar Cross-Site Scripting (1.6.7)
|
CVE-2021-24232
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Booking Calendar SQL Injection (1.6.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Advanced Classifieds & Directory Pro Cross-Site Scripting (1.7.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Classifieds & Directory Pro Local File Inclusion (3.1.3)
|
CVE-2024-37501
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Advanced Classifieds & Directory Pro Security Bypass (1.6.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Classifieds & Directory Pro Unspecified Vulnerability (1.6.5)
|
|
|
High
|
|
WordPress Plugin Advanced Contact form 7 DB Arbitrary File Upload (1.4.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Advanced Contact form 7 DB Information Disclosure (1.1.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Advanced Contact form 7 DB Information Disclosure (1.6.2)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Advanced Contact form 7 DB SQL Injection (1.6.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Advanced Contact form 7 DB SQL Injection (1.6.1)
|
CVE-2019-13571
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) 'acf_abspath' Parameter Remote File Include (3.5.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Arbitrary File Upload (5.12.2)
|
CVE-2022-2594
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (4.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (4.4.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (5.7.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (5.8.11)
|
CVE-2020-36172
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (6.1.5)
|
CVE-2023-30777
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Information Disclosure (6.0.2)
|
CVE-2022-40696
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Multiple Security Bypass Vulnerabilities (5.10.2)
|
CVE-2021-20865
CVE-2021-20866
CVE-2021-20867
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) PHP Object Injection (5.7.10)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) PHP Object Injection (6.0.7)
|
CVE-2023-1196
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Security Bypass (5.9.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Custom Fields (ACF) Security Bypass (5.12)
|
CVE-2022-23183
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Advanced Custom Fields:reCAPTCHA Field Security Bypass (1.1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Custom Fields:Table Field Cross-Site Scripting (1.1.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields PRO Arbitrary File Upload (5.12.2)
|
CVE-2022-2594
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Advanced Custom Fields PRO Cross-Site Scripting (5.9.0)
|
CVE-2021-24241
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields PRO Cross-Site Scripting (6.1.5)
|
CVE-2023-30777
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Custom Fields PRO Information Disclosure (6.0.2)
|
CVE-2022-40696
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Advanced Custom Fields PRO Multiple Security Bypass Vulnerabilities (5.10)
|
CVE-2021-20865
CVE-2021-20866
CVE-2021-20867
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Advanced Custom Fields PRO PHP Object Injection (6.0.7)
|
CVE-2023-1196
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Advanced Custom Fields PRO Security Bypass (5.12)
|
CVE-2022-23183
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Advanced Database Cleaner SQL Injection (3.0.1)
|
CVE-2021-24141
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Advanced Dewplayer Directory Traversal (1.2)
|
CVE-2013-7240
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Advanced Dynamic Pricing for WooCommerce Cross-Site Request Forgery (4.1.3)
|
CVE-2022-38095
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Advanced Dynamic Pricing for WooCommerce Multiple Vulnerabilities (4.1.5)
|
CVE-2022-40203
CVE-2022-43488
CVE-2022-43491
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Advanced File Manager Directory Traversal (5.1)
|
CVE-2023-3814
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Advanced File Manager Information Disclosure (5.2.4)
|
CVE-2024-5598
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Advanced Forms for ACF Pro Security Bypass (1.6.8)
|
CVE-2021-24892
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Forms for ACF Security Bypass (1.6.8)
|
CVE-2021-24892
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Import:One Click Import for WordPress or Theme Demo Data Cross-Site Request Forgery (1.3.7)
|
CVE-2022-3677
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Advanced Import: One Click Import for WordPress or Theme Demo Data Security Bypass (1.0.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.3)
|
CVE-2020-11727
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.7)
|
CVE-2021-24169
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Order Export For WooCommerce CSV Injection (1.5.4)
|
CVE-2018-11525
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Advanced Page Manager Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Permalinks Cross-Site Scripting (0.1.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Popups Cross-Site Request Forgery (1.1.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Advanced post slider Unspecified Vulnerability (2.4.0)
|
|
|
High
|
|
WordPress Plugin Advanced Post Type Ratings Cross-Site Scripting (1.01)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Search Cross-Site Scripting (1.1.2)
|
CVE-2021-38348
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Shipment Tracking for WooCommerce Security Bypass (3.2.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advanced Shipping Validation for WooCommerce Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0)
|
CVE-2011-4618
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced User Registration and Management Cross-Site Scripting (2.3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Woo Search Cross-Site Scripting (2.77)
|
CVE-2023-2452
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced Woo Search Information Disclosure (1.99)
|
CVE-2020-12070
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Advanced Woo Search Unspecified Vulnerability (1.69)
|
|
|
High
|
|
WordPress Plugin Advanced WP Columns Cross-Site Scripting (2.0.6)
|
CVE-2022-3426
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advanced XML Reader XML External Entity Information Disclosure (0.3.4)
|
CWE-611
|
CWE-611
|
High
|
|
WordPress Plugin Advance Menu Manager Cross-Site Request Forgery (2.9.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Advance Menu Manager Security Bypass (3.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Advance Search for WooCommerce Cross-Site Scripting (1.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AdVert Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Advertisement Management Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Advertizer 'id' Parameter SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AdWizz 'link' Parameter Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Aesop Story Engine Cross-Site Scripting (1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Affiliate Ads for Clickbank Products Cross-Site Scripting (1.6)
|
CVE-2017-18011
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Affiliate Link Manager Cross-Site Scripting (2.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Affiliate Power-Sales Tracking for Affiliate Marketers Cross-Site Scripting (2.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Affiliate Press Multiple Cross-Site Scripting Vulnerabilities (0.3.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Affiliate PRO Cross-Site Scripting (1.3.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Affiliates Manager Cross-Site Request Forgery (2.6.5)
|
CVE-2019-15868
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Affiliates Manager Cross-Site Scripting (2.8.9)
|
CVE-2021-25078
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Affiliates Manager Multiple Vulnerabilities (2.9.13)
|
CVE-2022-2798
CVE-2022-2799
CWE-79
CWE-352
CWE-1236
|
CWE-79
CWE-352
CWE-1236
|
High
|
|
WordPress Plugin Affiliates Manager SQL Injection (2.8.6)
|
CVE-2021-24844
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Affiliates Manager Unspecified Vulnerability (2.7.7)
|
|
|
High
|
|
WordPress Plugin Affiliates Multiple Cross-Site Scripting Vulnerabilities (2.13.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AffiliateWP Cross-Site Scripting (2.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AffiliateWP SQL Injection (1.5.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Afterpay Gateway for WooCommerce Cross-Site Scripting (3.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin afterRead Unspecified Vulnerability (0.3)
|
|
|
High
|
|
WordPress Plugin Age Gate Cross-Site Scripting (2.16.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Age Gate Open Redirect (2.13.4)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Age Gate Security Bypass (2.17.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Age Gate Unspecified Vulnerability (2.18.5)
|
|
|
High
|
|
WordPress Plugin AgentEasy Properties Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AgentPress Broker Listings Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Agent Storm by StormRETS Multiple Cross-Site Scripting Vulnerabilities (1.1.35)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Age Verification 'redirect_to' Parameter URI Redirection (0.4)
|
CVE-2012-6499
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Age Verify Cross-Site Scripting (0.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AGP Font Awesome Collection Cross-Site Scripting (2.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AI ChatBot Arbitrary File Deletion (4.9.2)
|
CVE-2023-5212
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin AI ChatBot Cross-Site Scripting (4.9.6)
|
CVE-2023-5606
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AI ChatBot Directory Traversal (4.9.2)
|
CVE-2023-5241
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin AI ChatBot Information Disclosure (4.8.9)
|
CVE-2023-5254
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin AI ChatBot SQL Injection (4.8.9)
|
CVE-2023-5204
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Airtight Security & Features Formerly Redirect Editor And Security Unspecified Vulnerability (1.3)
|
|
|
High
|
|
WordPress Plugin Airtight Security & Features Formerly Redirect Editor And Security Unspecified Vulnerability (2.1.7)
|
|
|
High
|
|
WordPress Plugin AIT Themes-CSV Import/Export Arbitrary File Upload (3.0.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ajax BootModal Login Security Bypass (1.4.3)
|
CVE-2018-15876
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ajax Calendar 'example.php' Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ajax Category Dropdown Cross-Site Scripting and SQL Injection Vulnerabilities (0.1.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin AJAX Comment Page Cross-Site Scripting (3.25)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ajax Contact Form Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ajax Gallery 'list.php' SQL Injection (3.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ajax Multi Upload 'upload.php' Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ajax Pagination (twitter Style) Local File Inclusion (1.1)
|
CVE-2014-2674
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Ajax Plugin Helper Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AJAX Post Search 'srch_txt' Parameter SQL Injection (1.2)
|
CVE-2012-5853
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00)
|
CVE-2016-1000127
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ajax Search Lite Remote Command Execution (3.1)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Ajax Search Lite Security Bypass (3.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ajax Search Pro Security Bypass (3.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ajax Store Locator Directory Traversal (1.2.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Ajax Store Locator SQL Injection (1.2.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AJS Instagram Feed Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Akeeba Backup CORE for WordPress Arbitrary File Upload (1.1.3)
|
CVE-2014-7228
CWE-310
|
CWE-310
|
High
|
|
WordPress Plugin Akismet Cross-Site Scripting (3.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Albo Pretorio On line Multiple Vulnerabilities (3.2)
|
CWE-79
CWE-89
CWE-352
|
CWE-79
CWE-89
CWE-352
|
High
|
|
WordPress Plugin ALD-Dropshipping and Fulfillment for AliExpress and WooCommerce Multiple Vulnerabilities (1.0.21)
|
CVE-2022-46811
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Alert Before Your Post Cross-Site Scripting (0.1.1)
|
CVE-2011-5107
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AlertWire Information Disclosure (1.1.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin AliExpress Dropshipping with AliNext Lite Cross-Site Request Forgery (3.3.5)
|
CVE-2024-37212
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin All-in-One Addons for Elementor-WidgetKit Cross-Site Scripting (2.4.3)
|
CVE-2022-4256
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One Addons for Elementor-WidgetKit Multiple Cross-Site Scripting Vulnerabilities (2.3.9)
|
CVE-2021-24267
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One Custom Backgrounds Lite Unspecified Vulnerability (2.0.2)
|
|
|
High
|
|
WordPress Plugin All-in-One Event Calendar Cross-Site Scripting (2.4.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One Event Calendar Cross-Site Scripting (2.5.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One Event Calendar Cross-Site Scripting (2.5.38)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One Event Calendar Multiple Cross-Site Scripting Vulnerabilities (1.5)
|
CVE-2012-1835
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (1.9)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (1.10-standard)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (2.3.12)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs-My Sticky Elements Cross-Site Scripting (2.0.3)
|
CVE-2022-0148
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs-My Sticky Elements SQL Injection (2.0.8)
|
CVE-2023-0487
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (3.8.9)
|
CVE-2015-0895
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (4.4.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0)
|
CVE-2022-44737
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.9.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.9.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.4.5)
|
CVE-2020-29171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Directory Traversal (5.1.4)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Information Disclosure (5.1.2)
|
CVE-2022-4346
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple Cross-Site Scripting Vulnerabilities (4.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple SQL Injection Vulnerabilities (3.8.2)
|
CVE-2014-6242
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple Vulnerabilities (4.1.2)
|
CWE-200
CWE-287
|
CWE-200
CWE-287
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Open Redirect (4.4.1)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7)
|
CVE-2015-0894
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.9.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (4.0.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin All-in-One Video Gallery Local File Inclusion (2.4.9)
|
CVE-2021-24970
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin All-in-One Video Gallery Multiple Vulnerabilities (2.6.0)
|
CVE-2022-2633
CWE-538
CWE-918
|
CWE-538
CWE-918
|
High
|
|
WordPress Plugin All-in-One WP Migration Arbitrary File Deletion (7.58)
|
CVE-2022-1476
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin All-in-One WP Migration Arbitrary File Upload (7.40)
|
CVE-2021-24216
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin All-in-One WP Migration Cross-Site Scripting (6.45)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One WP Migration Cross-Site Scripting (7.62)
|
CVE-2022-2546
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All-in-One WP Migration Information Disclosure (7.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin All-in-One WP Migration Multiple Cross-Site Request Forgery Vulnerabilities (7.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin All-in-One WP Migration Remote Code Execution (2.0.2)
|
CVE-2014-8794
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin All-in-One WP Migration Security Bypass (2.0.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin All-in-One WP Migration Security Bypass (7.14)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin All 404 Redirect to Homepage Cross-Site Scripting (1.20)
|
CVE-2021-24326
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All 404 Redirect to Homepage Cross-Site Scripting (1.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All Category SEO Updater Cross-Site Scripting (0.2.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All In One Favicon Cross-Site Scripting (4.6)
|
CVE-2018-13832
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All In One Schema.org Rich Snippets Cross-Site Scripting (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Request Forgery (4.2.3.1)
|
CVE-2022-38093
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.2.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.3.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.9.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (3.2.6)
|
CVE-2019-16520
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (3.6.1)
|
CVE-2020-35946
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Information Disclosure (2.2.5.1)
|
CVE-2015-0902
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Multiple Cross-Site Scripting Vulnerabilities (4.2.9)
|
CVE-2023-0585
CVE-2023-0586
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Multiple Vulnerabilities (2.1.5)
|
CWE-79
CWE-287
|
CWE-79
CWE-287
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Multiple Vulnerabilities (4.1.5.2)
|
CVE-2021-25036
CVE-2021-25037
CWE-89
CWE-287
|
CWE-89
CWE-287
|
High
|
|
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Remote Code Execution (4.1.0.1)
|
CVE-2021-24307
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin All in One Social Lite Server-Side Request Forgery (1.0)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin All in One Support Button+Callback Request. WhatsApp, Messenger, Telegram, LiveChat and more Cross-Site Scripting (1.8.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All in One Webmaster Cross-Site Request Forgery (8.2.3)
|
CVE-2013-2696
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin All in One Webmaster Unspecified Vulnerability (11.0)
|
|
|
High
|
|
WordPress Plugin Allopass for WP Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Allow PHP in Posts and Pages 'id' Parameter SQL Injection (2.0.0.RC1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Allow REL= and HTML in Author Bios Cross-Site Scripting (.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin All Post Contact Form Arbitrary File Upload (1.1.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin All Video Gallery 'vid' Parameter Multiple SQL Injection Vulnerabilities (1.1)
|
CVE-2012-6653
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin All Video Gallery SQL Injection (1.2)
|
CVE-2014-5186
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3)
|
CVE-2011-3981
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin AllWebMenus WordPress Menu 'actions.php' Arbitrary File Upload (1.1.8)
|
CVE-2012-1010
CVE-2012-1011
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin ALO EasyMail Newsletter Cross-Site Request Forgery (2.6.01)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ALO EasyMail Newsletter Cross-Site Request Forgery (2.9.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ALO EasyMail Newsletter Cross-Site Scripting (2.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ALO EasyMail Newsletter Multiple Cross-Site Scripting Vulnerabilities (2.4.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ALO EasyMail Newsletter Multiple Vulnerabilities (2.6.00)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Alojapro Widget Cross-Site Scripting (1.1.15)
|
CVE-2021-24530
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Alphabetic Pagination Security Bypass (3.0.7)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.6.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Altos Connect Widget Cross-Site Scripting (1.3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AmazonFeed Cross-Site Scripting (2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Amazon JS Cross-Site Scripting (0.10)
|
CVE-2023-0075
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Amazon Product in a Post SQL Injection (3.5.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Amazon Tools Cross-Site Scripting (1.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Amelia-Events & Appointments Booking Calendar Cross-Site Scripting (1.0.46)
|
CVE-2022-0834
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Amelia-Events & Appointments Booking Calendar Multiple Vulnerabilities (1.0.45)
|
CVE-2022-0616
CVE-2022-0627
CVE-2022-0687
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress Plugin Amministrazione Trasparente Cross-Site Request Forgery (7.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin AMP extensions Cross-Site Scripting (1.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AMP for WP-Accelerated Mobile Pages Multiple Unspecified Vulnerabilities (0.9.72)
|
|
|
High
|
|
WordPress Plugin AMP for WP-Accelerated Mobile Pages Security Bypass (0.9.97.19)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin AMP Toolbox Cross-Site Scripting (1.9.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin amr shortcode any widget Cross-Site Scripting (4.0)
|
CVE-2022-4458
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin amtyThumb Cross-Site Scripting (4.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin amtyThumb posts Cross-Site Scripting (8.1.3)
|
CVE-2017-17059
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Analyticator Cross-Site Request Forgery (6.4.9.3)
|
CVE-2015-4697
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Analyticator Multiple Cross-Site Scripting Vulnerabilities (6.4.9.5)
|
CVE-2015-6238
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Analyticator PHP Object Injection (6.5.5)
|
CVE-2022-3425
CVE-2022-4323
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Analytics-Gtag Restricted File Upload (1.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Analytics Cross-Site Scripting (1.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Analytics Remote Code Execution (1.7)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Analytics Stats Counter Statistics PHP Object Injection (1.2.2.5)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Analytics Tracker Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Animal Captcha Cross-Site Scripting (1.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Animate It! Cross-Site Request Forgery (2.3.5)
|
CVE-2019-17386
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Animate It! Cross-Site Scripting (2.3.3)
|
CVE-2019-17384
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Animate It! Cross-Site Scripting (2.3.4)
|
CVE-2019-17385
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Annonces 'abspath' Parameter Remote File Include (1.2.0.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Annonces 'theme.php' Arbitrary File Upload (1.2.0.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin AnnounceME Cross-Site Scripting (0.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Another WordPress Classifieds Arbitrary File Upload (3.3.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Another WordPress Classifieds Cross-Site Scripting (3.3.1)
|
CVE-2014-9313
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Another WordPress Classifieds Multiple Vulnerabilities (2.2.1)
|
CVE-2014-10012
CVE-2014-10013
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Another WordPress Classifieds Unspecified Vulnerability (1.8.9.4)
|
CVE-2012-4874
|
|
High
|
|
WordPress Plugin Answer My Question Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Answer My Question Multiple Cross-Site Scripting Vulnerabilities (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Answer My Question SQL Injection (1.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Anthologize Cross-Site Scripting (0.7.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (1.2.05.20)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.22)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.42)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.49)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.17.29)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Local File Inclusion (4.18.63)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Multiple Cross-Site Scripting Vulnerabilities (4.15.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti-Splog Cross-Site Scripting (2.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti Plagiarism Cross-Site Scripting (3.60)
|
CVE-2016-1000128
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Anti Spam Protection without CAPTCHA powered by Keypic Security Bypass (2.1.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin AnyComment Cross-Site Scripting (0.0.32)
|
CVE-2018-21001
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AnyFont Cross-Site Scripting (2.2.3)
|
CVE-2014-4515
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AnyMind Widget Cross-Site Request Forgery (1.1)
|
CVE-2022-2435
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin AnyVar Cross-Site Scripting (0.1.1)
|
CVE-2017-6103
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Aoi Tori Cross-Site Scripting (1.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin aoringo CAT setter Cross-Site Scripting (0.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin aoringo LOG maker Cross-Site Scripting (0.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin aoringo TAG upper Cross-Site Scripting (0.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin A Page Flip Book 'pageflipbook_language' Parameter Local File Include (2.3)
|
CVE-2012-6652
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin AP Companion includes Backdoor [Only if downloaded via the vendor website] (1.0.6)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin API Bearer Auth Cross-Site Scripting (20181229)
|
CVE-2019-16332
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Apocalypse Meow Security Bypass (21.2.7)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin ApplyOnline-Application Form Builder and Manager Arbitrary File Disclosure (1.9.92)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin ApplyOnline-Application Form Builder and Manager Cross-Site Scripting (1.9.94)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointment Booking Calendar-BirchPress Scheduler Unspecified Vulnerability (1.13.0)
|
|
|
High
|
|
WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress Arbitrary File Creation (1.1.5)
|
CVE-2024-6467
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress Insecure Direct Object Reference (1.0.30)
|
CVE-2022-4340
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress Security Bypass (1.1.5)
|
CVE-2024-6660
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress SQL Injection (1.0.10)
|
CVE-2022-0739
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Appointment Booking Calendar Cross-Site Scripting (1.3.18)
|
CVE-2019-14791
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointment Booking Calendar Cross-Site Scripting (1.3.34)
|
CVE-2020-9371
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointment Booking Calendar CSV Injection (1.3.34)
|
CVE-2020-9372
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.7)
|
CVE-2015-7319
CVE-2015-7320
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.24)
|
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Appointment Booking Calendar SQL Injection (1.1.23)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Appointment Calendar Multiple Cross-Site Scripting Vulnerabilities (2.7.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointment Hour Booking-WordPress Booking Cross-Site Scripting (1.1.44)
|
CVE-2019-13505
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointment Hour Booking-WordPress Booking Cross-Site Scripting (1.3.15)
|
CVE-2021-24673
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointment Hour Booking-WordPress Booking Cross-Site Scripting (1.3.16)
|
CVE-2021-24712
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointment Scheduling for Zoom GoogleMeet and more-Wappointment Cross-Site Scripting (2.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointments Cross-Site Scripting (2.2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointments PHP Object Injection (2.2.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Appointments Scheduler Cross-Site Scripting (1.5)
|
CVE-2014-4579
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Appointments Unspecified Vulnerability (2.2.2.1)
|
|
|
High
|
|
WordPress Plugin AppPresser-Mobile App Framework Cross-Site Scripting (1.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AppPresser-Mobile App Framework Security Bypass (4.3.0)
|
CVE-2024-32776
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin AppPresser-Mobile App Framework Security Bypass (4.3.2)
|
CVE-2024-4611
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Apptivo Business Site CRM Multiple Cross-Site Scripting Vulnerabilities (1.2.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Apptivo eCommerce Multiple Cross-Site Scripting Vulnerabilities (1.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin April's Super Functions Pack Cross-Site Scripting (1.4.7)
|
CVE-2014-100026
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Arabic Font Multiple Vulnerabilities (1.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin ArcadePress 'upload.php' Arbitrary File Upload (0.65)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Archive Posts Sort Customize Cross-Site Scripting (1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Archivist-Custom Archive Templates Multiple Vulnerabilities (1.7.4)
|
CVE-2023-25448
CVE-2023-25490
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin arcResBookingWidget Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Are You a Human-The Fun Spam Blocker Cross-Site Scripting (1.4.32)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ARForms:Wordpress Form Builder Arbitrary File Deletion (3.5.1)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin ARForms:Wordpress Form Builder Arbitrary File Deletion (3.7.1)
|
CVE-2019-16902
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin ARI Adminer-WordPress Database Manager Cross-Site Request Forgery (1.1.13)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Arigato Autoresponder and Newsletter Cross-Site Scripting (2.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Arigato Autoresponder and Newsletter Cross-Site Scripting (2.7.1.1)
|
CVE-2023-0543
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Arigato Autoresponder and Newsletter Multiple Unspecified Vulnerabilities (2.4.2)
|
|
|
High
|
|
WordPress Plugin Arigato Autoresponder and Newsletter Multiple Vulnerabilities (2.5.1.6)
|
CVE-2018-1002000
CVE-2018-1002001
CVE-2018-1002002
CVE-2018-1002003
CVE-2018-1002004
CVE-2018-1002005
CVE-2018-1002006
CVE-2018-1002007
CVE-2018-1002008
CVE-2018-1002009
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Arigato Autoresponder and Newsletter Remote Code Execution (2.5.1.9)
|
CVE-2018-18461
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Arlo training and event management system Cross-Site Scripting (2.1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ARMember-Content Restriction & Membership Security Bypass (1.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin ARPrice-Responsive Pricing Table Cross-Site Request Forgery (2.3)
|
CVE-2019-14679
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ARPrice-Responsive Pricing Table Cross-Site Scripting (2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ARS Reg Secure Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Art-Picture-Gallery Arbitrary File Upload (1.2.9)
|
CVE-2018-9206
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin article2pdf Multiple Vulnerabilities (0.27)
|
CVE-2019-1000031
CVE-2019-1010257
CWE-73
CWE-538
|
CWE-73
CWE-538
|
High
|
|
WordPress Plugin Article Directory Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Article Directory Redux Cross-Site Scripting (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Asgaros Forum Cross-Site Request Forgery (1.5.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Asgaros Forum Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Asgaros Forum Cross-Site Scripting (1.15.13)
|
CVE-2021-42365
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Asgaros Forum Multiple SQL Injection Vulnerabilities (1.15.12)
|
CVE-2021-24827
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Asgaros Forum Multiple Vulnerabilities (1.15.14)
|
CVE-2021-25045
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Asgaros Forum Security Bypass (1.5.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin AskApache Firefox Adsense Cross-Site Request Forgery (3.0)
|
CVE-2013-6992
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Aspose Cloud eBook Generator Arbitrary File Download (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Aspose DOC Exporter Arbitrary File Download (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Aspose Importer & Exporter Arbitrary File Download (2.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Aspose PDF Exporter Arbitrary File Download (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Asset CleanUp:Page Speed Booster Cross-Site Scripting (1.3.6.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Asset CleanUp:Page Speed Booster Multiple Vulnerabilities (1.3.6.6)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Asset Manager 'upload.php' Arbitrary File Upload (0.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin AStickyPostOrderER Cross-Site Scripting (0.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Async JavaScript Cross-Site Scripting (2.20.12.09)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Async JavaScript Security Bypass (2.19.07.14)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin A to Z Category Listing 'R' Parameter SQL Injection (1.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Attached images title editor Cross-Site Scripting (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Attach Gallery Posts Cross-Site Scripting (1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Attachment File Icons (AF Icons) Cross-Site Request Forgery (1.3)
|
CVE-2024-6309
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Attachment Manager Arbitrary File Upload (2.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Attendance Manager Multiple Vulnerabilities (0.5.6)
|
CVE-2019-5970
CVE-2019-5971
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Auctions 'upload.php' Arbitrary File Upload (2.0.1.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Audio 'showfile' Parameter Cross-Site Scripting (0.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Audio Player Cross-Site Scripting (2.0.4.5)
|
CVE-2013-1464
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Audio Record Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Audit Trail Cross-Site Scripting (1.1.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Augmented reality Unspecified Vulnerability (1.2.0)
|
|
|
High
|
|
WordPress Plugin Authenticator Denial of Service (1.3.0)
|
CVE-2022-3994
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin Author Bio Box Cross-Site Scripting (3.3.1)
|
CVE-2021-39349
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Author Chat Unspecified Vulnerability (1.9.0)
|
|
|
High
|
|
WordPress Plugin Authorize.net Payment Gateway For WooCommerce Security Bypass (2.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Author Manager Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Author Page Views Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Author Periodic Report Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Author Stats Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Auto Affiliate Links Multiple SQL Injection Vulnerabilities (4.9.9.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Cross-Site Scripting (4.6.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Unspecified Vulnerability (2.0.3.4)
|
|
|
High
|
|
WordPress Plugin Auto Attachments TimThumb Arbitrary File Upload (0.3)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Autocomplete Wizard Unspecified Vulnerability (2.0)
|
|
|
High
|
|
WordPress Plugin Auto Featured Image Arbitrary File Upload (1.2)
|
CVE-2024-6054
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Auto Group Join Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Automated Content for Real Estate Multiple Unspecified Vulnerabilities (5.4.2)
|
|
|
High
|
|
WordPress Plugin Automated Editor Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Automated Registration of the Course Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Automatic Online Backup 'url' Parameter Cross-Site Scripting (0.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Cross-Site Request Forgery (2.5.0)
|
CVE-2023-23992
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Cross-Site Request Forgery (2.5.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Security Bypass (1.7.5)
|
CVE-2021-24717
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin Automattic Stats Referer Field HTML Injection (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Autopilot SEO for WooCommerce Security Bypass (1.5.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Auto Post to Social Media-WordPress to Buffer Cross-Site Scripting (3.7.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Auto Prune Posts Cross-Site Request Forgery (1.8.0)
|
CVE-2023-27423
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Autoptimize Cross-Site Scripting (2.8.3)
|
CVE-2021-24332
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Autoptimize Cross-Site Scripting (3.1.0)
|
CVE-2022-2635
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Autoptimize Multiple Vulnerabilities (2.1.0)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Autoptimize Multiple Vulnerabilities (2.7.6)
|
CVE-2020-24948
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3)
|
CVE-2022-4790
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Autoship Cloud PHP Object Injection (1.0.13)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Auto ThickBox Plus Cross-Site Scripting (1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Availability Calendar Cross-Site Scripting (1.2.1)
|
CVE-2021-24604
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Availability Calendar SQL Injection (1.2)
|
CVE-2021-24606
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Avenir-soft Direct Download Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin AVH Extended Categories Widgets SQL Injection (4.0.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin AVH Extended Categories Widgets Unspecified Vulnerability (4.0.2)
|
|
|
High
|
|
WordPress Plugin Aviary Image Editor Add-on For Gravity Forms Arbitrary File Upload (3.0)
|
CVE-2015-4455
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin AVK-Shop Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Awesome Studio Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (3.2.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (5.8.0)
|
CVE-2019-20181
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (6.0.5)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (6.0.6)
|
CVE-2021-36919
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1)
|
CWE-73
CWE-538
|
CWE-73
CWE-538
|
High
|
|
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Unspecified Vulnerability (6.0.7)
|
|
|
High
|
|
WordPress Plugin AWSM Team-Team Showcase Local File Inclusion (1.3.1)
|
CVE-2024-37454
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin AW WordPress Yearly Category Archives Unspecified Vulnerability (1.2.1)
|
|
|
High
|
|
WordPress Plugin AzonPost Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More Security Bypass (4.6.00)
|
CVE-2023-3125
CVE-2023-3126
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin BA Book Everything Cross-Site Scripting (1.3.24)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Backend Localization Multiple Cross-Site Scripting Vulnerabilities (1.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Background Music Cross-Site Scripting (1.0)
|
CVE-2013-1942
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Backlink Rechecker Multiple Cross-Site Scripting Vulnerabilities (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Backup & Restore Dropbox Multiple Vulnerabilities (1.4.7.5)
|
CWE-200
CWE-915
|
CWE-200
CWE-915
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'config' Parameter Local File Inclusion (3.0.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'mosmsg' and 'option' Parameters Cross-Site Scripting Vulnerabilities (3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Arbitrary File Deletion (3.1.4)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (3.1.0)
|
CVE-2014-2340
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (4.2.152)
|
CVE-2020-35950
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Directory Traversal (3.1.4)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Multiple Vulnerabilities (3.1.1)
|
CVE-2014-8603
CVE-2014-8604
CVE-2014-8605
CVE-2014-8606
CVE-2014-8607
CVE-2014-8813
CWE-22
CWE-78
CWE-200
|
CWE-22
CWE-78
CWE-200
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Security Bypass (4.2.12)
|
CVE-2020-35948
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner SQL Injection (4.2.161)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Backup and Restore WordPress-WPBackItUp Arbitrary File Deletion (1.15.3)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Backup and Restore WordPress-WPBackItUp Cross-Site Request Forgery (1.6.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Backup and Restore WordPress-WPBackItUp Multiple Vulnerabilities (1.9)
|
CVE-2014-8805
CVE-2014-9012
CWE-264
CWE-538
|
CWE-264
CWE-538
|
High
|
|
WordPress Plugin Backup and Staging by WP Time Capsule PHP Object Injection (1.21.9)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Backup and Staging by WP Time Capsule Security Bypass (1.21.15)
|
CVE-2020-8771
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Backup Bank:WordPress Backup Security Bypass (4.0.28)
|
CVE-2023-28165
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin BackupBuddy Arbitrary File Download (8.7.4.1)
|
CVE-2022-31474
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin BackupBuddy Information Disclosure (2.2.28)
|
CVE-2013-2743
CVE-2013-2744
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin BackupBuddy Multiple Vulnerabilities (8.0.1.8)
|
CWE-352
CWE-915
|
CWE-352
CWE-915
|
High
|
|
WordPress Plugin Backup by Supsystic Local File Inclusion (2.3.9)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Backup Migration Arbitrary File Download (1.3.6)
|
CVE-2023-6266
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Backup Migration Cross-Site Request Forgery (1.2.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Backup Migration Cross-Site Scripting (1.1.5)
|
CVE-2021-36884
CWE-79
|
CWE-79
|
High
|
|
Wordpress Plugin Backup Migration CVE-2023-6271 Vulnerability (CVE-2023-6271)
|
CVE-2023-6271
|
|
High
|
|
Wordpress Plugin Backup Migration Files or Directories Accessible to External Parties Vulnerability (CVE-2023-6266)
|
CVE-2023-6266
CWE-552
|
CWE-552
|
High
|
|
Wordpress Plugin Backup Migration Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-7002)
|
CVE-2023-7002
CWE-138
|
CWE-138
|
High
|
|
WordPress Plugin Backup Migration Information Disclosure (1.2.8)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Backup Migration Information Disclosure (1.3.5)
|
CVE-2023-6271
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Backup Migration Remote Code Execution (1.3.7)
|
CVE-2023-6553
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Backup Scheduler Cross-Site Request Forgery (1.5.13)
|
CVE-2022-38079
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin BackUpWordPress Remote File Inclusion (0.4.2b)
|
CVE-2007-5800
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin BackUpWordPress Unspecified Vulnerability (3.12)
|
|
|
High
|
|
WordPress Plugin BackWPup 'wp_export_generate.php' Local and Remote File Include Vulnerabilities (2.1.4)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin BackWPup Cross-Site Scripting (3.0.12)
|
CVE-2013-4626
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BackWPup Cross-Site Scripting (3.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BackWPup Cross-Site Scripting (3.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BackWPup Multiple Local File Include Vulnerabilities (1.5.2)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin BackWPup Multiple Unspecified Vulnerabilities (3.2.1)
|
|
|
High
|
|
WordPress Plugin BackWPup Remote and Local Code Execution (1.6.1)
|
CVE-2011-4342
CVE-2011-5208
CWE-22
CWE-94
|
CWE-22
CWE-94
|
High
|
|
WordPress Plugin BackWPup Security Bypass (3.4.1)
|
CVE-2017-2551
CWE-552
|
CWE-552
|
High
|
|
WordPress Plugin BackWPup Unspecified Vulnerability (3.3)
|
|
|
High
|
|
WordPress Plugin BackWPup Unspecified Vulnerability (3.4.3)
|
|
|
High
|
|
WordPress Plugin Bad Behavior Multiple Cross-Site Scripting Vulnerabilities (2.2.4)
|
CVE-2012-4271
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bad Behavior Multiple Vulnerabilities (2.2.18)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Badgearoo Cross-Site Scripting (1.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Badge Designer Lite For WooCommerce includes Backdoor [Only if downloaded via the vendor website] (1.1.0)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin BadgeOS SQL Injection (3.7.0)
|
CVE-2022-0817
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin BadgeOS SQL Injection (3.7.1.2)
|
CVE-2022-2958
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Baggage Freight Shipping Australia Arbitrary File Upload (0.1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Bangla Sidebar Login Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Banner Cycler Cross-Site Request Forgery (1.4)
|
CVE-2022-2233
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Banner Effect Header Cross-Site Request Forgery (1.2.6)
|
CVE-2015-0920
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Banner Effect Header Cross-Site Scripting (1.2.7)
|
CVE-2015-1384
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Banner Garden Multiple Cross-Site Scripting Vulnerabilities (0.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bannerlid Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BannerMan Cross-Site Scripting (0.2.4)
|
CVE-2014-4845
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Banner Slider Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Basic Dev Tools Multiple Cross-Site Scripting Vulnerabilities (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Basic Google Maps Placemarks Cross-Site Scripting (1.10.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Batch-Move Posts Unspecified Vulnerability (1.5)
|
|
|
High
|
|
WordPress Plugin Batch Cat Security Bypass (0.3)
|
CVE-2021-24788
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Battle Suit for Divi Security Bypass (1.10.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BAVOKO SEO Tools-All-in-One WordPress SEO Security Bypass (2.1.9.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin bbPress Cross-Site Scripting (2.5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bbPress Cross-Site Scripting (2.5.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bbPress Cross-Site Scripting (2.5.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bbPress Like Button SQL Injection (1.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin bbPress Login Register Links On Forum Topic Pages Cross-Site Request Forgery (2.7.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin bbPress Members Only Cross-Site Request Forgery (1.2.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin bbPress Move Topics PHP Object Injection (1.1.4)
|
CVE-2018-21005
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin bbPress Multiple Vulnerabilities (2.6.4)
|
CVE-2020-13487
CVE-2020-13693
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin bbPress Security Bypass (2.6.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin bbPress Social Network Multiple Cross-Site Scripting Vulnerabilities (9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bbPress SQL Injection (2.5.14)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin BBS e-Franchise SQL Injection (1.1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin BCS BatchLine Book Importer Security Bypass (1.5.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Beautiful FAQ for WordPress-Everest FAQ Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Beautiful Stat Counter for WordPress-Everest Counter Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Beaver Builder-WordPress Page Builder Multiple Cross-Site Scripting Vulnerabilities (2.5.5.2)
|
CVE-2022-2517
CVE-2022-2695
CVE-2022-2716
CVE-2022-2934
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Beaver Builder-WordPress Page Builder Security Bypass (1.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BeCustom Cross-Site Request Forgery (1.0.5.2)
|
CVE-2022-3747
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Beer Recipes Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)
|
CVE-2022-1186
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin BePro Listings Arbitrary File Upload (2.2.0020)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin BePro Listings Security Bypass (2.2.0020)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Cross-Site Scripting (1.4.31)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Cross-Site Scripting (1.8.14)
|
CVE-2019-20182
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Cross-Site Scripting (1.9.24)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Cross-Site Scripting (2.0.30)
|
CVE-2021-24357
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Security Bypass (1.6.15)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Best Seo Remote Code Execution (1.5)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin BestSmallShopLite Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Best WordPress FAQ Cross-Site Scripting (1.4.8)
|
CVE-2021-39319
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin betterAmazonAPI Cross-Site Scripting (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Better Click To Tweet Unspecified Vulnerability (5.1)
|
|
|
High
|
|
WordPress Plugin BetterDocs-Best Documentation & Knowledge Base Cross-Site Scripting (1.8.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BetterDocs-Best Documentation & Knowledge Base Cross-Site Scripting (1.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Better Find and Replace Cross-Site Scripting (1.2.8)
|
CVE-2021-24676
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Better Font Awesome Cross-Site Request Forgery (2.0.1)
|
CVE-2022-37405
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Better Font Awesome Cross-Site Scripting (2.0.3)
|
CVE-2022-4512
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BetterLinks-Shorten, Track and Manage any URL Cross-Site Scripting (1.2.5)
|
CVE-2021-24812
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Better Messages-Live Chat for WordPress, BuddyPress, BuddyBoss, Ultimate Member Multiple Vulnerabilities (1.9.9.37)
|
CVE-2021-24808
CVE-2021-24809
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin BetterOptin Cross-Site Scripting (1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BetterOptin Cross-Site Scripting (2.0.2)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Better Search Cross-Site Request Forgery (2.5.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Better Search Replace Cross-Site Request Forgery (1.3.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Better Search Replace Multiple Unspecified Vulnerabilities (1.0.3)
|
|
|
High
|
|
WordPress Plugin Better Search SQL Injection (2.2.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Better User Shortcodes Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Better WordPress Minify Arbitrary File Disclosure (1.2.2)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Better WordPress reCAPTCHA (with no CAPTCHA reCAPTCHA) Cross-Site Scripting (2.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BezahlCode-Generator 'gen_name' Parameter Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bib2html Cross-Site Scripting (0.9.3)
|
CVE-2014-3870
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BibleGet I/O Unspecified Vulnerability (3.4)
|
|
|
High
|
|
WordPress Plugin BIC Media Widget Cross-Site Scripting (1.0)
|
CVE-2014-4516
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BigBlueButton Cross-Site Scripting (2.2.3)
|
CVE-2020-12113
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BigDoor Quick Gamification for WordPress Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bilingual Linker Cross-Site Scripting (2.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Billplz for WooCommerce Unspecified Vulnerability (3.10)
|
|
|
High
|
|
WordPress Plugin Bind Users to Taxonomy Cross-Site Scripting (0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BingImport Cross-Site Scripting (0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bing Site Verification using Meta Tag Cross-Site Scripting (1.0)
|
CVE-2023-23875
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bird Feeder Multiple Vulnerabilities (1.2.3)
|
CVE-2014-9334
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Bitcoin/Altcoin Faucet Cross-Site Request Forgery (1.6.0)
|
CVE-2022-3025
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Bitcoin/AltCoin Payment Gateway for WooCommerce & Multivendor store/shop Cross-Site Scripting (1.6.0)
|
CVE-2021-24679
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bitcoin Faucet Cross-Site Scripting (1.0.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bitcoin Satoshi Tools:Faucets, Visitor Rewarder, Satoshi Games, Referral Program Cross-Site Request Forgery (1.7.0)
|
CVE-2022-3024
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin BitMonet Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BizLibrary Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bizzCam Video Cross-Site Scripting (0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BJ Lazy Load Remote Code Execution (0.7.5)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin BLAZE Retail Widget Malicious Code (2.5.2)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Blaze Slideshow 'upload.php' Arbitrary File Upload (2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Blaze Slideshow Arbitrary File Upload (2.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Bliss Gallery 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Bliss Gallery Arbitrary File Upload (2.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Block wp-login Cross-Site Request Forgery (1.3.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Cross-Site Scripting (5.0.2)
|
CVE-2019-9576
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Cross-Site Scripting (5.8.1)
|
CVE-2019-17550
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Multiple Vulnerabilities (6.9.9)
|
CVE-2022-3246
CVE-2022-3247
CWE-89
CWE-918
|
CWE-89
CWE-918
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler PHP Object Injection (5.0.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler PHP Object Injection (5.7.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Security Bypass (6.9.11)
|
CVE-2022-3622
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)
|
CVE-2019-13572
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (6.3.0)
|
CVE-2021-24137
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Unspecified Vulnerability (5.1.2)
|
|
|
High
|
|
WordPress Plugin Blog Designer Cross-Site Scripting (1.8.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blogger To WordPress SQL Injection (2.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Blogomatic Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blogroll Fun-Show Last Post and Last Update Time Cross-Site Scripting (0.8.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blog social sharing component Cross-Site Request Forgery (1.4.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Blog social sharing component Cross-Site Scripting (1.4.4)
|
CVE-2021-24618
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blogstand Banner Cross-Site Scripting (1.0)
|
CVE-2014-4848
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blogtopdf Local File Inclusion (1.0.2)
|
CVE-2014-2383
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin blogVault Real-time Backup PHP Object Injection (1.44)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Bloom eMail Opt-In Security Bypass (1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Blue Admin Cross-Site Request Forgery (21.06.01)
|
CVE-2021-24581
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin BLUE ORIGAMI CRM (Formerly Application Maker/APM-CRM edition) Cross-Site Scripting (1.5.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blue Wrench Video Widget Cross-Site Request Forgery (1.0.5)
|
CVE-2013-6797
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Blue Wrench Video Widget Cross-Site Scripting (2.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Blunt GA Cross-Site Scripting (4.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bodi0`s Bots visits counter Cross-Site Scripting (0.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin bodi0`s Easy cache Cross-Site Scripting (0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bold Page Builder PHP Object Injection (3.1.5)
|
CVE-2021-24579
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Bold Page Builder Security Bypass (2.3.1)
|
CVE-2019-15821
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Bold Timeline Lite Cross-Site Scripting (1.1.4)
|
CVE-2022-4828
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bongolive SMS Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Book appointment online Cross-Site Scripting (1.38)
|
CVE-2021-24614
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booked-Appointment Booking for WordPress Security Bypass (2.2.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Booking.com Banner Creator Cross-Site Scripting (1.4.2)
|
CVE-2021-24646
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booking.com Banner Creator Unspecified Vulnerability (1.4.5)
|
|
|
High
|
|
WordPress Plugin Booking.com Product Helper Cross-Site Scripting (1.0.1)
|
CVE-2021-24645
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booking.com Product Helper Unspecified Vulnerability (1.0.3)
|
|
|
High
|
|
WordPress Plugin Booking calendar, Appointment Booking System Multiple Vulnerabilities (2.1.7)
|
CVE-2018-5670
CVE-2018-5671
CVE-2018-5672
CVE-2018-5673
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Booking calendar, Appointment Booking System Security Bypass (2.2.2)
|
CVE-2018-10363
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Booking Calendar-Appointment Booking-BookIt Security Bypass (2.3.7)
|
CVE-2023-2834
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Booking Calendar-Appointment Booking-BookIt Unspecified Vulnerability (2.3.8)
|
|
|
High
|
|
WordPress Plugin Booking Calendar-Clockwork SMS Cross-Site Scripting (1.0.5)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booking Calendar Contact Form Cross-Site Scripting (1.0.24)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booking Calendar Contact Form Multiple Vulnerabilities (1.0.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Booking Calendar Contact Form Multiple Vulnerabilities (1.0.23)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Booking Calendar Cross-Site Request Forgery (4.1.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Booking Calendar Cross-Site Request Forgery (9.2.1)
|
CVE-2022-33177
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Booking Calendar Cross-Site Scripting (7.1)
|
CVE-2017-2151
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booking Calendar Directory Traversal (7.0)
|
CVE-2017-2150
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Booking Calendar Local File Inclusion (7.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Booking Calendar Multiple Vulnerabilities (6.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Booking Calendar PHP Object Injection (9.1)
|
CVE-2022-1463
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Booking Calendar SQL Injection (6.2.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Booking Calendar SQL Injection (8.4.4)
|
CVE-2018-20556
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Booking Multiple Vulnerabilities (2.5)
|
CWE-79
CWE-89
CWE-352
|
CWE-79
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Booking Package-Appointment Booking Calendar System Cross-Site Scripting (1.5.10)
|
CVE-2021-20840
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booking Privilege Escalation (2.4)
|
CVE-2019-15774
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Bookings Cross-Site Scripting (1.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Local File Inclusion (1.1.13)
|
CVE-2024-38717
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Multiple Cross-Site Request Forgery Vulnerabilities (1.1.4)
|
CVE-2021-36854
CVE-2021-36855
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Multiple Cross-Site Scripting Vulnerabilities (1.0.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bookly #1 WordPress Booking Plugin (Lite Version) Cross-Site Scripting (14.4)
|
CVE-2018-6891
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bookmarkify Multiple Vulnerabilities (2.9.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Bookshelf Cross-Site Scripting (2.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BookX Local File Inclusion (1.7)
|
CVE-2014-4937
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Booster Elite for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)
|
CVE-2022-4017
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Booster for WooCommerce Cross-Site Scripting (5.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booster for WooCommerce Cross-Site Scripting (5.6.2)
|
CVE-2022-4227
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booster for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)
|
CVE-2022-4017
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Booster for WooCommerce Multiple Cross-Site Scripting Vulnerabilities (5.4.8)
|
CVE-2021-24999
CVE-2021-25000
CVE-2021-25001
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Booster for WooCommerce Multiple Vulnerabilities (5.6.6)
|
CVE-2022-3762
CVE-2022-3763
CVE-2022-4016
CVE-2022-41805
CWE-22
CWE-352
|
CWE-22
CWE-352
|
High
|
|
WordPress Plugin Booster for WooCommerce PHP Object Injection (3.0.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Booster for WooCommerce Security Bypass (5.4.3)
|
CVE-2021-34646
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Booster Plus for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)
|
CVE-2022-4017
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Bootstrap Categories Gallery Cross-Site Scripting (1.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bootstrap Shortcodes Cross-Site Scripting (3.4.0)
|
CVE-2022-4777
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Boozang Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Border Loading Bar Cross-Site Scripting (1.0.1)
|
CVE-2021-38338
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Border Loading Bar Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BP Code Snippets Cross-Site Scripting (2.0)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BP Group Documents Multiple Vulnerabilities (1.2.1)
|
CWE-22
CWE-79
CWE-352
|
CWE-22
CWE-79
CWE-352
|
High
|
|
WordPress Plugin BP Group Documents Security Bypass (1.10)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BP GTM System Cross-Site Scripting (1.9.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BP Portfolio Cross-Site Scripting (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BP Profile Search PHP Object Injection (4.5.3)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Brafton Cross-Site Scripting (3.4.7)
|
CVE-2016-10973
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0)
|
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin Breadcrumb NavXT Information Disclosure (6.1.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Breadcrumbs by menu Multiple Vulnerabilities (1.0.1)
|
CVE-2019-15864
CVE-2019-15865
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Breeze-WordPress Cache Open Redirect (1.0.10)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Breezing Forms Cross-Site Scripting (1.2.7.33)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Breezing Forms Cross-Site Scripting (1.2.7.42)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Breezing Forms SQL Injection (1.2.7.30)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin BrewMaster Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bricks Remote Code Execution (1.9.6)
|
CVE-2024-25600
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Britetechs Companion Malicious Code (2.2.7)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Brizy-Page Builder Arbitrary File Upload (2.4.44)
|
CVE-2024-3242
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Brizy-Page Builder Cross-Site Scripting (2.3.26)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Brizy-Page Builder Multiple Vulnerabilities (2.3.11)
|
CVE-2021-38344
CVE-2021-38345
CVE-2021-38346
CWE-79
CWE-264
CWE-434
|
CWE-79
CWE-264
CWE-434
|
High
|
|
WordPress Plugin Brizy-Page Builder Multiple Vulnerabilities (2.4.43)
|
CVE-2024-1161
CVE-2024-1164
CVE-2024-2087
CVE-2024-3667
CVE-2024-3711
CWE-79
CWE-862
|
CWE-79
CWE-862
|
High
|
|
WordPress Plugin Brizy-Page Builder Security Bypass (1.0.113)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Brizy-Page Builder Security Bypass (1.0.125)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Brizy-Page Builder Security Bypass (2.4.44)
|
CVE-2024-1937
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Brizy-Page Builder Unspecified Vulnerability (2.4.45)
|
|
|
High
|
|
WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Cross-Site Scripting (4.27.2)
|
CVE-2014-4569
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Multiple Cross-Site Scripting Vulnerabilities (4.25.3)
|
CVE-2013-5714
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Multiple Cross-Site Scripting Vulnerabilities (4.29.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Multiple Vulnerabilities (4.27.4)
|
CVE-2014-1905
CVE-2014-1906
CVE-2014-1907
CVE-2014-1908
CWE-22
CWE-79
CWE-211
CWE-434
|
CWE-22
CWE-79
CWE-211
CWE-434
|
High
|
|
WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP PHP Object Injection (4.67.8)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Remote Code Execution (5.5.15)
|
CVE-2023-25699
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.8)
|
CVE-2015-5057
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.8)
|
CVE-2019-16521
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.19)
|
CVE-2022-3922
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Checker Multiple Cross-Site Scripting Vulnerabilities (1.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Checker PHAR Deserialization (1.11.16)
|
CVE-2022-2438
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Broken Link Checker Unspecified Vulnerability (1.10.7)
|
|
|
High
|
|
WordPress Plugin Broken Link Manager Cross-Site Scripting (0.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Broken Link Manager Multiple Vulnerabilities (0.4.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Broken Link Manager SQL Injection (0.6.5)
|
CVE-2021-24550
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Browsealoud Crypto Mining (1.4)
|
CWE-829
|
CWE-829
|
High
|
|
WordPress Plugin Browser and Operating System Finder Cross-Site Request Forgery (1.1)
|
CVE-2021-20851
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Browser Blocker Cross-Site Scripting (0.5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Browser Rejector Remote File Inclusion (2.10)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Browser Screenshots Cross-Site Scripting (1.7.5)
|
CVE-2021-24439
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BruteBank-WP Security & Firewall Cross-Site Request Forgery (1.8)
|
CVE-2022-4443
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Brute Force Login Protection Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Brute Force Login Protection Unspecified Vulnerability (1.5)
|
|
|
High
|
|
WordPress Plugin BSDev.at-Importer:Serendipity Cross-Site Scripting (0.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BSK PDF Manager Multiple Cross-Site Scripting Vulnerabilities (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BSK PDF Manager Multiple SQL Injection Vulnerabilities (1.3.2)
|
CVE-2014-4944
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin BSK PDF Manager SQL Injection (3.1.1)
|
CVE-2021-24860
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin bSuite Cross-Site Scripting (4.0.7)
|
CVE-2011-4955
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Buckets Cross-Site Scripting (0.1.9.2)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyBoss Media Cross-Site Scripting (3.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyBoss Media Cross-Site Scripting (3.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyBoss Wall Cross-Site Scripting (1.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyDrive Cross-Site Scripting (1.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyPress 'page' Parameter SQL Injection (1.5.4)
|
CVE-2012-2109
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin BuddyPress Activity Plus Cross-Site Scripting (1.6.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyPress Activity Plus Multiple Vulnerabilities (1.6.1)
|
CWE-73
CWE-352
|
CWE-73
CWE-352
|
High
|
|
WordPress Plugin BuddyPress Arbitrary File Deletion (2.7.3)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Buddypress Component Stats Local File Inclusion (1.0)
|
CVE-2014-2383
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin BuddyPress Cover Arbitrary File Upload (2.1.4.2)
|
CVE-2024-35746
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin BuddyPress Cross-Site Request Forgery (2.9.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin BuddyPress Cross-Site Scripting (2.2.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyPress Customer.io Analytics Integration Cross-Site Request Forgery (1.1.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin BuddyPress Docs Security Bypass (1.9.2)
|
CVE-2017-6954
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BuddyPress Edit Activity Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyPress Extended Friendship Request Cross-Site Scripting (1.0.1)
|
CVE-2013-4944
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyPress Global Search Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyPress Information Disclosure (5.1.1)
|
CVE-2020-5244
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin BuddyPress Members Only Cross-Site Scripting (1.8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BuddyPress Multiple Cross-Site Request Forgery Vulnerabilities (2.8.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin BuddyPress Multiple Security Bypass Vulnerabilities (7.2.0)
|
CVE-2021-21389
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BuddyPress Multiple Security Bypass Vulnerabilities (7.2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BuddyPress Multiple SQL Injection Vulnerabilities (1.7.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin BuddyPress Multiple Vulnerabilities (1.9.1)
|
CVE-2014-1888
CVE-2014-1889
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin BuddyPress Multiple Vulnerabilities (5.1.2)
|
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin BuddyPress Multiple Vulnerabilities (9.0.0)
|
CWE-89
CWE-200
|
CWE-89
CWE-200
|
High
|
|
WordPress Plugin BuddyPress PHP Object Injection (2.0.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin BuddyPress Security Bypass (2.3.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BuddyPress Security Bypass (5.1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BuddyPress Security Bypass (6.3.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin BuddyPress Unspecified Vulnerability (2.6.0)
|
|
|
High
|
|
WordPress Plugin Buddypress Xprofile Custom Fields Type Arbitrary File Deletion (2.6.3)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Buddy Share It Allusers FB YR Arbitrary File Upload (3.2.8)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin BuddyStream Multiple Cross-Site Scripting Vulnerabilities (2.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bug Library Cross-Site Scripting (1.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bug Library Cross-Site Scripting (2.0.3)
|
CVE-2021-38355
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bug Library Unspecified Vulnerability (2.0.7)
|
|
|
High
|
|
WordPress Plugin Build App Online SQL Injection (1.0.18)
|
CVE-2022-3241
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Bulk Add to Cart for WooCommerce Security Bypass (1.2.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Bulk change of posts terms and post types Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bulk Creator Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Bulk Datetime Change Security Bypass (1.11)
|
CVE-2021-24842
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Bulk Delete Privilege Escalation (5.5.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Bulk Delete Users by Email Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Bulk Page Creator Cross-Site Scripting (1.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BulletProof Security Cross-Site Scripting (.47)
|
CVE-2012-4268
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BulletProof Security Cross-Site Scripting (.50.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BulletProof Security Cross-Site Scripting (.52.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BulletProof Security Cross-Site Scripting (.53.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BulletProof Security Information Disclosure (5.1)
|
CVE-2021-39327
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin BulletProof Security Multiple Cross-Site Scripting Vulnerabilities (.48.9)
|
CVE-2013-3487
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BulletProof Security Multiple Cross-Site Scripting Vulnerabilities (.53.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin BulletProof Security Multiple Vulnerabilities (.51)
|
CVE-2014-7958
CVE-2014-7959
CVE-2014-8749
CWE-79
CWE-89
CWE-918
|
CWE-79
CWE-89
CWE-918
|
High
|
|
WordPress Plugin Business Card Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Business Directory-Easy Listing Directories for WordPress Cross-Site Request Forgery (4.1.12.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Business Directory-Easy Listing Directories for WordPress Multiple Vulnerabilities (5.10.1)
|
CVE-2021-24178
CVE-2021-24179
CVE-2021-24248
CWE-264
CWE-434
|
CWE-264
CWE-434
|
High
|
|
WordPress Plugin Business Directory-Easy Listing Directories for WordPress Multiple Vulnerabilities (5.11.1)
|
CVE-2021-24249
CVE-2021-24250
CVE-2021-24251
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Business Directory-Easy Listing Directories for WordPress PHP Object Injection (4.1.14)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Business Hours Indicator Cross-Site Scripting (2.3.4)
|
CVE-2021-24593
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Business Hours Pro Arbitrary File Upload (5.5.0)
|
CVE-2021-24240
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Business Manager-WordPress ERP, HR, CRM, and Project Management Cross-Site Scripting (1.4.5)
|
CVE-2021-39332
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Button Widget Smartsoft Cross-Site Request Forgery (1.0.1)
|
CVE-2022-1912
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Buzzwords Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ByREV WP-PICShield Cross-Site Request Forgery (1.9.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin CAC Featured Content TimThumb Arbitrary File Upload (0.8)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Cache-Control Unspecified Vulnerability (2.2.3)
|
|
|
High
|
|
WordPress Plugin Calculated Fields Form Cross-Site Scripting (1.0.81)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Calculated Fields Form Cross-Site Scripting (1.0.353)
|
CVE-2020-7228
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Calculated Fields Form Multiple SQL Injection Vulnerabilities (1.0.10)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Caldera Forms-More Than Contact Forms Arbitrary File Disclosure (1.8.1)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.5.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Caldera Forms-More Than Contact Forms Information Disclosure (1.3.5.2)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Caldera Forms-More Than Contact Forms Multiple Cross-Site Scripting Vulnerabilities (1.5.9.1)
|
CVE-2018-7747
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CalendApp Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Calendar by WD-Responsive Event Calendar for WordPress Cross-Site Scripting (1.5.38)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Calendar by WD-Responsive Event Calendar for WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.3.0)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Calendar by WD-Responsive Event Calendar for WordPress SQL Injection (1.4.9)
|
CVE-2015-2196
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Calendar by WD-Responsive Event Calendar for WordPress SQL Injection (1.5.51)
|
CVE-2017-7719
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Calendar Cross-Site Request Forgery (1.3.2)
|
CVE-2013-2698
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Calendar Cross-Site Scripting (1.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Calendar Event Multi View Cross-Site Scripting (1.3.99)
|
CVE-2021-24498
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Calendar Event Multi View Multiple SQL Injection Vulnerabilities (1.1.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Calendar Event Multi View Multiple Vulnerabilities (1.1.4)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Calendar Event Multi View Security Bypass (1.4.06)
|
CVE-2022-2846
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Calendar Event Multi View Security Bypass (1.4.13)
|
CVE-2023-23814
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Calendar Event Multi View SQL Injection (1.01)
|
CVE-2014-8586
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Calendar Event Multi View Unspecified Vulnerability (1.3.58)
|
|
|
High
|
|
WordPress Plugin Calendar Multiple Cross-Site Scripting Vulnerabilities (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Calendar Unspecified Vulnerability (1.3.10)
|
|
|
High
|
|
WordPress Plugin Calendar_plugin Cross-Site Scripting (1.0)
|
CVE-2021-34667
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CallRail Phone Call Tracking Cross-Site Request Forgery (0.4.9)
|
CVE-2022-36796
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Campaign Press Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Campaign URL Builder Cross-Site Request Forgery (1.5.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Campaign URL Builder Cross-Site Scripting (1.8.1)
|
CVE-2023-0538
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Canalplan Cross-Site Scripting (3.22)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Candidate Application Form Arbitrary File Disclosure (1.6)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Candidate Application Form Arbitrary File Download (1.0)
|
CVE-2015-1000005
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities (1.7.0)
|
CVE-2020-28976
CVE-2020-28977
CVE-2020-28978
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Captain Slider Cross-Site Scripting (1.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Captcha Backdoor (4.4.4)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Captcha by BestWebSoft Cross-Site Scripting (4.2.9)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Captcha by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (4.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Captcha by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (4.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Captcha by BestWebSoft Security Bypass (3.8.7)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Captcha by BestWebSoft Security Bypass (4.0.6)
|
CVE-2014-9283
CWE-254
|
CWE-254
|
High
|
|
WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin CAPTCHA in Thai Multiple Cross-Site Scripting Vulnerabilities (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Captchinoo, Google recaptcha for admin login page Security Bypass (2.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Car Demon Multiple Cross-Site Scripting Vulnerabilities (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Car Demon Multiple Vulnerabilities (1.7.97)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin CardGate Payments for WooCommerce Security Bypass (3.1.15)
|
CVE-2020-8819
CWE-346
|
CWE-346
|
High
|
|
WordPress Plugin Cardinity Payment Gateway for WooCommerce Cross-Site Scripting (3.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Caret Country Access Limit Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Carousel slideshow 'swfupload.swf' Cross-Site Scripting (3.10)
|
CVE-2012-3414
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Carousel slideshow 'upload.php' Arbitrary File Upload (3.9)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Carousel slideshow Arbitrary File Upload (3.11)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Car Rental by BestWebSoft Cross-Site Scripting (1.0.4)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Car Rental System Cross-Site Scripting (1.3)
|
CVE-2020-15535
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Car Rental System SQL Injection (3.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Car Seller-Auto Classifieds Script SQL Injection (2.1.0)
|
CVE-2021-24285
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Cart66 Lite::WordPress Ecommerce Cross-Site Scripting (1.5.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.1.14)
|
CVE-2013-5977
CVE-2013-5978
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.3)
|
CVE-2014-9442
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Cart66 Lite::WordPress Ecommerce SQL Injection (1.5.1.17)
|
CVE-2014-9305
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Cart66 Pro Arbitrary File Disclosure (1.5.3)
|
CVE-2014-9461
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Cart All In One For WooCommerce Cross-Site Request Forgery (1.1.10)
|
CVE-2022-46806
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Cartogiraffe Map Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Carts Guru PHP Object Injection (1.4.5)
|
CVE-2019-12241
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Cashtomer SQL Injection (1.0.0)
|
CVE-2021-24391
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin CataBlog 'category' Parameter Cross-Site Scripting (1.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Catch Breadcrumb Cross-Site Scripting (1.5.4)
|
CVE-2020-12054
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Catch Breadcrumb Security Bypass (1.6)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Duplicate Switcher Security Bypass (1.5.2)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (1.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (2.6.7)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Catch Gallery Security Bypass (1.6.8)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch IDs Security Bypass (2.3)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Import Export Security Bypass (1.8)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Infinite Scroll Security Bypass (1.8.1)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Scroll Progress Bar Security Bypass (1.5)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Sticky Menu Security Bypass (1.6.3)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Themes Demo Import Arbitrary File Upload (1.7)
|
CVE-2021-39352
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Catch Themes Demo Import Remote Code Execution (2.1)
|
CVE-2022-0440
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Catch Themes Demo Import Security Bypass (1.5)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Themes Demo Import Unspecified Vulnerability (1.8)
|
|
|
High
|
|
WordPress Plugin Catch Under Construction Security Bypass (1.3.4)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Catch Web Tools Security Bypass (2.6.6)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Category and Page Icons Cross-Site Scripting (0.9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Category and Page Icons Multiple Vulnerabilities (0.9.1)
|
CWE-73
CWE-434
|
CWE-73
CWE-434
|
High
|
|
WordPress Plugin Category Grid View Gallery Cross-Site Scripting (2.3.3)
|
CVE-2013-4117
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Category Grid View Gallery TimThumb Arbitrary File Upload (0.1.1)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Category List Portfolio Page TimThumb Arbitrary File Upload (1.2.3)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Category Order and Taxonomy Terms Order Cross-Site Scripting (1.4.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Category Order and Taxonomy Terms Order PHP Object Injection (1.5.2.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Category Specific RSS feed Subscription Cross-Site Request Forgery (2.0)
|
CVE-2019-5993
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Catpro Gallery Arbitrary File Upload (3.8)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin CBI Referral Manager Cross-Site Scripting (1.2.1)
|
CVE-2014-4517
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CBX Bookmark & Favorite Cross-Site Scripting (1.6.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CBX Petition for WordPress SQL Injection (1.0.3)
|
CVE-2022-4383
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin cdnvote 'cdnvote-post.php' Multiple SQL Injection Vulnerabilities (0.4.1)
|
CVE-2011-5308
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ceceppa Multilingua Cross-Site Scripting (1.5.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ceceppa Multilingua Multiple Cross-Site Scripting Vulnerabilities (1.5.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ceceppa Multilingua Unspecified Vulnerability (1.5.3)
|
|
|
High
|
|
WordPress Plugin Centrora Security Multiple Vulnerabilities (6.5.6)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin CevherShare 'cevhershare-admin.php' SQL Injection (2.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin CevherShare Multiple Vulnerabilities (2.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin CF7 Invisible reCAPTCHA Cross-Site Request Forgery (1.3.3)
|
CVE-2023-28167
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin CF7 Invisible reCAPTCHA Cross-Site Scripting (1.3.1)
|
CVE-2018-21012
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CF7 Manual Spam Blocker Privilege Escalation (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Cf7Save Extension Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin cformsII 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities (13.1)
|
CVE-2010-3977
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin cformsII Arbitrary File Upload (14.7)
|
CVE-2014-9473
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin cformsII HTML Injection (15.0.1)
|
CVE-2019-15238
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin cformsII Multiple Cross-Site Scripting Vulnerabilities (14.13.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin cformsII SQL Injection (14.12.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Chained Quiz Cross-Site Scripting (0.9.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chained Quiz Cross-Site Scripting (1.1.8.1)
|
CVE-2020-7104
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chained Quiz Cross-Site Scripting (1.1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chained Quiz Cross-Site Scripting (1.2.7)
|
CVE-2021-24690
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chained Quiz Multiple Cross-Site Scripting Vulnerabilities (0.9.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chained Quiz SQL Injection (1.0.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Chamber Dashboard Business Directory Cross-Site Scripting (3.2.8)
|
CVE-2020-24699
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chamber Dashboard Member Manager Cross-Site Scripting (2.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chameleon CSS SQL Injection (1.2)
|
CVE-2021-24626
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Chameleoni Jobs Multiple Cross-Site Scripting Vulnerabilities (1.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Change Password and E-mail Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Change WordPress Login Logo Cross-Site Scripting (1.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chat-Support Board-WordPress Chat Cross-Site Scripting (1.2.8)
|
CVE-2018-18373
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chat-Support Board-WordPress Chat Cross-Site Scripting (3.3.4)
|
CVE-2021-24807
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chat-Support Board-WordPress Chat Multiple SQL Injection Vulnerabilities (3.3.3)
|
CVE-2021-24741
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Chat-Support Board-WordPress Chat Privilege Escalation (3.3.8)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Chatbot with IBM Watson Cross-Site Scripting (0.8.20)
|
CVE-2020-7239
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chat Cross-Site Scripting (1.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Chat Room Directory Traversal (0.1.2)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Check & Log Email Cross-Site Scripting (0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Check & Log Email Cross-Site Scripting (0.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Check & Log Email Cross-Site Scripting (1.0.3)
|
CVE-2021-24908
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Check & Log Email SQL Injection (1.0.2)
|
CVE-2021-24774
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Checklist Cross-Site Scripting (1.1.5)
|
CVE-2019-16525
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Checkout Field Editor for WooCommerce (Pro) Arbitrary File Deletion (3.6.2)
|
CVE-2024-35658
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin CheetahO Image Compression and Optimizer Unspecified Vulnerability (1.4.2.1)
|
|
|
High
|
|
WordPress Plugin ChenPress Arbitrary File Upload (3.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Cherry Cross-Site Scripting (1.2.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cherry Multiple Vulnerabilities (1.2.6)
|
CWE-22
CWE-434
|
CWE-22
CWE-434
|
High
|
|
WordPress Plugin Cherry Services List Information Disclosure (1.4.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Cherry Team Members Information Disclosure (1.4.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Chief Editor Multiple Vulnerabilities (3.7.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin ChikunCount Arbitrary File Upload (1.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Child Theme Configurator Arbitrary File Disclosure (1.7.4)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Child Theme Creator by Orbisius Arbitrary File Modification (1.2.6)
|
CWE-88
|
CWE-88
|
High
|
|
WordPress Plugin Child Theme Creator by Orbisius Cross-Site Request Forgery (1.5.1)
|
CVE-2020-28649
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Child Themes Helper Multiple Vulnerabilities (2.0)
|
CWE-434
CWE-538
|
CWE-434
CWE-538
|
High
|
|
WordPress Plugin ChimpExpress Cross-Site Scripting (1.6.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ChimpMate-WordPress MailChimp Assistant Local File Inclusion (1.3.2)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Chop Slider 3 SQL Injection (3.4)
|
CVE-2020-11530
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Chronoforms Cross-Site Request Forgery (7.0.9)
|
CVE-2022-47135
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Chunks Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Church Admin 'id' Parameter Cross-Site Scripting (0.33.4.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Church Admin Arbitrary File Upload (1.2530)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Church Admin Arbitrary File Upload (4.4.6)
|
CVE-2024-37418
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Church Admin Cross-Site Scripting (0.800)
|
CVE-2015-4127
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Church Admin Cross-Site Scripting (0.856)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CigiCigi Post Guest Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cimy Counter HTTP Response Splitting and Cross-Site Scripting Vulnerabilities (0.9.4)
|
CWE-79
CWE-113
|
CWE-79
CWE-113
|
High
|
|
WordPress Plugin Cimy User Extra Fields Arbitrary File Upload (2.3.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3)
|
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin Cimy User Manager 'cimy_um_filename' Parameter Arbitrary File Disclosure (1.4.2)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin CIP4 Folder Download Widget Local File Inclusion (1.10)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Circles Gallery Cross-Site Scripting (1.0.10)
|
CVE-2023-23881
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Citizen Space Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Citizen Space Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CiviCRM Multiple Cross-Site Scripting Vulnerabilities (5.35.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CiviCRM Multiple Vulnerabilities (5.28.0)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin CiviCRM Remote Code Execution (5.24.2)
|
CVE-2020-36388
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin CiviCRM Security Bypass (5.35.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin CKEditor for WordPress Cross-Site Scripting (4.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Claptastic Clap! Button Multiple Cross-Site Scripting Vulnerabilities (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Classified Listing-Classified ads & Business Directory Cross-Site Scripting (2.2.13)
|
CVE-2022-2654
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Classified Listing Pro & Directory Cross-Site Scripting (2.0.19)
|
CVE-2022-2655
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Classified Listing Store & Membership Cross-Site Scripting (1.4.19)
|
CVE-2022-2654
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin classyfrieds Arbitrary File Upload (3.8)
|
CVE-2021-24253
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Clean Login Cross-Site Request Forgery (1.7.12)
|
CVE-2017-8875
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Clean Login Cross-Site Scripting (1.12.6.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clean Login Unspecified Vulnerability (1.8)
|
|
|
High
|
|
WordPress Plugin Cleeng-Sell your videos Cross-Site Scripting (2.3.2)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clerk Security Bypass (3.8.3)
|
CVE-2022-3907
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Clever Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (2.0.15)
|
CVE-2021-24273
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ClickBank Affiliate Ads Multiple Vulnerabilities (1.7)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin ClickDesk Live Support-Live Chat-Help Desk 'cdwidgetid' Parameter Cross-Site Scripting (2.0)
|
CVE-2011-5181
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ClickDesk Live Support-Live Chat-Help Desk Cross-Site Scripting (4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ClickSold IDX Cross-Site Scripting (1.48)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Click to Call or Chat Buttons Cross-Site Scripting (1.4.0)
|
CVE-2023-25710
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Click to Chat Cross-Site Scripting (1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Click to Copy Grab Box Multiple Cross-Site Scripting Vulnerabilities (0.1.1)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Click to top Cross-Site Scripting (1.2.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clicky by Yoast Multiple Cross-Site Scripting Vulnerabilities (1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Client Dash Cross-Site Scripting (2.1.4)
|
CVE-2019-17071
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Client Invoicing by Sprout Invoices-Easy Estimates and Invoices for WordPress Cross-Site Scripting (6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Client Invoicing by Sprout Invoices-Easy Estimates and Invoices for WordPress Cross-Site Scripting (19.9.6)
|
CVE-2021-24787
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Client Invoicing by Sprout Invoices-Easy Estimates and Invoices for WordPress Security Bypass (9.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Clik stats Open Redirect (0.8)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin ClinicalWP Core Cross-Site Scripting (1.0.5)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clio Grow Cross-Site Scripting (1.0)
|
CVE-2023-22683
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clipboard Images Arbitrary File Upload (0.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Clipta Video Informer Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clockwork SMS Notfications Cross-Site Scripting (2.0.3)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clone Cross-Site Scripting (2.1.1)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Clone Information Disclosure (2.4.2)
|
CVE-2023-6750
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin CloudFlare Multiple Cross-Site Scripting Vulnerabilities (1.3.20)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CloudFlare Multiple Unspecified Vulnerabilities (1.1.6)
|
|
|
High
|
|
WordPress Plugin cloudsafe365_for_WP 'file' Parameter Remote File Disclosure (1.46)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin CM Ad Changer Cross-Site Scripting (1.7.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CM Ad Changer Multiple Cross-Site Scripting Vulnerabilities (1.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CM Answers Cross-Site Scripting (2.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CM Download Manager Arbitrary File Upload (2.8.5)
|
CVE-2022-3076
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin CM Download Manager Code Injection (2.0.3)
|
CVE-2014-8877
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin CM Download Manager Cross-Site Scripting (2.7.0)
|
CVE-2020-27344
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CM Download Manager Multiple Vulnerabilities (2.0.6)
|
CVE-2014-9129
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin CM Footnotes Cross-Site Scripting (1.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CMP-Coming Soon & Maintenance by NiteoThemes Multiple Unspecified Vulnerabilities (4.0.9)
|
|
|
High
|
|
WordPress Plugin CMP-Coming Soon & Maintenance by NiteoThemes Security Bypass (3.8.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin CM Pop-Up banners for WordPress Cross-Site Scripting (1.4.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CM Pop-Up banners for WordPress SQL Injection (1.5.10)
|
CVE-2023-30750
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin CMS Commander Client PHP Object Injection (2.21)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Cms Pack TimThumb Arbitrary File Upload (1.3)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin CMS Press Cross-Site Scripting (0.2.3)
|
CVE-2023-25452
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CMS Tree Page View 'cms_tpv_view' Parameter Cross-Site Scripting (0.8.8)
|
CVE-2012-1834
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CMS Tree Page View Cross-Site Request Forgery (1.2.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin CMS Tree Page View Cross-Site Scripting (1.2.31)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CMS Tree Page View Multiple Vulnerabilities (1.4)
|
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin CMS Tree Page View Security Bypass (1.3.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin CM Table Of Contents Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CM Tooltip Glossary-Better SEO and UEX for your WP site Cross-Site Scripting (3.3.4)
|
CVE-2016-1000132
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CM Tooltip Glossary-Better SEO and UEX for your WP site Cross-Site Scripting (3.9.20)
|
CVE-2021-24678
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Co-Authors Plus Multiple Unspecified Vulnerabilities (3.1.2)
|
|
|
High
|
|
WordPress Plugin CodeArt-Google MP3 Player Arbitrary File Disclosure (1.0.11)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Code Embed 'suffix' Parameter Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Code Insert Manager (Q2W3 Inc Manager) ZeroClipboard Cross-Site Scripting (2.3.1)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Code Snippets Cross-Site Request Forgery (2.13.3)
|
CVE-2020-8417
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Code Snippets Cross-Site Scripting (2.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Codestyling Localization 'name' Parameter Cross-Site Scripting (1.99.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Codestyling Localization Multiple Vulnerabilities (1.99.30)
|
CVE-2015-4179
CWE-79
CWE-95
CWE-352
|
CWE-79
CWE-95
CWE-352
|
High
|
|
WordPress Plugin Coditor-Code Editor Security Bypass (1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Collapse-O-Matic Cross-Site Scripting (1.6.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Collapse-O-Matic Cross-Site Scripting (1.8.2)
|
CVE-2022-4475
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin College publisher Import Arbitrary File Upload (0.1)
|
CVE-2021-24254
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Collision Testimonials 'admin.php' SQL Injection (3.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Colorful Categories Cross-Site Request Forgery (2.0.14)
|
CVE-2021-24802
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Comic Book Management System SQL Injection (2.1.0)
|
CVE-2022-3856
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ComicPress Manager 'lang' Parameter Cross-Site Scripting (1.4.9.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Coming Soon & Maintenance Mode Page Cross-Site Request Forgery (1.57)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Coming Soon & Maintenance Mode Page PHP Object Injection (1.42)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Coming Soon & Maintenance Mode Page Unspecified Vulnerability (1.40)
|
|
|
High
|
|
WordPress Plugin Coming Soon, Under Construction & Maintenance Mode By Dazzler Cross-Site Scripting (1.6.6)
|
CVE-2021-24539
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Coming Soon, Under Construction & Maintenance Mode By Dazzler Unspecified Vulnerability (1.6.8)
|
|
|
High
|
|
WordPress Plugin Coming Soon/Maintenance mode Ready! Cross-Site Request Forgery (0.5.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Coming soon and Maintenance mode Cross-Site Scripting (3.5.2)
|
CVE-2021-24577
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Coming soon and Maintenance mode Unspecified Vulnerability (3.5.4)
|
|
|
High
|
|
WordPress Plugin Coming Soon Multiple Vulnerabilities (1.1.18)
|
CVE-2018-5657
CVE-2018-5658
CVE-2018-5659
CVE-2018-5660
CVE-2018-5661
CVE-2018-5662
CVE-2018-5663
CVE-2018-5664
CVE-2018-5665
CVE-2018-5666
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Coming Soon Page & Maintenance Mode Cross-Site Request Forgery (1.7.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Coming Soon Page & Maintenance Mode Cross-Site Scripting (1.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Coming Soon Page & Maintenance Mode Unspecified Vulnerability (1.8.2)
|
|
|
High
|
|
WordPress Plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd Cross-Site Scripting (5.1.0)
|
CVE-2020-15038
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Coming Soon Possible Remote Code Execution (1.1.3)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Comment and Review Spam Control for WooCommerce Security Bypass (1.4.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Commentator Cross-Site Scripting (2.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Comment Attachment Cross-Site Scripting (1.5.5)
|
CVE-2013-6010
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Comment Extra Fields 'cef-upload.php' Arbitrary File Upload (1.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Comment Extra Fields Multiple Cross-Site Scripting Vulnerabilities (1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Comment Highlighter SQL Injection (0.13)
|
CVE-2021-24393
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Comment Link Remove and Other Comment Tools Cross-Site Request Forgery (2.1.4)
|
CVE-2021-24725
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin CommentLuv Cross-Site Scripting (2.92.3)
|
CVE-2013-1409
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Comment Rating 'id' Parameter SQL Injection (2.9.23)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Comment Rating 'path' Parameter Cross-Site Scripting (2.9.20)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Comment Rating Cross-Site Request Forgery (2.9.20)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Comment Rating SQL Injection and Security Bypass Weakness Vulnerabilities (2.9.32)
|
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Comments-wpDiscuz Arbitrary File Upload (7.0.4)
|
CVE-2020-24186
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Comments-wpDiscuz Cross-Site Request Forgery (3.2.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Comments-wpDiscuz Cross-Site Request Forgery (7.3.3)
|
CVE-2021-24806
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Comments-wpDiscuz Cross-Site Scripting (3.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Comments-wpDiscuz Cross-Site Scripting (7.3.1)
|
CVE-2021-24737
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Comments-wpDiscuz SQL Injection (5.3.5)
|
CVE-2020-13640
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Comments Disable-AccessPress includes Backdoor [Only if downloaded via the vendor website] (1.0.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Comments Like Dislike Security Bypass (1.1.3)
|
CVE-2021-24379
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Comment System for WordPress & Ajax Comments-Comment Press Cross-Frame Scripting (2.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Community by PeepSo-Social Network, Membership, Registration, User Profiles Multiple Cross-Site Request Forgery Vulnerabilities (6.0.2.0)
|
CVE-2022-41633
CVE-2023-25967
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Community by PeepSo-Social Network, Membership, Registration, User Profiles Multiple Vulnerabilities (1.11.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Community by PeepSo-Social Network, Membership, Registration, User Profiles Privilege Escalation (1.6.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Community Events 'id' Parameter SQL Injection (1.2.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Community Events SQL Injection (1.3.5)
|
CVE-2015-3313
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Compact WP Audio Player Cross-Site Scripting (1.9.7)
|
CVE-2022-4542
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Compact WP Audio Player Multiple Vulnerabilities (1.9.6)
|
CVE-2021-24734
CVE-2021-24735
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Companion Auto Update Cross-Site Scripting (2.9.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Companion Auto Update Multiple Vulnerabilities (3.2.0)
|
CWE-22
CWE-352
|
CWE-22
CWE-352
|
High
|
|
WordPress Plugin Companion Revision Manager-Revision Control Unspecified Vulnerability (1.3)
|
|
|
High
|
|
WordPress Plugin Companion Sitemap Generator Cross-Site Request Forgery (3.6.6)
|
CVE-2019-15113
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Compfight Cross-Site Scripting (1.4)
|
CVE-2014-5202
CVE-2014-8622
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Complete Gallery Manager for WordPress Arbitrary File Upload (3.3.3)
|
CVE-2013-5962
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Complianz-GDPR/CCPA Cookie Consent Cross-Site Scripting (5.5.2)
|
CVE-2022-0193
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Complianz-GDPR/CCPA Cookie Consent Cross-Site Scripting (6.4.1)
|
CVE-2023-1069
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Complianz-GDPR/CCPA Cookie Consent SQL Injection (6.3.3)
|
CVE-2022-3494
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Comprehensive Google Map Cross-Site Request Forgery (9.1.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Computer Repair Shop Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Concours Cross-Site Scripting (1.1)
|
CVE-2017-17719
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Conditional Marketing Mailer for WooCommerce Cross-Site Request Forgery (1.5.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Conditional Marketing Mailer for WooCommerce Security Bypass (1.5.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Conditional Marketing Mailer for WooCommerce Unspecified Vulnerability (1.6)
|
|
|
High
|
|
WordPress Plugin Conditional Payments for WooCommerce Cross-Site Request Forgery (2.3.1)
|
CVE-2022-46805
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Conduit Banner 'banner-index-field-id' Parameter Cross-Site Scripting (0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Connections Business Directory Cross-Site Scripting (8.5.8)
|
CVE-2016-0770
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Connections Business Directory Cross-Site Scripting (10.4.2)
|
CVE-2021-24794
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Connections Business Directory CSV Injection (9.6)
|
CVE-2020-36503
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Connections Business Directory Unspecified Vulnerability (0.7.1.5)
|
CVE-2011-5254
|
|
High
|
|
WordPress Plugin Connections Business Directory Unspecified Vulnerability (10.4.7)
|
|
|
High
|
|
WordPress Plugin Connector for Gravity Forms and Google Sheets Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Constant Contact Forms Cross-Site Scripting (1.8.7)
|
CVE-2021-24134
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Constant Contact for WordPress Multiple Cross-Site Scripting Vulnerabilities (3.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Constant Contact for WordPress Unspecified Vulnerability (3.1.6)
|
|
|
High
|
|
WordPress Plugin Consulting Elementor Widgets Local File Inclusion (1.3.0)
|
CVE-2024-37089
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Consulting Elementor Widgets SQL Injection (1.3.0)
|
CVE-2024-37090
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress 'Label' Field Cross-Site Scripting (2.0.19)
|
CVE-2014-3841
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.69)
|
CVE-2014-8807
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.225)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.226)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.22)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.23)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (3.0.30)
|
CVE-2022-3350
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Unspecified Vulnerability (2.1.26)
|
|
|
High
|
|
WordPress Plugin Contact Form & SMTP Plugin for WordPress by PirateForms Cross-Site Scripting (2.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 'wpcf_easyform_formid' Parameter SQL Injection (2.7.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form, Drag and Drop Form Builder for WordPress-Everest Forms SQL Injection (1.4.9)
|
CVE-2019-13575
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form, Survey & Popup Form for WordPress-ARForms Form Builder Cross-Site Scripting (1.4)
|
CVE-2021-24718
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form-Fastest Contact Form Builder Plugin for WordPress by Fluent Forms Cross-Site Request Forgery (3.6.66)
|
CVE-2021-34620
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form-Form builder with drag & drop for WordPress by Kali Forms Security Bypass (2.1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contact Form 7 Arbitrary File Upload (3.5.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Contact Form 7 Arbitrary File Upload (3.5.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Contact Form 7 Arbitrary File Upload (5.3.1)
|
CVE-2020-35489
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Contact Form 7 Captcha Cross-Site Request Forgery (0.0.8)
|
CVE-2021-24565
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form 7 Cross-Site Scripting (4.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 7 Database Addon-CFDB7 CSV Injection (1.2.5.5)
|
CVE-2021-24144
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Contact Form 7 Database Addon-CFDB7 Unspecified Vulnerability (1.2.5.3)
|
|
|
High
|
|
WordPress Plugin Contact Form 7 Database Addon-CFDB7 Unspecified Vulnerability (1.2.5.7)
|
|
|
High
|
|
WordPress Plugin Contact Form 7 Database Information Disclosure (1.3)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Contact Form 7 Database Multiple Vulnerabilities (1.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Contact Form 7 Datepicker Cross-Site Scripting (2.6.0)
|
CVE-2020-11516
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 7 Dynamic Text Extension Cross-Site Scripting (2.0.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 7 Integrations Multiple Cross-Site Scripting Vulnerabilities (1.3.10)
|
CVE-2014-6445
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 7 International Sms Integration Cross-Site Scripting (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 7 Multi-Step Addon Malicious Code (1.0.5)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Contact Form 7 Multi-Step Forms Security Bypass (3.0.8)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contact Form 7 Privilege Escalation (5.0.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contact Form 7 Redirect & Thank You Page Cross-Site Request Forgery (1.0.3)
|
CVE-2023-24395
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form 7 Security Bypass (3.7.1)
|
CVE-2014-2265
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contact Form 7 Security Bypass (4.1)
|
CWE-330
|
CWE-330
|
High
|
|
WordPress Plugin Contact Form 7 Style Cross-Site Request Forgery (3.1.9)
|
CVE-2021-24159
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form 7 Style Cross-Site Request Forgery (3.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form 7 Zendesk Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 7-Clockwork SMS Cross-Site Scripting (2.3.0)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form 7-PayPal Add-on Cross-Site Request Forgery (1.3.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form Builder-a plugin for creating contact and feedback forms Cross-Site Request Forgery (1.0.68)
|
CVE-2019-11557
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form Builder-a plugin for creating contact and feedback forms Multiple SQL Injection Vulnerabilities (1.0.24)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form Builder-a plugin for creating contact and feedback forms Security Bypass (1.0.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Cross-Site Request Forgery (3.82)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.34)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.51)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.81)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.95)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (4.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (4.0.5)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18491
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by BestWebSoft Email Header Injection (3.83)
|
CWE-88
|
CWE-88
|
High
|
|
WordPress Plugin Contact Form by ContactMe.com Cross-Site Scripting (2.3)
|
CVE-2014-4518
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by Supsystic Cross-Site Scripting (1.7.14)
|
CVE-2021-24276
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by Supsystic Cross-Site Scripting (1.7.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by Supsystic Multiple Vulnerabilities (1.7.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Cross-Site Request Forgery (1.13.4)
|
CVE-2019-11591
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Cross-Site Scripting (1.7.18)
|
CVE-2014-8796
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Multiple Vulnerabilities (1.12.20)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Security Bypass (1.7.14)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool SQL Injection (1.7.30)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Unspecified Vulnerability (1.12.22)
|
|
|
High
|
|
WordPress Plugin Contact Form by WPForms-Drag & Drop Form Builder for WordPress Cross-Site Scripting (1.4.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by WPForms-Drag & Drop Form Builder for WordPress Cross-Site Scripting (1.5.8.2)
|
CVE-2020-10385
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by WPForms-Drag & Drop Form Builder for WordPress Cross-Site Scripting (1.6.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form by WPForms-Drag & Drop Form Builder for WordPress Directory Traversal (1.7.5.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Contact Form Check Tester Cross-Site Scripting (1.0.2)
|
CVE-2021-24247
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Clean and Simple Cross-Site Scripting (4.4.0)
|
CVE-2014-8955
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Clean and Simple Cross-Site Scripting (4.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form DB-Elementor Cross-Site Request Forgery (1.5)
|
CVE-2021-3133
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form DB-Elementor Cross-Site Scripting (1.7)
|
CVE-2022-2116
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31)
|
CVE-2015-1874
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form DB Cross-Site Scripting (2.8.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form DB Cross-Site Scripting (2.8.27)
|
CVE-2015-2040
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form DB Cross-Site Scripting (2.10.29)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form DB CSV Injection (2.10.32)
|
CVE-2018-9035
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Contact Form DB Multiple Cross-Site Scripting Vulnerabilities (2.8.15)
|
CVE-2014-7139
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Email Cross-Site Scripting (1.0)
|
CVE-2014-8798
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Email Cross-Site Scripting (1.1.47)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Email Cross-Site Scripting (1.1.49)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Email Cross-Site Scripting (1.1.87)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Email Cross-Site Scripting (1.3.24)
|
CVE-2021-42361
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Email Information Disclosure (1.2.66)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Contact Form Email Multiple Vulnerabilities (1.1.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Contact Form Email Multiple Vulnerabilities (1.2.65)
|
CVE-2019-9646
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Cross-Site Scripting (1.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite includes Backdoor [Only if downloaded via the vendor website] (1.5.0)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Cross-Site Scripting Vulnerabilities (1.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities (1.3.6)
|
CVE-2017-15919
CWE-89
CWE-915
|
CWE-89
CWE-915
|
High
|
|
WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities (1.3.7)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Contact Form Generator Multiple Cross-Site Request Forgery Vulnerabilities (2.1.86)
|
CVE-2015-6965
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form Integrated With Google Maps Cross-Site Scripting (2.4)
|
CVE-2014-7238
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Manager Multiple Cross-Site Scripting Vulnerabilities (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Manager Multiple Vulnerabilities (1.4.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Contact Form Multi by BestWebSoft Cross-Site Scripting (1.2.0)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18490
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form Submissions SQL Injection (1.6.4)
|
CVE-2021-24125
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form Submissions Unspecified Vulnerability (1.2)
|
|
|
High
|
|
WordPress Plugin Contact Form Submissions Unspecified Vulnerability (1.6.3)
|
|
|
High
|
|
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress Cross-Site Scripting (1.4.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress Cross-Site Scripting (1.5.6)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18492
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.0)
|
CVE-2023-29096
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.1)
|
CVE-2023-36508
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.2)
|
CVE-2024-35678
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form Unspecified Vulnerability (1.1.9)
|
|
|
High
|
|
WordPress Plugin Contact Form Unspecified Vulnerability (1.2)
|
|
|
High
|
|
WordPress Plugin Contact Form Widget-Contact Query, Form Maker SQL Injection (1.0.9)
|
CVE-2019-17072
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contact Form With Captcha Cross-Site Request Forgery (1.6.2)
|
CVE-2021-42358
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contact Form X Cross-Site Scripting (2.4)
|
CVE-2022-25601
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contact List-Easy Business Directory, Staff Directory and Address Book Cross-Site Scripting (2.9.41)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Content Audit Blind SQL Injection (1.6)
|
CVE-2014-5389
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Content Audit Multiple Vulnerabilities (1.9.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Content Aware Sidebars-Unlimited Widget Areas Security Bypass (3.8)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Content Blocks (Custom Post Widget) Cross-Site Scripting (3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Content Blocks (Custom Post Widget) Local File Inclusion (3.3.0)
|
CVE-2024-3564
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Contentboxes Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Content Cards Cross-Site Scripting (0.9.6)
|
CVE-2017-17096
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Content Control-User Access Restriction Cross-Site Scripting (1.1.9)
|
CVE-2022-4509
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Content Copy Protection & Prevent Image Save Cross-Site Request Forgery (1.3)
|
CVE-2021-24333
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Content Grabber Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Content Staging Cross-Site Scripting (2.0.1)
|
CVE-2021-39356
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ContentStudio Multiple Vulnerabilities (1.2.5)
|
CVE-2023-0556
CVE-2023-0557
CVE-2023-0558
CWE-200
CWE-287
CWE-862
|
CWE-200
CWE-287
CWE-862
|
High
|
|
WordPress Plugin Content text slider on post Cross-Site Scripting (6.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Content Timeline Multiple SQL Injection Vulnerabilities (4.4.2)
|
CVE-2017-14507
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contest Gallery-Photo Contest for WordPress Cross-Site Request Forgery (10.4.1.1)
|
CVE-2019-5974
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contest Gallery-Photo Contest for WordPress Cross-Site Scripting (13.1.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contest Gallery-Photo Contest for WordPress Cross-Site Scripting (14.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contest Gallery-Photo Contest for WordPress Security Bypass (13.1.0.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contest Gallery-Photo Contest for WordPress SQL Injection (13.1.0.5)
|
CVE-2021-24915
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contextual Adminbar Color Cross-Site Scripting (0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contextual Related Posts Cross-Site Request Forgery (1.8.6)
|
CVE-2013-2710
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contextual Related Posts Cross-Site Request Forgery (2.9.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Contextual Related Posts Cross-Site Scripting (3.3.0)
|
CVE-2023-0252
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Contextual Related Posts Multiple Vulnerabilities (3.3.1)
|
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Controlled Admin Access Security Bypass (1.4.0)
|
CVE-2021-24215
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Controlled Admin Access Security Bypass (1.5.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Contus HD FLV Player 'uploadVideo.php' Arbitrary File Upload (1.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin CONTUS VBLOG-Video Blogging 'save.php' Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Conversador Cross-Site Scripting (2.61)
|
CVE-2014-4519
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Convert Docx2post Arbitrary File Upload (1.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Convert Plus Security Bypass (3.4.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Convert Plus Security Bypass (3.4.4)
|
CVE-2019-15863
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Convert Plus Unspecified Vulnerability (3.5.6)
|
|
|
High
|
|
WordPress Plugin Cooked-Recipe Cross-Site Scripting (1.7.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cooked Pro Cross-Site Scripting (1.7.5.5)
|
CVE-2021-24233
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookie Bar Cross-Site Scripting (1.8.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookiebot-GDPR/CCPA Compliant Cookie Consent and Control Cross-Site Scripting (3.6.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) Cross-Site Scripting (3.2.0)
|
CVE-2024-4869
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) CSV Injection (2.2.5)
|
CVE-2023-23678
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) Security Bypass (3.0.2)
|
CVE-2024-3599
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Cookie Information-Free GDPR Consent Solution Cross-Site Scripting (1.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookie Information-Free GDPR Consent Solution Privilege Escalation (1.4.2)
|
CVE-2018-19207
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Cookie Information-Free GDPR Consent Solution Security Bypass (2.0.22)
|
CVE-2023-6700
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Cookie Law Bar Cross-Site Scripting (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookie Notice & Compliance for GDPR/CCPA Cross-Site Scripting (2.1.1)
|
CVE-2021-24569
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookie Notice & Consent Banner for GDPR & CCPA Compliance Cross-Site Scripting (1.7.1)
|
CVE-2021-24590
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cookie Notification for WordPress-WP Cookie User Info includes Backdoor [Only if downloaded via the vendor website] (1.0.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin CoolClock-a Javascript Analog Clock Cross-Site Scripting (4.3.4)
|
CVE-2021-24670
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cool Flickr Slideshow Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cool Tag Cloud Cross-Site Scripting (2.25)
|
CVE-2021-24682
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cool Timeline (Horizontal & Vertical Timeline) Cross-Site Request Forgery (2.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Cool Timeline (Horizontal & Vertical Timeline) Security Bypass (2.3.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Cool Video Gallery Command Injection (1.9)
|
CVE-2015-7527
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Cool Video Gallery Cross-Site Request Forgery (1.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Copify Cross-Site Request Forgery (1.3.0)
|
CVE-2022-1900
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16)
|
CVE-2010-0673
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin copy-me Cross-Site Request Forgery (1.0.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Copy or Move Comments Multiple Vulnerabilities (1.0.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin CopySafe PDF Protection Arbitrary File Upload (0.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin CopySafe PDF Protection Unspecified Vulnerability (1.10)
|
|
|
High
|
|
WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5)
|
CVE-2017-8100
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Corner Ad Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Correos Woocommerce Arbitrary File Download (1.3.0.0)
|
CVE-2023-0331
CWE-552
|
CWE-552
|
High
|
|
WordPress Plugin Countdown and CountUp, WooCommerce Sales Timer Cross-Site Request Forgery (1.5.7)
|
CVE-2021-34636
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Countdown Block Security Bypass (1.1.1)
|
CVE-2021-24633
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Count per Day 'month' Parameter SQL Injection (2.17)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Count per Day 'notes.php' Cross-Site Scripting (3.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Count per Day 'userperspan.php' Multiple Cross-Site Scripting Vulnerabilities (3.1.1)
|
CVE-2012-3434
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Count per Day Arbitrary File Download and Cross-Site Scripting Vulnerabilities (3.1)
|
CVE-2012-0896
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Count per Day Cross-Site Request Forgery (3.2.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Count per Day Information Disclosure (3.2.5)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Count per Day Multiple Cross-Site Scripting Vulnerabilities (3.5.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Count per Day Multiple Vulnerabilities (3.5.6)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Count per Day Search Bar Cross-Site Scripting (3.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Count per Day SQL Injection (3.4)
|
CVE-2015-5533
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Country State City Dropdown CF7 Security Bypass (2.7.1)
|
CVE-2024-3520
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Country State City Dropdown CF7 SQL Injection (2.7.2)
|
CVE-2024-3495
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Coupon Creator Cross-Site Request Forgery (3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Couponer 'print-coupon.php' SQL Injection (1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Coupon Tab for DirectoryPress Multiple Cross-Site Scripting Vulnerabilities (0.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.97)
|
CVE-2019-14784
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.98)
|
CVE-2019-14785
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CP Contact Form with PayPal Multiple Vulnerabilities (1.1.5)
|
CWE-79
CWE-89
CWE-352
|
CWE-79
CWE-89
CWE-352
|
High
|
|
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin CP Reservation Calendar SQL Injection (1.1.6)
|
CVE-2015-7235
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin CPT Bootstrap Carousel Cross-Site Scripting (1.12)
|
CVE-2022-4834
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Crafty Social Buttons Cross-Site Scripting (1.5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Craw Data Server-Side Request Forgery (1.0.0)
|
CVE-2022-2912
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Crayon Syntax Highlighter Local File Disclosure (2.6.10)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Crayon Syntax Highlighter Security Bypass (2.6.10)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Crazy Bone Cross-Site Scripting (0.5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Creative Contact Form-The Best WordPress Contact Form Builder Arbitrary File Upload (0.9.7)
|
CVE-2014-7969
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Credova_Financial Information Disclosure (1.4.8)
|
CVE-2021-39342
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Crelly Slider Arbitrary File Upload (1.3.4)
|
CVE-2019-15866
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Crelly Slider Multiple Unspecified Vulnerabilities (1.1.1)
|
|
|
High
|
|
WordPress Plugin Crisp Live Chat Cross-Site Request Forgery (0.31)
|
CVE-2021-43353
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Crony Cronjob Manager Multiple Vulnerabilities (0.4.4)
|
CVE-2017-14530
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Cross-RSS Directory Traversal (1.7)
|
CVE-2014-4941
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin CrossSlide jQuery Multiple Vulnerabilities (2.0.5)
|
CVE-2015-2089
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Crowd Ideas Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Cryptocurrency Donation Box-Bitcoin & Crypto Donations Security Bypass (1.7)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Cryptocurrency Widgets-Price Ticker & Coins List Security Bypass (2.4)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Cryptocurrency Widgets For Elementor Security Bypass (1.2.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Cryptocurrency Widgets Pack SQL Injection (1.8.1)
|
CVE-2022-4059
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin CSS & JavaScript Toolbox SQL Injection (9.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin CSS Hero Cross-Site Scripting (4.03)
|
CVE-2019-19133
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce Cross-Site Request Forgery (2.4.49)
|
CVE-2022-47154
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin CSS Plus Multiple Unspecified Vulnerabilities (1.3.1)
|
|
|
High
|
|
WordPress Plugin Csv2WPeC Coupon Arbitrary File Upload (1.1)
|
CVE-2015-1000013
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Csv Import-Export Multiple Cross-Site Scripting Vulnerabilities (1.1.0)
|
CVE-2017-17753
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CSV Import Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CSV Importer Multiple Unspecified Vulnerabilities (0.3.7)
|
|
|
High
|
|
WordPress Plugin CTA for WordPress-Easy Side Tab includes Backdoor [Only if downloaded via the vendor website] (1.0.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Currency Switcher for WooCommerce Security Bypass (2.11.1)
|
CVE-2019-18668
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Current Book Cross-Site Scripting (1.0.1)
|
CVE-2021-24538
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom 404 Pro Cross-Site Request Forgery (3.7.1)
|
CVE-2023-0385
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom 404 Pro Cross-Site Scripting (3.2.7)
|
CVE-2019-15838
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom 404 Pro Cross-Site Scripting (3.2.8)
|
CVE-2019-14789
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom 404 Pro Unspecified Vulnerability (3.7.0)
|
|
|
High
|
|
WordPress Plugin Custom Add User Cross-Site Scripting (2.0.2)
|
CVE-2023-0043
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Admin Page by BestWebSoft Cross-Site Scripting (0.1.1)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18493
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Background 'uploadify.php' Arbitrary File Upload (1.01)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Custom Banners Cross-Site Request Forgery (3.2.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Banners Cross-Site Scripting (1.2.2.2)
|
CVE-2014-4724
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Body Class Cross-Site Request Forgery (0.6.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress plugin Custom Contact Forms critical vulnerability
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Custom Contact Forms Multiple Cross-Site Scripting Vulnerabilities (5.0.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Contact Forms Security Bypass (5.1.0.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Custom Content Type Manager 'upload_form.php' Arbitrary File Upload (0.9.5.13)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Custom Content Type Manager Backdoor (0.9.8.8)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5)
|
CVE-2015-3173
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Custom css-js-php Cross-Site Request Forgery (2.0.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom css-js-php Unspecified Vulnerability (2.0.2)
|
|
|
High
|
|
WordPress Plugin Custom CSS Pro Cross-Site Request Forgery (1.0.3)
|
CVE-2019-5984
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Dashboard & Login Page-AGCA Cross-Site Request Forgery (6.5.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Dashboard & Login Page-AGCA Cross-Site Scripting (6.9.1)
|
CVE-2021-36823
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Dashboard & Login Page-AGCA Multiple Unspecified Vulnerabilities (1.5.4.2)
|
|
|
High
|
|
WordPress Plugin Customer Reviews for WooCommerce Cross-Site Scripting (5.16.0)
|
CVE-2023-0079
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Customer Reviews for WooCommerce Local File Inclusion (5.15.0)
|
CVE-2023-0080
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Customer Reviews for WooCommerce Multiple Vulnerabilities (5.3.5)
|
CVE-2022-38134
CVE-2022-38470
CVE-2022-40194
CWE-200
CWE-352
CWE-863
|
CWE-200
CWE-352
CWE-863
|
High
|
|
WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.10.3)
|
CVE-2021-24622
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Fields Search by BestWebSoft Cross-Site Scripting (1.3.1)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Field Suite Cross-Site Request Forgery (2.5.15)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Field Suite Cross-Site Scripting (2.5.14)
|
CVE-2019-11871
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Field Suite Security Bypass (2.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Custom Field Template Cross-Site Request Forgery (2.5.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Field Template PHP Object Injection (2.5.7)
|
CVE-2022-4324
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Custom Frontend Login Registration Form Multiple Cross-Site Scripting Vulnerabilities (1.01)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Global Variables Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Customify-Intuitive Website Styling Cross-Site Request Forgery (2.10.4)
|
CVE-2023-27633
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Customize Feeds for Twitter Cross-Site Request Forgery (1.8.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure (1.8.6)
|
CVE-2022-0345
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Customize Youtube Videos Multiple Vulnerabilities (0.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Custom Login Cross-Site Scripting (3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Login Page Customizer-LoginPress Multiple Vulnerabilities (1.1.13)
|
CVE-2019-15871
CVE-2019-15872
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Custom Login Page Customizer-LoginPress Unspecified Vulnerability (1.1.15)
|
|
|
High
|
|
WordPress Plugin Custom Login Redirect Cross-Site Request Forgery (1.0.0)
|
CVE-2021-24536
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Map Cross-Site Scripting (1.1)
|
CVE-2017-17744
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Menu Cross-Site Scripting (1.3.3)
|
CVE-2021-38321
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Metas Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Permalinks SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Custom Permalinks Unspecified Vulnerability (0.7.15)
|
|
|
High
|
|
WordPress Plugin Custom Post Type Relations Cross-Site Scripting (1.0)
|
CVE-2021-34654
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Post Types and Custom Fields creator-WCK Multiple Unspecified Vulnerabilities (1.2.9)
|
|
|
High
|
|
WordPress Plugin Custom Post Type UI 'wp-admin/admin.php' Cross-Site Scripting (0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Post Type UI Cross-Site Request Forgery (1.7.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Post View Generator Cross-Site Scripting (0.4.6)
|
CVE-2021-24605
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Scrollbar Designer Cross-Site Scripting (1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Searchable Data Entry System Security Bypass (1.7.1)
|
CVE-2020-10817
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Custom Search by BestWebSoft Cross-Site Scripting (1.35)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18494
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Search by BestWebSoft Unspecified Vulnerability (1.21)
|
|
|
High
|
|
WordPress Plugin Custom Sidebars-Dynamic Widget Area Manager Cross-Site Scripting (2.1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Sidebars-Dynamic Widget Area Manager Multiple Vulnerabilities (3.0.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Custom Simple Rss Cross-Site Request Forgery (2.0.6)
|
CVE-2019-14327
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Tables 'key' Parameter Cross-Site Scripting (3.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Text Selection Colors Cross-Site Scripting (1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Website Data Cross-Site Request Forgery (1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Custom Website Data Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Custom Website Data Cross-Site Scripting (2.2)
|
CVE-2021-38347
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin CWIS-Antivirus Security Scanner Unspecified Vulnerability (2.3.2)
|
|
|
High
|
|
WordPress Plugin CYSTEME Finder, the admin files explorer Cross-Site Request Forgery (1.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin CYSTEME Finder, the admin files explorer Multiple Vulnerabilities (1.3)
|
CWE-434
CWE-538
|
CWE-434
CWE-538
|
High
|
|
WordPress Plugin CYSTEME Finder, the admin files explorer Unspecified Vulnerability (1.7)
|
|
|
High
|
|
WordPress Plugin Daily Inspiration Generator Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Daily Inspiration Generator Open Redirect (2.0)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Daily Maui Photo Widget Multiple Cross-Site Scripting Vulnerabilities (0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Daily Prayer Time Cross-Site Request Forgery (2023.03.08)
|
CVE-2023-27632
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Daily Prayer Time Cross-Site Scripting (2021.08.07)
|
CVE-2021-24523
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Daily Prayer Time Cross-Site Scripting (2023.03.20)
|
CVE-2023-27631
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Daily Prayer Time SQL Injection (2022.02.28)
|
CVE-2022-0785
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin DandyID Services Cross-Site Request Forgery (1.5.9)
|
CVE-2014-9335
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Dark Mode Cross-Site Scripting (1.6)
|
CVE-2018-5651
CVE-2018-5652
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Database Backup for WordPress 'edit.php' Directory Traversal (1.7)
|
CVE-2006-4208
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Database Backup for WordPress Cross-Site Scripting (2.3.3)
|
CVE-2021-24322
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Database Backups Cross-Site Request Forgery (1.2.2.6)
|
CVE-2021-24174
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Arbitrary File Upload (1.3.2)
|
CVE-2024-1069
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.3.3)
|
CVE-2024-2030
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.3.8)
|
CVE-2024-3715
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Database Sync Cross-Site Scripting (0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.19)
|
CVE-2022-2114
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Data Tables Generator by Supsystic Multiple Vulnerabilities (1.9.91)
|
CVE-2020-12075
CVE-2020-12076
CWE-79
CWE-264
CWE-352
|
CWE-79
CWE-264
CWE-352
|
High
|
|
WordPress Plugin Data Tables Generator by Supsystic Multiple Vulnerabilities (1.9.96)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Data Tables Generator by Supsystic Security Bypass (1.10.25)
|
CVE-2023-25043
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin DB Backup Directory Traversal (4.5)
|
CVE-2014-9119
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Dbox 3D Slider Lite SQL Injection (1.2.2)
|
CVE-2018-5374
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin DB Toolkit 'uploadify.php' Arbitrary File Upload (0.1.10)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Dean's FCKEditor with pwwang's code Arbitrary File Upload (1.0.0)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Dean's Permalinks Migration Cross-Site Request Forgery (1.0)
|
CVE-2008-0508
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Debug Bar Multiple Unspecified Vulnerabilities (0.8.4)
|
|
|
High
|
|
WordPress Plugin Debug Bar Unspecified Vulnerability (0.8)
|
|
|
High
|
|
WordPress Plugin Debug Log Manager Cross-Site Request Forgery (2.2.1)
|
CVE-2023-5772
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Debug Log Manager Information Disclosure (2.2.2)
|
CVE-2023-6383
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Debug Log Manager Security Bypass (2.2.1)
|
CVE-2023-6136
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Deeper Comments Security Bypass (2.1.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Defa Online Image Protector Cross-Site Scripting (3.3)
|
CVE-2016-1000129
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Default Facebook Thumbnails Multiple Vulnerabilities (0.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Default Thumbnail Plus Arbitrary File Upload (1.0.2.3)
|
CVE-2024-6161
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Defender Security-Malware Scanner, Login Security & Firewall Cross-Site Request Forgery (2.4.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Delete All Comments Arbitrary File Upload (2.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Delete All Comments Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Delete All Comments Easily Cross-Site Request Forgery (1.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Delete Comments By Status Multiple Cross-Site Scripting Vulnerabilities (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Delete Duplicate Posts Security Bypass (4.1.9.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Delightful Downloads Directory Traversal (1.6.6)
|
CVE-2017-1000170
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin DELUCKS SEO Cross-Site Scripting (2.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DELUCKS SEO Unspecified Vulnerability (1.2.2)
|
|
|
High
|
|
WordPress Plugin Democracy Poll Multiple Vulnerabilities (5.3.6)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin DeMomentSomTres Subscribe Cross-Site Scripting (201909190900)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin demon image annotation Cross-Site Request Forgery (4.7)
|
CVE-2022-2864
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Deny All Firewall Cross-Site Request Forgery (1.1.6)
|
CVE-2019-14681
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Design Approval System Cross-Site Scripting (3.6)
|
CVE-2013-5711
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DethemeKit For Elementor Multiple Cross-Site Scripting Vulnerabilities (1.5.5.4)
|
CVE-2021-24270
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Developer Formatter Cross-Site Request Forgery (2012.0.1.39)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Developer Tools Arbitrary File Upload (1.1.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Dexs PM System Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DFD Reddcoin Tips Cross-Site Scripting (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Dharma booking Local/Remote File Inclusion (2.38.3)
|
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin Dialog Contact Form Cross-Site Scripting (1.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Diary & Availability Calendar SQL Injection (1.0.3)
|
CVE-2021-24555
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Digg Digg Cross-Site Request Forgery (5.3.4)
|
CVE-2013-3258
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Digital Climate Strike WP Malicious Redirects (1.0.0)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Digital Publications by Supsystic Multiple Vulnerabilities (1.6.9)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Digital River Global Commerce Supply Chain Attack [Polyfill.io] (2.0.2)
|
CWE-1372
|
CWE-1372
|
High
|
|
WordPress Plugin Direct Download for Woocommerce Arbitrary File Download (1.15)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Directories Pro Cross-Site Scripting (1.3.45)
|
CVE-2020-29303
CVE-2020-29304
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DirectoryPress-Business Directory And Classified Ad Listing SQL Injection (3.6.10)
|
CVE-2024-38755
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Disable Comments Cross-Site Request Forgery (1.0.3)
|
CVE-2014-2550
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Disable Comments Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Disable Feeds Unspecified Vulnerability (1.4)
|
|
|
High
|
|
WordPress Plugin Disable Image Right Click Cross-Site Scripting (1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Disc Golf Manager PHP Object Injection (1.0.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Disclosure Policy 'abspath' Parameter Remote File Include (1.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Discount Rules for WooCommerce Multiple Vulnerabilities (2.0.2)
|
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Discount Rules for WooCommerce Security Bypass (2.2.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Discounts Manager for Products Cross-Site Scripting (3.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Display Posts Shortcode Unspecified Vulnerability (1.9)
|
|
|
High
|
|
WordPress Plugin Display Users SQL Injection (2.0.0)
|
CVE-2021-24400
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Display Widgets Cross-Site Scripting (2.03)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Display Widgets Spam Links Injection (2.6.3.1)
|
CWE-610
|
CWE-610
|
High
|
|
WordPress Plugin Disqus Comment System Cross-Site Scripting (2.68)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Disqus Comment System Multiple Cross-Site Request Forgery Vulnerabilities (2.77)
|
CVE-2014-5346
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Disqus Comment System Multiple Vulnerabilities (2.75)
|
CVE-2014-5345
CVE-2014-5347
CWE-79
CWE-95
CWE-352
|
CWE-79
CWE-95
CWE-352
|
High
|
|
WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Cross-Site Scripting (3.0.14)
|
CVE-2022-0533
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Cross-Site Scripting (3.0.32)
|
CVE-2023-23874
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Unspecified Vulnerability (1.5.1)
|
|
|
High
|
|
WordPress Plugin DiveBook Multiple Vulnerabilities (1.1.4)
|
CVE-2020-14205
CVE-2020-14206
CVE-2020-14207
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Divi Builder Arbitrary File Upload (4.5.2)
|
CVE-2020-35945
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Divi Builder Cross-Site Scripting (2.17.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Divi Builder PHP Code Injection (4.0.9)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Divi Builder Security Bypass (1.2.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin DJ EmailPublish Cross-Site Scripting (1.7.2)
|
CVE-2021-38329
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DM Albums 'album.php' Remote File Inclusion (1.9.2)
|
CVE-2009-2396
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin DM Albums File Dislosure (1.9.2)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin DM Albums Multiple File Deletion Vulnerabilities (2.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin DMCA WaterMarker Cross-Site Scripting (1.0)
|
CVE-2014-4520
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DMSGuestbook File Manipulation (1.17.4)
|
CWE-99
|
CWE-99
|
High
|
|
WordPress Plugin DMSGuestbook Multiple Remote Vulnerabilities (1.8.0)
|
CVE-2008-0615
CVE-2008-0616
CVE-2008-0617
CVE-2008-0618
CWE-22
CWE-79
CWE-89
|
CWE-22
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Docket Cache-Object Cache Accelerator Cross-Site Scripting (21.08.01)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Doctor Appointment Booking Multiple Vulnerabilities (1.0.0)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.0.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.2.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Security Bypass (2.9.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Donate by BestWebSoft Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Donate by BestWebSoft Cross-Site Scripting (2.1.1)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Donation Block For PayPal Cross-Site Scripting (2.0.0)
|
CVE-2023-0535
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Donation Block For PayPal Unspecified Vulnerability (1.0.0)
|
|
|
High
|
|
WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Cross-Site Scripting (1.6.50)
|
CVE-2021-24531
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Cross-Site Scripting (1.7.0.10)
|
CVE-2022-47441
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Privilege Escalation (1.7.0.12)
|
CVE-2023-4404
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Security Bypass (1.5.13)
|
CVE-2018-21011
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Donations Privilege Escalation (1.3)
|
CVE-2019-15772
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Donation Thermometer Cross-Site Scripting (2.1.2)
|
CVE-2022-3128
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Donation with Goals and Paypal IPN by NonprofitCMS.org 'exporttocsv.php' SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Doneren met Mollie Information Disclosure (2.8.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Donorbox-Free Recurring Donation Form Cross-Site Scripting (7.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DOP Slider Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin DosCero.Menu Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Double Opt-In for Download Multiple Cross-Site Scripting Vulnerabilities (2.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Double Opt-In for Download SQL Injection (2.0.8)
|
CVE-2015-7517
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Double Opt-In for Download SQL Injection (2.0.9)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Download from files Arbitrary File Upload (1.48)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Download Manager Arbitrary File Deletion (3.2.50)
|
CVE-2022-2431
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Download Manager Cross-Site Scripting (3.2.42)
|
CVE-2022-1985
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Manager Cross-Site Scripting (3.2.46)
|
CVE-2022-2101
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Manager Cross-Site Scripting (3.2.52)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Manager Directory Traversal (3.2.54)
|
CVE-2022-2926
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Download Manager Multiple Cross-Site Scripting Vulnerabilities (3.2.48)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Manager PHAR Deserialization (3.2.49)
|
CVE-2022-2436
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Download Monitor 'dlsearch' Parameter Cross-Site Scripting (3.3.5.8)
|
CVE-2012-4768
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Monitor Cross-Site Scripting (1.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Monitor Cross-Site Scripting (3.3.6.1)
|
CVE-2013-3262
CVE-2013-5098
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Monitor Information Disclosure (1.6.3)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Download Monitor SQL Injection (4.4.4)
|
CVE-2021-24786
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Download Monitor Unspecified Vulnerability (1.9.6)
|
|
|
High
|
|
WordPress Plugin Download Monitor Unspecified Vulnerability (4.4.6)
|
|
|
High
|
|
WordPress Plugin Download Plugin Arbitrary Directory Download (1.0.1)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Download Plugins and Themes from Dashboard Cross-Site Scripting (1.5.0)
|
CVE-2019-17239
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Download Plugin Security Bypass (1.6.0)
|
CVE-2021-24703
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Download Plugin Unspecified Vulnerability (1.6.1)
|
|
|
High
|
|
WordPress Plugin Download Shortcode Arbitrary File Disclosure (0.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Download Shortcode Local File Inclusion (0.2.3)
|
CVE-2014-5465
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Downloads Manager 'upload.php' Arbitrary File Upload (0.2)
|
CVE-2008-3362
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Downloads Manager Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Download Theme Arbitrary Directory Download (1.0.2)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Download Zip Attachments Arbitrary File Download (1.0.0)
|
CVE-2015-4704
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin DP Maintenance Mode Lite Cross-Site Scripting (1.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DP Thumbnail TimThumb Arbitrary File Upload (1.0)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Drag & Drop File Uploader 'dnd-upload.php' Arbitrary File Upload (0.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Arbitrary File Upload (1.3.3.2)
|
CVE-2020-12800
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Arbitrary File Upload (1.3.5.4)
|
CVE-2020-24389
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Cross-Site Scripting (1.3.6.2)
|
CVE-2022-0595
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Security Bypass (1.3.6.4)
|
CVE-2022-3282
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Dropbox Folder Share Local File Inclusion (1.9.7)
|
CVE-2023-4488
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Dropbox Folder Share Server-Side Request Forgery (1.9.7)
|
CVE-2023-3025
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Dropdown and scrollable Text Cross-Site Scripting (2.0)
|
CVE-2021-38353
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Dropdown Menu Widget Cross-Site Request Forgery (1.9.1)
|
CVE-2013-2704
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Drop Shadow Boxes Security Bypass (1.7.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Dropshix Security Bypass (4.0.13)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Drug Search Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DS.DownloadList PHP Object Injection (1.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin DSGVO All in one for WP Cross-Site Scripting (3.9)
|
CVE-2021-24294
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DSGVO All in one for WP Cross-Site Scripting (4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin dsIDXpress IDX Cross-Site Scripting (2.1.0)
|
CVE-2014-4521
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin dsIDXpress IDX Multiple Unspecified Vulnerabilities (2.1.32)
|
|
|
High
|
|
WordPress Plugin dsSearchAgent:WordPress Edition Cross-Site Scripting (1.0-beta10)
|
CVE-2014-4522
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DSubscribers SQL Injection (1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Dtracker Multiple Vulnerabilities (1.5)
|
CVE-2017-1002004
CVE-2017-1002005
CVE-2017-1002006
CVE-2017-1002007
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin DukaPress Directory Traversal (2.5.2)
|
CVE-2014-8799
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin DukaPress Multiple Cross-Site Scripting Vulnerabilities (2.5.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DukaPress PHP Object Injection (3.1.20)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin DukaPress SQL Injection (2.5.9)
|
CVE-2015-1000011
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin DukaPress TimThumb Arbitrary File Upload (2.3.2)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Duo Two-Factor Authentication Security Bypass (1.8.1)
|
CWE-592
|
CWE-592
|
High
|
|
WordPress Plugin Duplicate Page and Post Spam Injection (2.1.1)
|
CWE-610
|
CWE-610
|
High
|
|
WordPress Plugin Duplicate Page and Post SQL Injection (2.5.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Duplicate Page Cross-Site Scripting (4.4.2)
|
CVE-2021-24681
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Duplicate Page Multiple Vulnerabilities (2.3)
|
CWE-79
CWE-89
CWE-200
CWE-352
|
CWE-79
CWE-89
CWE-200
CWE-352
|
High
|
|
WordPress Plugin Duplicate Page SQL Injection (3.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Duplicate Page Unspecified Vulnerability (3.5)
|
|
|
High
|
|
WordPress Plugin Duplicate Post Cross-Site Scripting (2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Duplicate Post Multiple Vulnerabilities (2.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Duplicate Post SQL Injection (1.1.9)
|
CVE-2021-43408
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Duplicate Theme Unspecified Vulnerability (0.1.4)
|
|
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Arbitrary File Disclosure (0.3.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Arbitrary File Download (1.3.26)
|
CVE-2020-11738
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Cross-Site Request Forgery (1.1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (0.4.4)
|
CVE-2013-4625
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (0.5.26)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (1.2.28)
|
CVE-2017-16815
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (1.2.32)
|
CVE-2018-7543
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Remote Code Execution (1.2.40)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Security Bypass (0.5.8)
|
CVE-2014-9262
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration SQL Injection (0.5.14)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Duplicator-WordPress Migration Unspecified Vulnerability (1.1.34)
|
|
|
High
|
|
WordPress Plugin DVS Custom Notification Multiple Cross-Site Request Forgery Vulnerabilities (1.0.1)
|
CVE-2012-4921
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin DW Mega Menu Cross-Site Request Forgery (1.0.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin dwnldr Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DW Question & Answer Cross-Site Request Forgery (1.5.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin DW Question & Answer Cross-Site Scripting (1.4.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin DW Question & Answer Multiple Unspecified Vulnerabilities (1.4.4)
|
|
|
High
|
|
WordPress Plugin DW Question & Answer Security Bypass (1.2.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin DX-Contribute Cross-Site Request Forgery (1.2.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin DX Share Selection Cross-Site Request Forgery (1.4)
|
CVE-2022-2001
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Dynamic Content for Elementor Remote Code Execution (1.9.5.6)
|
CVE-2020-26596
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Dynamic Featured Image Unspecified Vulnerability (1.0.3)
|
|
|
High
|
|
WordPress Plugin Dynamic Widgets 'id' Parameter Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Dynamic Widgets Multiple Cross-Site Scripting Vulnerabilities (1.5.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Dynamic Widgets Multiple Unspecified Vulnerabilities (1.5.7)
|
|
|
High
|
|
WordPress Plugin DZS Video Gallery Information Disclosure (3.1.3)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin DZS Video Gallery Multiple Cross-Site Scripting Vulnerabilities (All)
|
CVE-2014-3923
CVE-2014-9094
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin E-Search Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CVE-2016-1000130
CVE-2016-1000131
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easiest Contact Form for WordPress-AP Contact Form includes Backdoor [Only if downloaded via the vendor website] (1.0.6)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Easing Slider Multiple Cross-Site Scripting Vulnerabilities (2.2.0.6)
|
CVE-2015-1436
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy2Map Cross-Site Scripting (1.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy2Map Multiple SQL Injection Vulnerabilities (1.2.4)
|
CVE-2015-4614
CVE-2015-4616
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Easy2Map Multiple Vulnerabilities (1.2.9)
|
CVE-2015-7668
CVE-2015-7669
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Easy2Map Photos Cross-Site Scripting (2.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy2Map Photos Multiple Vulnerabilities (1.0.9)
|
CVE-2015-4615
CVE-2015-4617
CWE-22
CWE-89
|
CWE-22
CWE-89
|
High
|
|
WordPress Plugin Easy Accept Payments for PayPal Cross-Site Scripting (4.9.9)
|
CVE-2023-0275
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Accordion-Best Accordion FAQ Cross-Site Scripting (2.0.21)
|
CVE-2021-24576
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Affiliate Links Cross-Site Scripting (3.7.0)
|
CVE-2023-0375
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Appointments Cross-Site Scripting (1.11.7)
|
CVE-2017-15812
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Appointments Cross-Site Scripting (3.11.0)
|
CVE-2022-4668
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Author Image Information Disclosure (1.5)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Easy Banners Cross-Site Scripting (1.4)
|
CVE-2014-4723
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Career Openings Cross-Site Scripting (0.4)
|
CVE-2014-4523
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Coming Soon Cross-Site Scripting (1.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Coming Soon Cross-Site Scripting (1.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Comment Uploads 'upload.php' Arbitrary File Upload (0.61)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Easy Contact Form Builder Cross-Site Scripting (1.0)
|
CVE-2016-1000152
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Contact Form Lite 'sort_row.request.php' SQL Injection (1.0.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Easy Contact Form Pro Cross-Site Scripting (1.1.1.8)
|
CVE-2021-24168
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure (1.1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Easy Contact Form Solution Cross-Site Scripting (1.6)
|
CVE-2014-7240
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Cookies Policy Cross-Site Scripting (1.6.2)
|
CVE-2021-24405
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Custom Auto Excerpt Cross-Site Scripting (2.4.6)
|
CVE-2018-5311
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Custom Sidebars Unspecified Vulnerability (1.0.1)
|
|
|
High
|
|
WordPress Plugin Easy Digital Downloads-htaccess Editor Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Digital Downloads-Recent Purchases Remote File Inclusion (1.0.2)
|
CVE-2024-35629
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Request Forgery (2.10.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (2.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (2.9.15)
|
CVE-2019-15116
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (2.10.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (2.11.2)
|
CVE-2021-39354
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (3.1.0.4)
|
CVE-2023-0380
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Information Disclosure (2.7.6)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Multiple Security Bypass Vulnerabilities (2.1.10)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Security Bypass (2.9.16)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Security Bypass (3.1.1.4.1)
|
CVE-2023-30869
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files SQL Injection (3.1.0.3)
|
CVE-2023-23489
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Unspecified Vulnerability (2.4.9)
|
|
|
High
|
|
WordPress Plugin Easy Digital Downloads Attach Accounts to Orders Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Digital Downloads QR Code Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Event calendar Cross-Site Scripting (1.0)
|
CVE-2023-28169
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy FancyBox Cross-Site Scripting (1.8.17)
|
CVE-2019-16524
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy FancyBox Unspecified Vulnerability (1.3.4.9)
|
|
|
High
|
|
WordPress Plugin Easy Filter SQL Injection (1.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Easy Form Builder Arbitrary File Upload (1.0)
|
CVE-2021-24224
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Easy Forms for Mailchimp Cross-Site Scripting (5.0.6)
|
CVE-2014-7152
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Forms for MailChimp Cross-Site Scripting (6.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Forms for MailChimp Local File Inclusion (6.0.5.5)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Easy Forms for Mailchimp PHP Code Injection (6.5.2)
|
CVE-2019-15318
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (6.0.3.2)
|
|
|
High
|
|
WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (6.3.2)
|
|
|
High
|
|
WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (6.3.11)
|
|
|
High
|
|
WordPress Plugin Easy Forms for Mailchimp Unspecified Vulnerability (6.6.2)
|
|
|
High
|
|
WordPress Plugin Easy Gallery Slideshow Cross-Site Scripting (1.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Google Analytics for WordPress Cross-Site Request Forgery (1.6.0)
|
CVE-2023-23887
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Easy Google Fonts Cross-Site Scripting (1.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Google Map Cross-Site Scripting (1.1.4)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Google Maps Cross-Site Scripting (1.9.33)
|
CVE-2021-39346
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Image Gallery Cross-Site Scripting (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Justified Gallery Cross-Site Scripting (1.0.8)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Media Download Cross-Site Scripting (1.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Media Download Cross-Site Scripting (1.1.6)
|
CVE-2021-24699
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Modal Multiple SQL Injection Vulnerabilities (2.0.17)
|
CVE-2017-12946
CVE-2017-12947
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Easy Org Chart Cross-Site Scripting (3.1)
|
CVE-2022-36355
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Panorama Cross-Site Scripting (1.1.4)
|
CVE-2023-23799
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy PayPal Buy Now Button Cross-Site Scripting (1.7.3)
|
CVE-2022-4628
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy PayPal Buy Now Button Multiple Vulnerabilities (1.7.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Easy PayPal Events Cross-Site Scripting (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy PayPal Events Unspecified Vulnerability (1.1.6)
|
|
|
High
|
|
WordPress Plugin Easy PayPal Gift Certificate Multiple Vulnerabilities (1.2.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin easy pdf restaurant menu upload Cross-Site Scripting (1.1.1)
|
CVE-2019-15842
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin easyping-website subscriptions done right PHP Object Injection (0.0.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Easy Pixels eCommerce extension Unspecified Vulnerability (1.4)
|
|
|
High
|
|
WordPress Plugin Easy Pixels Unspecified Vulnerability (1.8.2)
|
|
|
High
|
|
WordPress Plugin Easy Plugin for AdSense Cross-Site Request Forgery (6.06)
|
CVE-2013-2702
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Easy Preloader Cross-Site Scripting (1.0.0)
|
CVE-2021-24344
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Property Listings Cross-Site Request Forgery (3.3.5.8)
|
CVE-2020-5530
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Easy Property Listings Cross-Site Scripting (3.3.5.8)
|
CVE-2019-15817
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Property Listings Unspecified Vulnerability (2.0)
|
|
|
High
|
|
WordPress Plugin Easy Redirect Manager Cross-Site Scripting (2.18.18)
|
CVE-2019-6267
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Registration Forms Cross-Site Request Forgery (2.1.1)
|
CVE-2021-39353
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Easy Registration Forms Cross-Site Scripting (1.8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Registration Forms Cross-Site Scripting (2.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Registration Forms CSV Injection (2.0.6)
|
CVE-2020-22275
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Easy Registration Forms Unspecified Vulnerability (1.8.4)
|
|
|
High
|
|
WordPress Plugin easyReservations Cross-Site Scripting (5.0.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Social Box/Page Cross-Site Scripting (4.1.2)
|
CVE-2022-4754
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Social Feed-Social Photos Gallery-Post Feed-Like Box Cross-Site Scripting (4.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Social Feed-Social Photos Gallery-Post Feed-Like Box Cross-Site Scripting (6.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Social Feed-Social Photos Gallery-Post Feed-Like Box Cross-Site Scripting (6.3.9)
|
CVE-2022-4474
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Social Feed-Social Photos Gallery-Post Feed-Like Box Security Bypass (6.3.3)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Easy Social Icons Cross-Site Scripting (3.0.8)
|
CVE-2021-39322
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Social Icons Cross-Site Scripting (3.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.2)
|
CVE-2015-2084
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.3.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Easy Social Share Buttons for WordPress Multiple Cross-Site Scripting Vulnerabilities (3.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy SVG Support Cross-Site Scripting (3.2.0)
|
CVE-2022-1964
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Table Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Table Cross-Site Scripting (1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Team Manager SQL Injection (1.3.2)
|
CVE-2017-1002023
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Easy Testimonial Manager SQL Injection (1.2.0)
|
CVE-2021-24394
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Easy Testimonials Cross-Site Request Forgery (3.6.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Easy Testimonials Cross-Site Scripting (1.36.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Testimonials Cross-Site Scripting (3.0.4)
|
CVE-2017-12131
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Testimonials Cross-Site Scripting (3.5.2)
|
CVE-2020-14959
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Testimonial Slider Unspecified Vulnerability (1.0.2)
|
|
|
High
|
|
WordPress Plugin Easy Twitter Feed Cross-Site Scripting (1.1)
|
CVE-2021-24413
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy Updates Manager Privilege Escalation (8.0.4)
|
CVE-2019-15650
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Easy Watermark Security Bypass (0.7.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Easy WP SMTP Cross-Site Scripting (1.2.4)
|
CVE-2017-7723
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Easy WP SMTP PHP Object Injection (1.3.9)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Easy WP SMTP Security Bypass (1.4.2)
|
CVE-2020-35234
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin eBay Feeds for WordPress Cross-Site Scripting (1.0)
|
CVE-2014-4525
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Echo Sign Multiple Cross-Site Scripting Vulnerabilities (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ecommerce-Two Factor Authentication Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Request Forgery (2.9.43)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Request Forgery (3.0.17)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Scripting (3.0.38)
|
CVE-2021-24875
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ECPay Logistics for WooCommerce Cross-Site Scripting (1.2.181030)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ecSTATic Arbitrary File Upload (0.9933)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ecwid Ecommerce Shopping Cart Cross-Site Request Forgery (6.10.23)
|
CVE-2022-2432
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ecwid Ecommerce Shopping Cart PHP Object Injection (4.4.3)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin EDD Favorites Cross-Site Scripting (1.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Edit Author Slug Cross-Site Scripting (1.0.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Edit Comments SQL Injection (0.3)
|
CVE-2021-24551
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Edit Comments XT Cross-Site Scripting (1.0)
|
CVE-2021-38336
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Editorial Calendar Multiple Vulnerabilities (2.6)
|
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress Plugin EditorMonkey Remote File Upload (2.5)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Edwiser Bridge-WordPress Moodle LMS Integration Multiple Cross-Site Request Forgery Vulnerabilities (2.0.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Edwiser Bridge-WordPress Moodle LMS Integration Unspecified Vulnerability (2.0.7)
|
|
|
High
|
|
WordPress Plugin EELV Newsletter Cross-Site Scripting (3.3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EELV Newsletter Multiple Vulnerabilities (4.6)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Efence Multiple Cross-Site Scripting Vulnerabilities (1.3.2)
|
CVE-2014-4526
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Effectively Add & Customize Free Icons For WordPress Menus-WP Menu Icons Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin eHive Account Details Cross-Site Scripting (2.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin eHive Object Details Cross-Site Scripting (2.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin eID Easy Cross-Site Scripting (4.6)
|
CVE-2021-34650
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ElasticPress Cross-Site Request Forgery (3.5.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Elementor-Header, Footer & Blocks Template Multiple Cross-Site Scripting Vulnerabilities (1.5.7)
|
CVE-2021-24256
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Addon Elements Cross-Site Request Forgery (1.6.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Elementor Addon Elements Cross-Site Request Forgery (1.11.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Elementor Addon Elements Multiple Cross-Site Scripting Vulnerabilities (1.11.1)
|
CVE-2021-24259
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Pro Arbitrary File Upload (2.9.3)
|
CVE-2020-13126
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Elementor Pro Cross-Site Scripting (2.0.9)
|
CVE-2018-18379
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Pro Security Bypass (3.11.6)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Elementor Website Builder Arbitrary File Upload (2.7.4)
|
CVE-2020-7055
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Elementor Website Builder Arbitrary File Upload (3.6.2)
|
CVE-2022-1329
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Elementor Website Builder Arbitrary File Upload (3.18.1)
|
CVE-2023-48777
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.7.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.8.4)
|
CVE-2020-8426
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.8)
|
CVE-2020-13864
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.9)
|
CVE-2020-13865
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.13)
|
CVE-2020-15020
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.4.7)
|
CVE-2021-24891
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.5.5)
|
CVE-2022-29455
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Multiple Cross-Site Scripting Vulnerabilities (3.1.1)
|
CVE-2021-24201
CVE-2021-24202
CVE-2021-24203
CVE-2021-24204
CVE-2021-24205
CVE-2021-24206
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Elementor Website Builder Multiple Vulnerabilities (3.16.4)
|
CVE-2023-47504
CVE-2023-47505
CWE-79
CWE-862
|
CWE-79
CWE-862
|
High
|
|
WordPress Plugin Elementor Website Builder Security Bypass (1.7.12)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Elementor Website Builder Security Bypass (2.9.5)
|
CVE-2020-20634
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Elementor Website Builder Security Bypass (3.0.13)
|
CVE-2020-36171
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Elementor Website Builder Unspecified Vulnerability (1.8.8)
|
|
|
High
|
|
WordPress Plugin Elementor Website Builder Unspecified Vulnerability (3.0.15)
|
|
|
High
|
|
WordPress Plugin Elements For Elementor Local File Inclusion (2.1)
|
CVE-2024-5348
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Elements kit Elementor addons (Header & Footer Builder, Mega Menu Builder, Layout Library) Multiple Cross-Site Scripting Vulnerabilities (2.1.7)
|
CVE-2021-24258
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ELEX WooCommerce Google Shopping (Google Product Feed) Cross-Site Scripting (1.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Emag Marketplace Connector Cross-Site Scripting (1.0.0)
|
CVE-2017-17043
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Artillery (MASS EMAIL) Multiple Vulnerabilities (4.1)
|
CVE-2021-24490
CWE-79
CWE-89
CWE-434
|
CWE-79
CWE-89
CWE-434
|
High
|
|
WordPress Plugin Email Before Download SQL Injection (3.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Before Download SQL Injection (3.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Before Download SQL Injection (6.7)
|
CVE-2021-24748
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Before Download Unspecified Vulnerability (6.9.3)
|
|
|
High
|
|
WordPress Plugin Email Encoder-Protect Email Addresses Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Encoder-Protect Email Addresses Cross-Site Scripting (2.1.1)
|
CVE-2021-24599
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Encoder-Protect Email Addresses Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Log Cross-Site Scripting (2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Log Cross-Site Scripting (2.4.7)
|
CVE-2021-24924
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Log Information Disclosure (1.9)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Email Log SQL Injection (2.4.6)
|
CVE-2021-24758
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email newsletter 'option' Parameter Information Disclosure (8.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Email newsletter Cross-Site Scripting (20.13.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email posts to subscribers Multiple Vulnerabilities (2.0)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Email Queue by BestWebSoft Cross-Site Request Forgery (1.0.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Email Queue by BestWebSoft Cross-Site Scripting (1.1.1)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscriber Cross-Site Scripting (1.1)
|
CVE-2021-24556
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Cross-Site Scripting (3.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Cross-Site Scripting (3.4.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Cross-Site Scripting (4.0.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Cross-Site Scripting (4.1.6)
|
CVE-2019-14364
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Cross-Site Scripting (5.7.11)
|
CVE-2024-22300
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Cross-Site Scripting (5.7.15)
|
CVE-2024-2656
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce CSV Injection (5.5.2)
|
CVE-2022-45810
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Directory Traversal (5.6.23)
|
CVE-2023-5414
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Information Disclosure (3.4.7)
|
CVE-2018-6015
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Multiple Vulnerabilities (2.9)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Multiple Vulnerabilities (4.2.2)
|
CVE-2019-19980
CVE-2019-19981
CVE-2019-19982
CVE-2019-19984
CVE-2019-19985
CWE-200
CWE-264
CWE-352
|
CWE-200
CWE-264
CWE-352
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Multiple Vulnerabilities (4.5.0.1)
|
CVE-2020-5767
CVE-2020-5768
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (3.5.13)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (4.5.5)
|
CVE-2020-5780
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (5.7.13)
|
CVE-2024-31352
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (5.7.19)
|
CVE-2024-4010
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (5.7.26)
|
CVE-2024-5703
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (4.1.7)
|
CVE-2019-13569
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (4.3.0)
|
CVE-2019-20361
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.3.1)
|
CVE-2022-0439
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.4.19)
|
CVE-2022-3981
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.14)
|
CVE-2024-2876
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.20)
|
CVE-2024-4295
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.22)
|
CVE-2024-4845
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.23)
|
CVE-2024-5756
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.25)
|
CVE-2024-6172
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Unspecified Vulnerability (4.3.4)
|
|
|
High
|
|
WordPress Plugin Email Templates HTML Injection (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Users Cross-Site Request Forgery (4.8.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Email Users Cross-Site Scripting (4.7.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Users Cross-Site Scripting (4.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Email Verification for WooCommerce Unspecified Vulnerability (1.8.1)
|
|
|
High
|
|
WordPress Plugin Embed Any Document-Embed PDF, Word, PowerPoint and Excel Files Cross-Site Scripting (2.7.1)
|
CVE-2023-23707
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Embed Articles Multiple Vulnerabilities (7.0.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Embedded Video 'lembedded-video.php' Cross-Site Scripting (4.1)
|
CVE-2010-4277
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Embed Images in Comments Cross-Site Scripting (0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Embed PDF Cross-Site Scripting (1.0.6)
|
CVE-2022-4788
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EmbedSocial-Social Media Feeds, Reviews and Galleries Cross-Site Scripting (1.1.27)
|
CVE-2023-0371
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EmbedStories-Display social media stories Cross-Site Scripting (0.7.4)
|
CVE-2023-0372
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Embed Swagger Cross-Site Scripting (1.0.0)
|
CVE-2022-0381
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Embed Youtube Video SQL Injection (1.0)
|
CVE-2021-24395
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin EMC2 Custom Help Videos Cross-Site Scripting (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EME Sync Facebook Events Unspecified Vulnerability (1.0.38)
|
|
|
High
|
|
WordPress Plugin Enable Media Replace Arbitrary File Upload (4.0.1)
|
CVE-2023-0255
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Enable Media Replace Directory Traversal (3.6.3)
|
CVE-2022-2554
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3)
|
CWE-89
CWE-434
|
CWE-89
CWE-434
|
High
|
|
WordPress Plugin Enable Media Replace Unspecified Vulnerability (2.9.5)
|
|
|
High
|
|
WordPress Plugin Encrypted Blog Multiple Vulnerabilities (0.0.6.2)
|
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress Plugin Encrypted Contact Form Multiple Vulnerabilities (1.0.4)
|
CVE-2015-4010
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Enhanced Plugin Admin Cross-Site Scripting (1.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ENL Newsletter SQL Injection (1.0.1)
|
CVE-2014-4939
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Enmask Captcha Malicious Redirects (1.3)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Entries For WPForms SQL Injection (1.4.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin EnvialoSimple:Email Marketing y Newsletters Multiple Cross-Site Scripting Vulnerabilities (1.97)
|
CVE-2014-4527
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Erident Custom Login and Dashboard Cross-Site Request Forgery (3.4.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Erident Custom Login and Dashboard Cross-Site Scripting (3.5.8)
|
CVE-2021-24658
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Error Log Monitor Security Bypass (1.6.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Error Log Viewer by BestWebSoft Cross-Site Scripting (1.0.5)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18562
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin eShop Code Injection (6.3.11)
|
CVE-2015-3421
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Eshop Magic Arbitrary File Disclosure (0.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin eShop Multiple Cross-Site Scripting Vulnerabilities (6.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin eShop Multiple Vulnerabilities (6.3.13)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin eShop Multiple Vulnerabilities (6.3.14)
|
CVE-2016-0765
CVE-2016-0769
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Esponce QR Code Generator Cross-Site Scripting (1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Essential Addons for Elementor Cross-Site Scripting (5.0.8)
|
CVE-2022-0683
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Essential Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (4.5.3)
|
CVE-2021-24255
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Essential Addons for Elementor Security Bypass (5.7.1)
|
CVE-2023-32243
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Essential Addons for Elementor Server-Side Request Forgery (2.9.8)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (3.8.5)
|
CVE-2022-47594
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (4.0.6)
|
CVE-2023-2087
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Multiple PHP Object Injection Vulnerabilities (4.2.0)
|
CVE-2023-4386
CVE-2023-4402
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Multiple Security Bypass Vulnerabilities (4.0.6)
|
CVE-2023-2083
CVE-2023-2084
CVE-2023-2085
CVE-2023-2086
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities (1.1.0)
|
CVE-2023-4386
CVE-2023-4402
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Essential Content Types Security Bypass (1.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Essential Content Types Security Bypass (1.8.6)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Essential Grid Portfolio-Photo Gallery Security Bypass (1.1.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Essential Real Estate Cross-Site Scripting (1.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Essential Real Estate Cross-Site Scripting (1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Essential Widgets Security Bypass (1.8)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Estatik Real Estate Arbitrary File Upload (2.2.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Estatik Real Estate Arbitrary File Upload (2.3.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Estatik Real Estate Cross-Site Request Forgery (3.8.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.0.6)
|
CVE-2019-16522
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.1.6)
|
CVE-2022-3811
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Eu Cookie Notice Cross-Site Request Forgery (1.0.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Evarisk 'ajax.php' SQL Injection (5.1.3.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Evarisk 'uploadPhotoApres.php' Arbitrary File Upload (5.1.5.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Event Banner Arbitrary File Upload (1.3)
|
CVE-2021-24252
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.0.93)
|
CVE-2017-2224
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.23)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.42)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.44)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event Calendar WD-Responsive Event Calendar Multiple Cross-Site Scripting Vulnerabilities (1.1.21)
|
CVE-2018-16164
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EventCommerce WP Event Calendar Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event Espresso 4 Decaf-Event Registration Event Ticketing Cross-Site Request Forgery (4.9.82)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Event Espresso 4 Decaf-Event Registration Event Ticketing Cross-Site Request Forgery (4.10.11.decaf)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Event Espresso Lite-Event Management and Registration System SQL Injection (3.1.37.11)
|
CVE-2017-1002026
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Event Espresso Lite-Event Management and Registration System SQL Injection (3.1.37.12)
|
CVE-2017-14760
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Eventify-Simple Events 'fetcheventdetails.php' SQL Injection (1.7.f)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Eventify-Simple Events 'npath' Parameter Remote File Include (1.7.g)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Event List Cross-Site Scripting (0.7.9)
|
CVE-2017-12068
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event List PHP Object Injection (0.7.10)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Event List SQL Injection (0.7.8)
|
CVE-2017-9429
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Event Management Tickets Booking By Event Monster Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event Notifier Cross-Site Scripting (1.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EventON Cross-Site Scripting (3.0.5)
|
CVE-2020-29395
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin eventON Multiple Cross-Site Scripting Vulnerabilities (2.6.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event Organiser Cross-Site Scripting (2.12.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Event post Local File Inclusion (5.9.5)
|
CVE-2024-38735
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.32)
|
CVE-2010-4839
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.44)
|
CVE-2010-4839
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Event Registration 'id' Parameter SQL Injection (5.43)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Event Registration Multiple Vulnerabilities (6.02.03)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Eventr SQL Injection (1.02.2)
|
CVE-2017-1002018
CVE-2017-1002019
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Events by Devllo Cross-Site Scripting (1.0.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Calendar 'ec_management.class.php' Cross-Site Scripting (6.7.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Calendar for Google Local File Inclusion (2.1.0)
|
CVE-2024-38716
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Event Single Page Templates Addon For The Events Calendar Security Bypass (1.5)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Events Made Easy Arbitrary File Upload (2.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Events Made Easy Cross-Site Scripting (1.6.20)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Made Easy Cross-Site Scripting (2.2.23)
|
CVE-2021-24813
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Made Easy Multiple Vulnerabilities (1.5.49)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Events Made Easy PHP Object Injection (2.0.52)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Events Made Easy SQL Injection (2.2.35)
|
CVE-2021-25030
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Events Manager 'events-manager.php' SQL Injection (2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Events Manager Cross-Site Request Forgery (5.9.8.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Events Manager Cross-Site Scripting (5.8.1.1)
|
CVE-2018-9020
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Manager Cross-Site Scripting (5.8.1.3)
|
CVE-2018-0576
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Manager Cross-Site Scripting (5.9.5)
|
CVE-2019-16523
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Manager CSV Injection (5.9.7.1)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Events Manager Extended 'admin.php' SQL Injection (3.1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Events Manager Extended Multiple HTML Injection Vulnerabilities (3.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Manager Multiple Cross-Site Scripting Vulnerabilities (5.3.3)
|
CVE-2013-1407
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Manager Multiple Vulnerabilities (5.5.7.1)
|
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin Events Manager Multiple Vulnerabilities (5.9.7.3)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Events Manager Pro CSV Injection (2.6.7.1)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Events Manager Unspecified Vulnerability (5.5.5)
|
|
|
High
|
|
WordPress Plugin Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Events Search For The Events Calendar Security Bypass (1.1.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Events Shortcodes For The Events Calendar Cross-Site Scripting (1.7.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Events Shortcodes For The Events Calendar Security Bypass (1.9.4)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Events Shortcodes For The Events Calendar Unspecified Vulnerability (1.7.2)
|
|
|
High
|
|
WordPress Plugin Events SQL Injection (2.3.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Events Widgets For Elementor And The Events Calendar Security Bypass (1.4.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Event Tickets CSV Injection (4.10.7.1)
|
CVE-2019-16120
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Everest GPlaces Business Reviews includes Backdoor [Only if downloaded via the vendor website] (1.0.9)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Everest Review Lite-User/Admin review for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin EWWW Image Optimizer Cloud Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EWWW Image Optimizer Cross-Site Request Forgery (5.8.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin EWWW Image Optimizer Cross-Site Scripting (2.0.1)
|
CVE-2014-6243
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1)
|
CVE-2020-29384
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin EWWW Image Optimizer Remote Code Execution (2.8.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Excel-Like Price Changer for WooCommerce and WP E-commerce-Light Multiple Vulnerabilities (2.1.5)
|
CWE-79
CWE-538
|
CWE-79
CWE-538
|
High
|
|
WordPress Plugin Exit Popups & Onsite Retargeting by OptiMonk Cross-Site Scripting (1.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Exit Popup Show Cross-Site Scripting (1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Export any WordPress data to XML/CSV Arbitrary File Upload (0.9)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.0)
|
CVE-2021-24708
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Export any WordPress data to XML/CSV SQL Injection (1.3.4)
|
CVE-2022-1800
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list CSV Injection (2.0.68)
|
CVE-2022-3603
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Export Post Info Cross-Site Scripting (1.1.0)
|
CVE-2022-38068
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Export Post Info CSV Injection (1.2.0)
|
CVE-2022-38061
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Export User Data Cross-Site Scripting (1.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Export Users to CSV CSV Injection (1.1.1)
|
CVE-2018-15571
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Export Users to CSV CSV Injection (1.4.2)
|
CVE-2020-9466
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Export Users to CSV Unspecified Vulnerability (1.3)
|
|
|
High
|
|
WordPress Plugin Export Users With Meta SQL Injection (0.6.4)
|
CVE-2021-24451
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Exquisite PayPal Donation Cross-Site Scripting (2.0.0)
|
CVE-2023-23785
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ExS Widgets Local File Inclusion (0.3.1)
|
CVE-2024-38715
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Extend WordPress-Various Shortcodes & Widgets TimThumb Arbitrary File Upload (2.1.01)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9)
|
CVE-2023-0159
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin External 'Video for Everybody' Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin External Links-nofollow, noopener & new window Cross-Site Request Forgery (2.57)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin External Links-nofollow, noopener & new window Cross-Site Scripting (2.55)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin External Links-nofollow, noopener & new window Multiple Cross-Site Scripting Vulnerabilities (1.80)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin External Media Arbitrary File Upload (1.0.33)
|
CVE-2021-24311
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin External Media without Import Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Extra User Details Privilege Escalation (0.4.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Exxp Cross-Site Scripting (2.6.8)
|
CVE-2022-45812
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Eyes Only:User Access Shortcode Cross-Site Scripting (1.8.2)
|
CVE-2023-25786
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EZ Google Analytics Cross-Site Scripting (4.1.06)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EZP Coming Soon Page Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EZ Portfolio Multiple Cross-Site Scripting Vulnerabilities (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EZPZ One Click Backup 'mail' Parameter Cross-Site Scripting (12.03.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin EZPZ One Click Backup Remote Code Execution (12.03.10)
|
CVE-2014-3114
CWE-78
|
CWE-78
|
High
|
|
WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup Arbitrary SQL Query Execution Vulnerability (4.16.38)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup Multiple Vulnerabilities (4.11.33)
|
CWE-22
CWE-94
|
CWE-22
CWE-94
|
High
|
|
WordPress Plugin Facebook, Twitter & Google+ Social Widgets Multiple Vulnerabilities (1.3.7)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Facebook-this Spam Links Injection (2.5)
|
CWE-610
|
CWE-610
|
High
|
|
WordPress Plugin Facebook Button by BestWebSoft Cross-Site Request Forgery (2.13)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Facebook Button by BestWebSoft Cross-Site Scripting (2.33)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Facebook Button by BestWebSoft Cross-Site Scripting (2.53)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Facebook for WooCommerce Cross-Site Request Forgery (1.9.14)
|
CVE-2019-15841
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Facebook for WordPress Cross-Site Request Forgery (3.0.3)
|
CVE-2021-24218
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Facebook for WordPress PHP Object Injection (2.2.2)
|
CVE-2021-24217
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Facebook Like Box Cross-Site Request Forgery (2.8.2)
|
CVE-2014-9524
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Facebook Like Box Multiple Vulnerabilities (2.9.1)
|
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin Facebook Like Box Unspecified Vulnerability (1.0.17)
|
|
|
High
|
|
WordPress Plugin Facebook Members Cross-Site Request Forgery (5.0.4)
|
CVE-2013-2703
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Facebook Members Cross-Site Scripting (7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Facebook Opengraph Meta 'all_meta.php' SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Facebook Page Feed Timeline Cross-Site Scripting (1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Facebook Page Photo Gallery Cross-Site Scripting (2.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Facebook Photo Fetcher Unspecified Vulnerability (2.1.17)
|
|
|
High
|
|
WordPress Plugin Facebook Promotion Generator for WordPress 'fbActivate.php' SQL Injection (1.3.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Facebook Promotion Generator for WordPress Multiple Cross-Site Scripting Vulnerabilities (1.3.4)
|
CVE-2014-4528
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Facebook With Login Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Falang multilanguage for WordPress Cross-Site Scripting (1.3.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FancyBox for WordPress Cross-Site Scripting (3.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FancyBox for WordPress Security Bypass (3.0.2)
|
CVE-2015-1494
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Fancy Cats Multiple Cross-Site Scripting Vulnerabilities (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fancy Comments WordPress Cross-Site Scripting (1.2.10)
|
CVE-2023-23670
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FancyFlickr Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fancy Gallery 'image-upload.php' Arbitrary File Upload (1.2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Fancy Gallery Cross-Site Scripting (1.5.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fancy Product Designer-WooCommerce Arbitrary File Upload (4.5.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Fancy Product Designer-WooCommerce Arbitrary File Upload (4.6.8)
|
CVE-2021-24370
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Request Forgery (4.7.5)
|
CVE-2021-4096
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (3.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (4.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fancy Product Designer-WooCommerce SQL Injection (4.7.4)
|
CVE-2021-4134
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Fancy Slideshows Security Bypass (2.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin FAQ Multiple Cross-Site Scripting Vulnerabilities (1.0.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FAQs Manager Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin FAQs Manager SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Far Future Expiry Header Cross-Site Request Forgery (1.4)
|
CVE-2021-24799
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Faster and Easier scroll to Top for WordPress-Smart Scroll to Top Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.3)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Fast Image Adder Arbitrary File Upload (1.1)
|
CVE-2015-1000001
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Fast Secure Contact Form 'index.php' Cross-Site Scripting (3.0.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fast Secure Contact Form-Clockwork SMS Cross-Site Scripting (2.1.2)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.35)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.37)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fast Secure Contact Form Remote Code Execution (4.0.44)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6)
|
CVE-2019-19983
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Fathom Analytics Cross-Site Scripting (3.0.4)
|
CVE-2021-41836
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.2.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.3.20)
|
CVE-2021-24437
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Favicon by RealFaviconGenerator Unspecified Vulnerability (1.2.13)
|
|
|
High
|
|
WordPress Plugin FavIcon Switcher Cross-Site Request Forgery (1.2.11)
|
CVE-2022-40219
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin FB Survey Pro 'id' Parameter SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FCChat Widget 'path' Parameter Cross-Site Scripting (2.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FCChat Widget 'Upload.php' Arbitrary File Upload (2.2.13.1)
|
CVE-2012-3578
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin FD Feedburner Cross-Site Request Forgery (1.42)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.1)
|
CVE-2014-4163
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Featured Content 'param' Parameter Cross-Site Scripting (0.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Featured Posts by BestWebSoft Cross-Site Scripting (1.0.0)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Featured Post with thumbnail Unspecified Vulnerability (1.4)
|
|
|
High
|
|
WordPress Plugin Featured Video Plus Unspecified Vulnerability (2.2.3)
|
|
|
High
|
|
WordPress Plugin Feature Slideshow 'src' Parameter Cross-Site Scripting (1.0.6beta)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Featurific For WordPress 'snum' Parameter Cross-Site Scripting (1.6.2)
|
CVE-2011-5265
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feed Changer & Remover Cross-Site Scripting (0.2)
|
CVE-2023-25795
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feedify-Web Push Notifications Cross-Site Scripting (2.1.8)
|
CVE-2021-38352
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feedify Remote Code Execution (2.0.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin FeedList 'handler_image.php' Cross-Site Scripting (2.61.01)
|
CVE-2010-4637
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feed Statistics Open Redirect (3.0)
|
CVE-2018-17074
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Feed Them Gallery Cross-Site Scripting (1.1.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Request Forgery (2.8.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (1.6.9)
|
CVE-2015-9350
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (2.5.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Multiple Vulnerabilities (2.9.9)
|
CVE-2022-2940
CVE-2022-2942
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5)
|
CVE-2022-2437
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Unspecified Vulnerability (1.9.3)
|
|
|
High
|
|
WordPress Plugin Feedweb Cross-Site Scripting (1.8.8)
|
CVE-2013-3720
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feedweb Cross-Site Scripting (2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Feedweb Unspecified Vulnerability (3.0.7)
|
|
|
High
|
|
WordPress Plugin Feedweb Unspecified Vulnerability (3.0.10)
|
|
|
High
|
|
WordPress Plugin FeedWordPress Cross-Site Scripting (2014.0805)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FeedWordPress Multiple Vulnerabilities (2015.0426)
|
CVE-2015-4018
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Fetch Tweets Cross-Site Scripting (2.6.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fetch Tweets Unspecified Vulnerability (1.3.3.6)
|
|
|
High
|
|
WordPress Plugin fGallery SQL Injection (2.4.1)
|
CVE-2008-0491
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FG Joomla to WordPress Cross-Site Scripting (3.30.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FG PrestaShop to WooCommerce Cross-Site Scripting (3.19.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin File Away Multiple Unspecified Vulnerabilities (3.8.4)
|
|
|
High
|
|
WordPress Plugin FileBird-WordPress Media Library Folders & File Manager Cross-Site Scripting (2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FileBird-WordPress Media Library Folders & File Manager SQL Injection (4.7.3)
|
CVE-2021-24385
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin File Browser, Manager, Backup (+ Database) Security Bypass (1.23)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Filedownload 'download.php' Local File Disclosure (0.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Filedownload Multiple Vulnerabilities (1.4)
|
CVE-2015-1000002
CVE-2015-1000003
CVE-2015-1000004
CWE-79
CWE-89
CWE-441
|
CWE-79
CWE-89
CWE-441
|
High
|
|
WordPress Plugin File Gallery Remote Code Execution (1.7.9)
|
CVE-2014-2558
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin File Groups 'fgid' Parameter SQL Injection (1.1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin File Manager Advanced Shortcode Arbitrary File Upload (2.5.3)
|
CVE-2023-7061
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin File Manager Advanced Shortcode Directory Traversal (2.4)
|
CVE-2023-7062
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin File Manager Arbitrary File Upload (6.8)
|
CVE-2020-25213
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin File Manager Cross-Site Request Forgery (3.0.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin File Manager Cross-Site Request Forgery (7.2.4)
|
CVE-2024-1538
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin File Manager Cross-Site Scripting (2.9)
|
CVE-2018-16363
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin File Manager Cross-Site Scripting (7.0)
|
CVE-2021-24177
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin File Manager Directory Traversal (7.2.5)
|
CVE-2024-2654
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin File Manager Information Disclosure (6.4)
|
CVE-2020-24312
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin File Manager Multiple Cross-Site Request Forgery Vulnerabilities (5.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin File Manager Multiple Vulnerabilities (4.8)
|
CWE-200
CWE-264
|
CWE-200
CWE-264
|
High
|
|
WordPress Plugin File Manager Pro Arbitrary File Upload (8.3.4)
|
CVE-2023-6846
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin File Manager Remote Code Execution (4.5)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin File Manager Unspecified Vulnerability (2.2.0)
|
|
|
High
|
|
WordPress Plugin File Manager Unspecified Vulnerability (3.0)
|
|
|
High
|
|
WordPress Plugin File Manager Unspecified Vulnerability (4.1.4)
|
|
|
High
|
|
WordPress Plugin File Manager Unspecified Vulnerability (5.0.0)
|
|
|
High
|
|
WordPress Plugin File Manager Unspecified Vulnerability (5.1.5)
|
|
|
High
|
|
WordPress Plugin File Uploader Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Fileviewer Cross-Site Request Forgery (2.2)
|
CVE-2021-24491
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Filter & Grids Local File Inclusion (2.8.32)
|
CVE-2024-6164
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Filter Custom Fields & Taxonomies Light Unspecified Vulnerability (1.04)
|
|
|
High
|
|
WordPress Plugin Filtre de Surveillance Gouvernemental Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Find My Blocks Information Disclosure (3.3.2)
|
CVE-2021-24677
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin FireCask Like & Share Button Cross-Site Scripting (1.1.5)
|
CVE-2023-25783
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FireDrum Email Marketing PHP Object Injection (1.47)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin FireStats 'firestats-wordpress.php' Remote File Include (1.6.1)
|
CVE-2009-2143
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin FireStats Arbitrary File Download (1.6.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin FireStats Cross-Site Scripting (1.6.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FireStats Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities (1.0.2)
|
CWE-79
CWE-287
|
CWE-79
CWE-287
|
High
|
|
WordPress Plugin FireStorm Professional Real Estate 'id' Parameter SQL Injection (2.06.03)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FireStorm Professional Real Estate Multiple SQL Injection Vulnerabilities (2.05.01)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FireStorm Shopping Cart eCommerce SQL Injection (2.07.02)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin fitness calculators Cross-Site Request Forgery (1.9.5)
|
CVE-2021-24272
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Fitness Trainer-Training Membership Cross-Site Scripting (1.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)
|
CVE-2020-29045
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Fixedly Media Gallery Cross-Site Scripting (1.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FL3R FeelBox Multiple Vulnerabilities (8.1)
|
CVE-2022-4445
CVE-2022-4552
CVE-2022-4553
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Flamingo Code Injection (1.1)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Flamingo CSV Injection (2.1)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Flash Photo Gallery Cross-Site Scripting (0.7)
|
CVE-2014-4529
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Flat Preloader Cross-Site Request Forgery (1.5.3)
|
CVE-2021-24685
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Flat Preloader Cross-Site Scripting (1.5.4)
|
CVE-2021-24789
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Flexible Captcha Multiple Vulnerabilities (3.3)
|
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin Flexible Captcha Security Bypass (4.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Flexible Checkout Fields for WooCommerce Security Bypass (2.3.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Flexible Custom Post Type Cross-Site Scripting (0.1.5)
|
CVE-2011-5106
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Flexi Quote Rotator SQL Injection and Cross-Site Request Forgery Vulnerabilities (0.9)
|
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Flickr Gallery PHP Object Injection (1.5.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Flickr Justified Gallery Cross-Site Scripting (3.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin flickr picture backup Arbitrary File Upload (0.7)
|
CVE-2017-1002016
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Flickrpress PHP Object Injection (1.0.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin flickrRSS Multiple Vulnerabilities (5.3.1)
|
CVE-2018-6466
CVE-2018-6467
CVE-2018-6468
CVE-2018-6469
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin FlightLog SQL Injection (3.0.2)
|
CVE-2021-24336
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Flight Search Widget and Blocks Cross-Site Scripting (1.1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Flip Book 'php.php' Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Flipbox-Awesomes Flip Boxes Image Overlay Security Bypass (2.6.0)
|
CVE-2022-33969
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin Flipbox Builder PHP Object Injection (1.5)
|
CVE-2024-6152
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Flip Slideshow Cross-Site Scripting (2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Floating Cart for WooCommerce Security Bypass (1.2.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty Multiple Cross-Site Scripting Vulnerabilities (2.8.3)
|
CVE-2021-25016
CVE-2021-36846
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty SQL Injection (3.0.2)
|
CVE-2022-3858
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty Unspecified Vulnerability (2.0.5)
|
|
|
High
|
|
WordPress Plugin Floating Social Bar Cross-Site Scripting (1.1.5)
|
CVE-2015-5528
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Floating Social Bar Cross-Site Scripting (1.1.6)
|
CVE-2015-3299
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Floating Social Media Links 'wpp' Parameter Multiple Remote File Include Vulnerabilities (1.4.2)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Floating Tweets Multiple Vulnerabilities (1.0.1)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Float to Top Button Cross-Site Scripting (2.3.6)
|
CVE-2022-2709
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Flo Forms-Easy Drag & Drop Form Builder Multiple Vulnerabilities (1.0.35)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Flog Cross-Site Scripting (0.1)
|
CVE-2014-4530
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Flog Server-Side Request Forgery (1.0beta3)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Flow-Flow Social Stream Unspecified Vulnerability (3.0.71)
|
|
|
High
|
|
WordPress Plugin FluentAuth-The Ultimate Authorization & Security for WordPress Security Bypass (1.0.1)
|
CVE-2022-4746
CWE-693
|
CWE-693
|
High
|
|
WordPress Plugin FluentSMTP-WP Mail SMTP, Amazon SES, SendGrid, MailGun and Any SMTP Connector Cross-Site Scripting (2.0.0)
|
CVE-2021-24528
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FluentSMTP-WP Mail SMTP, Amazon SES, SendGrid, MailGun and Any SMTP Connector Cross-Site Scripting (2.2.2)
|
CVE-2023-0219
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FluentSMTP-WP Mail SMTP, Amazon SES, SendGrid, MailGun and Any SMTP Connector Cross-Site Scripting (2.2.4)
|
CVE-2023-3087
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fluid Responsive Slideshow Multiple Vulnerabilities (2.2.6)
|
CVE-2016-10974
CVE-2016-10975
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin FlyingPress Security Bypass (3.9.6)
|
CVE-2022-4948
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin fMoblog 'id' Parameter SQL Injection (2.1)
|
CVE-2009-0968
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Folders-Organize Pages, Posts and Media Library Folders with Drag and Drop Cross-Site Scripting (2.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Foliopress WYSIWYG Cross-Site Scripting (2.6.8.4)
|
CVE-2014-1232
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Follow Me Cross-Site Request Forgery (3.1.1)
|
CVE-2022-3240
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Font-official webfonts plugin of Fonts For Web Cross-Site Scripting (7.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Font-official webfonts plugin of Fonts For Web Directory Traversal (7.5)
|
CVE-2015-7683
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Font Awesome Information Disclosure (4.0.0-rc16)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Fontiran Multiple Vulnerabilities (2.1)
|
CVE-2023-25791
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Font Organizer Cross-Site Scripting (2.1.1)
|
CVE-2019-9908
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fonts-Google Fonts Typography Cross-Site Scripting (3.0.2)
|
CVE-2021-24637
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Font Uploader 'font-upload.php' Arbitrary File Upload (1.2.4)
|
CVE-2012-3814
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin FooBox Image Lightbox Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FooBox Image Lightbox Security Bypass (2.6.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Football Pool Arbitrary File Upload (2.6.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Forget About Shortcode Buttons Cross-Site Scripting (1.1.1)
|
CVE-2016-1000133
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Builder-Create Responsive Contact Forms Cross-Site Scripting (1.9.8.3)
|
CVE-2021-24513
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Builder-Create Responsive Contact Forms Cross-Site Scripting (1.9.8.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Builder CP Cross-Site Scripting (1.2.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Builder CP Cross-Site Scripting (1.2.31)
|
CVE-2022-2567
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Builder CP Unspecified Vulnerability (1.2.15)
|
|
|
High
|
|
WordPress Plugin FormBuilder Cross-Site Scripting (0.90)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FormBuilder Cross-Site Scripting (1.05)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Builder Cross-Site Scripting (1.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FormBuilder Multiple Vulnerabilities (1.05)
|
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin FormCraft-Contact Form Builder Cross-Site Request Forgery (1.2.1)
|
CVE-2019-5920
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin FormCraft-Contact Form Builder SQL Injection (1.0.5)
|
CVE-2017-13137
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FormCraft-Premium WordPress Form Builder Cross-Site Scripting (3.2.31)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form for WordPress-Zoho Forms Cross-Site Scripting (3.0)
|
CVE-2023-0169
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FormGet Contact Form Cross-Site Scripting (5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Formidable-Clockwork SMS Cross-Site Scripting (1.0.3)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Arbitrary File Upload (1.06.02)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Cross-Site Request Forgery (4.02.03)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Cross-Site Request Forgery (5.5.6)
|
CVE-2023-24419
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Cross-Site Scripting (4.09.04)
|
CVE-2021-24884
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Cross-Site Scripting (5.0.06)
|
CVE-2021-39330
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Information Disclosure (2.0.07)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Multiple Unspecified Vulnerabilities (1.06.08)
|
|
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Multiple Vulnerabilities (2.05.01)
|
CWE-79
CWE-89
CWE-200
|
CWE-79
CWE-89
CWE-200
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Multiple Vulnerabilities (5.5.4)
|
CVE-2022-45806
CWE-352
CWE-918
|
CWE-352
CWE-918
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder PHP Object Injection (4.02)
|
CVE-2019-15780
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Remote Code Execution (2.05.01)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Security Bypass (2.0.21)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Security Bypass (6.0.1)
|
CVE-2023-0816
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder SQL Injection (1.07.12)
|
CVE-2014-9309
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Unspecified Vulnerability (5.0.09)
|
|
|
High
|
|
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Unspecified Vulnerability (5.0.12)
|
|
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Arbitrary File Upload (1.28.1)
|
CVE-2024-28890
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Request Forgery (1.13.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Request Forgery (1.14.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.11.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.15.2)
|
CVE-2021-24700
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.29.0)
|
CVE-2024-29777
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.29.2)
|
CVE-2024-3053
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Multiple Vulnerabilities (1.5.4)
|
CVE-2019-9567
CVE-2019-9568
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Multiple Vulnerabilities (1.29.3)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder SQL Injection (1.29.2)
|
CVE-2024-31077
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.9)
|
|
|
High
|
|
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.11)
|
|
|
High
|
|
WordPress Plugin FormLift for Infusionsoft Web Forms SQL Injection (7.5.17)
|
CVE-2024-38773
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Form Lightbox Security Bypass (2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Cross-Site Request Forgery (1.13.4)
|
CVE-2019-11590
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Cross-Site Scripting (1.11.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Cross-Site Scripting (1.13.39)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Cross-Site Scripting (1.13.56)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Cross-Site Scripting (1.13.59)
|
CVE-2021-24526
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder CSV Injection (1.12.22)
|
CVE-2018-10504
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Multiple Vulnerabilities (1.12.25)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Security Bypass (1.7.14)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.13.3)
|
CVE-2019-10866
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.13.35)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.14.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.15.5)
|
CVE-2022-3300
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Unspecified Vulnerability (1.6.5)
|
|
|
High
|
|
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Unspecified Vulnerability (1.7.56)
|
|
|
High
|
|
WordPress Plugin Form Manager Remote Command Execution (1.7.2)
|
CVE-2015-7806
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Forms-Form builder and Contact form Multiple Unspecified Vulnerabilities (1.4.7)
|
|
|
High
|
|
WordPress Plugin Forms:3rd-Party Inject Results Cross-Site Scripting (0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Form Store to DB includes Backdoor [Only if downloaded via the vendor website] (1.0.9)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Form Store to DB Unspecified Vulnerability (1.1.0)
|
|
|
High
|
|
WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.5)
|
CVE-2022-3764
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.10)
|
CVE-2024-5325
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Form Vibes-Database Manager for Forms Unspecified Vulnerability (1.4.2)
|
|
|
High
|
|
WordPress Plugin ForumConverter SQL Injection (1.11)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Forums 'url' Parameter Arbitrary File Disclosure (1.4.3)
|
CVE-2012-4920
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Forym-Modern Discussion Forum for Wordpress-Forums Cross-Site Scripting (1.5.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fotobook Cross-Site Scripting (3.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FourSquare Checkins Cross-Site Request Forgery (1.2)
|
CVE-2013-2709
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Fourteen Extended Cross-Site Scripting (1.2.31)
|
CVE-2014-5156
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FoxyPress 'uploadify.php' Arbitrary File Upload (0.4.2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin FoxyPress Multiple Vulnerabilities (0.4.2.5)
|
CWE-79
CWE-89
CWE-352
CWE-434
|
CWE-79
CWE-89
CWE-352
CWE-434
|
High
|
|
WordPress Plugin FoxyShop Cross-Site Scripting (4.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FPW Category Thumbnails Multiple Unspecified Vulnerabilities (1.6.7)
|
|
|
High
|
|
WordPress Plugin Free Booking for Hotels, Restaurant and Car Rental-eaSYNC Arbitrary File Upload (1.1.15)
|
CVE-2022-1952
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Free counter Cross-Site Scripting (1.1)
|
CVE-2015-4084
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Free Live Chat Support Cross-Site Request Forgery (1.0.11)
|
CVE-2022-2039
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin FreeMind WP Browser Cross-Site Request Forgery (1.2)
|
CVE-2022-2443
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Free Responsive Post/Article Author Section for WordPress-Ultimate Author Box Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Free Responsive Tab For WordPress-Everest Tab Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.3)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Freetobook review widget Unspecified Vulnerability (1.0)
|
|
|
High
|
|
WordPress Plugin freetobook widget Unspecified Vulnerability (1.0.5)
|
|
|
High
|
|
WordPress Plugin Free WordPress To Display Like/Dislike Comment Rating-Everest Comment Rating Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.4)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin FreshMail For WordPress Multiple SQL Injection Vulnerabilities (1.5.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Front-end Editor 'upload.php' Arbitrary File Upload (2.2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Front-End Only Users Cross-Site Scripting (3.1.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Frontend File Manager Arbitrary File Upload (1.8)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Frontend File Manager Arbitrary File Upload (3.3)
|
CVE-2014-5324
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Frontend File Manager Arbitrary File Upload (3.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Frontend File Manager Arbitrary File Upload (3.9)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Frontend File Manager Cross-Site Request Forgery (21.3)
|
CVE-2022-3126
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Frontend File Manager Multiple Vulnerabilities (18.2)
|
CWE-79
CWE-264
CWE-434
|
CWE-79
CWE-264
CWE-434
|
High
|
|
WordPress Plugin Frontend File Manager Multiple Vulnerabilities (21.2)
|
CVE-2022-3124
CVE-2022-3125
CWE-434
CWE-862
|
CWE-434
CWE-862
|
High
|
|
WordPress Plugin Frontend Post WordPress-AccessPress Anonymous Post includes Backdoor [Only if downloaded via the vendor website] (2.8.0)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Front End Upload 'upload.php' Arbitrary File Upload (0.5.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Front End Upload Arbitrary File Upload (0.5.4.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Frontend Uploader Cross-Site Scripting (0.9.2)
|
CVE-2014-9444
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Frontend Uploader Cross-Site Scripting (1.3.2)
|
CVE-2021-24563
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Front File Manager 'upload.php' Arbitrary File Upload (0.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Frontier Post Security Bypass (1.3.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Fuctweb CapCC 'plugins.php' SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Fudousan Cross-Site Scripting (5.7.0)
|
CVE-2021-20749
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FunCaptcha-Anti-Spam CAPTCHA Cross-Site Request Forgery (0.3.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin FunCaptcha-Anti-Spam CAPTCHA Multiple Cross-Site Scripting Vulnerabilities (0.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Fungif The Awesome GIFs Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Funky Penguin WP-PHPList 'unsubscribeemail' Parameter Cross-Site Scripting (2.10.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Funnel Builder by CartFlows-Create High Converting Sales Funnels For WordPress Cross-Site Request Forgery (1.5.15)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Funnel Builder by CartFlows-Create High Converting Sales Funnels For WordPress Cross-Site Scripting (1.6.12)
|
CVE-2021-24330
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Funnel Builder by CartFlows-Create High Converting Sales Funnels For WordPress Privilege Escalation (1.3.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin furikake Open Redirect (0.1.0)
|
CVE-2017-1000434
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Fusion:Extension-Gallery Multiple Unspecified Vulnerabilities (1.0.4)
|
|
|
High
|
|
WordPress Plugin Fusion:Extension-Map Multiple Unspecified Vulnerabilities (1.0.3)
|
|
|
High
|
|
WordPress Plugin Fusion:Extension-Menu Multiple Unspecified Vulnerabilities (1.0.2)
|
|
|
High
|
|
WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Request Forgery (7.5.30.7210)
|
CVE-2023-25066
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (6.0.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (6.6.4)
|
CVE-2018-0642
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.2.0.727)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.3.13.727)
|
CVE-2019-14799
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.4.37.727)
|
CVE-2020-35748
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.2.727)
|
CVE-2021-39350
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.18.727)
|
CVE-2022-25613
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.32.7212)
|
CVE-2023-30499
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727)
|
CVE-2019-14800
CVE-2019-14801
CWE-89
CWE-200
|
CWE-89
CWE-200
|
High
|
|
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.3.18.727)
|
CVE-2019-13573
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.15.727)
|
CVE-2022-25607
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.46.7212)
|
CVE-2024-6338
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin FV Flowplayer Video Player URL Cross-Site Scripting (1.2.11)
|
CVE-2011-4568
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin G-Lock Double Opt-in Manager 'ajaxbackend.php' SQL Injection (2.6.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GA Backend Tracking Cross-Site Scripting (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GA Google Analytics Cross-Site Scripting (20210211)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Galleries by Angie Makes Cross-Site Scripting (1.67)
|
CVE-2022-4795
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio 'facebook.php' Cross-Site Scripting (1.56)
|
CVE-2011-4624
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio 'flagshow.php' Cross-Site Scripting (1.57)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio 'skin' Parameter Cross-Site Scripting (1.72)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio Cross-Site Request Forgery (3.01)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio Cross-Site Request Forgery (5.3.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio Cross-Site Scripting (2.70)
|
CVE-2013-3261
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio Information Disclosure (4.24)
|
CVE-2014-8491
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio Multiple Vulnerabilities (2.00)
|
CWE-22
CWE-89
CWE-94
|
CWE-22
CWE-89
CWE-94
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio SQL Injection (2.55)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gallery-Flagallery Photo Portfolio SQL Injection and Information Disclosure Vulnerabilities (0.59)
|
CWE-22
CWE-89
|
CWE-22
CWE-89
|
High
|
|
WordPress Plugin Gallery-Image and Video Gallery with Thumbnails SQL Injection (1.2.0)
|
CVE-2017-14125
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gallery-Image and Video Gallery with Thumbnails SQL Injection (2.0.3)
|
CVE-2024-35750
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.2.25)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.3.47)
|
CVE-2015-7386
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Photo Albums-Portfolio Multiple Cross-Site Request Forgery Vulnerabilities (1.2.59)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Gallery-Photo Albums-Portfolio Multiple Cross-Site Scripting Vulnerabilities (1.2.29)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Responsive Photo and Video Gallery by Limb Cross-Site Scripting (1.3.2)
|
CVE-2019-14790
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Video Gallery and Youtube Gallery Cross-Site Scripting (1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Video Gallery and Youtube Gallery Cross-Site Scripting (1.7.01)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery-Video Gallery and Youtube Gallery Multiple Vulnerabilities (2.0.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Gallery-Video Gallery and Youtube Gallery SQL Injection (2.0.9)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery Cross-Site Scripting (2.2.0)
|
CVE-2021-24667
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery by BestWebSoft 'php.php' Arbitrary File Upload (3.06)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Gallery by BestWebSoft Arbitrary File Disclosure (3.8.3)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Gallery by BestWebSoft Cross-Site Scripting (4.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery by BestWebSoft Cross-Site Scripting (4.4.9)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery Categories by BestWebSoft Cross-Site Scripting (1.0.8)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery for Social Photo Cross-Site Request Forgery (1.0.0.27)
|
CVE-2022-2224
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Gallery for Social Photo Unspecified Vulnerability (1.0.0.25)
|
|
|
High
|
|
WordPress Plugin Gallery from files Multiple Vulnerabilities (1.60)
|
CVE-2021-24349
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin Gallery Master-Responsive Photo Galleries & Albums Cross-Site Scripting (1.0.22)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery Objects SQL Injection (0.4)
|
CVE-2014-5201
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gallery PhotoBlocks Cross-Site Scripting (1.1.40)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery PhotoBlocks Cross-Site Scripting (1.1.42)
|
CVE-2019-15829
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery PhotoBlocks Cross-Site Scripting (1.1.50)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery PhotoBlocks Unspecified Vulnerability (1.1.32)
|
|
|
High
|
|
WordPress Plugin Gallery Plugin for WordPress-Envira Photo Gallery Cross-Site Scripting (1.7.6)
|
CVE-2020-9334
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery Plugin for WordPress-Envira Photo Gallery Cross-Site Scripting (1.8.3.2)
|
CVE-2021-24126
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gallery transformation SQL Injection (1.0)
|
CVE-2017-1002028
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GamePress-The Game Database Cross-Site Scripting (1.1.0)
|
CVE-2021-24617
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Game Server Status Multiple Vulnerabilities (1.0)
|
CVE-2021-24662
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Game tabs Cross-Site Scripting (0.4.0)
|
CVE-2014-4531
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GamiPress-The most flexible and powerful gamification for WordPress Cross-Site Request Forgery (2.5.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin GamiPress-The most flexible and powerful gamification for WordPress Multiple Vulnerabilities (2.5.6)
|
CVE-2023-25697
CVE-2023-25715
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin GamiPress-The most flexible and powerful gamification for WordPress SQL Injection (2.5.7)
|
CVE-2023-24000
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gantry 4 Framework Cross-Site Scripting (4.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gantry 4 Framework Remote Command Execution (4.1.3)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Gantry 5 Framework Cross-Site Scripting (5.4.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GarageSale Cross-Site Scripting (1.2.2)
|
CVE-2014-4532
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Garee's Flickr Feed Multiple Cross-Site Scripting Vulnerabilities (0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GA Top post for WP by Asentechllc Security Bypass (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin GA Universal Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin G Auto-Hyperlink SQL Injection (1.0.1)
|
CVE-2021-24627
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GB Gallery Slideshow SQL Injection (1.2)
|
CVE-2014-8375
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin gboutique Local File Inclusion (1.3)
|
CVE-2014-2383
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin GB Team Stats Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GD bbPress Attachments Cross-Site Scripting (2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GD bbPress Attachments Multiple Vulnerabilities (2.2)
|
CVE-2015-5481
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin GD bbPress Tools Cross-Site Scripting (1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GdeSlon Affiliate Shop Open Redirect (2.0)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin GD Mail Queue Cross-Site Scripting (3.9.3)
|
CVE-2023-3122
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GDPR CCPA Compliance Support PHP Object Injection (2.3)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin GDPR Cookie Compliance Security Bypass (4.0.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin GDPR Cookie Consent Security Bypass (1.8.2)
|
CVE-2020-20633
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin GD Rating System Cross-Site Scripting (2.0.2)
|
CVE-2017-18591
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GD Rating System Multiple Vulnerabilities (2.3)
|
CVE-2018-5286
CVE-2018-5287
CVE-2018-5288
CVE-2018-5289
CVE-2018-5290
CVE-2018-5291
CVE-2018-5292
CVE-2018-5293
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin GD Rating System Unspecified Vulnerability (2.6)
|
|
|
High
|
|
WordPress Plugin GD Star Rating 'de' Parameter SQL Injection (1.9.10)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GD Star Rating 'export.php' Security Bypass (1.9.18)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin GD Star Rating 'tpl_section' Parameter Cross-Site Scripting (1.9.16)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GD Star Rating 'votes' Parameter SQL Injection (1.9.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GD Star Rating 'wpfn' Parameter Cross-Site Scripting (1.9.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GD Star Rating Multiple Vulnerabilities (1.9.22)
|
CVE-2014-2838
CVE-2014-2839
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin GenerateBlocks Cross-Site Scripting (1.3.5)
|
CVE-2021-24751
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Generate Child Theme Security Bypass (1.5.3)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Generate PDF using Contact Form 7 Cross-Site Scripting (3.5)
|
CVE-2022-3070
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Genesis Columns Advanced Cross-Site Scripting (2.0.3)
|
CVE-2022-4706
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Genesis Simple Defaults Arbitrary File Upload (1.0.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Genesis Simple Share Cross-Site Scripting (1.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Genie WP Favicon Cross-Site Request Forgery (0.5.2)
|
CVE-2021-24674
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin GeoDirectory-WordPress Business Directory and Classified Ads Listings Cross-Site Scripting (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GeoDirectory-WordPress Business Directory and Classified Ads Listings Cross-Site Scripting (2.1.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GeoDirectory-WordPress Business Directory and Classified Ads Listings Cross-Site Scripting (2.2.21)
|
CVE-2022-4775
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GeoDirectory-WordPress Business Directory and Classified Ads Listings SQL Injection (2.2.23)
|
CVE-2023-0278
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GeoDirectory Location Manager Multiple SQL Injection Vulnerabilities (2.1.0.9)
|
CVE-2021-24361
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Geo Mashup Cross-Site Scripting (1.8.2)
|
CVE-2015-1383
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Geo Mashup Unspecified Vulnerability (1.10.3)
|
CVE-2018-14071
|
|
High
|
|
WordPress Plugin GEO my WordPress Unspecified Vulnerability (2.6.1.1)
|
|
|
High
|
|
WordPress Plugin GEO Redirector Cross-Site Scripting (1.0.1)
|
CVE-2014-4533
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GeSHi Source Colorer Cross-Site Scripting (0.13)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Get Recent Comments Cross-Site Scripting (2.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gettext override translations Cross-Site Scripting (1.0.1)
|
CVE-2022-3036
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Get URL Cron Multiple Vulnerabilities (1.4.7)
|
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Ghost Arbitrary File Download (0.5.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Gift Certificate Creator Cross-Site Scripting (1.0.0)
|
CVE-2017-1002017
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gift Vouchers (Gift Cards and Packages) (WooCommerce Supported) SQL Injection (1.0.5)
|
CVE-2018-16159
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GigPress 'Notes' Field HTML Injection (2.1.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GigPress Cross-Site Scripting (2.3.27)
|
CVE-2022-4759
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GigPress Multiple SQL Injection Vulnerabilities (2.3.8)
|
CVE-2015-4066
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GigPress Multiple Vulnerabilities (2.3.10)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin GigPress SQL Injection (2.3.28)
|
CVE-2023-0381
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gigya-Social Infrastructure Cross-Site Scripting (1.1.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gigya-Social Infrastructure Unspecified Vulnerability (3.0.4)
|
|
|
High
|
|
WordPress Plugin Ginger-EU Cookie Law Multiple Vulnerabilities (4.1.3)
|
CWE-352
CWE-915
|
CWE-352
CWE-915
|
High
|
|
WordPress Plugin GistPress Cross-Site Scripting (3.0.1)
|
CVE-2020-8498
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Giveaway Boost PHP Object Injection (2.1.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Giveaway SQL Injection (1.2.2)
|
CVE-2021-24497
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Request Forgery (2.25.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.3.0)
|
CVE-2019-9909
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.4.6)
|
CVE-2019-15317
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.9.7)
|
CVE-2021-24213
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.10.3)
|
CVE-2021-24315
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.11.3)
|
CVE-2021-24524
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.23.2)
|
CVE-2022-4448
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Information Disclosure (2.20.2)
|
CVE-2022-2117
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Cross-Site Scripting Vulnerabilities (2.17.2)
|
CVE-2021-25099
CVE-2021-25100
CVE-2022-0252
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.20.2)
|
CVE-2022-28700
CVE-2022-31475
CWE-79
CWE-284
CWE-434
|
CWE-79
CWE-284
CWE-434
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.21.2)
|
CVE-2022-2215
CVE-2022-2260
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.25.1)
|
CVE-2022-40211
CVE-2022-40312
CVE-2023-22719
CVE-2023-23668
CVE-2023-23672
CWE-79
CWE-285
CWE-352
CWE-918
CWE-1236
|
CWE-79
CWE-285
CWE-352
CWE-918
CWE-1236
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform PHP Object Injection (2.3.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Security Bypass (2.5.4)
|
CVE-2019-20360
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform Security Bypass (2.5.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.5.0)
|
CVE-2019-13578
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.24.0)
|
CVE-2023-0224
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Glass Cross-Site Request Forgery (1.3.2)
|
CVE-2021-24434
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Global Content Blocks 'gcb_export.php' SQL Injection (1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Global Content Blocks Cross-Site Request Forgery (2.1.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Global Content Blocks PHP Code Execution and Information Disclosure Vulnerabilities (1.5.1)
|
CWE-95
CWE-200
|
CWE-95
CWE-200
|
High
|
|
WordPress Plugin Global Flash Galleries Cross-Site Scripting (0.13.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GlotPress Information Disclosure (2.2.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Gmail SMTP Arbitrary File Disclosure (1.1.0)
|
CVE-2017-5223
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Gmedia Photo Gallery Arbitrary File Upload (1.2.1)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Gmedia Photo Gallery Cross-Site Scripting (0.9.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gmedia Photo Gallery Multiple Cross-Site Scripting Vulnerabilities (1.18.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gmedia Photo Gallery Multiple Vulnerabilities (1.6.4)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin GN Publisher: Google News Compatible RSS Feeds Cross-Site Scripting (1.5.5)
|
CVE-2023-1080
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GNU-Mailman Integration Cross-Site Scripting (1.0.6)
|
CVE-2021-38354
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GNUCommerce Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GoCodes Multiple Vulnerabilities (1.3.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin GoDaddy Email Marketing Cross-Site Request Forgery (1.1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Good LMS-Learning Management System SQL Injection (2.1.4)
|
CVE-2020-27481
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Google 'Plus one' Button by kms Multiple Vulnerabilities (1.5.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Google +1 by BestWebSoft Cross-Site Scripting (1.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google +1 by BestWebSoft Cross-Site Scripting (1.3.3)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Adsense and Hotel Booking Open Proxy (1.0.5)
|
CVE-2015-1000009
CWE-441
|
CWE-441
|
High
|
|
WordPress Plugin Google AdSense by BestWebSoft Cross-Site Scripting (1.29)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google AdSense by BestWebSoft Cross-Site Scripting (1.43)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18487
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google AdSense Click-Fraud Monitoring Cross-Site Scripting (1.8.6)
|
CVE-2015-3998
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Alert And Twitter Multiple Vulnerabilities (3.1.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Google Analytics by BestWebSoft Cross-Site Scripting (1.7.0)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18556
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Counter Tracker PHP Object Injection (3.4.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Google Analytics Dashboard Cross-Site Scripting (2.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Dashboard Multiple Unspecified Vulnerabilities (2.0.5)
|
|
|
High
|
|
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights 404 Error Page Cross-Site Scripting (3.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Cross-Site Scripting (5.1.2)
|
CVE-2014-9174
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Cross-Site Scripting (5.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Cross-Site Scripting (7.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Multiple Cross-Site Scripting Vulnerabilities (4.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Multiple Cross-Site Scripting Vulnerabilities (5.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Multiple Vulnerabilities (5.3.2)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Google Analytics Dashboard SQL Injection (2.0.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Google Analytics MU Cross-Site Request Forgery (2.3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Google Analytics Opt-Out Cross-Site Scripting (2.3.4)
|
CVE-2023-25712
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Analytics Top Content Widget Cross-Site Scripting (1.5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Authenticator-Per User Prompt Timing Attack (0.6)
|
CWE-208
|
CWE-208
|
High
|
|
WordPress Plugin Google Authenticator Unspecified Vulnerability (0.47)
|
|
|
High
|
|
WordPress Plugin Google Calendar Events Cross-Site Scripting (2.0.3.1)
|
CVE-2014-7138
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Captcha (reCAPTCHA) by BestWebSoft Cross-Site Scripting (1.05)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Captcha (reCAPTCHA) by BestWebSoft Cross-Site Scripting (1.27)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Captcha (reCAPTCHA) by BestWebSoft Security Bypass (1.12)
|
CVE-2015-0890
CWE-254
|
CWE-254
|
High
|
|
WordPress Plugin Google Doc Embedder Arbitrary File Disclosure (2.4.6)
|
CVE-2012-4915
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Google Doc Embedder Cross-Site Scripting (2.5.18)
|
CVE-2015-1879
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Doc Embedder Multiple Vulnerabilities (2.6.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Google Doc Embedder SQL Injection (2.5.14)
|
CVE-2014-9173
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Google Doc Embedder SQL Injection (2.5.16)
|
CVE-2014-9173
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Google Drive for WordPress Arbitrary File Deletion (2.2)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Google Drive for WordPress Information Disclosure (2.2)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Google Forms Cross-Site Scripting (0.84)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Forms PHP Object Injection (0.87)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Google Forms Server-Side Request Forgery (0.91)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Google Forms Unspecified Vulnerability (0.93)
|
|
|
High
|
|
WordPress Plugin Google Map Backdoor (1.4)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Google Map Generator Cross-Site Scripting (1.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Map Remote Code Execution (1.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Google Maps by BestWebSoft Cross-Site Scripting (1.3.5)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18557
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Maps by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Maps CP Cross-Site Scripting (1.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Maps Cross-Site Scripting (2.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Maps in Posts Cross-Site Scripting (1.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Map SQL Injection (2.2.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Google Maps Ready! Cross-Site Request Forgery (1.1.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Google Maps v3 Shortcode Cross-Site Scripting (1.2.1)
|
CVE-2023-23827
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Pagespeed Insights Cross-Site Scripting (3.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google SEO Pressor for Rich snippets Cross-Site Scripting (1.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Shortlink by BestWebSoft Cross-Site Scripting (1.5.2)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Sitemap by BestWebSoft Cross-Site Scripting (2.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google Sitemap by BestWebSoft Cross-Site Scripting (3.0.7)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google XML Sitemap for Images Cross-Site Request Forgery (2.1.3)
|
CVE-2023-28173
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Google XML Sitemap for Videos Cross-Site Request Forgery (2.6.1)
|
CVE-2023-25055
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Google XML Sitemaps Cross-Site Scripting (4.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Google XML Sitemaps Cross-Site Scripting (4.0.9)
|
CVE-2018-16204
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Googmonify Multiple Vulnerabilities (0.5.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Goolytics-Simple Google Analytics Cross-Site Scripting (1.1.1)
|
CVE-2022-3132
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GorillaForms-Custom Contact Forms Unspecified Vulnerability (2.0.3)
|
|
|
High
|
|
WordPress Plugin GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership Arbitrary File Upload (1.4.14)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin GPT AI Power Security Bypass (1.4.37)
|
CVE-2023-0405
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin GraceMedia Media Player Local File Inclusion (1.0)
|
CVE-2019-9618
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Grapefile File Sharing 'grapeupload.php' Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Gravity Forms-Clockwork SMS Cross-Site Scripting (2.2)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Advanced File Uploader Unspecified Vulnerability (1.18)
|
|
|
High
|
|
WordPress Plugin Gravity Forms Arbitrary File Upload (1.8.19)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Gravity Forms Constant Contact Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Cross-Site Scripting (1.9.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Cross-Site Scripting (1.9.15.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Cross-Site Scripting (2.0.6.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Directory Cross-Site Scripting (3.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Dynamics CRM Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms FreshDesk Cross-Site Scripting (1.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms HubSpot Cross-Site Scripting (1.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Information Disclosure (2.4.8)
|
CVE-2020-13764
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Gravity Forms Infusionsoft Cross-Site Scripting (1.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms Salesforce Cross-Site Scripting (1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gravity Forms SQL Injection (1.9.3.5)
|
CVE-2015-2260
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Gravity Forms Unspecified Vulnerability (2.4.17)
|
|
|
High
|
|
WordPress Plugin Gravity Upload Ajax Arbitrary File Upload (1.1)
|
CVE-2014-4972
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Great Quotes Cross-Site Scripting (1.0.0)
|
CVE-2021-24785
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Great Restaurant Menu WP SQL Injection (1.4.1)
|
CVE-2024-38793
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.8.8)
|
CVE-2022-4653
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.9.9)
|
CVE-2023-0378
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Greg's High Performance SEO Cross-Site Scripting (1.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Grid Gallery-Photo Image Grid Gallery Cross-Site Scripting (1.2.4)
|
CVE-2021-24529
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Arbitrary File Disclosure (2.0.9.4)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Cross-Site Scripting (2.0.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4)
|
CVE-2019-15647
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress SQL Injection (1.3.11.13)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Groups Multiple Cross-Site Scripting Vulnerabilities (1.8.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Grow by Tradedoubler-Advertiser for WooCommerce Local File Inclusion (2.0.21)
|
CVE-2024-6460
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin GS Books Showcase Cross-Site Scripting (1.3.0)
|
CVE-2023-0541
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GSEOR-WordPress SEO SQL Injection (1.3)
|
CVE-2021-24396
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin GS Filterable Portfolio Cross-Site Scripting (1.6.0)
|
CVE-2023-0540
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GS Insever Portfolio Cross-Site Scripting (1.4.4)
|
CVE-2023-0539
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin gSlideShow Cross-Site Request Forgery (0.1)
|
CVE-2014-9391
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin GS Logo Slider-Ticker, Grid, List, Table & Filter Views Cross-Site Scripting (3.3.7)
|
CVE-2022-4624
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GS Logo Slider-Ticker, Grid, List, Table & Filter Views Unspecified Vulnerability (3.3.8)
|
|
|
High
|
|
WordPress Plugin GS Portfolio for Envato Cross-Site Scripting (1.3.8)
|
CVE-2023-0559
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GS Products Slider for WooCommerce Cross-Site Scripting (1.5.8)
|
CVE-2023-0492
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GTM4WP Cross-Site Scripting (1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GTM4WP Cross-Site Scripting (1.15)
|
CVE-2022-1707
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin GTM4WP Cross-Site Scripting (1.15.1)
|
CVE-2022-1961
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gutenberg & Elementor Templates Importer For Responsive Security Bypass (2.2.5)
|
CVE-2020-12073
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5)
|
CVE-2021-24546
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Gutenberg Blocks by WordPress Download Manager Cross-Site Scripting (2.1.8)
|
CVE-2023-22713
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gutenberg Forms-WordPress Form Builder Arbitrary File Upload (2.2.9)
|
CVE-2024-6313
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Gwolle Guestbook Cross-Site Scripting (2.5.3)
|
CVE-2018-17884
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Gwolle Guestbook Multiple Vulnerabilities (2.1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Gwolle Guestbook Remote File Inclusion (1.5.3)
|
CVE-2015-8351
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin H5P CSS Editor Cross-Site Scripting (1.0)
|
CVE-2021-39318
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Haiku minimalist audio player Cross-Site Scripting (1.0.0)
|
CVE-2013-1942
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HAL Cross-Site Scripting (2.1.1)
|
CVE-2021-39345
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hana Flv Player Cross-Site Scripting (3.1.3)
|
CVE-2021-24302
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HandL UTM Grabber Security Bypass (2.6.4)
|
CVE-2019-15769
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Handsome Testimonials & Reviews SQL Injection (2.0.7)
|
CVE-2021-24492
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Happy Addons for Elementor Cross-Site Scripting (2.23.0)
|
CVE-2021-24292
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Happy Addons for Elementor Pro Cross-Site Scripting (1.16.0)
|
CVE-2021-24292
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HashBar-WordPress Notification Bar Cross-Site Scripting (1.3.5)
|
CVE-2022-4650
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin hashtagger Unspecified Vulnerability (6)
|
|
|
High
|
|
WordPress Plugin HashThemes Demo Importer Security Bypass (1.1.1)
|
CVE-2021-39333
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin HB AUDIO GALLERY LITE Arbitrary File Download (1.0.0)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin HDInvoice-Create Invoices Arbitrary File Upload (0.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin HD Quiz Cross-Site Scripting (1.8.3)
|
CVE-2021-24571
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HD Webplayer Multiple SQL Injection Vulnerabilities (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin HDW Player (Video Player & Video Gallery) SQL Injection (2.4.2)
|
CVE-2014-5180
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin HDW WordPress Video Gallery Multiple Cross-Site Scripting Vulnerabilities (1.2)
|
CVE-2016-1000134
CVE-2016-1000135
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Header Enhancement Security Bypass (1.4.3)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Header Footer Code Manager Cross-Site Scripting (1.1.16)
|
CVE-2022-0710
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Header Footer Code Manager SQL Injection (1.1.13)
|
CVE-2021-24791
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Health Check & Troubleshooting Arbitrary File Disclosure (1.2.3)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Heat Trackr Cross-Site Scripting (1.0)
|
CVE-2016-1000136
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Helios Solutions Brand Logo Slider Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Hellodialog Unspecified Vulnerability (1.0.2)
|
|
|
High
|
|
WordPress Plugin Help Desk & Knowledgebase Software PHP Object Injection (1.3.11)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Helpful Cross-Site Scripting (4.4.58)
|
CVE-2021-24841
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Helpful Information Disclosure (4.5.25)
|
CVE-2022-2834
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Helpful Security Bypass (4.5.14)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Helpie FAQ-WordPress FAQ Accordion Security Bypass (0.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Hero Maps Premium Cross-Site Scripting (2.2.1)
|
CVE-2019-19134
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hero Maps Pro Cross-Site Scripting (2.1.0)
|
CVE-2016-1000137
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hide Featured Image Unspecified Vulnerability (1.1)
|
|
|
High
|
|
WordPress Plugin Hide My WP Cross-Site Scripting (4.51.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hide My WP Cross-Site Scripting (4.53)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Highlight Cross-Site Scripting (0.9.2)
|
CVE-2021-24591
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Highlight Search Terms Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin History Collection Arbitrary File Download (1.1.1)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Hitasoft FLV Player 'id' Parameter SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin HK Exif Tags Cross-Site Scripting (1.11)
|
CVE-2014-100007
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HM Multiple Roles Security Bypass (1.2)
|
CVE-2021-24602
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin HMS Testimonials Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (2.0.10)
|
CVE-2013-4240
CVE-2013-4241
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Homepage SlideShow 'upload.php' Arbitrary File Upload (2.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Homepage SlideShow Arbitrary File Upload (2.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Hostel Cross-Site Scripting (1.1.3)
|
CVE-2019-12345
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hot Files:File Sharing and Download Manager Cross-Site Scripting (1.0.0)
|
CVE-2014-4588
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hotjar Connecticator Cross-Site Scripting (1.1.1)
|
CVE-2021-24301
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hover Effects Builder Free Cross-Site Scripting (1.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin How to Create an App for Android iPhone Easytouch Arbitrary File Upload (3.0)
|
CVE-2017-1002000
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Htaccess by BestWebSoft Cross-Site Request Forgery (1.8.1)
|
CVE-2020-8658
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Htaccess by BestWebSoft Cross-Site Scripting (1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Htaccess by BestWebSoft Cross-Site Scripting (1.7.5)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18496
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HT Mega-Absolute Addons for Elementor Page Builder Multiple Cross-Site Scripting Vulnerabilities (1.5.5)
|
CVE-2021-24261
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Html5 Audio Player-Audio Player for WordPress Cross-Site Scripting (2.1.2)
|
CVE-2021-24412
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HTML5 AV Manager for WordPress 'custom.php' Arbitrary File Upload (0.2.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin HTML5 jQuery Audio Player Multiple Cross-Site Scripting Vulnerabilities (2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HTML5 Lyrics Karaoke Player Cross-Site Scripting (1.06)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HTML5 Maps Cross-Site Request Forgery (1.6.5.6)
|
CVE-2019-5983
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin HTML5 MP3 Player with Playlist Free Information Disclosure (2.6)
|
CVE-2014-9177
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block Cross-Site Scripting (2.5.18)
|
CVE-2023-6485
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection (2.5.24)
|
CVE-2024-1061
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection (2.5.26)
|
CVE-2024-5522
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin HTML5 Video Player with Playlist Multiple Cross-Site Scripting Vulnerabilities (2.40)
|
CVE-2014-4534
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin HT Slider Range for Amazon affiliates Cross-Site Scripting (1.1.5)
|
CVE-2021-30134
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin http:BL Multiple Vulnerabilities (1.9.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin HTTP Headers Multiple Vulnerabilities (1.9.1)
|
CWE-352
CWE-918
|
CWE-352
CWE-918
|
High
|
|
WordPress Plugin HubSpot All-In-One Marketing-Forms, Popups, Live Chat Cross-Site Scripting (7.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hueman Addons Cross-Site Scripting (2.3.3)
|
CVE-2022-4784
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Human Presence Cross-Site Scripting (2.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hungred Post Thumbnail 'hpt_file_upload.php' Arbitrary File Upload (2.1.9)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Hunk External Links Cross-Site Scripting (3.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hupso Share Buttons for Twitter, Facebook & Google+ Multiple Unspecified Vulnerabilities (4.0.3)
|
|
|
High
|
|
WordPress Plugin Husker Portfolio Cross-Site Request Forgery (0.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Multiple Vulnerabilities (1.1.4.2)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Multiple Vulnerabilities (1.1.9)
|
CVE-2018-8710
CVE-2018-8711
CWE-22
CWE-94
|
CWE-22
CWE-94
|
High
|
|
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce SQL Injection (1.3.6)
|
CVE-2024-6457
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Unspecified Vulnerability (1.2.6)
|
|
|
High
|
|
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Unspecified Vulnerability (1.2.6.1)
|
|
|
High
|
|
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Unspecified Vulnerability (1.2.6.2)
|
|
|
High
|
|
WordPress Plugin Hustle-Pop-Ups, Slide-ins and Email Opt-ins Cross-Site Scripting (4.7.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Hustle-Pop-Ups, Slide-ins and Email Opt-ins CSV Injection (6.0.7)
|
CVE-2019-11872
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin HyperComments Arbitrary File Deletion (1.2.2)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin IBPS Online Exam Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin IBS Mappro Arbitrary File Download (0.6)
|
CVE-2015-5472
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Ibtana-Ecommerce Product Addons Cross-Site Scripting (0.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Icons with Links Widget Cross-Site Scripting (1.2)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Icon Widget Cross-Site Scripting (1.2.6)
|
CVE-2022-4763
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iCopyright Toolbar 'icopyright_xml.php' SQL Injection (1.1.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ICustomizer Cross-Site Scripting (1.4.13)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin If>So Dynamic Content Unspecified Vulnerability (1.4.1)
|
|
|
High
|
|
WordPress Plugin iFlyChat-WordPress Chat Cross-Site Scripting (4.6.4)
|
CVE-2021-24343
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iFrame Admin Pages 'url' Parameter Cross-Site Scripting (0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iframe Cross-Site Scripting (3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iframe Cross-Site Scripting (4.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iframe Cross-Site Scripting (4.4)
|
CVE-2020-12696
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin IGIT Posts Slider Widget 'src' Parameter Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin IGIT Posts Slider Widget TimThumb Arbitrary File Upload (1.1)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin IGIT Related Posts With Thumb Image After Posts TimThumb Arbitrary File Upload (3.9.7)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin IgniteUp-Coming Soon and Maintenance Mode Multiple Vulnerabilities (3.4)
|
CVE-2019-17234
CVE-2019-17235
CVE-2019-17236
CVE-2019-17237
CWE-73
CWE-79
CWE-200
CWE-352
|
CWE-73
CWE-79
CWE-200
CWE-352
|
High
|
|
WordPress Plugin IgnitionDeck Security Bypass (1.1.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin iLive-Intelligent WordPress Live Chat Support Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ImageBoss-Images Up To 60% Smaller & CDN Cross-Site Scripting (3.0.4)
|
CVE-2021-24888
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ImageDrop 'ImageDrop.php' Blind SQL Injection (1.1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Image Export Arbitrary File Download (1.1.0)
|
CVE-2015-5609
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Image Gallery-Responsive Photo Gallery Cross-Site Scripting (1.4.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Gallery-Responsive Photo Gallery Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Gallery-Responsive Photo Gallery Cross-Site Scripting (1.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Gallery-Responsive Photo Gallery Cross-Site Scripting (2.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Gallery-Responsive Photo Gallery Multiple Unspecified Vulnerabilities (1.9.58)
|
|
|
High
|
|
WordPress Plugin Image Gallery-Responsive Photo Gallery SQL Injection (1.0.6)
|
CVE-2014-7153
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Image Gallery-Responsive Photo Gallery SQL Injection (1.8.9)
|
CVE-2016-11018
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Image Gallery with Slideshow 'upload-file.php' Arbitrary File Upload (1.5)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Image Gallery with Slideshow Multiple Vulnerabilities (1.5.2)
|
CVE-2017-1002011
CVE-2017-1002012
CVE-2017-1002013
CVE-2017-1002014
CVE-2017-1002015
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Image Hover Effects-Elementor Addon Multiple Cross-Site Scripting Vulnerabilities (1.3.3)
|
CVE-2021-24264
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Cross-Site Scripting (9.7.0)
|
CVE-2021-25031
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Cross-Site Scripting (9.7.1)
|
CVE-2022-29424
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Cross-Site Scripting (9.8.4)
|
CVE-2022-4207
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Multiple Cross-Site Scripting Vulnerabilities (9.7.3)
|
CVE-2022-2935
CVE-2022-2936
CVE-2022-2937
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Security Bypass (9.6.1)
|
CVE-2021-36888
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin ImageInject Multiple Vulnerabilities (1.15)
|
CVE-2018-5284
CVE-2018-5285
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Image Intense SQL Injection (3.2.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ImageLinks Interactive Image Builder for WordPress Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ImageMagick Engine Cross-Site Request Forgery (1.7.4)
|
CVE-2022-2441
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Imagements Arbitrary File Upload (1.2.5)
|
CVE-2021-24236
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Image Metadata Cruncher Multiple Vulnerabilities (1.8)
|
CVE-2015-1614
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Image News slider 'upload.php' Arbitrary File Upload (3.3)
|
CVE-2012-4327
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Image News slider Arbitrary File Upload (3.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv Arbitrary File Upload (7.2.6)
|
CVE-2024-5853
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv Cross-Site Scripting (6.8.0)
|
CVE-2022-4119
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv SQL Injection (1.3.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Image Optimizer by 10web-Image Optimizer and Compression Directory Traversal (1.0.25)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Image Optimizer by 10web-Image Optimizer and Compression Multiple Vulnerabilities (1.0.26)
|
CVE-2023-2117
CVE-2023-2122
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Image Photo Gallery Final Tiles Grid Cross-Site Scripting (3.4.18)
|
CVE-2020-14962
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Photo Gallery Final Tiles Grid Security Bypass (3.3.52)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Image Rotator Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Images Lazyload and Slideshow Cross-Site Scripting (3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Slider-Responsive Slider Unspecified Vulnerability (2.4.2)
|
|
|
High
|
|
WordPress Plugin Image Slider Arbitrary File Deletion (1.1.89)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Image Slider by Ays-Responsive Slider and Carousel SQL Injection (2.4.9)
|
CVE-2021-24463
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Image Slider Cross-Site Request Forgery (1.1.121)
|
CVE-2022-2223
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Image Slider Cross-Site Scripting (1.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Image Slider Unspecified Vulnerability (1.1.119)
|
|
|
High
|
|
WordPress Plugin Image Source Control Security Bypass (2.3.0)
|
CVE-2021-24781
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Images Slideshow by 2J-Image Slider Security Bypass (1.3.31)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Images Slideshow by 2J-Image Slider Unspecified Vulnerability (1.2.15)
|
|
|
High
|
|
WordPress Plugin Images to WebP Multiple Vulnerabilities (1.8)
|
CVE-2021-24641
CVE-2021-24644
CWE-22
CWE-352
|
CWE-22
CWE-352
|
High
|
|
WordPress Plugin Image Widget Unspecified Vulnerability (4.1.2)
|
|
|
High
|
|
WordPress Plugin IMDb Profile Widget Local File Inclusion (1.0.8)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin iMember360 Multiple Vulnerabilities (3.9.001)
|
CVE-2014-3842
CVE-2014-3848
CVE-2014-3849
CVE-2014-8948
CVE-2014-8949
CWE-79
CWE-94
CWE-264
|
CWE-79
CWE-94
CWE-264
|
High
|
|
WordPress Plugin ImmoPress Cross-Site Scripting (0.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import/Export Customizer Settings Cross-Site Request Forgery (1.0.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Disclosure (3.7)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Upload (6.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Request Forgery (5.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (3.8.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (6.4.2)
|
CVE-2022-0360
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Information Disclosure (3.6.74)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Multiple Vulnerabilities (6.5.7)
|
CVE-2022-3243
CVE-2022-3244
CWE-89
CWE-862
|
CWE-89
CWE-862
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Security Bypass (6.4.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Server-Side Request Forgery (6.5.2)
|
CVE-2022-1977
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Import all XML, CSV & TXT into WordPress Unspecified Vulnerability (3.7.2)
|
|
|
High
|
|
WordPress Plugin Import and export users and customers Cross-Site Request Forgery (1.14.1.3)
|
CVE-2019-14683
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Import and export users and customers Cross-Site Scripting (1.12)
|
CVE-2018-20101
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import and export users and customers Cross-Site Scripting (1.14.1.2)
|
CVE-2019-15327
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import and export users and customers CSV Injection (1.16.3.5)
|
CVE-2020-22277
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Import and export users and customers Directory Traversal (1.14.2)
|
CVE-2019-15326
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Import and export users and customers Multiple Vulnerabilities (1.9.4.6)
|
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin Import and export users and customers Multiple Vulnerabilities (1.14.0.2)
|
CVE-2019-15328
CVE-2019-15329
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Import and export users and customers Security Bypass (1.15)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Arbitrary File Upload (3.2.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Arbitrary File Upload (3.6.7)
|
CVE-2022-1565
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.4.5)
|
CVE-2018-0546
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.4.6)
|
CVE-2018-0547
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.6.2)
|
CVE-2021-24714
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Multiple Vulnerabilities (3.2.4)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Pro Arbitrary File Upload (4.1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Import any XML or CSV File to WordPress Pro Multiple Vulnerabilities (4.1.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Import CSV Directory Traversal (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Import Export WordPress Users CSV Injection (1.3.1)
|
CVE-2019-15092
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Import Export WordPress Users Security Bypass (1.3.8)
|
CVE-2020-12074
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Import Legacy Media Cross-Site Scripting (0.1)
|
CVE-2014-4535
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import Social Events Cross-Site Scripting (1.6.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import Spreadsheets from Microsoft Excel Arbitrary File Upload (10.1.4)
|
CVE-2024-38734
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Import Spreadsheets from Microsoft Excel Cross-Site Scripting (10.1.3)
|
CVE-2023-48289
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Import Woocommerce Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ImportWP-Import any XML or CSV File into WordPress Security Bypass (1.1.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Import XML and RSS Feeds Arbitrary File Upload (2.1.3)
|
CVE-2023-4300
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Import XML and RSS Feeds Arbitrary File Upload (2.1.5)
|
CVE-2024-31292
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Import XML and RSS Feeds Remote Code Execution (2.1.4)
|
CVE-2023-4521
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Import XML and RSS Feeds Server-Side Request Forgery (2.0.2)
|
CVE-2020-24148
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin IMPress for IDX Broker Cross-Site Scripting (3.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin IMPress for IDX Broker Multiple Vulnerabilities (2.6.1)
|
CVE-2020-9514
CVE-2020-11512
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin IMPress for IDX Broker Unspecified Vulnerability (2.5.11)
|
|
|
High
|
|
WordPress Plugin IMPress Listings Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Improved Product Options for WooCommerce Security Bypass (5.2.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Improved Sale Badges for WooCommerce Security Bypass (4.3.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Improved user search in backend Cross-Site Request Forgery (1.2.4)
|
CVE-2014-5196
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Imsanity Unspecified Vulnerability (2.3.3)
|
|
|
High
|
|
WordPress Plugin InBoundio Marketing Arbitrary File Upload (2.0.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Include Me Remote Code Execution (1.2.1)
|
CVE-2021-24453
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Indeed Job Importer Cross-Site Scripting (1.0.5)
|
CVE-2021-39355
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Indexisto WordPress Site Search Cross-Site Scripting (1.0.5)
|
CVE-2016-1000138
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Indieweb Post Kinds Cross-Site Scripting (1.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin InfiniteWP Client PHP Object Injection (1.6.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin InfiniteWP Client Security Bypass (1.3.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin InfiniteWP Client Security Bypass (1.9.4.4)
|
CVE-2020-8772
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin InfiniteWP Client Unspecified Vulnerability (1.3.14)
|
|
|
High
|
|
WordPress Plugin Influencer Marketing & Press Release System Cross-Site Scripting (2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Infographic Maker-iList Unspecified Vulnerability (2.7.0)
|
|
|
High
|
|
WordPress Plugin Infusionsoft Gravity Forms Add-on Arbitrary File Upload (1.5.10)
|
CVE-2014-6446
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Infusionsoft Gravity Forms Add-on Cross-Site Scripting (1.5.11)
|
CVE-2016-1000139
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Infusionsoft Gravity Forms Add-on Multiple Cross-Site Scripting Vulnerabilities (1.5.6)
|
CVE-2014-4536
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Injectbody Spam Injection (All)
|
CWE-610
|
CWE-610
|
High
|
|
WordPress Plugin Injectscr Spam Injection (All)
|
CWE-610
|
CWE-610
|
High
|
|
WordPress Plugin InJob-Multi features for recruitment WordPress Theme (Themeforest) Cross-Site Scripting (3.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Inline Call To Action Builder Lite-Free Call To Action Layer for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.1.0)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Inline Gallery 'do' Parameter Cross-Site Scripting (0.3.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Inline Related Posts Multiple Cross-Site Scripting Vulnerabilities (3.0.4)
|
CVE-2021-35470
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Inline Tweet Sharer-Twitter Sharing Cross-Site Scripting (2.5.3)
|
CVE-2023-24005
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin InLinks SQL Injection (1.0)
|
CVE-2017-16955
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin InPost Gallery Multiple Vulnerabilities (2.1.2)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Insert Html Snippet Cross-Site Request Forgery (1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Insert or Embed Articulate Content into WordPress Arbitrary File Upload (4.3000000023)
|
CVE-2024-0757
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Insert or Embed Articulate Content into WordPress Directory Traversal (4.2999)
|
CVE-2019-15648
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (4.2997)
|
CVE-2019-15649
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Insert or Embed Articulate Content into WordPress Security Bypass (4.2996)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Insert or Embed Articulate Content into WordPress Unspecified Vulnerability (4.299993)
|
|
|
High
|
|
WordPress Plugin Insert Pages Cross-Site Scripting (3.7.4)
|
CVE-2022-4483
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Insert Pages Directory Traversal (3.2.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Insert Pages Multiple Vulnerabilities (3.6.1)
|
CVE-2021-24850
CVE-2021-24851
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Instagram Feed Cross-Site Scripting (1.4.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Instagram Feed Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Instagram Feed Unspecified Vulnerability (1.10.2)
|
|
|
High
|
|
WordPress Plugin Instagram Feed Unspecified Vulnerability (1.11.3)
|
|
|
High
|
|
WordPress Plugin Instagram Plugin-InstaLinker Cross-Site Scripting (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Instant Images-One Click Unsplash Uploads Cross-Site Scripting (4.4.0)
|
CVE-2021-24334
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.22)
|
CVE-2024-2667
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.38)
|
CVE-2024-37228
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.8)
|
CVE-2024-22145
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.24)
|
CVE-2024-32701
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.38)
|
CVE-2024-4898
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.44)
|
CVE-2024-6397
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Instinct e-Commerce Arbitrary File Upload (3.4)
|
CVE-2008-6811
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Integration for Contact Form 7 and ActiveCampaign Cross-Site Scripting (1.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Contact Form 7 and Constant Contact Cross-Site Scripting (1.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Contact Form 7 and Infusionsoft Cross-Site Scripting (1.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Contact Form 7 and Mailchimp Cross-Site Scripting (1.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Contact Form 7 and Pipedrive Cross-Site Scripting (1.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Contact Form 7 and Salesforce Cross-Site Scripting (1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Contact Form 7 and Zoho Cross-Site Scripting (1.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Contact Form 7 HubSpot Cross-Site Scripting (1.1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for Gravity Forms and Pipedrive Cross-Site Scripting (1.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for HubSpot and WooCommerce Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration for WooCommerce and QuickBooks Cross-Site Scripting (1.1.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integration of Moneybird for WooCommerce Cross-Site Scripting (2.1.1)
|
CVE-2021-38349
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Integrator 'redirect_to' Parameter Cross-Site Scripting (1.32)
|
CVE-2012-5913
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Interactive Geo Maps Cross-Site Scripting (1.5.8)
|
CVE-2023-23866
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Interactive Geo Maps Cross-Site Scripting (1.5.10)
|
CVE-2023-0731
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Interactive SVG Image Map Builder Cross-Site Scripting (1.0)
|
CVE-2023-25704
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Internal Links Manager Multiple Cross-Site Scripting Vulnerabilities (2.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Internal Links Manager Unspecified Vulnerability (2.0.1)
|
|
|
High
|
|
WordPress Plugin Intuitive Custom Post Order Multiple Vulnerabilities (3.1.3)
|
CVE-2022-4385
CVE-2022-4386
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Invit0r 'ofc_upload_image.php' Arbitrary File Upload (0.22)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Invite Anyone Multiple Vulnerabilities (1.3.15)
|
CWE-79
CWE-264
CWE-352
|
CWE-79
CWE-264
CWE-352
|
High
|
|
WordPress Plugin Invite Anyone PHP Object Injection (1.3.18)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Invite Anyone Security Bypass (1.3.14)
|
CVE-2017-6955
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Invoicing with InvoiceXpress for WooCommerce-Free Cross-Site Scripting (3.0.2)
|
CVE-2021-30134
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iPages Flipbook For WordPress Cross-Site Scripting (1.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iPanorama 360 WordPress Virtual Tour Builder Cross-Site Scripting (1.6.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin IP Ban Cross-Site Request Forgery (1.2.3)
|
CVE-2014-9413
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin IP Blacklist Cloud Arbitrary File Disclosure (3.42)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin IP Geo Block Security Bypass (2.2.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin IP Logger 'map-details.php' SQL Injection (3.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin IP Logger Arbitrary File Upload (3.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin iQ Block Country Cross-Site Scripting (1.1.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iQ Block Country Cross-Site Scripting (1.2.11)
|
CVE-2021-36873
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iQ Block Country Unspecified Vulnerability (1.1.33)
|
|
|
High
|
|
WordPress Plugin IQ Testimonials Arbitrary File Upload (2.2.7)
|
CVE-2024-6314
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin I Recommend This SQL Injection (3.7.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin I Recommend This SQL Injection (3.7.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin iSlidex TimThumb Arbitrary File Upload (2.7)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Issuu Panel Local/Remote File Inclusion (1.6)
|
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Cross-Site Scripting (1.11.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.2.4)
|
CVE-2012-4263
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (4.6.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (5.3.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (5.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Information Disclosure (5.1.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Cross-Site Scripting Vulnerabilities (3.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)
|
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.0)
|
CWE-219
CWE-330
|
CWE-219
CWE-330
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (7.9.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) SQL Injection (7.0.2)
|
CVE-2018-12636
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin iThemes Security (formerly Better WP Security) Unspecified Vulnerability (6.9.0)
|
CVE-2018-7433
|
|
High
|
|
WordPress Plugin iThemes Sync Security Bypass (2.0.17)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Itinerary Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin iTwitter Multiple Vulnerabilities (0.04)
|
CVE-2014-9336
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin iubenda-All-in-one Compliance for GDPR/CCPA Cookie Consent + more Privilege Escalation (3.3.2)
|
CVE-2022-3911
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin iubenda-All-in-one Compliance for GDPR/CCPA Cookie Consent + more Unspecified Vulnerability (2.3.4)
|
CVE-2020-12742
|
|
High
|
|
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.5.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.6)
|
CVE-2021-24234
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.6.6)
|
CVE-2021-36869
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ivory Search-WordPress Search Multiple Cross-Site Scripting Vulnerabilities (5.4)
|
CVE-2021-25105
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ivory Search-WordPress Search Unspecified Vulnerability (5.4.3)
|
|
|
High
|
|
WordPress Plugin IWantOneButton 'updateAJAX.php' SQL Injection (3.0.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin IzeeChat-Live Chat Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jammer Cross-Site Scripting (0.2)
|
CVE-2013-1942
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Japanized For WooCommerce Cross-Site Scripting (2.5.4)
|
CVE-2023-0942
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Japanized For WooCommerce Cross-Site Scripting (2.5.6)
|
CVE-2023-0948
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jayj Quicktag Multiple Vulnerabilities (1.3.1)
|
CWE-352
CWE-915
|
CWE-352
CWE-915
|
High
|
|
WordPress Plugin JC Coupon Cross-Site Scripting (2.5)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin jcwp youtube channel embed Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jekyll Exporter Remote Code Execution (2.2.0)
|
CVE-2017-9841
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (3.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (3.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (3.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (4.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (6.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (7.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Information Disclosure (9.7.1)
|
CVE-2021-24374
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (3.7.0)
|
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (4.0.3)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Security Bypass (2.9.2)
|
CVE-2014-0173
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin JetWidgets for Elementor and WooCommerce Local File Inclusion (1.1.7)
|
CVE-2024-38772
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin JetWidgets For Elementor Multiple Cross-Site Scripting Vulnerabilities (1.0.8)
|
CVE-2021-24268
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JH 404 Logger Cross-Site Scripting (1.1)
|
CVE-2021-24176
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JiangQie Official Website Mini Program SQL Injection (1.1.0)
|
CVE-2021-24303
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Jibu Pro Cross-Site Scripting (1.7)
|
CVE-2018-17138
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jigoshop-Store Toolkit Privilege Escalation (1.3.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Jigoshop-Store Toolkit Privilege Escalation (1.3.8)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Jigoshop Information Disclosure (1.17.9)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Jigoshop Multiple Unspecified Vulnerabilities (1.17.13)
|
|
|
High
|
|
WordPress Plugin Jigoshop Unspecified Vulnerability (1.10.5)
|
|
|
High
|
|
WordPress Plugin JM Twitter Cards Information Disclosure (6.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin job-portal Cross-Site Scripting (0.0.1)
|
CVE-2021-39337
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Board by BestWebSoft Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Board by BestWebSoft Cross-Site Scripting (1.1.3)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Board Vanila Cross-Site Scripting (1.0)
|
CVE-2021-39334
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JobBoardWP-Job Board Listings and Submissions Cross-Site Scripting (1.0.7)
|
CVE-2021-39329
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Manager Cross-Site Scripting (0.7.22)
|
CVE-2015-2321
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Manager Cross-Site Scripting (0.7.24)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Manager Cross-Site Scripting (0.7.25)
|
CVE-2021-39336
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Manager Multiple Cross-Site Scripting Vulnerabilities (0.7.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Job Manager Security Bypass (0.7.25)
|
CVE-2015-6668
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JobSearch WP Job Board Security Bypass (1.8.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Jock on air now Cross-Site Scripting (5.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jock on air now Multiple Vulnerabilities (5.6.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin JoomSport-for Sports: Team & League, Football, Hockey & more Multiple SQL Injection Vulnerabilities (5.2.5)
|
CVE-2022-2717
CVE-2022-2718
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin JoomSport-for Sports: Team & League, Football, Hockey & more PHP Object Injection (5.1.5)
|
CVE-2021-24384
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin JoomSport-for Sports: Team & League, Football, Hockey & more SQL Injection (3.3)
|
CVE-2019-14348
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Joy Of Text Lite-SMS messaging for WordPress SQL Injection (2.3.0)
|
CVE-2022-4099
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin jQuery Mega Menu Widget 'skin' Parameter Local File Include (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin jQuery Reply to Comment Cross-Site Request Forgery (1.31)
|
CVE-2021-24543
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin jQuery Tagline Rotator Cross-Site Scripting (0.1.5)
|
CVE-2021-34663
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin jRSS Widget 'url' Parameter Directory Traversal (1.1.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin jRSS Widget Server-Side Request Forgery (1.2)
|
CVE-2014-9292
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Js-appointment 'searchdata.php' SQL Injection (1.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin JS Help Desk (formerly JS Support Ticket) SQL Injection (2.1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin JS Job Manager Security Bypass (1.1.8)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin JS Job Manager Unspecified Vulnerability (1.0.9)
|
|
|
High
|
|
WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery (2.7.0)
|
CVE-2023-6991
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin JSmol2WP Multiple Vulnerabilities (1.07)
|
CVE-2018-20462
CVE-2018-20463
CWE-79
CWE-538
|
CWE-79
CWE-538
|
High
|
|
WordPress Plugin JS MultiHotel Cross-Site Scripting (2.2.1)
|
CVE-2013-7419
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JS MultiHotel Multiple Vulnerabilities (2.2.1)
|
CVE-2014-100008
CVE-2014-100009
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin JSON API Open Redirect (1.1.3)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin JSON API User Privilege Escalation (3.9.3)
|
CVE-2024-6624
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin JSON API User Unspecified Vulnerability (3.9.6)
|
|
|
High
|
|
WordPress Plugin JSON Content Importer Cross-Site Scripting (1.3.15)
|
CVE-2023-25485
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Jssor Slider Arbitrary File Upload (1.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin JS Support Ticket Unspecified Vulnerability (1.1.1)
|
|
|
High
|
|
WordPress Plugin JTRT Responsive Tables SQL Injection (4.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Judge.me Product Reviews for WooCommerce Cross-Site Scripting (1.3.20)
|
CVE-2023-0061
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Juiz Social Post Sharer Multiple Cross-Site Scripting Vulnerabilities (1.3.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JupiterX Core Multiple Vulnerabilities (2.0.6)
|
CVE-2022-1659
CWE-200
CWE-400
|
CWE-200
CWE-400
|
High
|
|
WordPress Plugin JupiterX Core Privilege Escalation (2.0.7)
|
CVE-2022-1654
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin JupiterX Core Security Bypass (2.0.6)
|
CVE-2022-1656
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Justified Gallery Cross-Site Scripting (1.7.0)
|
CVE-2022-4651
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Justified Gallery Unspecified Vulnerability (1.4.1)
|
|
|
High
|
|
WordPress Plugin JVM WooCommerce Wishlist Unspecified Vulnerability (1.2.6)
|
|
|
High
|
|
WordPress Plugin JW Player 6 Cross-Site Scripting (2.1.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin JW Player for Flash & HTML5 Video Cross-Site Request Forgery (2.1.3)
|
CVE-2014-4030
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin JW Player for Flash & HTML5 Video Cross-Site Request Forgery (2.1.11)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Kadence WooCommerce Email Designer PHP Object Injection (1.5.6)
|
CVE-2022-3335
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Kama Click Counter Cross-Site Scripting (3.4.9)
|
CVE-2017-18615
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Kama Click Counter SQL Injection (3.4.9)
|
CVE-2017-18614
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Kama WP Smiles Unspecified Vulnerability (1.8.1)
|
|
|
High
|
|
WordPress Plugin Kanzu Support Desk-WordPress Helpdesk Remote Code Execution (2.4.6)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Katalyst TimThumb 'timthumb.php' Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin KBoard Multiple Vulnerabilities (3.3)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Keep Backup Daily Cross-Site Scripting (2.0.2)
|
CVE-2022-1820
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Keep Backup Daily Unspecified Vulnerability (2.0.3)
|
|
|
High
|
|
WordPress Plugin Kento Post View Counter Multiple Vulnerabilities (2.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Ketchup Restaurant Reservations Multiple Vulnerabilities (1.0.0)
|
CVE-2022-2753
CVE-2022-2754
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Keydatas Arbitrary File Upload (2.5.2)
|
CVE-2024-6220
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Keyring Cross-Site Scripting (1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Keyword Meta Cross-Site Request Forgery (3.0)
|
CVE-2021-24611
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Keyword Strategy Internal Links Multiple Cross-Site Scripting Vulnerabilities (2.0)
|
CVE-2014-4537
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Kimili Flash Embed Unspecified Vulnerability (2.2.1)
|
|
|
High
|
|
WordPress Plugin Kindeditor For WordPress Cross-Site Scripting (1.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Kino Gallery TimThumb Arbitrary File Upload (1.0)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Kish Guest Posting 'uploadify.php' Arbitrary File Upload (1.2)
|
CVE-2012-1125
CVE-2012-5318
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin KittyCatfish Ads by Missilesilo SQL Injection (2.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin KJM Admin Notices Cross-Site Scripting (2.0.1)
|
CVE-2021-39344
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin kk Star Ratings 'root' Parameter Remote File Include (1.7)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin kk Star Ratings Security Bypass (2.3.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Klarna Checkout for WooCommerce Security Bypass (2.0.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Klaviyo Cross-Site Scripting (3.0.7)
|
CVE-2023-25456
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Klaviyo Cross-Site Scripting (3.0.9)
|
CVE-2023-0874
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Knews Multilingual Newsletters 'ff' Parameter Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Knews Multilingual Newsletters Cross-Site Request Forgery (1.2.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Knews Multilingual Newsletters SQL Injection (1.7.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin KN Fix Your Title Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Knight Lab Timeline Cross-Site Scripting (3.6.6)
|
CVE-2020-15092
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin KNR Author List Widget 'listItem[]' Parameter SQL Injection (2.0.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Konnichiwa! Membership Cross-Site Scripting (0.8.3)
|
CVE-2021-38317
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Kraken.io Image Optimizer Cross-Site Request Forgery (2.6.5)
|
CVE-2022-38454
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Laika Pedigree Tree Unspecified Vulnerability (0.13.4)
|
|
|
High
|
|
WordPress Plugin Lana Email Logger Cross-Site Scripting (1.0.2)
|
CVE-2023-3166
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Cross-Site Scripting (1.4.9.5)
|
CVE-2021-25067
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Cross-Site Scripting (1.4.9.8.9)
|
CVE-2022-4718
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Local File Inclusion (1.4.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Unspecified Vulnerability (1.4.1)
|
|
|
High
|
|
WordPress Plugin Language Bar Flags Cross-Site Request Forgery (1.0.8)
|
CVE-2021-24431
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Lara's Google Analytics Cross-Site Scripting (2.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Larsens Calender Cross-Site Scripting (1.2)
|
CVE-2020-23762
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Last.fm Rotation Local File Inclusion (1.0)
|
CVE-2014-5181
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin lasTunes Cross-Site Scripting (3.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Latest Posts by BestWebSoft Cross-Site Scripting (0.2)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Launcher:Coming Soon & Maintenance Mode Cross-Site Scripting (1.0.10)
|
CVE-2019-7411
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LayerSlider Cross-Site Request Forgery (4.6.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin LayerSlider Multiple Vulnerabilities (6.2.0)
|
CWE-79
CWE-89
CWE-352
|
CWE-79
CWE-89
CWE-352
|
High
|
|
WordPress Plugin LayerSlider SQL Injection (7.10.0)
|
CVE-2024-2879
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Lazy content Slider Cross-Site Request Forgery (3.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin LazyEater Multiple Unspecified Vulnerabilities (1.2.4)
|
|
|
High
|
|
WordPress Plugin LazyEater Unspecified Vulnerability (1.2.1)
|
|
|
High
|
|
WordPress Plugin Lazyest Backup 'xml_or_all' Parameter Cross-Site Scripting (0.2.1)
|
CVE-2011-5264
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Lazyest Gallery 'image' Parameter Cross-Site Scripting (1.0.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Lazyest Gallery EXIF Code Cross-Site Scripting (1.1.20)
|
CVE-2014-2333
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Lazy Load Cross-Site Scripting (0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Lazy SEO Arbitrary File Upload (1.3.2)
|
CVE-2013-5961
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin LB Mixed Slideshow 'upload.php' Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin LBstopattack Cross-Site Request Forgery (1.1.2)
|
CVE-2022-3097
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin LB Tube Video for WordPress Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ldap WP Login/Active Directory Integration Multiple Vulnerabilities (3.0.1)
|
CVE-2022-2987
CWE-79
CWE-862
|
CWE-79
CWE-862
|
High
|
|
WordPress Plugin LeadConnector Security Bypass (1.7)
|
CVE-2024-1371
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin LeaderBoard Cross-Site Request Forgery (1.1.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin leads5050-visitor-insights Security Bypass (1.0.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LeadSnap PHP Object Injection (1.23)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Leaflet 'id' Parameter Cross-Site Scripting (0.0.1)
|
CVE-2012-2913
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (3.9.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (3.11.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Vulnerabilities (2.3)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Leaflet Maps Marker Pro (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Leaflet Maps Marker Pro Multiple Vulnerabilities (1.5.7)
|
CWE-22
CWE-79
CWE-434
|
CWE-22
CWE-79
CWE-434
|
High
|
|
WordPress Plugin LeagueManager Multiple Cross-Site Scripting Vulnerabilities (3.7)
|
CVE-2012-2912
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LeagueManager Multiple SQL Injection Vulnerabilities (3.9.1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin LeagueManager SQL Injection (3.8)
|
CVE-2013-1852
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Leaky Paywall Cross-Site Scripting (4.16.5)
|
CVE-2021-39357
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Leaky Paywall PHP Object Injection (4.9.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin LearnDash LMS Arbitrary File Upload (2.5.3)
|
CVE-2018-25019
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin LearnDash LMS Cross-Site Scripting (3.1.1.1)
|
CVE-2020-7108
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LearnDash LMS Insecure Direct Object Reference (4.6.0)
|
CVE-2023-3105
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin LearnDash LMS Multiple Information Disclosure Vulnerabilities (4.10.2)
|
CVE-2024-1208
CVE-2024-1209
CVE-2024-1210
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin LearnDash LMS SQL Injection (3.1.5)
|
CVE-2020-6009
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin LearnDash LMS SQL Injection (4.5.3)
|
CVE-2023-28777
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Learning Courses Privilege Escalation (4.7)
|
CVE-2019-15775
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Arbitrary File Write (3.2.2)
|
CWE-285
|
CWE-285
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Cross-Site Request Forgery (3.2.7.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Cross-Site Scripting (4.1.3.1)
|
CVE-2021-39348
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Cross-Site Scripting (4.1.6.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Local File Inclusion (4.2.6.8.2)
|
CVE-2024-6589
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Multiple Cross-Site Scripting Vulnerabilities (4.1.3)
|
CVE-2021-24702
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Multiple Vulnerabilities (3.0.12)
|
CVE-2018-16173
CVE-2018-16174
CVE-2018-16175
CWE-79
CWE-89
CWE-601
|
CWE-79
CWE-89
CWE-601
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Multiple Vulnerabilities (4.1.7.3.2)
|
CVE-2022-45808
CVE-2022-45820
CVE-2022-47615
CWE-22
CWE-79
CWE-89
|
CWE-22
CWE-79
CWE-89
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS PHP Object Injection (4.1.7.1)
|
CVE-2022-3360
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Security Bypass (3.2.6.6)
|
CVE-2020-7916
CVE-2020-7917
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Security Bypass (3.2.6.8)
|
CVE-2020-11510
CVE-2020-11511
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS Security Bypass (4.1.4.1)
|
CVE-2022-0377
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS SQL Injection (3.2.6.7)
|
CVE-2020-6010
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin LearnPress-WordPress LMS SQL Injection (4.1.3.2)
|
CVE-2021-24951
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin leenk.me Multiple Vulnerabilities (2.5.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin LetsRecover-WooCommerce Abandoned Cart Notifications Multiple SQL Injection Vulnerabilities (1.1.0)
|
CVE-2022-4355
CVE-2022-4356
CVE-2022-4357
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Let Them Unsubscribe Multiple Unspecified Vulnerabilities (1.0)
|
|
|
High
|
|
WordPress Plugin Levo Slideshow Multiple Vulnerabilities (2.3)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Lifeline Donation Security Bypass (1.2.6)
|
CVE-2024-5432
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Arbitrary File Write (3.37.14)
|
CVE-2020-6008
CWE-285
|
CWE-285
|
High
|
|
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Multiple Cross-Site Scripting Vulnerabilities (4.21.0)
|
CVE-2021-24308
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Security Bypass (3.34.5)
|
CVE-2019-15896
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Security Bypass (4.21.1)
|
CVE-2021-24562
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes SQL Injection (7.6.2)
|
CVE-2024-4743
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Lightbox Gallery Cross-Site Scripting (0.9.4)
|
CVE-2022-4682
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Lightbox Jquery Possible Remote Code Execution (0.24)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Lightbox Multiple Unspecified Vulnerabilities (2.0.7)
|
|
|
High
|
|
WordPress Plugin Lightbox Multiple Vulnerabilities (1.6.6)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Lightbox Photo Gallery Cross-Site Request Forgery (1.0)
|
CVE-2014-9441
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Lightbox Plus Colorbox Cross-Site Scripting (2.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Light Messages Cross-Site Request Forgery (1.0)
|
CVE-2021-24535
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Light Post 'abspath' Parameter Remote File Include (1.4)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Lightweight Accordion Cross-Site Scripting (1.5.14)
|
CVE-2023-0373
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Lightweight Sidebar Manager Cross-Site Request Forgery (1.1.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Like Button Rating-LikeBtn Security Bypass (2.5.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Like Button Rating-LikeBtn Server-Side Request Forgery (2.6.31)
|
CVE-2021-24150
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Like Dislike Counter SQL Injection (1.2.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Lim4wp 'upload.php' Arbitrary File Upload (1.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Limit Attempts by BestWebSoft Cross-Site Scripting (1.1.7)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Limit Attempts by BestWebSoft Multiple Vulnerabilities (1.0.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Limit Attempts by BestWebSoft SQL Injection (1.1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Limit Login Attempts Cross-Site Scripting (1.7.1)
|
CVE-2023-1912
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Limit Login Attempts Cross-Site Scripting (4.0.43)
|
CVE-2021-24657
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.15.2)
|
CVE-2020-35589
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Limit Login Attempts Reloaded Security Bypass (2.7.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Limit Login Attempts Reloaded Security Bypass (2.17.3)
|
CVE-2020-35590
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Limit Login Attempts Security Bypass (1.7.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Lingotek Translation Multiple Cross-Site Scripting Vulnerabilities (1.1.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin link-list-manager Cross-Site Scripting (1.0)
|
CVE-2021-39311
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LinkedIn by BestWebSoft Cross-Site Scripting (1.0.4)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18516
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Link Juice Keeper Cross-Site Scripting (2.0.2)
|
CVE-2023-25793
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Link Library 'id' Parameter Cross-Site Scripting and SQL Injection Vulnerabilities (5.0.8)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Link Library 'searchll' Parameter SQL Injection (5.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Link Library Cross-Site Scripting (5.8.10.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Link Library Cross-Site Scripting (5.9.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Link Library Cross-Site Scripting (5.9.12.29)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Link Library SQL Injection (5.9.13.26)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Link Log-external link click monitor SQL Injection (2.0)
|
CVE-2015-9344
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Link Optimizer Lite Cross-Site Request Forgery (1.4.5)
|
CVE-2022-2540
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin LionScripts:IP Blocker Lite Cross-Site Request Forgery (10.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin LIQUID SPEECH BALLOON Cross-Site Scripting (1.0.6)
|
CVE-2019-17070
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LISL Last-Image Slider TimThumb Arbitrary File Upload (1.0)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Listing, Classified Ads & Business Directory-uListing Arbitrary File Upload (1.2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Listing, Classified Ads & Business Directory-uListing Cross-Site Request Forgery (2.0.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Listing, Classified Ads & Business Directory-uListing Multiple Vulnerabilities (1.6.6)
|
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Listing, Classified Ads & Business Directory-uListing Multiple Vulnerabilities (2.0.5)
|
CVE-2021-36874
CVE-2021-36875
CVE-2021-36876
CVE-2021-36877
CVE-2021-36878
CVE-2021-36879
CWE-79
CWE-264
CWE-352
|
CWE-79
CWE-264
CWE-352
|
High
|
|
WordPress Plugin Listing, Classified Ads & Business Directory-uListing SQL Injection (2.0.3)
|
CVE-2021-36880
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ListingPro Local File Inclusion (2.9.3)
|
CVE-2024-39619
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin ListingPro SQL Injection (2.9.3)
|
CVE-2024-38795
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin List Pages Shortcode Cross-Site Scripting (1.7.4)
|
CVE-2022-4757
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LiteSpeed Cache Cross-Site Scripting (3.6)
|
CVE-2020-29172
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LittleBot ACH for Stripe + Plaid Unspecified Vulnerability (1.2.6)
|
|
|
High
|
|
WordPress Plugin Live Chat-Live support Cross-Site Request Forgery (3.1.0)
|
CVE-2020-5642
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin LiveChat-WP live chat Cross-Site Scripting (3.7.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Live Chat for Fanpage Cross-Site Scripting (2.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Live Chat Unlimited Cross-Site Scripting (2.8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Live Chat with Facebook Messenger Cross-Site Scripting (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Live Comment Preview Cross-Site Scripting (2.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Live Forms-Visual Form Builder SQL Injection (3.0.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Livefyre Comments 3 Cross-Site Scripting (4.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin LiveGrounds 'uid' Parameter Cross-Site Scripting (0.42)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Livemesh Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (6.7.1)
|
CVE-2021-24260
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Livemesh Addons for Elementor Security Bypass (2.5.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Livemesh SiteOrigin Widgets Security Bypass (2.5.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Live Product Editor for WooCommerce Security Bypass (4.6.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Live Scores for SportsPress Multiple Vulnerabilities (1.9.0)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin Live Search for WooCommerce Security Bypass (2.0.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin LiveSig 'wp-root' Parameter Remote File Include (0.4)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Loan Comparison Multiple Cross-Site Scripting Vulnerabilities (1.5.2)
|
CVE-2023-0366
CVE-2023-0442
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Localize My Post Local File Inclusion (1.0)
|
CVE-2018-16299
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Local Market Explorer 'api-key' Parameter Cross-Site Scripting (3.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Local Weather Cross-Site Scripting (1.0)
|
CVE-2014-4561
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Locations Cross-Site Request Forgery (3.2.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Location Weather Cross-Site Scripting (1.3.3)
|
CVE-2023-0360
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Locatoraid Store Locator Cross-Site Request Forgery (3.9.11)
|
CVE-2023-25709
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Lockdown WP Admin Unspecified Vulnerability (1.1.2)
|
|
|
High
|
|
WordPress Plugin Loco Translate Local File Inclusion (2.2.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Loco Translate PHP Code Injection (2.5.3)
|
CVE-2021-24721
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Loco Translate Unspecified Vulnerability (2.5.4)
|
|
|
High
|
|
WordPress Plugin Log Emails Information Disclosure (1.0.6)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Log HTTP Requests Cross-Site Scripting (1.3.1)
|
CVE-2022-3402
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)
|
CVE-2022-0215
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Scripting (1.4)
|
CVE-2020-36715
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Security Bypass (2.7.2)
|
CVE-2024-5324
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin LOGIN AND REGISTRATION ATTEMPTS LIMIT Cross-Site Request Forgery (2.1)
|
CVE-2022-47138
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Login as User or Customer Cross-Site Request Forgery (1.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Login as User or Customer Privilege Escalation (3.2)
|
CVE-2022-4305
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Login as User or Customer Security Bypass (1.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Login Block IPs Cross-Site Request Forgery (1.0.0)
|
CVE-2022-3098
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Login by Auth0 Cross-Site Scripting (3.11.2)
|
CVE-2019-20173
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login by Auth0 Multiple Vulnerabilities (3.11.3)
|
CVE-2020-5391
CVE-2020-5392
CVE-2020-6753
CVE-2020-7947
CVE-2020-7948
CWE-20
CWE-79
CWE-200
CWE-352
|
CWE-20
CWE-79
CWE-200
CWE-352
|
High
|
|
WordPress Plugin Loginizer Cross-Site Scripting (1.3.9)
|
CVE-2018-11366
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Loginizer Multiple Vulnerabilities (1.3.5)
|
CVE-2017-12650
CVE-2017-12651
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Loginizer SQL Injection (1.6.3)
|
CVE-2020-27615
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Login Logout Menu Cross-Site Scripting (1.3.3)
|
CVE-2022-4622
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login Logout Menu Multiple Cross-Site Scripting Vulnerabilities (1.3.3)
|
CVE-2022-4622
CVE-2022-4625
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.4.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.6.11)
|
CVE-2022-2913
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Login or Logout Menu Item Security Bypass (1.1.1)
|
CVE-2019-15820
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Login rebuilder Cross-Site Request Forgery (1.1.3)
|
CVE-2014-3882
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Login Security Solution Multiple Unspecified Vulnerabilities (0.50.0)
|
|
|
High
|
|
WordPress Plugin Login Widget With Shortcode Cross-Site Request Forgery (3.1.1)
|
CVE-2014-6312
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Login With Ajax Cross-Site Request Forgery (3.0.4.1)
|
CVE-2013-2707
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Login With Ajax Cross-Site Scripting (3.0.4)
|
CVE-2012-2759
CVE-2012-4283
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login With Ajax Cross-Site Scripting (3.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login With Ajax Security Bypass (3.1.2)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Login with Azure (Azure SSO) Cross-Site Scripting (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.8)
|
CVE-2022-4200
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login with phone number Cross-Site Scripting (1.4.1)
|
CVE-2023-23492
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Login with phone number Security Bypass (1.7.26)
|
CVE-2024-5150
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Logo Carousel Cross-Site Request Forgery (1.7.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Logo Carousel Cross-Site Scripting (1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Cross-Site Request Forgery (2.0)
|
CVE-2021-24913
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Cross-Site Scripting (1.2.3)
|
CVE-2021-24729
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Security Bypass (1.2.4)
|
CVE-2021-24730
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Logo Slider and Showcase Security Bypass (1.3.36)
|
CVE-2021-24742
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin LOGOSWARE SUITE Uploader Arbitrary File Upload (1.1.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin M-vSlider SQL Injection (2.1.3)
|
CVE-2021-24557
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin MAC PHOTO GALLERY 'macalbajax.php' Multiple Cross-Site Scripting Vulnerabilities (2.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MAC PHOTO GALLERY 'upload-file.php' Arbitrary File Upload (2.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MAC PHOTO GALLERY Arbitrary File Download (3.0)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin MAC PHOTO GALLERY Multiple Security Bypass Vulnerabilities (3.0)
|
CWE-285
|
CWE-285
|
High
|
|
WordPress Plugin Magee Shortcodes Cross-Site Scripting (1.6.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Magic Fields 2 Cross-Site Scripting (2.3.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Magic Fields 2 Unspecified Vulnerability (2.3.2.2)
|
|
|
High
|
|
WordPress Plugin Magic Fields Arbitrary File Upload (1.6.3.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Magic Fields Cross-Site Scripting (1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Magic Post Voice Cross-Site Scripting (1.2)
|
CVE-2021-39315
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Magn WP Drag and Drop Upload Arbitrary File Upload (1.1.4)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin MailArchiver Cross-Site Scripting (2.10.1)
|
CVE-2023-3136
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MailChimp Forms by MailMunch Unspecified Vulnerability (2.0.6.3)
|
|
|
High
|
|
WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin MailChimp List Subscribe Form Multiple Unspecified Vulnerabilities (1.1)
|
|
|
High
|
|
WordPress Plugin Mail Control-Email Customizer, SMTP Deliverability, logging, open and click Tracking Cross-Site Scripting (0.3.1)
|
CVE-2023-3158
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MailCWP Arbitrary File Upload (1.99)
|
CVE-2015-1000000
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MailCWP Arbitrary File Upload (1.100)
|
CVE-2016-1000156
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Mailing List 'dl.php' Arbitrary File Download (1.4.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Mail logging-WP Mail Catcher Cross-Site Scripting (2.1.2)
|
CVE-2023-3080
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mail Masta Local File Inclusion (1.0)
|
CVE-2016-10956
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Mail Masta Multiple SQL Injection Vulnerabilities (1.0)
|
CVE-2017-6095
CVE-2017-6096
CVE-2017-6097
CVE-2017-6098
CVE-2017-6570
CVE-2017-6571
CVE-2017-6572
CVE-2017-6573
CVE-2017-6574
CVE-2017-6575
CVE-2017-6576
CVE-2017-6577
CVE-2017-6578
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mail On Update Cross-Site Request Forgery (5.1.0)
|
CVE-2013-2107
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MailPoet-emails and newsletters in WordPress Cross-Site Scripting (3.23.1)
|
CVE-2019-11843
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) 'swfupload.swf' Cross-Site Scripting (2.1.6)
|
CVE-2012-3414
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Arbitrary File Upload (2.6.7)
|
CVE-2014-4725
CVE-2014-4726
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Request Forgery (2.6.10)
|
CVE-2014-3907
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Multiple Unspecified Vulnerabilities (2.7.1)
|
|
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Multiple Vulnerabilities (2.7.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Security Bypass (2.8.1)
|
CVE-2018-20853
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) SQL Injection (2.2)
|
CVE-2013-1408
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MailPoet Newsletters (Previous) Unspecified Vulnerability (2.7.8)
|
|
|
High
|
|
WordPress Plugin MailPress Multiple Vulnerabilities (5.4.4)
|
CWE-22
CWE-264
|
CWE-22
CWE-264
|
High
|
|
WordPress Plugin MailPress Remote Code Execution (7.0.2)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Mail Queue Cross-Site Scripting (1.1)
|
CVE-2023-3167
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mailster-Email Newsletter for WordPress Cross-Site Scripting (2.4.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mailster-Email Newsletter for WordPress Local File Inclusion (4.0.6)
|
CVE-2024-32523
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Mail Subscribe List Unspecified Vulnerability (2.0.9)
|
|
|
High
|
|
WordPress Plugin Mailtree Log Mail Cross-Site Scripting (1.0.0)
|
CVE-2023-3135
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MailUp newsletter sign-up form Security Bypass (1.3.2)
|
CVE-2013-0731
CVE-2013-2640
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Maintenance Cross-Site Request Forgery (3.6.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Maintenance Cross-Site Scripting (4.02)
|
CVE-2021-24533
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Maintenance Mode Under Construction Page Landing Page Possible Remote Code Execution (1.0.9)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Maintenance Mode Unspecified Vulnerability (1.3.3)
|
|
|
High
|
|
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Cross-Site Scripting (2.0.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (2.0.9.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (3.4.4)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard SQL Injection (4.1.7.1)
|
CVE-2021-24877
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Unspecified Vulnerability (2.0.27)
|
|
|
High
|
|
WordPress Plugin MainWP Child Reports SQL Injection (2.0.7)
|
CVE-2021-24754
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MainWP Dashboard Cross-Site Scripting (3.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MainWP Dashboard Unspecified Vulnerability (2.0.22)
|
|
|
High
|
|
WordPress Plugin MalCare Security-Free Malware Scanner, Protection & Security for WordPress Cross-Site Scripting (4.57)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Malware Finder Cross-Site Scripting (1.1)
|
CVE-2014-4538
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Malware Scanner Privilege Escalation (4.7.2)
|
CVE-2024-2172
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Malware Scanner SQL Injection (4.7.2)
|
CVE-2024-25902
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Malware Scanner Unspecified Vulnerability (4.7.3)
|
|
|
High
|
|
WordPress Plugin Manage and respond to conversations with leads-HappyForms PHP Object Injection (1.0.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Manage Calameo Publications by Athlon Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Arbitrary File Upload (1.2.2)
|
CVE-2024-1205
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Unspecified Vulnerability (1.2.3)
|
|
|
High
|
|
WordPress Plugin Manage Notification E-mails Cross-Site Request Forgery (1.8.2)
|
CVE-2022-34654
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ManageWP Worker Unspecified Vulnerability (4.1.7)
|
|
|
High
|
|
WordPress Plugin Mang Board WP SQL Injection (1.9.9)
|
CVE-2021-26609
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.3)
|
|
|
High
|
|
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.5)
|
|
|
High
|
|
WordPress Plugin Manual Image Crop Cross-Site Scripting (1.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Map Block for Google Maps Unspecified Vulnerability (1.31)
|
|
|
High
|
|
WordPress Plugin MapifyLite (by MapifyPro) Cross-Site Scripting (3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mapplic-Custom Interactive Map Server-Side Request Forgery (6.1)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin MapPress Maps for WordPress Cross-Site Request Forgery (2.53.8)
|
CVE-2020-12077
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MapPress Maps for WordPress Security Bypass (2.54.5)
|
CVE-2020-12675
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MapSVG Lite Arbitrary File Disclosure (4.2.3.1)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.0.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MapSVG Lite Cross-Site Request Forgery (4.2.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Cross-Site Scripting (2.30)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Open Redirect (4.0)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Security Bypass (4.16)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Mapwiz SQL Injection (1.0.1)
|
CVE-2022-4546
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Marekkis Watermark Cross-Site Scripting (0.9.1)
|
CVE-2013-1758
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Markdown on Save Improved Cross-Site Scripting (2.5)
|
CVE-2016-4812
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Marketo Forms and Tracking Cross-Site Request Forgery (1.0.2)
|
CVE-2020-6849
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MarketPress-WordPress eCommerce PHP Object Injection (3.2.6)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Markup (JSON-LD) structured in schema.org Cross-Site Scripting (4.8.1)
|
CVE-2022-4666
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mashshare-Social Media Icons SEO Share Buttons for Facebook, Twitter, Subscribe Information Disclosure (2.3.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Mass Delete Taxonomies Cross-Site Request Forgery (3.0.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mass Delete Unused Tags Cross-Site Request Forgery (2.0.0)
|
CVE-2023-27430
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mass Pages/Posts Creator Cross-Site Scripting (1.2.2)
|
CVE-2018-11580
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Master Popups Remote Code Execution (1.0.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Master Slider-Responsive Touch Slider Cross-Site Scripting (2.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Master Slider-Responsive Touch Slider SQL Injection (2.5.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Master Slider-WordPress Responsive Touch Slider Unspecified Vulnerability (2.18.2)
|
|
|
High
|
|
WordPress Plugin MasterStudy LMS-for Online Courses and Education Information Disclosure (3.2.10)
|
CVE-2024-2106
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.0)
|
CVE-2024-2411
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.3)
|
CVE-2024-3136
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin MasterStudy LMS-for Online Courses and Education Privilege Escalation (3.3.1)
|
CVE-2024-2409
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.2.13)
|
CVE-2024-1904
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.3.8)
|
CVE-2024-3942
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin MasterStudy LMS-for Online Courses and Education SQL Injection (3.2.5)
|
CVE-2024-1512
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MathJax-LaTeX Cross-Site Request Forgery (1.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MATRIX 3D Cross-Site Scripting (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Matrix Gallery 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MaxBlogPress Max Banner Ads Cross-Site Scripting (1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles Arbitrary File Deletion (1.9.2)
|
CVE-2024-6885
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Max Mega Menu Cross-Site Scripting (2.3.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0)
|
CVE-2021-24668
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MAZ Loader-Preloader Builder for WordPress SQL Injection (1.3.2)
|
CVE-2021-24669
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Cross-Site Scripting Vulnerabilities (1.3.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.6.0)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.7.6)
|
CVE-2016-0796
CWE-287
CWE-441
|
CWE-287
CWE-441
|
High
|
|
WordPress Plugin mb.YTPlayer for background videos Unspecified Vulnerability (1.7.2)
|
|
|
High
|
|
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Request Forgery (4.8.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (2.2.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.0.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin McAvoy Cross-Site Scripting (0.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MContact Button includes Backdoor [Only if downloaded via the vendor website] (2.0.6)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin MDC Private Message Cross-Site Scripting (1.0.0)
|
CVE-2015-6805
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0)
|
CVE-2015-5469
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin MDTF-Wordpress Meta Data & Taxonomies Filter Cross-Site Request Forgery (2.2.7.2)
|
CVE-2021-20781
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Media.net Ads Manager Arbitrary File Upload (2.10.13)
|
CVE-2024-6431
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MediaElement.js-HTML5 Video & Audio Player Cross-Site Scripting (4.2.8)
|
CVE-2022-4699
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media File Manager Advanced Multiple Vulnerabilities (1.1.5)
|
CWE-79
CWE-89
CWE-264
|
CWE-79
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Media File Manager Multiple Vulnerabilities (1.4.2)
|
CWE-22
CWE-73
CWE-79
|
CWE-22
CWE-73
CWE-79
|
High
|
|
WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Request Forgery (5.2.5)
|
CVE-2021-36850
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Scripting (1.7.0)
|
CVE-2014-2040
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media from FTP Cross-Site Scripting (9.89)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media from FTP Directory Traversal (9.85)
|
CVE-2018-5310
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Media from FTP PHP Object Injection (9.79)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Media Library Assistant Information Disclosure (3.00)
|
CVE-2022-41618
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Media Library Assistant Multiple Cross-Site Scripting Vulnerabilities (2.73)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.65)
|
CWE-73
CWE-538
|
CWE-73
CWE-538
|
High
|
|
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81)
|
CVE-2020-11731
CVE-2020-11732
CVE-2020-11928
CWE-22
CWE-79
CWE-94
|
CWE-22
CWE-79
CWE-94
|
High
|
|
WordPress Plugin Media Library Assistant PHP Object Injection (2.60)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Media Library Assistant SQL Injection (2.84)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Library Assistant SQL Injection (3.05)
|
CVE-2023-0279
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Library Categories 'termid' Parameter SQL Injection (1.0.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Library Categories Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
|
CVE-2012-6630
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media Mirror Cross-Site Scripting (1.0.6)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MediaPress Security Bypass (1.1.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MediaRSS external gallery TimThumb Arbitrary File Upload (0.1)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Media Search Enhanced SQL Injection (0.6.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Tags Cross-Site Scripting (3.2.0.2)
|
CVE-2021-24899
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media Tagz Gallery Multiple Unspecified Vulnerabilities (1.0)
|
|
|
High
|
|
WordPress Plugin Media Usage Cross-Site Scripting (0.0.4)
|
CVE-2021-34652
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mega Menu for WordPress-AP Mega Menu includes Backdoor [Only if downloaded via the vendor website] (3.0.5)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin MegaOptim Image Optimizer Unspecified Vulnerability (1.3.2)
|
|
|
High
|
|
WordPress Plugin Meks Easy Social Share Cross-Site Scripting (1.2.7)
|
CVE-2022-2574
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Meks Flexible Shortcodes Cross-Site Scripting (1.3.4)
|
CVE-2022-4562
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Member Approval Cross-Site Request Forgery (131109)
|
CVE-2014-3850
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Unspecified Vulnerabilities (1.4.0)
|
|
|
High
|
|
WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Vulnerabilities (2.4.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Membership 2 Unspecified Vulnerability (4.0.0.2)
|
|
|
High
|
|
WordPress Plugin Membership by Supsystic SQL Injection (1.4.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Membership For WooCommerce-Add Simple Membership Plans, Recurring Revenue, Product Tags & Send Emails To Members with WooCommerce Membership Arbitrary File Upload (2.1.6)
|
CVE-2022-4395
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Membership Simplified Arbitrary File Download (1.58)
|
CVE-2017-1002008
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58)
|
CVE-2017-1002009
CVE-2017-1002010
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Members Import Cross-Site Request Forgery (1.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Members Import Cross-Site Scripting (1.4.2)
|
CVE-2022-4663
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MemberSonic Lite Security Bypass (1.2)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Memphis Documents Library Cross-Site Request Forgery (3.9.20)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Memphis Documents Library Multiple Unspecified Vulnerabilities (3.6.21)
|
|
|
High
|
|
WordPress Plugin Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Menu Image Malware/Addware Notification (2.6.9)
|
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Menu Swapper Cross-Site Request Forgery (1.1.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Meow Gallery (+ Gallery Block) Security Bypass (4.1.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Meow Gallery (+ Gallery Block) SQL Injection (4.1.8)
|
CVE-2021-24465
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Merge+Minify+Refresh Cross-Site Request Forgery (1.10.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Deletion (4.16.2)
|
CVE-2019-14793
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Upload (4.16.1)
|
CVE-2019-14794
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Meta Slider and Carousel with Lightbox Cross-Site Request Forgery (1.6.2)
|
CVE-2023-25703
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MetaSlider Cross-Site Scripting (2.6.2)
|
CVE-2014-4846
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MetaSlider Cross-Site Scripting (3.17.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MetaSlider Information Disclosure (3.3.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Meteor Slides Cross-Site Scripting (1.5.6)
|
CVE-2022-4486
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Cross-Site Scripting (3.1.2)
|
CVE-2023-0084
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Information Disclosure (2.1.3)
|
CVE-2022-1442
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.2.1)
|
CVE-2023-0085
CWE-358
|
CWE-358
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.3.0)
|
CVE-2023-1843
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Metronet Tag Manager Cross-Site Request Forgery (1.2.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MF Gig Calendar 'page_id' Parameter Cross-Site Scripting (0.9.4.1)
|
CVE-2012-4242
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MF Gig Calendar Cross-Site Scripting (1.1)
|
CVE-2021-24510
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Microblog Poster SQL Injection (1.6.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Microblog Poster SQL Injection (1.6.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MicroCopy SQL Injection (1.1.0)
|
CVE-2021-24397
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Arbitrary File Deletion (0.9.76)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Cross-Site Scripting (0.9.55)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Directory Traversal (0.9.75)
|
CVE-2022-2863
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid PHAR Deserialization (0.9.74)
|
CVE-2022-2442
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Security Bypass (0.9.35)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid SQL Injection (0.9.52)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mikiurl WordPress Eklentisi Cross-Site Request Forgery (2.0)
|
CVE-2014-9337
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mimetic Books Cross-Site Scripting (0.2.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum Cross-Site Scripting (1.0.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Request Forgery Vulnerabilities (1.0.34)
|
CVE-2013-0736
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.32.1)
|
CVE-2012-5327
CVE-2012-5328
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Scripting Vulnerabilities (1.0.33)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum Multiple Vulnerabilities (1.0.33.3)
|
CVE-2013-0734
CVE-2013-0735
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum SQL Injection and Security Bypass Vulnerabilities (1.0.26)
|
CWE-89
CWE-425
|
CWE-89
CWE-425
|
High
|
|
WordPress Plugin MiniCart SQL Injection (1.00.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)
|
CVE-2012-2583
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Cross-Site Request Forgery (2.10)
|
CVE-2020-6167
CVE-2020-6168
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Open Redirect (1.85)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (1.87)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (2.15)
|
CVE-2020-6166
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MiniMax-Page Layout Builder Arbitrary File Upload (1.7.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin MiniMax-Page Layout Builder Cross-Site Scripting (1.3.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MiniMax-Page Layout Builder Cross-Site Scripting (1.9.3)
|
CVE-2016-1000141
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin miniOrange's Google Authenticator-WordPress Two Factor Authentication (2FA, MFA, OTP SMS and Email)-Passwordless login Cross-Site Scripting (5.4.39)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin miniOrange Discord Integration Security Bypass (2.1.5)
|
CVE-2022-3082
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Missed Schedule Fix WP Failed Future Posts Multiple Unspecified Vulnerabilities (2014.1231.2015.4)
|
|
|
High
|
|
WordPress Plugin Mitsol Social Post Feed Cross-Site Scripting (1.10)
|
CVE-2022-0209
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MiwoEvents-Manage & Book Events Unspecified Vulnerability (1.2.0)
|
|
|
High
|
|
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Disclosure (1.0.4)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Download (1.0.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin MiwoFTP-File & Folder Manager Multiple Vulnerabilities (1.0.5)
|
CWE-73
CWE-79
CWE-94
CWE-352
|
CWE-73
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress Plugin mklasen's Photobox Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MM Duplicate 'index.php' SQL Injection (1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MM Forms Community 'doajaxfileupload.php' Arbitrary File Upload (2.2.6)
|
CVE-2012-3574
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MM Forms Community 'edit_details.php' SQL Injection (1.2.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mobile App Native (Make a mobile app-Native iPhone & Android Mobile App FREE) Arbitrary File Upload (3.0)
|
CVE-2017-6104
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Mobile Apps by Wiziapp (Native iPhone & Android mobile Apps) Multiple Unspecified Vulnerabilities (4.1.2)
|
|
|
High
|
|
WordPress Plugin Mobile blocks Security Bypass (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Mobile Booster Security Bypass (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Mobile browser color select Cross-Site Request Forgery (1.0.1)
|
CVE-2022-1969
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MobileChief-Mobile Site Builder Cross-Site Scripting (1.5.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mobile Device Detection by 51Degrees Cross-Site Scripting (3.1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mobile Domain Multiple Vulnerabilities (1.5.2)
|
CVE-2015-1581
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Mobile Events Manager CSV Injection (1.4.7)
|
CVE-2022-1194
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin MobileView by ColorLabs & Company Cross-Site Scripting (1.0.7)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mobiloud-Native Mobile Apps for your WordPress site (iPhone, iPad, Android) Multiple Cross-Site Scripting Vulnerabilities (2.3.7)
|
CVE-2014-5344
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MobiLoud-WordPress Mobile Apps-Convert your WordPress Website to Native Mobile Apps Remote Code Execution (4.0.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Modern Events Calendar Arbitrary File Upload (7.11.0)
|
CVE-2024-5441
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Arbitrary File Upload (7.11.0)
|
CVE-2024-5441
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.1)
|
CVE-2021-24687
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.2)
|
CVE-2021-24716
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Multiple Vulnerabilities (5.16.2)
|
CVE-2021-24146
CVE-2021-24147
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Multiple Vulnerabilities (5.16.5)
|
CVE-2021-24145
CVE-2021-24149
CWE-89
CWE-434
|
CWE-89
CWE-434
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Security Bypass (5.1.6)
|
CVE-2020-9459
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Modern WPBakery Page Builder Addons (formerly Visual Composer)-Add-ons Arbitrary File Upload (3.0.1)
|
CVE-2021-24284
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Modula Image Gallery Cross-Site Scripting (1.3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Modula Image Gallery Cross-Site Scripting (2.2.4)
|
CVE-2020-9003
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Monarch Social Sharing Security Bypass (1.2.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Monetize Multiple Vulnerabilities (1.03)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Mongoose Page Cross-Site Scripting (1.8.3)
|
CVE-2022-4675
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Monsters Editor for WP Super Edit Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MoodThingy Mood Rating Widget 'postID' Parameter Blind SQL Injection (0.8.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MoodThingy Mood Rating Widget SQL Injection (0.9.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MoolaMojo Cross-Site Scripting (0.7.4.1)
|
CVE-2021-38358
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Moova for WooCommerce Cross-Site Scripting (3.5)
|
CVE-2021-34664
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin moreAds SE Cross-Site Scripting (1.4.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin moreAds SE Open Redirect (1.4.8)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin More Fields Cross-Site Request Forgery (2.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin More from Google Cross-Site Scripting (0.0.2)
|
CVE-2021-38319
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Motors-Car Dealer & Classified Ads Multiple Vulnerabilities (1.4.0)
|
CVE-2019-17228
CVE-2019-17229
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin MouseWheel Smooth Scroll Cross-Site Request Forgery (5.6)
|
CVE-2021-24852
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Movies Cross-Site Scripting (0.6)
|
CVE-2014-4539
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar Cross-Site Scripting (3.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar Multiple Cross-Site Scripting Vulnerabilities (2.4.1)
|
CVE-2021-24624
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MP3-jPlayer Cross-Site Scripting (1.8.3)
|
CVE-2013-1942
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MP3-jPlayer Information Disclosure (2.3.2)
|
CVE-2015-1000008
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin MP3-jPlayer Local File Disclosure (2.3)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin MP3-jPlayer Multiple Cross-Site Request Forgery Vulnerabilities (2.7.3)
|
CVE-2022-36373
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MP3-jPlayer Multiple Cross-Site Scripting Vulnerabilities (1.8.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MP3-jPlayer Multiple Cross-Site Scripting Vulnerabilities (1.8.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MPL-Publisher-Create your Ebook & Audiobook Cross-Site Scripting (1.29.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MPL-Publisher-Create your Ebook & Audiobook Cross-Site Scripting (1.30.2)
|
CVE-2021-39343
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MQ ReLinks Multiple Vulnerabilities (1.8)
|
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress Plugin MSMC-Redirect After Comment Multiple Vulnerabilities (2.1.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Arbitrary File Upload (3.4.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Cross-Site Request Forgery (4.10.1)
|
CVE-2023-50878
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (2.1.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (3.1.9)
|
CVE-2021-24148
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (3.9.2)
|
CVE-2023-2732
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.10.7)
|
CVE-2023-3277
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.14.7)
|
CVE-2024-6328
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud SQL Injection (4.10.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin mTouch Quiz Multiple Vulnerabilities (3.0.6)
|
CVE-2014-100022
CVE-2014-100023
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin mTouch Quiz Multiple Vulnerabilities (3.1.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin MukioPlayer SQL Injection (1.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Multicons [Multiple Favicons] Cross-Site Scripting (2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Multi Feed Reader Multiple Vulnerabilities (2.2.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Multi Feed Reader SQL Injection (2.2.3)
|
CVE-2017-2195
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Multilanguage by BestWebSoft Cross-Site Scripting (1.2.1)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin multimedial images SQL Injection (1.0b)
|
CVE-2022-4370
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Multiplayer Games Cross-Site Scripting (3.7)
|
CVE-2021-34644
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Multiple Domain Cross-Site Scripting (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Multiple Page Generator-MPG Cross-Site Request Forgery (3.3.9)
|
CVE-2022-47143
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Multiple Roles Cross-Site Request Forgery (1.3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Multi Plugin Installer Arbitrary File Disclosure (1.1.0)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Multi Rating Multiple Unspecified Vulnerabilities (3.2.1)
|
|
|
High
|
|
WordPress Plugin Multi Rating Multiple Vulnerabilities (5.0.5)
|
CVE-2022-47433
CVE-2022-47443
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin multi Scheduler Cross-Site Request Forgery (1.0.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Multisite Global Search 'mssearch' Parameter Cross-Site Scripting (1.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Multisite Plugin Manager Multiple Cross-Site Scripting Vulnerabilities (3.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Multisite Post Duplicator Cross-Site Request Forgery (0.9.5.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Multi Step Form Multiple Cross-Site Scripting Vulnerabilities (1.2.5)
|
CVE-2018-14430
CVE-2018-14846
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Multivendor Marketplace Solution for WooCommerce-WC Marketplace Cross-Site Request Forgery (3.5.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Multivendor Marketplace Solution for WooCommerce-WC Marketplace Cross-Site Request Forgery (3.7.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Multivendor Marketplace Solution for WooCommerce-WC Marketplace Unspecified Vulnerability (2.1.2)
|
|
|
High
|
|
WordPress Plugin Music Store Cross-Site Scripting (1.0.41)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Music Store Cross-Site Scripting (1.0.52)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Music Store Open Redirect (1.0.14)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Music Store Unspecified Vulnerability (1.0.20)
|
|
|
High
|
|
WordPress Plugin MWB Point of Sale (POS) for WooCommerce-Generate Barcodes, Process your Bills, Synchronize, Your Online-Offline Orders Cross-Site Request Forgery (1.0.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MW Font Changer Cross-Site Scripting (4.2.5)
|
CVE-2016-1000142
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MW WP Form Arbitrary File Deletion (5.0.3)
|
CVE-2023-6559
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin MW WP Form Arbitrary File Upload (5.0.1)
|
CVE-2023-6316
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MW WP Form Cross-Site Scripting (1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MW WP Form Cross-Site Scripting (2.10.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MW WP Form Cross-Site Scripting (5.0.6)
|
CVE-2024-24804
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MW WP Form Directory Traversal (4.4.2)
|
CVE-2023-28408
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin MW WP Form Security Bypass (4.4.5)
|
CVE-2023-46206
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin MX Time Zone Clocks Cross-Site Scripting (3.4)
|
CVE-2021-24671
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MyBB Cross-Poster Cross-Site Scripting (1.0)
|
CVE-2021-39338
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MyBlogU Cross-Site Scripting (0.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MyBookTable Bookstore by Author Media Cross-Site Scripting (3.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MyBookTable Bookstore by Author Media Unspecified Vulnerability (2.1.4)
|
|
|
High
|
|
WordPress Plugin My Calendar Cross-Site Scripting (2.3.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Calendar Cross-Site Scripting (2.4.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Calendar Cross-Site Scripting (2.5.16)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Calendar Cross-Site Scripting (3.1.9)
|
CVE-2019-15713
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Calendar Cross-Site Scripting (3.2.17)
|
CVE-2021-24927
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Calendar Multiple Cross-Site Scripting Vulnerabilities (1.10.1)
|
CVE-2012-6527
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Calendar Multiple Cross-Site Scripting Vulnerabilities (2.3.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Calendar Multiple Vulnerabilities (2.3.29)
|
CWE-23
CWE-79
|
CWE-23
CWE-79
|
High
|
|
WordPress Plugin My Category Order 'parentID' Parameter SQL Injection (2.8)
|
CVE-2009-4748
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin My Category Order Cross-Site Scripting (4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Chatbot Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin myCred-Points, Rewards, Gamification, Ranks, Badges & Loyalty Cross-Site Scripting (2.3.2)
|
CVE-2021-25015
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin myCred-Points, Rewards, Gamification, Ranks, Badges & Loyalty SQL Injection (2.2)
|
CVE-2021-24755
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin myEASYbackup 'dwn_file' Parameter Directory Traversal (1.0.8.1)
|
CVE-2012-0898
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin myFlash Remote File Include (1.10)
|
CVE-2007-2485
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Myftp SQL Injection (2.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin myGallery Remote File Include (1.4b4)
|
CVE-2007-2426
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin myghpay WooCommerce Payment Gateway Cross-Site Scripting (3.0)
|
CVE-2021-39308
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Link Order Cross-Site Scripting (4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin myLinksDump 'url' Parameter SQL Injection (1.2)
|
CVE-2010-2924
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MyLiveChat-Free Live Chat Plugin for WordPress Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Page Order Cross-Site Scripting (4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MyPixs Local File Inclusion (0.3)
|
CVE-2015-1000012
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin My Site Audit Cross-Site Scripting (1.2.4)
|
CVE-2021-24445
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin mySTAT 'mystat.php' SQL Injection (2.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MyThemeShop Theme/Plugin Updater Cross-Site Scripting (1.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Tickets Cross-Site Request Forgery (1.9.10)
|
CVE-2022-47440
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin My Tickets Cross-Site Scripting (1.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Tickets Cross-Site Scripting (1.8.30)
|
CVE-2021-24796
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Tickets Security Bypass (1.9.11)
|
CVE-2023-23988
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin myTreasures Cross-Site Scripting (2.4.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin mywebcounter Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My Wish List Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin My WordPress Login Logo Multiple Unspecified Vulnerabilities (2.1)
|
|
|
High
|
|
WordPress Plugin My WP Translate Multiple Vulnerabilities (1.0.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Mz-jajak 'id' Parameter SQL Injection (2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin N-Media Post Front-end Form Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin N-Media Website Contact Form with File Upload Arbitrary File Upload (1.3.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin N-Media Website Contact Form with File Upload Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin N-Media Website Contact Form with File Upload Local File Inclusion (1.5)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin N5 Upload Form Arbitrary File Upload (1.0)
|
CVE-2021-24223
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin NAB Transact Security Bypass (2.1.0)
|
CVE-2020-11497
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Namaste! LMS Cross-Site Scripting (2.5.9.3)
|
CVE-2023-0548
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Namaste! LMS Cross-Site Scripting (2.5.9.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Name Directory Cross-Site Request Forgery (1.17.4)
|
CVE-2021-20652
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Name Directory Cross-Site Scripting (1.7.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Navis DocumentCloud Cross-Site Scripting (0.1)
|
CVE-2015-2807
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin nBill Lite PHP Object Injection (3.2.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin ND Shortcodes For Visual Composer Security Bypass (5.8)
|
CVE-2019-15771
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Nelio AB Testing Directory Traversal (4.4.4)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Nelio AB Testing Server-Side Request Forgery (4.5.10)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Nested Pages Cross-Site Scripting (1.6.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nested Pages Multiple Vulnerabilities (3.1.15)
|
CVE-2021-38342
CVE-2021-38343
CWE-352
CWE-601
|
CWE-352
CWE-601
|
High
|
|
WordPress Plugin Network Publisher 'networkpub_key' Parameter Cross-Site Scripting (5.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Neuvoo Jobs Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin News Element Elementor Blog Magazine Local File Inclusion (1.0.5)
|
CVE-2024-6459
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (3.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (4.6.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (6.7.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (7.8.9)
|
CVE-2023-4772
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress CSV Injection (6.5.3)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Multiple Vulnerabilities (6.8.1)
|
CVE-2020-35932
CVE-2020-35933
CWE-79
CWE-915
|
CWE-79
CWE-915
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Open Redirect (2.6.4.4)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Open Redirect (3.7.0)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress SQL Injection (3.0.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Newsletter-Send awesome emails from WordPress Unspecified Vulnerability (4.1.1)
|
|
|
High
|
|
WordPress Plugin Newsletter by Supsystic Cross-Site Scripting (1.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletter by Supsystic SQL Injection (1.5.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Newsletter Manager Multiple Cross-Site Scripting Vulnerabilities (1.0.1)
|
CVE-2012-6627
CVE-2012-6628
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletter Manager PHP Object Injection (1.5.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Newsletter Meenews 'idnews' Parameter Cross-Site Scripting (5.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletters Cross-Site Scripting (4.6.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Newsletters Multiple Vulnerabilities (4.6.5.3)
|
CWE-79
CWE-538
|
CWE-79
CWE-538
|
High
|
|
WordPress Plugin Newsletters Multiple Vulnerabilities (4.6.6.2)
|
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin Newsletters Multiple Vulnerabilities (4.6.14)
|
CVE-2019-14787
CVE-2019-14788
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin Newsletters PHP Object Injection (4.6.8.5)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Newsletter Subscription Form Possible Remote Code Execution (1.1.2)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Newsletters Unspecified Vulnerability (4.5.5.2)
|
|
|
High
|
|
WordPress Plugin Newspack Blocks Arbitrary File Upload (3.0.8)
|
CVE-2024-37424
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin NewsPlugin Cross-Site Request Forgery (1.0.18)
|
CVE-2021-34631
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin NewStatPress Cross-Site Scripting (1.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NewStatPress Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NewStatPress Cross-Site Scripting (1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NewStatPress Multiple Vulnerabilities (0.9.8)
|
CVE-2015-4062
CVE-2015-4063
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin NewStatPress Multiple Vulnerabilities (1.0.4)
|
CVE-2015-9312
CVE-2015-9313
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin New Year Firework Cross-Site Scripting (1.1.9)
|
CVE-2016-1000140
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NEX-Forms-The Ultimate WordPress Form Builder Security Bypass (7.8.7)
|
CVE-2021-34675
CVE-2021-34676
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin NEX-Forms-Ultimate Form builder Multiple SQL Injection Vulnerabilities (4.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NEX-Forms-Ultimate Form builder SQL Injection (3.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NEX-Forms Lite-WordPress Contact Form builder Cross-Site Scripting (2.1.0)
|
CVE-2014-7151
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextCellent Gallery-NextGEN Legacy Cross-Site Scripting (1.9.17)
|
CVE-2014-3123
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextCellent Gallery-NextGEN Legacy Cross-Site Scripting (1.9.27)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.0)
|
CVE-2014-8800
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.5)
|
CVE-2015-4413
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nextend Facebook Connect Unspecified Vulnerability (1.5.7)
|
|
|
High
|
|
WordPress Plugin Nextend Google Connect Cross-Site Scripting (1.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nextend Google Connect Cross-Site Scripting (1.5.2)
|
CVE-2015-4557
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nextend Google Connect Unspecified Vulnerability (1.5.3)
|
|
|
High
|
|
WordPress Plugin Nextend Twitter Connect Cross-Site Scripting (1.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nextend Twitter Connect Cross-Site Scripting (1.5.1)
|
CVE-2015-4557
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery 'Gallery Path' Field Cross-Site Scripting (1.9.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery 'nggallery-manage-gallery' HTML Injection (0.96)
|
CVE-2008-7175
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery 'swfupload.swf' Cross-Site Scripting (1.9.7)
|
CVE-2012-3414
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery 'xml/media-rss.php' Cross-Site Scripting (1.5.1)
|
CVE-2010-1186
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Arbitrary File Upload (1.9.12)
|
CVE-2013-3684
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Arbitrary File Upload (2.1.10)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Cross-Site Scripting (2.2.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Directory Traversal (2.0.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Directory Traversal (2.1.9)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Information Disclosure (1.9.11)
|
CVE-2013-0291
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.7)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.56)
|
CVE-2016-6565
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Cross-Site Request Forgery Vulnerabilities (3.4.7)
|
CVE-2020-35942
CVE-2020-35943
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Cross-Site Scripting Vulnerabilities (2.0.66.16)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Cross-Site Scripting Vulnerabilities (2.1.9)
|
CVE-2015-9537
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Cross-Site Scripting Vulnerabilities (2.1.20)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple HTML Injection Vulnerabilities (1.9.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Vulnerabilities (2.0.77)
|
CVE-2015-1784
CVE-2015-1785
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery PHP Object Injection (3.1.5)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Privilege Escalation (3.2.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Remote Code Execution (2.1.59)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Security Bypass (3.1.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery SQL Injection (2.1.77)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery SQL Injection (3.2.10)
|
CVE-2019-14314
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Unspecified Vulnerability (2.0.77.3)
|
|
|
High
|
|
WordPress Plugin NextGEN Gallery-WordPress Gallery Unspecified Vulnerability (2.2.46)
|
CVE-2018-7586
|
|
High
|
|
WordPress Plugin NextGEN Gallery Sell Photo Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Pro Cross-Site Scripting (3.1.9)
|
CVE-2021-24293
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NextMove Lite-Thank You Page for WooCommerce Cross-Site Request Forgery (2.18.1)
|
CVE-2024-32104
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin NextMove Lite-Thank You Page for WooCommerce Security Bypass (2.17.0)
|
CVE-2024-25092
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Request Forgery (4.3.24)
|
CVE-2021-25072
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (3.4.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.2.7)
|
CVE-2019-9911
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.20)
|
CVE-2021-38356
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.23)
|
CVE-2021-24975
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NextScripts:Social Networks Auto-Poster Security Bypass (4.3.17)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin NextScripts:Social Networks Auto-Poster Unspecified Vulnerability (4.3.2)
|
|
|
High
|
|
WordPress Plugin Nginx Helper Cross-Site Scripting (1.8.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nifty Newsletters (Formerly Sola Newsletters) Cross-Site Request Forgery (4.0.23)
|
CVE-2021-34634
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ninja Announcements Lite 'ninja_annc.php' SQL Injection (1.2.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder Cross-Site Request Forgery (3.4.24.1)
|
CVE-2020-12462
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Request Forgery (2.7.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Request Forgery (3.4.27)
|
CVE-2020-36174
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.8.6)
|
CVE-2014-8815
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.31)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.2.13)
|
CVE-2018-7280
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.17)
|
CVE-2018-19287
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.4.22.1)
|
CVE-2020-8594
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.5.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.5.8.1)
|
CVE-2021-24381
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.21)
|
CVE-2023-1835
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.8.8)
|
CVE-2015-2220
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.9.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.9.51)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (2.9.42)
|
CVE-2016-1209
CWE-264
CWE-434
CWE-915
|
CWE-264
CWE-434
CWE-915
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.3.13)
|
CVE-2018-16308
CWE-20
CWE-79
|
CWE-20
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.33)
|
CVE-2021-24163
CVE-2021-24165
CVE-2021-24166
CWE-200
CWE-352
CWE-601
|
CWE-200
CWE-352
CWE-601
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.34)
|
CVE-2021-24164
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Open Redirect (3.3.19)
|
CVE-2018-19796
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Code Injection (3.6.10)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Object Injection (3.6.12)
|
CVE-2022-2903
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Security Bypass (3.0.30)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Security Bypass (3.5.7)
|
CVE-2021-34647
CVE-2021-34648
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.29)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.55.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.3.21.1)
|
CVE-2019-15025
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.6.3)
|
CVE-2021-24889
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.8.9)
|
CVE-2014-9688
|
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.9.24)
|
|
|
High
|
|
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (3.4.27.1)
|
CVE-2020-36173
|
|
High
|
|
WordPress Plugin Ninja Forms with File Uploads Extension Arbitrary File Upload (3.3.0)
|
CVE-2022-0888
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ninja Forms with File Uploads Extension Cross-Site Scripting (3.3.12)
|
CVE-2022-0889
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ninja Forms with File Uploads Extension Multiple Vulnerabilities (3.0.22)
|
CVE-2019-10869
CWE-22
CWE-434
|
CWE-22
CWE-434
|
High
|
|
WordPress Plugin Ninja Popups Multiple Vulnerabilities (4.5.3)
|
CWE-22
CWE-915
|
CWE-22
CWE-915
|
High
|
|
WordPress Plugin Nmedia MailChimp Widget 'abs_path' Parameter Remote File Include (3.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Nmedia WordPress Member Conversation 'doupload.php' Arbitrary File Upload (1.3)
|
CVE-2012-3577
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin No Follow All External Links Spam Injection (2.3.0)
|
CWE-610
|
CWE-610
|
High
|
|
WordPress Plugin Nofollow for external link Multiple Unspecified Vulnerabilities (1.1.2)
|
|
|
High
|
|
WordPress Plugin Nofollow Links Cross-Site Scripting (1.0.10)
|
CVE-2016-4833
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nokia Maps & Places Cross-Site Scripting (1.6.6)
|
CVE-2014-1750
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Nooz Cross-Site Scripting (1.6.0)
|
CVE-2023-25794
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin No Page Comment Multiple Vulnerabilities (1.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin NOSpamPTI SQL Injection (2.1)
|
CVE-2013-5917
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Note Press SQL Injection (0.1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Notices Ticker Cross-Site Request Forgery (5.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Notices Ticker Cross-Site Scripting (6.1)
|
CVE-2021-38328
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Notification-Custom Notifications and Alerts for WordPress Cross-Site Scripting (7.2.4)
|
CVE-2021-39340
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar Cross-Site Request Forgery (1.8.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.8)
|
CVE-2022-0349
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.11)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.8.2)
|
CVE-2024-1698
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin NS Utilities Unspecified Vulnerability (1.0)
|
|
|
High
|
|
WordPress Plugin Numbers generator and validator Multiple Unspecified Vulnerabilities (1.02)
|
|
|
High
|
|
WordPress Plugin O2Tweet Cross-Site Request Forgery (0.0.4)
|
CVE-2014-9338
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin OAuth client Single Sign On for WordPress (OAuth 2.0 SSO) Security Bypass (3.0.3)
|
CVE-2022-3119
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Cross-Site Scripting (6.20.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Multiple Cross-Site Request Forgery Vulnerabilities (6.24.1)
|
CVE-2023-1092
CVE-2023-1093
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Security Bypass (6.22.5)
|
CVE-2022-2133
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Occasions Cross-Site Request Forgery (1.0.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ocean Extra Cross-Site Request Forgery (1.6.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ocean Extra Cross-Site Scripting (1.9.4)
|
CVE-2021-25104
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ocean Extra Cross-Site Scripting (2.1.1)
|
CVE-2023-23891
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ocean Extra Multiple Vulnerabilities (2.1.2)
|
CVE-2023-0749
CVE-2023-24399
CWE-79
CWE-639
|
CWE-79
CWE-639
|
High
|
|
WordPress Plugin Ocean Extra PHP Object Injection (2.0.4)
|
CVE-2022-3374
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Ocean Extra Security Bypass (1.5.8)
|
CVE-2019-16250
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin OdiHost Newsletter 'openstat.php' SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Official MailerLite Sign Up Forms Cross-Site Request Forgery (1.4.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Official MailerLite Sign Up Forms SQL Injection (1.4.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin OG Tags Cross-Site Request Forgery (2.0.1)
|
CVE-2021-20831
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Oi Yandex.Maps for WordPress Cross-Site Scripting (3.2.7)
|
CVE-2023-22721
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Oleggo LiveStream Cross-Site Scripting (0.2.6)
|
CVE-2014-4540
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Olevmedia Shortcodes Cross-Site Scripting (1.1.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Olevmedia Shortcodes Multiple Cross-Site Scripting Vulnerabilities (1.1.9)
|
CVE-2023-0168
CVE-2023-25798
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Olimometer SQL Injection (2.56)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin OMFG Mobile Pro Cross-Site Scripting (1.1.26)
|
CVE-2014-4541
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OMGF-Host Google Fonts Locally Multiple Vulnerabilities (4.5.3)
|
CVE-2021-24638
CVE-2021-24639
CWE-22
CWE-264
|
CWE-22
CWE-264
|
High
|
|
WordPress Plugin Omni Secure Files 'upload.php' Arbitrary File Upload (0.1.13)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Onclick show popup Cross-Site Scripting (6.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OneClick Chat to Order Cross-Site Scripting (1.0.4.1)
|
CVE-2022-4760
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin One Click SSL Cross-Site Request Forgery (1.4.6)
|
CVE-2019-15828
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin One Click Upsell Funnel for WooCommerce Unspecified Vulnerability (2.0.0)
|
|
|
High
|
|
WordPress Plugin OneLogin SAML SSO Security Bypass (2.2.0)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin OneLogin SAML SSO Unspecified Vulnerability (2.1.8)
|
|
|
High
|
|
WordPress Plugin One page checkout and layouts for woocommerce Unspecified Vulnerability (2.7)
|
|
|
High
|
|
WordPress Plugin OnePress Social Locker Multiple Cross-Site Scripting Vulnerabilities (4.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OnePress Social Locker Multiple Unspecified Vulnerabilities (4.2.5)
|
|
|
High
|
|
WordPress Plugin OneSignal-Web Push Notifications Cross-Site Scripting (1.17.7)
|
CVE-2019-15827
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin One User Avatar-User Profile Picture Multiple Vulnerabilities (2.3.6)
|
CVE-2021-24672
CVE-2021-24675
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin One User Avatar-User Profile Picture Unspecified Vulnerability (2.3.8)
|
|
|
High
|
|
WordPress Plugin Online Hotel Booking System Pro Cross-Site Scripting (1.1)
|
CVE-2020-15536
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Online Hotel Booking System Pro SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Online Lesson Booking Multiple Vulnerabilities (0.8.6)
|
CVE-2019-5972
CVE-2019-5973
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin On Page SEO + Social Live Chat (Formerly OPS) Cross-Site Scripting (1.0.1)
|
CVE-2021-38332
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ooorl Cross-Site Scripting (1.0.0)
|
CVE-2014-4542
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Opal Estate Cross-Site Request Forgery (1.6.11)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin open-flash-chart-core Remote Code Execution (0.4)
|
CVE-2009-4140
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Open Graph for Facebook, Google+ and Twitter Card Tags Cross-Site Scripting (2.2.4)
|
CVE-2018-0579
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Open Graph for Facebook, Google+ and Twitter Card Tags Unspecified Vulnerability (2.2.4.1)
|
|
|
High
|
|
WordPress Plugin OpenID Connect Generic Client Cross-Site Scripting (3.8.1)
|
CVE-2021-24214
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Opening Hours Cross-Site Scripting (2.3.0)
|
CVE-2022-4752
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Cross-Site Scripting (1.1.1)
|
CVE-2024-30450
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Supply Chain Attack [Polyfill.io] (1.1.2)
|
CWE-1372
|
CWE-1372
|
High
|
|
WordPress Plugin OPS Old Post Spinner 'ops_file' Parameter Local File Include (2.2.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Optimize images ALT Text (alt tag) & names for SEO using AI Cross-Site Request Forgery (2.0.7)
|
CVE-2022-4548
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin OptionTree Cross-Site Scripting (2.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OptionTree Cross-Site Scripting (2.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OptionTree PHP Object Injection (2.6.0)
|
CVE-2019-15319
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin OptionTree PHP Object Injection (2.7.2)
|
CVE-2019-15320
CVE-2019-15321
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin oQey Gallery 'gal_id' Parameter SQL Injection (0.4.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin oQey Gallery 'tbpv_domain' Parameter Cross-Site Scripting (0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin oQey Headers 'oqey_settings.php' SQL Injection (0.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Orbit Fox by ThemeIsle Multiple Vulnerabilities (2.10.2)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Order Export & Order Import for WooCommerce Cross-Site Request Forgery (1.6.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Order Export & Order Import for WooCommerce Information Disclosure (1.0.8)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Order XML File Export Import for WooCommerce Cross-Site Request Forgery (1.3.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Organizer Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (1.2.1)
|
CVE-2012-6511
CVE-2012-6512
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin OSD Subscribe Cross-Site Scripting (1.2.3)
|
CVE-2021-38351
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin OSM-OpenStreetMap SQL Injection (6.0.2)
|
CVE-2024-3604
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Otter-Gutenberg Blocks-Page Builder for Gutenberg Editor & FSE PHAR Deserialization (2.2.5)
|
CVE-2023-2288
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Our Team Showcase Cross-Site Request Forgery (1.2)
|
CVE-2014-9523
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin P3 (Plugin Performance Profiler) Cross-Site Scripting (1.5.3.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Package Quantity Discount Security Bypass (1.1.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Page-list Cross-Site Scripting (5.2)
|
CVE-2022-4485
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page and Post Clone Information Disclosure (1.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Page Animations And Transitions Unspecified Vulnerability (2.1.8)
|
|
|
High
|
|
WordPress Plugin Page Builder, Website Builder:Simply Symphony! & Flux Live!-Full Drag And Drop Front End Vi Cross-Site Scripting (0.2.7.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Arbitrary File Upload (2.7.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Cross-Site Scripting (2.7.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Cross-Site Scripting (2.7.9)
|
CVE-2019-9910
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Cross-Site Scripting (2.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Cross-Site Scripting (2.9.4)
|
CVE-2020-15299
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Multiple Vulnerabilities (2.9.2)
|
CWE-73
CWE-79
CWE-94
CWE-264
|
CWE-73
CWE-79
CWE-94
CWE-264
|
High
|
|
WordPress Plugin Page Builder:Live Composer Cross-Site Scripting (1.5.22)
|
CVE-2022-4669
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Builder:PageLayer-Drag and Drop website builder Cross-Site Request Forgery (1.1.1)
|
CVE-2020-35944
CVE-2020-35947
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Page Builder:PageLayer-Drag and Drop website builder Cross-Site Scripting (1.3.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Builder by SiteOrigin Cross-Site Request Forgery (2.10.15)
|
CVE-2020-13642
CVE-2020-13643
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Page Builder by SiteOrigin Cross-Site Scripting (2.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)
|
CVE-2008-5752
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Page Generator Cross-Site Scripting (1.5.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Restrict Cross-Site Scripting (2.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Restrict Open Redirect (2.2.3)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Page Showcaser Boxes Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Page Visit Counter SQL Injection (4.0.9)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pagination by BestWebSoft Cross-Site Scripting (1.0.6)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18527
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Business Listings Blind SQL Injection (1.0.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paid Downloads 'download_key' Parameter SQL Injection (2.01)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (1.9.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (3.1.10)
|
CVE-2021-24522
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (3.2.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (4.5.3)
|
CVE-2023-23996
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (4.5.4)
|
CVE-2023-23820
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Multiple Cross-Site Scripting Vulnerabilities (3.2.2)
|
CVE-2021-24954
CVE-2021-24955
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Multiple Cross-Site Scripting Vulnerabilities (4.5.0)
|
CVE-2022-4697
CVE-2022-4698
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Multiple Vulnerabilities (3.1.3)
|
CVE-2021-34621
CVE-2021-34622
CVE-2021-34623
CVE-2021-34624
CWE-264
CWE-434
|
CWE-264
CWE-434
|
High
|
|
WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress PHP Object Injection (4.3.2)
|
CVE-2022-45083
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Paid Memberships Pro-Content Restriction, User Registration, & Paid Subscriptions Insecure Direct Object Reference (3.0.4)
|
CVE-2024-37277
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin Paid Memberships Pro-Content Restriction, User Registration, & Paid Subscriptions SQL Injection (2.9.11)
|
CVE-2023-0631
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paid Memberships Pro-Content Restriction, User Registration, & Paid Subscriptions SQL Injection (3.0.5)
|
CVE-2024-37486
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paid Memberships Pro-Content Restriction, User Registration, & Paid Subscriptions Unspecified Vulnerability (2.10.5)
|
|
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions 'memberslist-csv.php' Information Disclosure (1.4.9)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Request Forgery (2.4.2)
|
CVE-2020-36754
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (1.8.9.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (2.5.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (2.6.5)
|
CVE-2021-24979
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (2.9.8)
|
CVE-2022-4830
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Directory Traversal (1.7.14.2)
|
CVE-2014-8801
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Information Disclosure (2.5.2)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Multiple Cross-Site Scripting Vulnerabilities (1.8.4.2)
|
CVE-2015-5532
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Multiple Vulnerabilities (1.9.2.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Open Redirect (2.0.5)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.3.2)
|
CVE-2020-5579
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.5.5)
|
CVE-2021-20678
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.6.6)
|
CVE-2021-25114
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.9.7)
|
CVE-2023-23488
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Parallax Scroll Cross-Site Scripting (2.0.1)
|
CVE-2019-7413
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Parcel Tracker eCourier Cross-Site Request Forgery (1.0.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Pardakht Delkhah Cross-Site Scripting (2.9.2)
|
CVE-2022-4307
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Parsian Bank Woocommerce Cross-Site Scripting (1.0)
|
CVE-2021-39309
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Parsi Date Cross-Site Scripting (4.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Participants Database Cross-Site Scripting (1.7.5.9)
|
CVE-2017-14126
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Participants Database Multiple Vulnerabilities (1.7.5.3)
|
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin Participants Database SQL Injection (1.5.4.8)
|
CVE-2014-3961
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Participants Database SQL Injection (1.9.5.5)
|
CVE-2020-8596
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Party Hall Booking Manager SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Passster-Password Protection Cross-Site Scripting (3.5.5.7)
|
CVE-2021-24837
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Passster-Password Protection Security Bypass (3.5.5.8)
|
CVE-2021-24881
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Passster-Password Protection Weak Encoding (3.5.5.5.1)
|
CVE-2022-3206
CWE-326
|
CWE-326
|
High
|
|
WordPress Plugin Passster Age Gate Security Bypass (4.0.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Password Protected Open Redirect (1.4)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Password Protected Unspecified Vulnerability (2.0)
|
|
|
High
|
|
WordPress Plugin Password Vault Cross-Site Scripting (1.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Patreon WordPress Multiple Cross-Site Scripting Vulnerabilities (1.7.1)
|
CVE-2021-24228
CVE-2021-24229
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Patreon WordPress Multiple Vulnerabilities (1.6.9)
|
CVE-2021-24227
CVE-2021-24230
CVE-2021-24231
CWE-352
CWE-538
|
CWE-352
CWE-538
|
High
|
|
WordPress Plugin Patreon WordPress PHP Object Injection (1.2.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin PayGreen-Ancienne version Cross-Site Request Forgery (4.10.2)
|
CVE-2023-25986
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Payment Form for PayPal Pro Multiple Cross-Site Scripting Vulnerabilities (1.0.1)
|
CVE-2015-7666
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Payment Form for PayPal Pro SQL Injection (1.1.64)
|
CVE-2020-14092
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Payment Gateways Caller for WP e-Commerce Local File Inclusion (0.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin PayPal Digital Downloads Cross-Site Request Forgery (1.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin PayPal Digital Goods powered by Cleeng Cross-Site Scripting (2.2.13)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PayPal for WooCommerce Security Bypass (1.5.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin PayPal Shopping Cart Multiple Vulnerabilities (1.1.9)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin PayPal WP Button Manager SQL Injection (0.1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pay Per Media Player Multiple Cross-Site Scripting Vulnerabilities (1.24)
|
CVE-2014-4543
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PayPlus Payment Gateway SQL Injection (6.6.8)
|
CVE-2024-6205
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin PayPlus Payment Gateway SQL Injection (7.0.7)
|
CVE-2024-37564
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Paytium:Mollie payment forms & donations Cross-Site Scripting (3.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Paytm-Donation SQL Injection (1.3.2)
|
CVE-2021-24554
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pay With Tweet SQL Injection and Cross-Site Scripting Vulnerabilities (1.1)
|
CVE-2012-5349
CVE-2012-5350
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pctags-Pinterest conversion tags for Pinterest Ads (advertising) + Event tracking + Site verification + WooCommerce Security Bypass (1.0.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin PDF & Print Button Joliprint Multiple Cross-Site Scripting Vulnerabilities (1.3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (1.7.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (1.9.3)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18528
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (2.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PDF Embedder Security Bypass (4.4)
|
CVE-2019-19589
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin PDF Flipbook, 3D Flipbook WordPress-DearFlip Cross-Site Scripting (1.7.9)
|
CVE-2021-24732
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PDF Flipbook, 3D Flipbook WordPress-DearFlip Unspecified Vulnerability (1.7.12)
|
|
|
High
|
|
WordPress Plugin PDF Viewer Block for Gutenberg Cross-Site Scripting (1.0)
|
CVE-2021-24760
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PDF Viewer Cross-Site Scripting (0.1)
|
CVE-2023-0033
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PDW Media File Browser 'upload.php' Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Permalink Manager Lite Cross-Site Request Forgery (2.2.19.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Permalink Manager Lite Cross-Site Request Forgery (2.2.20.1)
|
CVE-2022-4021
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Permalink Manager Lite Cross-Site Scripting (2.2.14)
|
CVE-2022-0201
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Permalink Manager Lite SQL Injection (2.2.12)
|
CVE-2021-24769
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Permalink Manager Lite Unspecified Vulnerability (2.2.13.1)
|
|
|
High
|
|
WordPress Plugin Per page add to head Cross-Site Request Forgery (1.4.3)
|
CVE-2021-24586
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Per page add to head Cross-Site Scripting (1.4.4)
|
CVE-2021-24619
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Persian Woocommerce SMS Cross-Site Scripting (3.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Personalized WooCommerce Cart Page Cross-Site Request Forgery (2.4)
|
CVE-2019-5979
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Peter's Login Redirect Multiple Vulnerabilities (2.9.0)
|
CVE-2019-15115
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Peter's Math Anti-Spam Audio CAPTCHA Security Bypass (0.1.6)
|
CVE-2008-7216
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Peugeot Music Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin PG Flash Gallery Cross-Site Scripting (4.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PhastPress Open Redirect (1.110)
|
CVE-2021-24210
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Phoenix Media Rename Security Bypass (3.4.2)
|
CVE-2021-24816
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin PhonePe Payment Solutions Server-Side Request Forgery (1.0.15)
|
CVE-2022-45835
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin PhoneTrack Meu Site Manager Cross-Site Scripting (0.1)
|
CVE-2021-24534
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photocart Link Local File Inclusion (1.6)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Request Forgery (3.2.9)
|
CVE-2022-45804
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Request Forgery (3.2.11)
|
CVE-2023-24414
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Scripting (3.2.12)
|
CVE-2023-27620
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Multiple Unspecified Vulnerabilities (1.7.3)
|
|
|
High
|
|
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Remote Code Execution (2.0.14)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Security Bypass (2.0.15)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Unspecified Vulnerability (2.0.18)
|
|
|
High
|
|
WordPress Plugin Photo Gallery-Image Gallery by Ape Cross-Site Scripting (1.6.14)
|
CVE-2019-6117
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery-Image Gallery by Ape Security Bypass (2.0.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Arbitrary File Upload (1.2.5)
|
CVE-2014-9312
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.2.12)
|
CVE-2015-2324
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.22)
|
CVE-2019-14797
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.67)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.68)
|
CVE-2021-24291
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.73)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.75)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.78)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.33)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.42)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Local File Inclusion (1.5.24)
|
CVE-2019-14798
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Multiple Cross-Site Scripting Vulnerabilities (1.1.30)
|
CVE-2014-6315
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Multiple Cross-Site Scripting Vulnerabilities (1.5.45)
|
CVE-2020-9335
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Multiple Vulnerabilities (1.2.9)
|
CVE-2015-1393
CVE-2015-1394
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Multiple Vulnerabilities (1.5.34)
|
CVE-2019-16117
CVE-2019-16118
CVE-2019-16119
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.2.7)
|
CVE-2015-1055
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.29)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.50)
|
CVE-2017-12977
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.5.30)
|
CVE-2019-14313
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.5.54)
|
CVE-2021-24139
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Unspecified Vulnerability (1.2.41)
|
|
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Unspecified Vulnerability (1.2.100)
|
|
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Unspecified Vulnerability (1.3.66)
|
|
|
High
|
|
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Unspecified Vulnerability (1.5.55)
|
|
|
High
|
|
WordPress Plugin Photo Gallery by Ays-Responsive Image Gallery SQL Injection (1.0.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by Ays-Responsive Image Gallery SQL Injection (4.4.3)
|
CVE-2021-24462
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photo Gallery by Supsystic Multiple Vulnerabilities (1.8.5)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Photoracer 'id' Parameter SQL Injection (1.0)
|
CVE-2009-2122
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Photoracer Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin PhotoSmash Galleries 'action' Parameter Cross-Site Scripting (1.0.2)
|
CVE-2011-5307
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PhotoSmash Galleries Arbitrary File Upload (1.0.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Photospace Gallery Cross-Site Scripting (2.3.5)
|
CVE-2022-3991
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photospace Responsive Gallery Unspecified Vulnerability (1.1.7)
|
|
|
High
|
|
WordPress Plugin Photoswipe Masonry Gallery Cross-Site Scripting (1.2.14)
|
CVE-2022-0750
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Photoswipe Masonry Gallery Unspecified Vulnerability (1.2.17)
|
|
|
High
|
|
WordPress Plugin PhotoXhibit Multiple Cross-Site Scripting Vulnerabilities (2.1.8)
|
CVE-2016-1000143
CVE-2016-1000144
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PHP Analytics Arbitrary File Upload (1.0.0.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin PHP Event Calendar for WordPress Arbitrary File Upload (1.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin PHP Everywhere Multiple Remote Code Execution Vulnerabilities (2.0.3)
|
CVE-2022-24663
CVE-2022-24664
CVE-2022-24665
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin PHP Everywhere Security Bypass (1.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin PHPFreeChat 'url' Parameter Cross-Site Scripting (0.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PHP Speedy 'admin_container.php' Remote PHP Code Execution (0.5.2)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin PI Button includes Backdoor [Only if downloaded via the vendor website] (3.3.3)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin PICA Photo Gallery 'imgname' Parameter Information Disclosure (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin PICA Photo Gallery 'picaPhotosResize.php' Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin PICA Photo Gallery SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin PickPlugins Product Slider for WooCommerce Cross-Site Scripting (1.13.21)
|
CVE-2021-24300
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PickPlugins Product Slider for WooCommerce Unspecified Vulnerability (1.13.23)
|
|
|
High
|
|
WordPress Plugin PictoBrowser Cross-Site Request Forgery (0.3.1)
|
CVE-2014-9392
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin PictPress 'resize.php' Multiple Local File Include Vulnerabilities (1.0)
|
CVE-2007-6369
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Picture Gallery-Frontend Image Uploads, AJAX Photo List Cross-Site Scripting (1.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Picturesurf Gallery 'upload.php' Arbitrary File Upload (1.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Pierre's Wordspew 'wordspew.php' Multiple SQL Injection Vulnerabilities (5.61)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pike Firewall Information Disclosure (1.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin PIKLIST-Rapid development framework Cross-Site Scripting (0.9.4.25)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pinblocks-Gutenberg blocks with Pinterest widgets Unspecified Vulnerability (1.0.1)
|
|
|
High
|
|
WordPress Plugin Pinpoint Booking System-#1 WordPress Booking SQL Injection (1.2)
|
CVE-2014-3210
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pinpoint Booking System-#1 WordPress Booking SQL Injection (2.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pinpoint Booking System-#1 WordPress Booking SQL Injection (2.9.9.2.8)
|
CVE-2023-0220
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pinterest 'Pin It' Button Cross-Site Scripting (2.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pinterest 'Pin It' Button Multiple Unspecified Vulnerabilities (1.3.1)
|
|
|
High
|
|
WordPress Plugin Pinterest Automatic Pin Security Bypass (4.14.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Pinterest Badge Cross-Site Scripting (1.9.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pinterest by BestWebSoft Cross-Site Scripting (1.0.4)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18517
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pinterest Feed Multiple Vulnerabilities (1.1.1)
|
CVE-2018-5653
CVE-2018-5654
CVE-2018-5655
CVE-2018-5656
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin pipdig Power pack (p3) Backdoor (4.7.3)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin PitchPrint Arbitrary File Upload (7.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin PitchPrint Arbitrary File Upload (7.2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Pixabay Images Multiple Vulnerabilities (2.3)
|
CVE-2015-1365
CVE-2015-1366
CVE-2015-1375
CVE-2015-1376
CWE-22
CWE-79
CWE-434
CWE-592
|
CWE-22
CWE-79
CWE-434
CWE-592
|
High
|
|
WordPress Plugin PixCodes Cross-Site Scripting (2.3.6)
|
CVE-2022-4671
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pixel Manager for WooCommerce-Track Google Analytics, Google Ads, TikTok and more Supply Chain Attack [Polyfill.io] (1.43.3)
|
CWE-1372
|
CWE-1372
|
High
|
|
WordPress Plugin PixelYourSite-Facebook Pixel (Events, WooCommerce & Easy Digital Downloads) Cross-Site Scripting (5.2.1)
|
CVE-2018-0578
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PixelYourSite-Facebook Pixel (Events, WooCommerce & Easy Digital Downloads) Multiple Unspecified Vulnerabilities (4.0.2)
|
|
|
High
|
|
WordPress Plugin Placemarks Cross-Site Scripting (2.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Plainview Activity Monitor Remote Command Execution (20161228)
|
CVE-2018-15877
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin PlanSo Forms Cross-Site Scripting (2.6.3)
|
CVE-2021-24516
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Platinum SEO Pack Cross-Site Scripting (1.3.7)
|
CVE-2013-5918
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Playbuzz Cross-Site Scripting (0.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Plotly Cross-Site Scripting (1.0.2)
|
CVE-2015-5484
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Plug-N-Edit Full Drag & Drop HTML Visual Editor with Web Page Builder WYSIWYG Cross-Site Scripting (5.2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Plugin:Newsletter 'data' Parameter Information Disclosure (1.5)
|
CVE-2012-3588
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Plugin Central Multiple Cross-Site Scripting Vulnerabilities (2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pluginception Multiple Cross-Site Scripting Vulnerabilities (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Plugmatter Optin Feature Box Multiple SQL Injection Vulnerabilities (2.0.13)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Plugmatter Pricing Table Cross-Site Scripting (1.0.32)
|
CVE-2021-34659
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Plug your WooCommerce into the largest catalog of customized print products from Helloprint Cross-Site Scripting (1.4.6)
|
CVE-2022-3908
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Podcast Channels Cross-Site Scripting (0.20)
|
CVE-2014-4544
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Podcast Importer SecondLine SQL Injection (1.3.7)
|
CVE-2022-1023
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Podcast Subscribe Buttons Cross-Site Scripting (1.4.1)
|
CVE-2021-24743
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Podlove Podcast Publisher Cross-Site Request Forgery (3.8.3)
|
CVE-2023-25472
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Podlove Podcast Publisher Cross-Site Scripting (3.8.2)
|
CVE-2023-25046
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Podlove Podcast Publisher Multiple Cross-Site Scripting Vulnerabilities (2.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Podlove Podcast Publisher Multiple Vulnerabilities (2.3.15)
|
CVE-2016-10941
CVE-2016-10942
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Podlove Podcast Publisher SQL Injection (2.5.3)
|
CVE-2017-12949
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Podlove Podcast Publisher SQL Injection (3.5.5)
|
CVE-2021-24666
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Podlove Subscribe button Cross-Site Scripting (1.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Podlove Subscribe button Multiple Vulnerabilities (1.3.7)
|
CVE-2023-25479
CVE-2023-25481
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin podPress Cross-Site Scripting (8.8.10.13)
|
CVE-2013-2714
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pods-Custom Content Types and Fields Malicious Code (3.2.3)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Pods-Custom Content Types and Fields Multiple Cross-Site Scripting Vulnerabilities (2.7.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pods-Custom Content Types and Fields Multiple Vulnerabilities (2.4.3)
|
CVE-2014-7956
CVE-2014-7957
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Pods-Custom Content Types and Fields SQL Injection (2.5.1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Poll, Survey, Form & Quiz Maker by OpinionStage Cross-Site Scripting (19.6.24)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Poll, Survey, Form & Quiz Maker by OpinionStage Unspecified Vulnerability (15.0.0)
|
|
|
High
|
|
WordPress Plugin Poll, Survey, Questionnaire and Voting system SQL Injection (1.2.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Poll, Survey, Questionnaire and Voting system SQL Injection (1.5.2)
|
CVE-2021-24442
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Polldaddy Polls & Ratings Cross-Site Request Forgery (2.0.20)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Polldaddy Polls & Ratings Cross-Site Scripting (2.0.24)
|
CVE-2014-4856
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Polldaddy Polls & Ratings Cross-Site Scripting (2.0.31)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Polldaddy Polls & Ratings Unspecified Vulnerability (2.0.25)
|
|
|
High
|
|
WordPress Plugin PollDeep Arbitrary File Upload (1.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Poll Maker Cross-Site Scripting (3.2.8)
|
CVE-2021-34635
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Poll Maker SQL Injection (3.2.0)
|
CVE-2021-24483
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Poll Maker SQL Injection (3.4.1)
|
CVE-2021-24651
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Polls CP Multiple Vulnerabilities (1.0.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Polls CP Unspecified Vulnerability (1.0.17)
|
|
|
High
|
|
WordPress Plugin Polo Video Gallery-Best wordpress video gallery Cross-Site Scripting (1.2)
|
CVE-2021-24415
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Polylang Cross-Site Request Forgery (2.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Polylang Cross-Site Scripting (1.5.1)
|
CVE-2014-4855
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pondol Carousel Cross-Site Scripting (1.0)
|
CVE-2016-1000145
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pondol Form to Mail Cross-Site Scripting (1.1)
|
CVE-2016-1000146
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin pootle button Cross-Site Scripting (1.1.1)
|
CVE-2017-15811
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PopCash.Net Code Integration Tool Cross-Site Scripting (1.0)
|
CVE-2017-15810
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popular Posts by BestWebSoft Cross-Site Scripting (1.0.4)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin Cross-Site Request Forgery (1.2.19.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin Security Bypass (1.2.35.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin Security Bypass (1.2.49.0)
|
CVE-2022-36340
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Popup-Popup More Popups Directory Traversal (2.2.4)
|
CVE-2024-0844
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Popup Anything-A Marketing Popup Cross-Site Scripting (2.0.3)
|
CVE-2021-24883
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup box SQL Injection (2.3.3)
|
CVE-2021-24458
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Cross-Site Scripting (3.69.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Cross-Site Scripting (4.2.2)
|
CVE-2023-6000
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Cross-Site Scripting (4.2.6)
|
CVE-2024-30184
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Cross-Site Scripting (4.2.7)
|
CVE-2024-2506
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Multiple Vulnerabilities (3.63)
|
CVE-2020-10195
CVE-2020-10196
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Multiple Vulnerabilities (3.71)
|
CWE-22
CWE-264
|
CWE-22
CWE-264
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Security Bypass (4.3.0)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Server-Side Request Forgery (4.2.5)
|
CVE-2023-6294
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups SQL Injection (2.6.7.6)
|
CVE-2020-9006
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups SQL Injection (3.44)
|
CVE-2019-14695
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Unspecified Vulnerability (2.5.3)
|
|
|
High
|
|
WordPress Plugin Popup by Supsystic Cross-Site Request Forgery (1.7.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Popup by Supsystic Cross-Site Scripting (1.10.4)
|
CVE-2021-24275
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Like box-Page SQL Injection (3.5.2)
|
CVE-2021-24460
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Request Forgery (1.18.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.6.4)
|
CVE-2017-2284
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.4)
|
CVE-2022-1104
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.10)
|
CVE-2022-3690
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Information Disclosure (1.8.11)
|
CVE-2019-17574
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Multiple Cross-Site Scripting Vulnerabilities (1.16.8)
|
CVE-2022-4362
CVE-2022-4381
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Multiple Vulnerabilities (1.17.1)
|
CVE-2022-47597
CWE-200
CWE-862
|
CWE-200
CWE-862
|
High
|
|
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Security Bypass (1.7.29)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Popup Modal For Youtube Cross-Site Scripting (1.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram Cross-Site Request Forgery (1.9.18)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram Cross-Site Scripting (1.10.28.2)
|
CVE-2019-15830
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram Cross-Site Scripting (2.0.2)
|
CVE-2021-36832
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram Cross-Site Scripting (2.0.4)
|
CVE-2021-24941
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portable phpMyAdmin Authentication Bypass (1.3.0)
|
CVE-2012-5469
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Portfolio-WordPress Portfolio Cross-Site Request Forgery (2.8.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Portfolio-WordPress Portfolio Cross-Site Scripting (2.8.10)
|
CVE-2023-23685
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portfolio by BestWebSoft Cross-Site Scripting (2.39)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portfolio by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (2.27)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portfolio Cross-Site Request Forgery (1.0)
|
CVE-2015-6523
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Portfolio for Elementor, Image Gallery & Post Grid-PowerFolio Cross-Site Scripting (2.3)
|
CVE-2022-4765
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portfolio for Elementor, Image Gallery & Post Grid-PowerFolio Security Bypass (2.1.6)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Portfolio for Elementor, Image Gallery & Post Grid-PowerFolio Unspecified Vulnerability (2.3.1)
|
|
|
High
|
|
WordPress Plugin Portfolio Gallery-Image Gallery Cross-Site Request Forgery (1.1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Portfolio Gallery-Photo Gallery Cross-Site Scripting (1.5.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portfolio Gallery-Photo Gallery Cross-Site Scripting (2.1.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portfolio Gallery-Photo Gallery Cross-Site Scripting (2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portfolio Gallery-Photo Gallery Multiple Unspecified Vulnerabilities (2.0.72)
|
|
|
High
|
|
WordPress Plugin Portfolio Gallery-Photo Gallery Unspecified Vulnerability (2.3.0)
|
|
|
High
|
|
WordPress Plugin Portfolio Responsive Gallery SQL Injection (1.1.7)
|
CVE-2021-24457
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Portfolio Slideshow Cross-Site Scripting (1.13.0)
|
CVE-2023-23717
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Portrait-Archiv.com Photostore Cross-Site Scripting (3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin post-views Cross-Site Scripting (2.6.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Connector Cross-Site Scripting (1.0.3)
|
CVE-2015-9362
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Content XMLRPC SQL Injection (1.0)
|
CVE-2021-24629
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Post Custom Templates Lite Cross-Site Scripting (1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Duplicator Cross-Site Scripting (2.16)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions Cross-Site Scripting (2.6.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions Cross-Site Scripting (2.7.2)
|
CVE-2022-38971
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions PHAR Deserialization (2.7.7)
|
CVE-2023-26326
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions Security Bypass (2.3.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions Security Bypass (2.6.2)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions SQL Injection (2.2.7)
|
CVE-2018-21003
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Post Grid, List for WordPress-Content Views Cross-Site Scripting (1.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Grid, List for WordPress-Content Views Cross-Site Scripting (1.9.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Grid, Post Carousel, & List Category Posts-by Smart Post Show Cross-Site Request Forgery (2.3.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Post Grid Arbitrary File Deletion (2.0.12)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Post Grid Gutenberg Blocks and WordPress Blog-PostX Multiple Vulnerabilities (2.4.9)
|
CVE-2021-24652
CVE-2021-24659
CVE-2021-24660
CVE-2021-24661
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Post Grid Gutenberg Blocks and WordPress Blog-PostX Security Bypass (4.1.2)
|
CVE-2024-5326
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Post Grid Multiple Vulnerabilities (2.0.71)
|
CVE-2020-35936
CVE-2020-35938
CWE-79
CWE-915
|
CWE-79
CWE-915
|
High
|
|
WordPress Plugin Post Grid PHP Object Injection (2.0.11)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin post highlights 'ph_settings.php' SQL Injection (2.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin post highlights Cross-Site Scripting (2.6)
|
CVE-2014-8087
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Postie 'From' Field Cross-Site Scripting (1.4.3)
|
CVE-2012-2580
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Postie Multiple Vulnerabilities (1.9.40)
|
CVE-2019-20203
CVE-2019-20204
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Post Index Cross-Site Request Forgery (0.7.5)
|
CVE-2021-34637
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Post Indexer (WPMU DEV) Multiple Vulnerabilities (3.0.6.1)
|
CWE-89
CWE-94
|
CWE-89
CWE-94
|
High
|
|
WordPress Plugin Post Lists View Custom Cross-Site Scripting (1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Logo Cross-Site Scripting (1.1b)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PostmagThemes Demo Import Arbitrary File Upload (1.0.7)
|
CVE-2022-1540
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Postman SMTP Mailer/Email Log Cross-Site Scripting (2.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Postmatic-Post and comment subscriptions that invite you to hit reply Cross-Site Scripting (1.4.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Pay Counter PHP Object Injection (2.730)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Post PDF Export Local File Inclusion (1.0.1)
|
CVE-2014-2383
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Posts in Page Local File Inclusion (1.2.4)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Request Forgery (2.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Request Forgery (2.0.20)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (1.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.5.7)
|
CVE-2023-3082
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.7.0)
|
CVE-2023-5958
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.8.6)
|
CVE-2023-6629
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.8.7)
|
CVE-2023-7027
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Multiple Cross-Site Request Forgery Vulnerabilities (2.5.6)
|
CVE-2023-3178
CVE-2023-3179
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Security Bypass (2.8.7)
|
CVE-2023-6875
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Server-Side Request Forgery (2.1.6)
|
CVE-2022-2352
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark SQL Injection (2.8.6)
|
CVE-2023-6620
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark SQL Injection (2.9.3)
|
CVE-2024-5207
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Post Snippets Security Bypass (3.0.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Post Thumbnail Editor Multiple Cross-Site Request Forgery Vulnerabilities (2.4.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Post Title Counter Cross-Site Scripting (1.1)
|
CVE-2021-38326
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post to CSV by BestWebSoft Cross-Site Scripting (1.3.0)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post to CSV by BestWebSoft CSV Injection (1.4.0)
|
CVE-2022-3393
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Post to Social Media-WordPress to Hootsuite Cross-Site Scripting (1.3.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post to Twitter Cross-Site Request Forgery (0.7)
|
CVE-2014-9393
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Post Type Switcher Multiple Unspecified Vulnerabilities (1.5.0)
|
|
|
High
|
|
WordPress Plugin Post video players, slideshow albums, photo galleries and music/podcast playlist Cross-Site Scripting (1.136)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Views Count (Support caching plugins!) Cross-Site Scripting (3.0.2)
|
CVE-2022-4761
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Post Views Counter Cross-Site Scripting (1.3.4)
|
CVE-2021-24613
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Power Charts-Responsive Beautiful Charts & Graphs Cross-Site Scripting (0.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Powerhouse Museum Collection Image Grid 'tbpv_username' Parameter Cross-Site Scripting (0.9.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPack Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (2.3.1)
|
CVE-2021-24263
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPack for Beaver Builder Privilege Escalation (2.33.0)
|
CVE-2024-39633
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin PowerPack Lite for Beaver Builder Cross-Site Scripting (1.2.9.2)
|
CVE-2022-0176
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPack Lite for Beaver Builder Cross-Site Scripting (1.3.0)
|
CVE-2024-2289
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPack Lite for Beaver Builder Cross-Site Scripting (1.3.0.4)
|
CVE-2024-37409
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPack Lite for Beaver Builder Local File Inclusion (1.3.0.3)
|
CVE-2024-37410
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin PowerPack Pro for Elementor Privilege Escalation (2.10.14)
|
CVE-2024-39634
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Powerplay Gallery 'upload.php' Arbitrary File Upload (3.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Powerplay Gallery Multiple Vulnerabilities (3.3)
|
CVE-2015-5599
CVE-2015-5681
CVE-2015-5682
CWE-89
CWE-434
|
CWE-89
CWE-434
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Arbitrary File Upload (8.3.7)
|
CVE-2021-24123
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (6.0)
|
CVE-2015-1385
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (6.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (10.0)
|
CVE-2023-1917
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (10.0.1)
|
CVE-2023-30778
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Malicious Code (11.9.4)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Multiple Vulnerabilities (8.4.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry SQL Injection (6.0.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin PowerPress Podcasting by Blubrry Unspecified Vulnerability (8.6.1)
|
|
|
High
|
|
WordPress Plugin Power Zoomer Arbitrary File Upload (1.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Powie's WHOIS Domain Check Cross-Site Scripting (0.9.31)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Premium Addons for Elementor Cross-Site Scripting (3.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Premium Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (4.2.7)
|
CVE-2021-24257
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Premium Addons for Elementor Security Bypass (4.5.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Premium Blocks for Gutenberg Unspecified Vulnerability (1.7.4)
|
|
|
High
|
|
WordPress Plugin Premium SEO Pack Multiple Vulnerabilities (1.8.0)
|
CWE-434
CWE-538
|
CWE-434
CWE-538
|
High
|
|
WordPress Plugin Premium SEO Pack Security Bypass (1.9.1.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Premmerce Permalink Manager for WooCommerce Local File Inclusion (2.3.10)
|
CVE-2024-27971
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Premmerce Product Filter for WooCommerce Security Bypass (3.1.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Premmerce Variation Swatches for WooCommerce Security Bypass (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Premmerce Wholesale Pricing for WooCommerce Security Bypass (1.1.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Premmerce Wishlist for WooCommerce Security Bypass (1.1.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Pressbooks Cross-Site Scripting (2.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Pressbooks Textbook Cross-Site Scripting (1.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PressForward Cross-Site Scripting (4.3.0)
|
CVE-2017-12948
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Prevent files/folders access Cross-Site Request Forgery (1.1.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Preview E-mails for WooCommerce Cross-Site Scripting (1.6.8)
|
CVE-2021-42363
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Price Commander for WooCommerce Security Bypass (1.2.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Pricing Table Builder-AP Pricing Tables Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Pricing Table by Supsystic Cross-Site Request Forgery (1.8.0)
|
CVE-2020-9394
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Pricing Table by Supsystic Multiple Vulnerabilities (1.8.1)
|
CVE-2020-9392
CVE-2020-9393
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Pricing Table by Supsystic Multiple Vulnerabilities (1.8.7)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Print, PDF, Email by PrintFriendly Multiple Cross-Site Scripting Vulnerabilities (3.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Print, PDF, Email by PrintFriendly Multiple Unspecified Vulnerabilities (3.5.2)
|
|
|
High
|
|
WordPress Plugin Print-O-Matic Cross-Site Scripting (2.0.2)
|
CVE-2021-24710
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Print-O-Matic Cross-Site Scripting (2.1.7)
|
CVE-2022-4753
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Print Invoice & Delivery Notes for WooCommerce Cross-Site Request Forgery (4.7.2)
|
CVE-2022-46795
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Print Invoice & Delivery Notes for WooCommerce Cross-Site Scripting (4.7.1)
|
CVE-2023-0479
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Cross-Site Request Forgery (3.4.1)
|
CVE-2021-24636
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5)
|
CVE-2019-11565
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Prismatic Multiple Cross-Site Scripting Vulnerabilities (2.7)
|
CVE-2021-24408
CVE-2021-24409
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Private Only Multiple Vulnerabilities (3.5.1)
|
CVE-2015-5483
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Processing Embed 'pluginurl' Parameter Cross-Site Scripting (0.5)
|
CVE-2010-4747
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Process Steps Template Designer Cross-Site Request Forgery (1.2.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Product Addons & Fields for WooCommerce Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (18.3)
|
CVE-2019-14948
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.5)
|
CVE-2023-1839
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.6)
|
CVE-2023-2256
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Addons & Fields for WooCommerce Same Origin Method Execution (SOME) (14.0)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Addons & Fields for WooCommerce Security Bypass (23.9)
|
CVE-2021-25018
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Product Addons & Fields for WooCommerce Unspecified Vulnerability (13.7)
|
|
|
High
|
|
WordPress Plugin Product Catalog 8 SQL Injection (1.2.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Product Catalog Arbitrary File Upload (3.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Product Catalog Arbitrary File Upload (3.8.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Product Catalog Cross-Site Scripting (4.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Catalog for WordPress Unspecified Vulnerability (1.4.5)
|
|
|
High
|
|
WordPress Plugin Product Catalog Multiple SQL Injection Vulnerabilities (2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Product Catalog Multiple Vulnerabilities (3.1.2)
|
CWE-79
CWE-352
CWE-434
|
CWE-79
CWE-352
CWE-434
|
High
|
|
WordPress Plugin Product Catalog Multiple Vulnerabilities (4.2.11)
|
CVE-2017-12199
CVE-2017-12200
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Product Catalog PHP Object Injection (4.2.25)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Product Catalog Privilege Escalation (3.8.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Product Catalog SQL Injection (3.1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Product Catalog SQL Injection (3.9.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Product Catalog SQL Injection (4.2.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Product Catalog Unspecified Vulnerability (3.1.3)
|
|
|
High
|
|
WordPress Plugin Product Catalog X Cross-Site Request Forgery (1.5.12)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More SQL Injection (3.3.0.3)
|
CVE-2021-24511
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Product Filter for WooCommerce Security Bypass (8.1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Product Import Export for WooCommerce Cross-Site Request Forgery (1.7.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Product Input Fields for WooCommerce Arbitrary File Download (1.2.6)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Product Limited Time Availability Date for woocommerce Cross-Site Scripting (1.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Lister for Walmart Remote Code Execution (1.0.1)
|
CVE-2017-9841
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Product list Widget for Woocommerce Cross-Site Scripting (1.0)
|
CVE-2022-4329
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Loops for WooCommerce-100+ Awesome styles and options for your WooCommerce products Security Bypass (1.6.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Product Reviews Import Export for WooCommerce Cross-Site Request Forgery (1.3.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Product Reviews Import Export for WooCommerce CSV Injection (1.4.8)
|
CVE-2022-46802
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Product Size charts for Woocommerce Unspecified Vulnerability (1.0)
|
|
|
High
|
|
WordPress Plugin Product Slider and Carousel with Category for WooCommerce Cross-Site Scripting (2.7.1)
|
CVE-2022-4791
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Slider for WooCommerce by PickPlugins Cross-Site Scripting (1.13.41)
|
CVE-2023-0166
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Slider for WooCommerce Cross-Site Scripting (2.6.3)
|
CVE-2022-4629
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Product Slider For WooCommerce Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.5)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Product Slider for WooCommerce Security Bypass (2.5.6)
|
CVE-2022-2382
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Product Subtitle For WooCommerce Arbitrary File Disclosure (4.1)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Product Table by WBW Remote Code Execution (2.0.1)
|
CVE-2024-6365
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Profile Builder Pro Security Bypass (3.1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Profile Builder Pro SQL Injection (3.3.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Profile Extra Fields by BestWebSoft Cross-Site Scripting (1.0.7)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Cross-Site Scripting (2.6.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Cross-Site Scripting (4.7.4)
|
CVE-2022-0233
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Privilege Escalation (5.8.9)
|
CVE-2024-6411
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Remote Code Execution (2.8.5)
|
CVE-2019-15873
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Unspecified Vulnerability (2.6.4)
|
|
|
High
|
|
WordPress Plugin Profiles 'bio-img.php' SQL Injection (2.0RC1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Project2App-Turn Your WordPress Site into an Android App Cross-Site Scripting (2.0.2)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Project Status Cross-Site Scripting (1.6)
|
CVE-2021-24558
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Project Supremacy V3 Lite Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PromoBar by BestWebSoft Cross-Site Scripting (1.1.0)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18529
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Properties and Agents-Real Estate Manager Cross-Site Scripting (6.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PropertyHive Cross-Site Scripting (1.4.14)
|
CVE-2018-6465
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PropertyHive Remote Code Execution (1.4.25)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin ProPlayer 'pp_playlist_id' Parameter SQL Injection (4.7.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ProPlayer SQL Injection (4.7.9.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Pro Quoter Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CVE-2014-4545
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Protected Posts Logout Button Cross-Site Request Forgery (1.4.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Protected Posts Logout Button Security Bypass (1.4.5)
|
CVE-2023-25454
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0)
|
CVE-2019-7412
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin PublishPress:Editorial Calendar, Workflow, Comments, Notifications and Statuses Cross-Site Scripting (3.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PublishPress Capabilities-User Role Access, Editor Permissions, Admin Menus Cross-Site Request Forgery (2.3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin PublishPress Capabilities-User Role Access, Editor Permissions, Admin Menus Security Bypass (2.3)
|
CVE-2021-25032
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin PublishPress Future: Automatically Unpublish WordPress Posts Cross-Site Scripting (2.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PublishPress Future: Automatically Unpublish WordPress Posts Multiple Vulnerabilities (2.1.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin PublishPress Future: Automatically Unpublish WordPress Posts Security Bypass (2.5.1)
|
CVE-2021-24783
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Publish to Schedule Cross-Site Request Forgery (4.4.2)
|
CVE-2023-25994
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Publish to Schedule Cross-Site Scripting (4.5.4)
|
CVE-2023-26519
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin PureHTML 'alter.php' SQL Injection (1.0.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin PushEngage Web Push Notifications Cross-Site Scripting (1.5.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Push Notifications for WordPress (Lite) Cross-Site Request Forgery (6.0)
|
CVE-2021-20846
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin PWA for WP & AMP Security Bypass (1.7.32)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin PWA for WP & AMP Unspecified Vulnerability (1.0.8)
|
|
|
High
|
|
WordPress Plugin PWAMP PHP Object Injection (1.0.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin PWG Random Cross-Site Request Forgery (1.11)
|
CVE-2014-9394
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Pym.js Embeds Cross-Site Scripting (1.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Q and A FAQ and Knowledge Base for WordPress Multiple SQL Injection Vulnerabilities (1.0.6.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Qards Cross-Site Scripting (1.4.3)
|
CVE-2017-18598
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Qe SEO Handyman SQL Injection (1.0)
|
CVE-2022-4352
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Qiniu Cloudtuchuang Cross-Site Scripting (1.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Qiniu Uploader Cross-Site Scripting (0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin QIWI payment module for Woocommerce Cross-Site Scripting (0.0.9)
|
CVE-2021-30134
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Qode Instagram Widget (embeded in Bridge-Creative Multi-Purpose WordPress Theme) Open Redirect (2.0.1)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Qode Twitter Feed (embeded in Bridge-Creative Multi-Purpose WordPress Theme) Open Redirect (2.0.1)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin QR Redirector Cross-Site Scripting (1.6)
|
CVE-2021-24854
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin QR Redirector Security Bypass (1.5)
|
CVE-2021-24853
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin qTranslate Cross-Site Request Forgery (2.5.34)
|
CVE-2013-3251
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin qTranslate Cross-Site Scripting (2.5.39)
|
CVE-2015-5535
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Qtranslate Slug Cross-Site Request Forgery (1.1.18)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Qtranslate Slug Unspecified Vulnerability (1.1.16)
|
|
|
High
|
|
WordPress Plugin qTranslate X Cross-Site Scripting (3.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin qTranslate X Multiple Cross-Site Scripting Vulnerabilities (3.4.6.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Qualified Electronic Signatures by eID Easy Supply Chain Attack [Polyfill.io] (3.3.0)
|
CWE-1372
|
CWE-1372
|
High
|
|
WordPress Plugin Quartz SQL Injection (1.01.1)
|
CVE-2014-5185
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Query Interface Security Bypass (1.1)
|
CWE-701
|
CWE-701
|
High
|
|
WordPress Plugin QueryWall:Plug'n Play Firewall Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Question and Answer Forum 'title' Variable Cross-Site Scripting (1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Question Answer Multiple Cross-Site Scripting Vulnerabilities (1.2.30)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quick Buy For Woocommerce Arbitrary File Disclosure (2.0)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Quick Cache (Speed Without Compromise) Unspecified Vulnerability (140725)
|
|
|
High
|
|
WordPress Plugin Quick Chat Cross-Site Scripting (4.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quick Contact Form Cross-Site Scripting (6.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quick Contact Form Multiple Vulnerabilities (8.0.3.1)
|
CVE-2022-47608
CVE-2023-23885
CVE-2023-25035
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Quick Contact Form Security Bypass (8.0.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Quick Event Manager Cross-Site Scripting (9.6.4)
|
CVE-2022-46863
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quick Event Manager Multiple Vulnerabilities (9.7.4)
|
CVE-2023-23491
CVE-2023-23974
CVE-2023-23975
CVE-2023-23979
CWE-79
CWE-352
CWE-862
|
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Quick Event Manager Security Bypass (9.2.16)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Quick Featured Images Cross-Site Scripting (12.3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quick Page/Post Redirect Cross-Site Request Forgery (5.0.4)
|
CVE-2014-2598
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Quick Page/Post Redirect Open Redirect (5.1.5)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Quick Page/Post Redirect Security Bypass (5.1.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Quick Paypal Payments Cross-Site Scripting (3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quick Paypal Payments Multiple Vulnerabilities (5.7.25)
|
CVE-2023-23889
CVE-2023-25702
CVE-2023-25714
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Quick Paypal Payments Security Bypass (5.7.21)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Quick Post Widget Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.9.1)
|
CVE-2012-4226
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Quick Restaurant Menu Multiple Vulnerabilities (2.0.2)
|
CVE-2023-0550
CVE-2023-0553
CVE-2023-0554
CVE-2023-0555
CWE-79
CWE-352
CWE-639
|
CWE-79
CWE-352
CWE-639
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Request Forgery (8.0.7)
|
CVE-2022-46862
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (6.2.1)
|
CVE-2019-9575
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (6.3.4)
|
CVE-2019-17599
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (6.4.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.1.13)
|
CVE-2021-20792
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.1.17)
|
CVE-2021-24368
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.1.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.3.1)
|
CVE-2021-24691
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple SQL Injection Vulnerabilities (4.4.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple SQL Injection Vulnerabilities (4.4.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (4.7.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (7.0.0)
|
CVE-2020-35949
CVE-2020-35951
CWE-73
CWE-434
|
CWE-73
CWE-434
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (7.3.6)
|
CVE-2022-0180
CVE-2022-0181
CVE-2022-0182
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (7.3.10)
|
CVE-2022-40698
CVE-2022-41652
CVE-2022-42883
CWE-79
CWE-200
CWE-352
CWE-862
|
CWE-79
CWE-200
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (8.0.4)
|
CVE-2022-4032
CVE-2022-4033
CWE-80
|
CWE-80
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (8.0.8)
|
CVE-2023-0291
CVE-2023-0292
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.1.11)
|
CVE-2021-24221
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.1.13)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.3.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (9.0.1)
|
CVE-2024-3592
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Unspecified Vulnerability (6.3.5)
|
|
|
High
|
|
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Unspecified Vulnerability (7.0.1)
|
|
|
High
|
|
WordPress Plugin Quizlord Cross-Site Scripting (2.0)
|
CVE-2018-17140
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quiz Maker Multiple SQL Injection Vulnerabilities (6.2.0.8)
|
CVE-2021-24456
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz Maker SQL Injection (6.5.8.3)
|
CVE-2024-6028
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quiz Tool Lite Multiple Cross-Site Scripting Vulnerabilities (2.3.15)
|
CVE-2021-24701
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quote-O-Matic SQL Injection (1.0.5)
|
CVE-2022-4373
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Quotes and Tips by BestWebSoft Cross-Site Scripting (1.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quotes and Tips by BestWebSoft Cross-Site Scripting (1.32)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quotes Collection Cross-Site Request Forgery (1.5.5.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Quotes Collection Cross-Site Scripting (2.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Quttera Web Malware Scanner Security Bypass (3.0.8.65)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Qwizcards-online quizzes and flashcards Cross-Site Scripting (3.36)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Qwizcards-online quizzes and flashcards Cross-Site Scripting (3.61)
|
CVE-2021-24706
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Qyrr-simply and modern QR-Code creation Cross-Site Scripting (0.6)
|
CVE-2021-24559
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Radio Buttons for Taxonomies Cross-Site Request Forgery (2.0.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Random Banner Cross-Site Scripting (1.1.2.1)
|
CVE-2014-4847
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Random Banner Cross-Site Scripting (4.1.4)
|
CVE-2022-0210
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Random image gallery with pretty photo zoom Cross-Site Scripting (7.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Security Bypass (1.0.27)
|
CVE-2019-14786
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Security Bypass (1.0.40.2)
|
CVE-2020-11514
CVE-2020-11515
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Security Bypass (1.0.42.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Server-Side Request Forgery (1.0.95)
|
CVE-2022-36376
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin RapidLoad Power-Up for Autoptimize Multiple Vulnerabilities (1.7.1)
|
CVE-2023-1333
CVE-2023-1334
CVE-2023-1335
CVE-2023-1336
CVE-2023-1337
CVE-2023-1338
CVE-2023-1339
CVE-2023-1340
CVE-2023-1341
CVE-2023-1342
CVE-2023-1343
CVE-2023-1344
CVE-2023-1345
CVE-2023-1346
CVE-2023-1472
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin RapidLoad Power-Up for Autoptimize SQL Injection (1.6.35)
|
CVE-2022-47593
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Rate my Post-WP Rating System Cross-Site Scripting (3.3.8)
|
CVE-2022-4673
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rate my Post-WP Rating System Multiple Vulnerabilities (3.3.4)
|
CVE-2022-40310
CVE-2022-40671
CWE-352
CWE-362
|
CWE-352
CWE-362
|
High
|
|
WordPress Plugin Rating-Widget:Star Review System Cross-Site Scripting (2.8.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rating-Widget:Star Review System Multiple Cross-Site Scripting Vulnerabilities (1.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rating-Widget:Star Review System Security Bypass (2.8.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Rating by BestWebSoft Cross-Site Scripting (0.1)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18530
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Raygun4WP Cross-Site Scripting (1.8.0)
|
CVE-2017-9288
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Raygun4WP Cross-Site Scripting (1.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RAYS Grid Cross-Site Request Forgery (1.2.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin RB Agency Local File Disclosure (2.4.7)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin RBX Gallery 'uploader.php' Arbitrary File Upload (2.1)
|
CVE-2012-3575
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Re-attacher by BestWebSoft Cross-Site Scripting (1.0.8)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Read and Understood Multiple Vulnerabilities (2.1)
|
CVE-2018-5667
CVE-2018-5668
CVE-2018-5669
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Read Offline Cross-Site Scripting (0.9.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ready! Ecommerce Shopping Cart Multiple Cross-Site Request Forgery Vulnerabilities (0.5.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Real-Time Find and Replace Cross-Site Request Forgery (3.9)
|
CVE-2020-13641
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Real-Time Find and Replace Cross-Site Scripting (3.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Real3D FlipBook Multiple Vulnerabilities (2.18.8)
|
CWE-73
CWE-79
CWE-434
|
CWE-73
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Real Estate Website Builder 'ajax_action' Parameter Cross-Site Scripting (0.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Realia Cross-Site Scripting (0.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Realia Security Bypass (1.4.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Really Easy Slider TimThumb Arbitrary File Upload (0.1)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Really Simple Gallery Cross-Site Scripting (1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Really Simple Gallery Multiple Vulnerabilities (1.4)
|
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin Really Simple Guest Post Local File Inclusion (1.0.6)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Really Simple Share Cross-Site Request Forgery (2.9.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Really Simple Share Unspecified Vulnerability (4.3.6)
|
|
|
High
|
|
WordPress Plugin Real Media Library:Media Library Folder & File Manager Cross-Site Scripting (4.14.1)
|
CVE-2021-34668
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Real Media Library:Media Library Folder & File Manager Cross-Site Scripting (4.18.28)
|
CVE-2023-0285
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Realteo Multiple Vulnerabilities (1.2.3)
|
CVE-2021-24237
CVE-2021-24238
CWE-79
CWE-284
|
CWE-79
CWE-284
|
High
|
|
WordPress Plugin Realty by BestWebSoft Cross-Site Scripting (1.0.9)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18532
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Realtyna Organic IDX + WPL Real Estate Arbitrary File Upload (4.14.13)
|
CVE-2024-38736
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Real WYSIWYG 'insert_file.php' Arbitrary File Upload (0.0.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Real WYSIWYG Cross-Site Scripting (0.0.2)
|
CVE-2021-39310
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Recall Products Multiple Vulnerabilities (0.8)
|
CVE-2020-25379
CVE-2020-25380
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Recart-The New GhostMonitor Unspecified Vulnerability (1.5.0)
|
|
|
High
|
|
WordPress Plugin Recent Backups Arbitrary File Download (0.7)
|
CVE-2015-1000006
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Recently Multiple Vulnerabilities (3.0.4)
|
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin Recip.ly 'uploadImage.php' Arbitrary File Upload (1.1.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor Cross-Site Scripting (2.8.0)
|
CVE-2021-24632
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor Cross-Site Scripting (2.8.2)
|
CVE-2021-24634
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Recipes Writer Cross-Site Scripting (1.0.4)
|
CVE-2016-1000147
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Recommend to a friend Cross-Site Scripting (2.0.2)
|
CVE-2013-7276
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redirect 404 Error Page to Homepage or Custom Page with Logs Cross-Site Request Forgery (1.7.8)
|
CVE-2021-24767
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Redirect 404 to parent Cross-Site Scripting (1.3.0)
|
CVE-2021-24286
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redirection 'id' Parameter Cross-Site Scripting (2.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redirection Cross-Site Request Forgery (1.1.3)
|
CVE-2023-1330
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Redirection Cross-Site Request Forgery (1.1.4)
|
CVE-2023-1331
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Redirection Cross-Site Request Forgery (3.6.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Redirection for Contact Form 7 Multiple Vulnerabilities (2.3.3)
|
CVE-2021-24278
CVE-2021-24279
CVE-2021-24280
CVE-2021-24281
CVE-2021-24282
CWE-264
CWE-915
|
CWE-264
CWE-915
|
High
|
|
WordPress Plugin Redirection HTTP Referrer Header HTML Injection (2.2.9)
|
CVE-2011-4562
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redirection Local File Inclusion (2.7.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Redirection Multiple Cross-Site Scripting Vulnerabilities (2.2.11)
|
CVE-2012-6717
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redirection Page Multiple Vulnerabilities (1.2)
|
CVE-2015-1580
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Redirection PHP Object Injection (2.7.3)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin ReDi Restaurant Reservation Cross-Site Scripting (21.0307)
|
CVE-2021-24299
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redux Framework Cross-Site Request Forgery (4.1.20)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Redux Framework Cross-Site Request Forgery (4.1.23)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Redux Framework Cross-Site Scripting (4.4.17)
|
CVE-2024-6828
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redux Framework Multiple Cross-Site Scripting Vulnerabilities (3.6.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Redux Framework Multiple Vulnerabilities (4.2.11)
|
CVE-2021-38312
CVE-2021-38314
CWE-200
CWE-264
|
CWE-200
CWE-264
|
High
|
|
WordPress Plugin ReFlex Gallery 'php.php' Arbitrary File Upload (1.4.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin ReFlex Gallery Arbitrary File Upload (3.1.3)
|
CVE-2015-4133
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin ReFlex Gallery Cross-Site Scripting (3.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Register IPs Unspecified Vulnerability (1.8.0)
|
|
|
High
|
|
WordPress Plugin Register Plus 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities (3.5.1)
|
CVE-2010-4402
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Register Plus Redux 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities (3.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (2.0.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (3.0.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (3.0.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (3.7.0.0)
|
CVE-2021-24239
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (3.7.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Multiple Cross-Site Scripting Vulnerabilities (1.30)
|
CVE-2013-4954
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Multiple Vulnerabilities (2.0.15)
|
CWE-89
CWE-287
|
CWE-89
CWE-287
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Multiple Vulnerabilities (2.0.18)
|
CVE-2015-7377
CVE-2015-7682
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Open Redirect (2.0.19)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Open Redirect (3.7.2.3)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Open Redirect (3.8.2.2)
|
CVE-2023-0552
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Privilege Escalation (3.7.1.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Security Bypass (2.0.13)
|
CVE-2014-8802
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Security Bypass (3.8.1.2)
|
CVE-2022-4024
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.0.9)
|
CVE-2018-10969
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.1.1)
|
CVE-2019-15659
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.7.1.5)
|
CVE-2021-24731
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Cross-Site Scripting (5.0.1.8)
|
CVE-2021-24648
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Multiple Vulnerabilities (3.7.9.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Multiple Vulnerabilities (4.6.0.1)
|
CVE-2020-8435
CVE-2020-8436
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Multiple Vulnerabilities (4.6.0.3)
|
CVE-2020-9454
CVE-2020-9455
CVE-2020-9456
CVE-2020-9457
CVE-2020-9458
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Multiple Vulnerabilities (5.1.9.2)
|
CVE-2023-23976
CVE-2023-23989
CVE-2023-25991
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login PHP Object Injection (3.7.9.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Security Bypass (5.0.1.7)
|
CVE-2021-4073
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login SQL Injection (5.0.1.5)
|
CVE-2021-24862
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login SQL Injection (5.0.2.1)
|
CVE-2022-0420
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Request Forgery (5.2.5.9)
|
CVE-2024-25935
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Request Forgery (5.3.0.0)
|
CVE-2024-2951
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Scripting (5.2.5.9)
|
CVE-2024-29113
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Scripting (5.3.2.0)
|
CVE-2024-33947
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Privilege Escalation (5.3.0.0)
|
CVE-2024-1991
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms SQL Injection (5.3.1.0)
|
CVE-2024-1990
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Registrations for the Events Calendar-Event Registration Cross-Site Scripting (2.7.4)
|
CVE-2021-24876
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registrations for the Events Calendar-Event Registration Cross-Site Scripting (2.7.9)
|
CVE-2021-25083
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Registrations for the Events Calendar-Event Registration SQL Injection (2.7.5)
|
CVE-2021-24943
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Rekt Slideshow TimThumb Arbitrary File Upload (1.0.5)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Related Posts by Zemanta Cross-Site Request Forgery (1.3.1)
|
CVE-2013-3477
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Related Posts Cross-Site Request Forgery (2.7.1)
|
CVE-2013-3257
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Related Posts Cross-Site Scripting (5.12.91)
|
CVE-2019-11869
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Related Posts for WordPress Cross-Site Scripting (1.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Related Posts for WordPress Cross-Site Scripting (2.0.3)
|
CVE-2021-24180
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Related Posts Lite Security Bypass (1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Related Posts Multiple Cross-Site Request Forgery Vulnerabilities (1.0)
|
CVE-2011-0760
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Related Posts Unspecified Vulnerability (5.12.69)
|
|
|
High
|
|
WordPress Plugin Related Sites 'guid' Parameter SQL Injection (2.1)
|
CVE-2009-2383
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Related YouTube Videos Cross-Site Request Forgery (1.9.8)
|
CVE-2019-5980
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Relevanssi-A Better Search 'Seach Query' Field HTML Injection (2.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Relevanssi-A Better Search Cross-Site Scripting (3.3.7.1)
|
CVE-2014-9443
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Relevanssi-A Better Search Cross-Site Scripting (3.5.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Relevanssi-A Better Search Cross-Site Scripting (4.0.4)
|
CVE-2018-9034
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Relevanssi-A Better Search SQL Injection (3.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Relevanssi-A Better Search SQL Injection (3.6.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Relevanssi Premium-A Better Search Cross-Site Scripting (1.14.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Relevanssi Premium-A Better Search Multiple Vulnerabilities (1.14.4)
|
CWE-89
CWE-94
|
CWE-89
CWE-94
|
High
|
|
WordPress Plugin Relevant-Related Posts by BestWebSoft Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Relevant-Related Posts by BestWebSoft Cross-Site Scripting (1.1.9)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Relocate Upload 'abspath' Parameter Remote File Include (0.14)
|
CVE-2012-1205
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Remote Upload Arbitrary File Upload (1.2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Remove Schema Cross-Site Request Forgery (1.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Remove WP Update Nags Security Bypass (1.3.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Remove Yoast SEO comments Unspecified Vulnerability (1.0.4)
|
|
|
High
|
|
WordPress Plugin Rencontre-Dating Site Multiple Vulnerabilities (3.1.2)
|
CVE-2019-13413
CVE-2019-13414
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Rencontre-Dating Site Multiple Vulnerabilities (3.2.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Rencontre-Dating Site Security Bypass (1.6.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Rent-A-Car TimThumb Arbitrary File Upload (1.0)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin RentPress Cross-Site Scripting (6.6.4)
|
CVE-2021-38323
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Request a Quote Cross-Site Scripting (2.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Request a Quote Cross-Site Scripting (2.3.3)
|
CVE-2021-24420
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Request a Quote Cross-Site Scripting (2.3.4)
|
CVE-2021-24489
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Request For Quote Cross-Site Request Forgery (1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Request Quote via Whatsapp for Woocommerce Cross-Site Scripting (1.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ResAds Multiple Cross-Site Scripting Vulnerabilities (1.0.1)
|
CVE-2015-7667
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Resim Ara Cross-Site Scripting (3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Resize Image After Upload Cross-Site Request Forgery (1.8.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin RESPONSIVE 3D SLIDER SQL Injection (1.2)
|
CVE-2021-24398
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Responsive Category Slider Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Clients Logo Gallery for WordPress-Smart Logo Showcase Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Responsive Cookie Consent Cross-Site Scripting (1.7)
|
CVE-2018-10309
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Filterable Portfolio Unspecified Vulnerability (1.0.8)
|
|
|
High
|
|
WordPress Plugin Responsive Gallery Grid Cross-Site Scripting (2.3.8)
|
CVE-2023-0060
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Image Slider, Photo Gallery And Carousel Cross-Site Request Forgery (1.3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Responsive Image Slider, Photo Gallery And Carousel Security Bypass (1.3.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Responsive Lightbox2 Cross-Site Scripting (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Lightbox by dFactory Cross-Site Scripting (1.4.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Lightbox by dFactory Cross-Site Scripting (1.7.1)
|
CVE-2017-2243
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Logo Slideshow Cross-Site Scripting (1.0)
|
CVE-2013-1759
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Media Gallery for WordPress-Everest Gallery Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (3.1.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (4.0.3)
|
CVE-2021-24160
CVE-2021-24161
CVE-2021-24162
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin Responsive Notification Bar for WordPress-Apex Notification Bar Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.4)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Responsive Owl Carousel for Elementor Local File Inclusion (1.2.0)
|
CVE-2024-5345
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Responsive Poll Cross-Site Scripting (1.5.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive Poll Multiple Vulnerabilities (1.7.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Responsive Poll Security Bypass (1.3.4)
|
CVE-2020-11673
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Responsive Pricing Table Unspecified Vulnerability (4.1.1)
|
|
|
High
|
|
WordPress Plugin Responsive Products Showcase Listing for WordPress-WP Product Gallery Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.1)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress Multiple Vulnerabilities (2.7.5)
|
CWE-73
CWE-79
CWE-352
|
CWE-73
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress SQL Injection (2.6.8)
|
CVE-2015-2062
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress SQL Injection (2.8.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress Unspecified Vulnerability (3.0.8)
|
|
|
High
|
|
WordPress Plugin Responsive WordPress Slider-Avartan Slider Lite Cross-Site Scripting (1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive WordPress Slider Cross-Site Scripting (2.2.0)
|
CVE-2021-24544
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Responsive WordPress Timeline-Everest Timeline Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.1)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Restaurant Menu-Food Ordering System-Table Reservation Cross-Site Request Forgery (2.3.1)
|
CVE-2022-3776
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Restaurant Menu-Food Ordering System-Table Reservation Security Bypass (2.3.0)
|
CVE-2022-2696
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Restaurant Menu by MotoPress Cross-Site Scripting (2.4.1)
|
CVE-2021-24722
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Restaurant Reservations Privilege Escalation (1.3)
|
CVE-2019-15819
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Restricted Site Access Security Bypass (7.3.1)
|
CVE-2022-1613
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Restricted Site Access Unspecified Vulnerability (2.0)
|
|
|
High
|
|
WordPress Plugin RestroPress-Online Food Ordering System Cross-Site Request Forgery (2.8.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin RestroPress-Online Food Ordering System Security Bypass (2.8.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Resume Submissions & Job Postings Arbitrary File Upload (2.5.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Resume Submissions & Job Postings Arbitrary File Upload (2.5.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Resume Submissions & Job Postings Cross-Site Scripting (2.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Retain Live Chat Cross-Site Scripting (0.1)
|
CVE-2022-3391
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Reusable Blocks Extended Cross-Site Request Forgery (0.9)
|
CVE-2023-27611
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Revamp CRM for WooCommerce Local File Inclusion (1.0.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Reviews Plus Denial of Service (1.2.13)
|
CVE-2021-24894
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce Cross-Site Request Forgery (1.2.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce CSV Injection (1.6.7)
|
CVE-2022-46809
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce Privilege Escalation (1.6.13)
|
CVE-2023-2833
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce SQL Injection (1.6.8)
|
CVE-2023-26325
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Revive Old Post-Auto Post to Social Media 'cat' Parameter SQL Injection (3.2.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Revive Old Post-Auto Post to Social Media Security Bypass (6.9.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Rezgo Cross-Site Scripting (1.4.2)
|
CVE-2014-4546
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rezgo Online Booking Cross-Site Scripting (1.8.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rezgo Online Booking Cross-Site Scripting (4.1.7)
|
CVE-2022-1932
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rezgo Online Booking Multiple Cross-Site Scripting Vulnerabilities (1.8)
|
CVE-2014-4547
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rich Counter Cross-Site Scripting (1.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rich Reviews Cross-Site Scripting (1.7.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rich Reviews Multiple Vulnerabilities (1.7.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Rich Table of Contents Cross-Site Scripting (1.3.7)
|
CVE-2022-4551
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rich Widget Arbitrary File Upload (0.2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Rife Elementor Extensions & Templates Multiple Cross-Site Scripting Vulnerabilities (1.1.5)
|
CVE-2021-24265
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rimons Twitter Widget Cross-Site Scripting (1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rise Blocks-A Complete Gutenberg Page Builder Unspecified Vulnerability (1.0.0)
|
|
|
High
|
|
WordPress Plugin RK Responsive Contact Form SQL Injection (1.0.0)
|
CVE-2017-1002027
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RocketTheme RokBox 'jwplayer.swf' Cross-Site Scripting (2.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RocketTheme RokBox Multiple Vulnerabilities (2.13)
|
CWE-79
CWE-200
CWE-434
|
CWE-79
CWE-200
CWE-434
|
High
|
|
WordPress Plugin Rockhoist Badges Cross-Site Scripting (1.2.2)
|
CVE-2017-6102
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rockhoist Ratings SQL Injection (1.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RokIntroScroller Multiple Vulnerabilities (1.8)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin RokMicroNews Multiple Vulnerabilities (1.5)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin RokNewsPager Multiple Vulnerabilities (1.17)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin RokStories Multiple Vulnerabilities (1.25)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Role Scoper Cross-Site Scripting (1.3.64)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Role Scoper Cross-Site Scripting (1.3.66)
|
CVE-2015-8353
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Role Scoper Unspecified Vulnerability (1.4.1)
|
|
|
High
|
|
WordPress Plugin Roomcloud Multiple Cross-Site Scripting Vulnerabilities (1.1)
|
CVE-2015-3904
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Rotating Testimonial Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Row Seats Core Unspecified Vulnerability (2.66)
|
|
|
High
|
|
WordPress Plugin Royal Elementor Addons and Templates Arbitrary File Upload (1.3.78)
|
CVE-2023-5360
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Royal Gallery 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Royal Gallery Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Royal Gallery Cross-Site Scripting (2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Royal PrettyPhoto Cross-Site Scripting (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RoyalSlider Cross-Site Scripting (3.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RoyalSlider Cross-Site Scripting (3.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Cross-Site Request Forgery (3.4.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Security Bypass (4.4.2)
|
CVE-2024-1318
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Server-Side Request Forgery (4.4.7)
|
CVE-2023-6805
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator SQL Injection (4.4.2)
|
CVE-2024-1317
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RSS Feed Reader 'rss_url' Parameter Cross-Site Scripting (0.1)
|
CVE-2011-0740
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSS Feed Widget Cross-Site Scripting (2.8.0)
|
CVE-2020-24314
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSS for Yandex Turbo Cross-Site Scripting (1.29)
|
CVE-2021-24277
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSS Includes Pages Cross-Site Scripting (3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSS Includes Pages Unspecified Vulnerability (3.1)
|
|
|
High
|
|
WordPress Plugin RSS Post Importer Cross-Site Scripting (2.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSS Post Importer Unspecified Vulnerability (2.5.0)
|
|
|
High
|
|
WordPress Plugin RSS Redirect & Feedburner Alternative Unspecified Vulnerability (1.9)
|
|
|
High
|
|
WordPress Plugin RSVP and Event Management Cross-Site Scripting (2.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSVPMaker Cross-Site Scripting (2.5.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSVPmaker Excel Cross-Site Scripting (1.1)
|
CVE-2021-38337
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin RSVPMaker for Toastmasters Cross-Site Request Forgery (3.3.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin RSVPMaker Server-Side Request Forgery (8.7.2)
|
CVE-2021-24371
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin RSVPMaker SQL Injection (5.6.3)
|
CVE-2018-21004
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RSVPMaker SQL Injection (6.1.9)
|
CVE-2019-15646
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RSVPMaker SQL Injection (7.8.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RSVPMaker SQL Injection (9.2.5)
|
CVE-2022-1453
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RSVPMaker SQL Injection (9.2.6)
|
CVE-2022-1505
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin RSVPMaker SQL Injection (9.3.2)
|
CVE-2022-1768
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress Cross-Site Scripting (3.7.38)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress Cross-Site Scripting (3.10.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress Multiple Unspecified Vulnerabilities (4.2)
|
|
|
High
|
|
WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress SQL Injection (3.7.39)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress Unspecified Vulnerability (3.7.18)
|
|
|
High
|
|
WordPress Plugin Ruben Boelinger wordTube 'wpPATH' Parameter Multiple Remote File Include Vulnerabilities (1.43)
|
CVE-2007-2481
CVE-2007-2482
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Ruben Boelinger WP-Table 'wpPATH' Parameter Multiple Remote File Include Vulnerabilities (1.43)
|
CVE-2007-2483
CVE-2007-2484
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Rucy Cross-Site Request Forgery (0.4.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ruven Toolkit Cross-Site Scripting (1.1)
|
CVE-2014-4548
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin s2Member Framework 's2_invoice' Parameter Remote Security Bypass (111105)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin s2Member Pro 'Coupon Code' Field HTML Injection (111216)
|
CVE-2011-5082
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin s2member Secure File Browser Cross-Site Scripting (0.4.16)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin S3 Video Cross-Site Scripting (0.97)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin S3 Video Cross-Site Scripting (0.982)
|
CVE-2013-7279
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin S3 Video Cross-Site Scripting (0.983)
|
CVE-2016-1000148
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics Arbitrary File Download (0.7)
|
CVE-2015-9464
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Sabre 'tools.php' Cross-Site Scripting (1.2.0)
|
CVE-2012-2916
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Safe Editor Unspecified Vulnerability (1.1)
|
|
|
High
|
|
WordPress Plugin Safe Redirect Manager SQL Injection (1.7.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Safe SVG Cross-Site Scripting (1.9.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Safe SVG Denial of Service (1.9.4)
|
CVE-2019-18854
CVE-2019-18855
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin Sagenda-Free booking system PHP Object Injection (1.3.2)
|
CVE-2019-10912
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin SagePay Server Gateway for WooCommerce Cross-Site Scripting (1.0.8)
|
CVE-2018-5316
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Salon Booking System Arbitrary File Upload (10.2)
|
CVE-2024-3229
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Salon Booking System Cross-Site Request Forgery (3.13.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Salon Booking System Cross-Site Scripting (6.3)
|
CVE-2021-24429
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Salon Booking System Cross-Site Scripting (7.9.3)
|
CVE-2022-43487
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Salon Booking System Multiple Information Disclosure Vulnerabilities (7.6.2)
|
CVE-2022-0919
CVE-2022-0920
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.72)
|
CVE-2019-12346
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.83)
|
CVE-2020-6850
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SAML SP Single Sign On-SSO login Unspecified Vulnerability (4.8.70)
|
|
|
High
|
|
WordPress Plugin SAML SP Single Sign On-SSO login Unspecified Vulnerability (4.8.75)
|
|
|
High
|
|
WordPress Plugin SAM Pro (Free Edition) Local File Inclusion (1.9.6.67)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Save Abandoned Carts-WooCommerce Live Checkout Field Capture Unspecified Vulnerability (3.2.1)
|
|
|
High
|
|
WordPress Plugin Save Contact Form 7 Information Disclosure (2.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Save Contact Form 7 SQL Injection (1.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SB Uploader Arbitrary File Upload (3.2)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin SB Uploader Arbitrary File Upload (4.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SB Welcome Email Editor Unspecified Vulnerability (4.1)
|
|
|
High
|
|
WordPress Plugin Schema App Structured Data Unspecified Vulnerability (0.5.4)
|
|
|
High
|
|
WordPress Plugin School Management System-WPSchoolPress Multiple Cross-Site Scripting Vulnerabilities (2.1.16)
|
CVE-2021-24664
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin School Management System-WPSchoolPress Multiple Vulnerabilities (2.1.9)
|
CVE-2021-24575
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Schreikasten 'name' or 'contact' Field Cross-Site Scripting (0.14.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Schreikasten SQL Injection (0.14.18)
|
CVE-2021-24630
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SCORM Cloud For WordPress 'ajax.php' SQL Injection (1.0.6.6)
|
CVE-2011-5216
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Scout bazar Cross-Site Scripting (1.3.3)
|
CVE-2021-34643
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Scoutnet Kalender Cross-Site Scripting (1.1.0)
|
CVE-2019-19198
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Scribble Maps Cross-Site Scripting (1.2)
|
CVE-2021-34651
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Scriptless Social Sharing Cross-Site Scripting (3.2.1)
|
CVE-2023-0377
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Scroll Baner Cross-Site Request Forgery (1.0)
|
CVE-2021-24642
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Scroll To Top Cross-Site Scripting (1.4.0)
|
CVE-2022-2710
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Search & Filter Cross-Site Scripting (1.2.15)
|
CVE-2022-4467
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Search & Replace PHP Object Injection (3.2.2)
|
CVE-2024-38759
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Search & Replace SQL Injection (3.2.1)
|
CVE-2024-4145
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Search 10 times faster with Elasticsearch or Apache Solr with lots of data-WPSOLR Cross-Site Scripting (8.6)
|
CVE-2016-1000155
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Search 10 times faster with Elasticsearch or Apache Solr with lots of data-WPSOLR Unspecified Vulnerability (15.1)
|
|
|
High
|
|
WordPress Plugin Search and Share Cross-Site Scripting (0.9.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SearchAutocomplete 'tags.php' SQL Injection (1.0.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Search Engine Unspecified Vulnerability (0.5.8)
|
|
|
High
|
|
WordPress Plugin Search Everything Cross-Site Request Forgery (8.1)
|
CVE-2014-3843
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Search Everything SQL Injection (7.0.2)
|
CVE-2014-2316
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Search Everything SQL Injection (8.1.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Search Everything SQL Injection (8.1.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Search Exclude Security Bypass (1.2.2)
|
CVE-2019-15895
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Search Logger-Know What Your Visitors Search SQL Injection (0.9)
|
CVE-2022-3131
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Search Meter CSV Injection (2.13.2)
|
CVE-2020-11548
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Search Types Custom Fields Widget Unspecified Vulnerability (1.3)
|
|
|
High
|
|
WordPress Plugin Search Unleashed 'Log' Function HTML Injection (0.2.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SearchWP Live Ajax Search Directory Traversal (1.6.2)
|
CVE-2022-3227
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Seatgeek Affiliate Tickets Cross-Site Scripting (1.0.2)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SecuPress Free-WordPress Security Security Bypass (1.4.13)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin SecuPress Pro Security Bypass (1.4.12)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Secure Copy Content Protection and Content Locking SQL Injection (2.6.6)
|
CVE-2021-24484
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Secure File Manager Arbitrary File Upload (2.9.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Secure File Manager Remote Code Execution (2.8.1)
|
CVE-2020-35235
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Secure HTML5 Video Player Cross-Site Scripting (3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Secure HTML5 Video Player Cross-Site Scripting (3.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SecureMoz Security Audit PHP Object Injection (1.0.5)
|
CVE-2015-6828
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Securimage-WP-Fixed Cross-Site Scripting (3.5.4)
|
CVE-2021-34640
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Securimage-WP Cross-Site Scripting (3.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Security & Malware scan by CleanTalk Security Bypass (2.50)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Seed Social Cross-Site Scripting (2.0.3)
|
CVE-2022-3836
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SE HTML5 Album Audio Player Directory Traversal (1.1.0)
|
CVE-2015-4414
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Select All Categories and Taxonomies, Change Checkbox to Radio Buttons Cross-Site Scripting (1.3.1)
|
CVE-2021-24287
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.1)
|
CVE-2014-9511
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.17)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Sell Downloads Cross-Site Scripting (1.0.86)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sell Downloads Unspecified Vulnerability (1.0.85)
|
|
|
High
|
|
WordPress Plugin Sell Media Cross-Site Request Forgery (2.5.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Sell Media Cross-Site Scripting (2.4.1)
|
CVE-2019-6112
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sell Photo Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sender by BestWebSoft Cross-Site Scripting (1.2.0)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18564
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sender by BestWebSoft Multiple Vulnerabilities (0.7)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin SendGrid Cross-Site Scripting (1.10.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SendGrid Security Bypass (1.11.8)
|
CVE-2021-34629
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin SendinBlue Subscribe Form And WP SMTP Multiple Unspecified Vulnerabilities (2.7.3)
|
|
|
High
|
|
WordPress Plugin Sendit WP Newsletter 'id' Parameter SQL Injection (2.1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Sendit WP Newsletter 'submit.php' Blind SQL Injection (1.5.9)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Sendit WP Newsletter SQL Injection (2.5.1)
|
CVE-2021-24345
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SendPress Newsletters Cross-Site Scripting (1.20.7.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SendPress Newsletters Multiple Vulnerabilities (1.1.7.21)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin SendPress Newsletters Security Bypass (1.2.10.20)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin SendPress Newsletters Unspecified Vulnerability (1.7.6.11)
|
|
|
High
|
|
WordPress Plugin SEO-Dashboard by gutewebsites.de Cross-Site Scripting (1.2.5)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Backdoor (5.0)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin SEO Backlinks Cross-Site Request Forgery (4.0.1)
|
CVE-2021-34632
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin SEO by Squirrly SEO Multiple Unspecified Vulnerabilities (6.1.4)
|
|
|
High
|
|
WordPress Plugin SEO by Squirrly SEO SQL Injection (12.3.19)
|
CVE-2024-6497
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SEO Friendly Images Cross-Site Scripting (3.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Seo Optimized Images Malicious Code (2.1.2)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin SEO Plugin LiveOptim Multiple Vulnerabilities (1.1.8-free)
|
CVE-2014-100001
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin SEOPress, on-site SEO Cross-Site Scripting (5.0.3)
|
CVE-2021-34641
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Rank Reporter Cross-Site Scripting (2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Request Forgery (7.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Request Forgery (8.9)
|
CVE-2022-38704
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (6.3)
|
CVE-2021-24187
CVE-2021-24327
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (6.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (7.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Multiple Cross-Site Scripting Vulnerabilities (2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager SQL Injection (3.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager SQL Injection (8.1)
|
CVE-2021-24847
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SEO Redirection-301 Redirect Manager Unspecified Vulnerability (8.7)
|
|
|
High
|
|
WordPress Plugin SEO Scout:Content Optimization, Keyword Research, Rank Tracking + SEO Testing Cross-Site Request Forgery (0.9.83)
|
CVE-2022-36358
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin SEO SearchTerms Tagging 2 Multiple Vulnerabilities (1.535)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin SEO Smart Links Cross-Site Scripting (3.0.1)
|
CVE-2022-3135
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Seo Spy Arbitrary File Upload (2.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SEO Tools 'file' Parameter Directory Traversal (3.1.7)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin SEO Ultimate 'wp-admin/post.php' Cross-Site Scripting (6.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SEO Ultimate Cross-Site Scripting (7.6.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Seriously Simple Podcasting Cross-Site Request Forgery (2.16.0)
|
CVE-2022-40132
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Seriously Simple Podcasting Cross-Site Scripting (1.9.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sermon Browser Cross-Site Scripting and SQL Injection Vulnerabilities (0.43)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Sermon Browser Multiple Cross-Site Scripting Vulnerabilities (0.45.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Server Status by Hostname/IP SQL Injection (4.6)
|
CVE-2019-12570
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Service Area Postcode Checker Cross-Site Scripting (2.0.8)
|
CVE-2023-25782
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Service Finder-Provider and Business Listing Local File Disclosure (3.0)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Sexy Add Template Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin SFBrowser 'sfbrowser.php' Arbitrary File Upload (1.4.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SG Optimizer Local File Inclusion (5.0.12)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin SG Optimizer Multiple Vulnerabilities (3.3.5)
|
CWE-79
CWE-264
CWE-352
|
CWE-79
CWE-264
CWE-352
|
High
|
|
WordPress Plugin Shantz WordPress QOTD Cross-Site Request Forgery (1.2.2)
|
CVE-2021-24380
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Share, Print and PDF Products for WooCommerce Security Bypass (2.7.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Shareaholic-share buttons, related posts, social analytics & more Cross-Site Request Forgery (6.1.4.1)
|
CVE-2013-3256
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Shareaholic-share buttons, related posts, social analytics & more Cross-Site Request Forgery (7.0.3.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Shareaholic-share buttons, related posts, social analytics & more Cross-Site Scripting (7.6.0.9)
|
CVE-2014-9311
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Share and Follow 'admin.php' Cross-Site Scripting (1.80.3)
|
CVE-2012-2917
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sharebar Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Sharebar Multiple Vulnerabilities (1.2.5)
|
CVE-2013-3491
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Share Buttons by AddThis Backdoor (2.1.2)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Share Buttons by AddThis Cross-Site Request Forgery (5.3.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (4.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (5.0.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Share Buttons Cross-Site Scripting (1.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shared Files-Easy Download Manager and File Sharing with Frontend File Upload Cross-Site Scripting (1.6.56)
|
CVE-2021-24736
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shared Files-Easy Download Manager and File Sharing with Frontend File Upload Cross-Site Scripting (1.6.60)
|
CVE-2021-24856
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Share Drafts Publicly Information Disclosure (1.1.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Share on Diaspora Cross-Site Scripting (0.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Share Possible Remote Code Execution (1.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Share Posts To Email Cross-Site Scripting (1.0.2)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ShareThis:Free Sharing Buttons and Tools Cross-Site Request Forgery (7.0.5)
|
CVE-2013-3479
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ShareThis Dashboard for Google Analytics Cross-Site Scripting (2.5.1)
|
CVE-2021-24438
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Share This Image Cross-Site Scripting (1.03)
|
CVE-2017-18015
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Share This Image Unspecified Vulnerability (1.19)
|
|
|
High
|
|
WordPress Plugin Share Woocommerce to Email Cross-Site Scripting (1.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ShareYourCart Information Disclosure (1.6.1)
|
CVE-2012-4332
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Shariff for WordPress Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shariff Wrapper Local File Inclusion (4.6.13)
|
CVE-2024-4098
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Shibboleth Cross-Site Scripting (1.7)
|
CVE-2017-14313
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Request Forgery (19.1.10)
|
CVE-2024-4344
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Scripting (8.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Scripting (13.0.5)
|
CVE-2022-0211
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Scripting (18.5.7)
|
CVE-2024-22163
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Local File Inclusion (18.5.9)
|
CVE-2023-6989
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Multiple Vulnerabilities (17.0.17)
|
CVE-2023-0992
CVE-2023-0993
CWE-79
CWE-862
|
CWE-79
CWE-862
|
High
|
|
WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.7.1)
|
CVE-2022-4627
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shipping Servientrega Woocommerce Arbitrary File Upload (2.0.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ship To eCourier Cross-Site Request Forgery (1.0.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Shopello API Cross-Site Scripting (2.9.0)
|
CVE-2021-30134
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ShopLentor-WooCommerce Builder for Elementor & Gutenberg +10 Modules-All in One Solution (formerly WooLentor) Multiple Cross-Site Scripting Vulnerabilities (1.8.5)
|
CVE-2021-24262
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ShopLentor-WooCommerce Builder for Elementor & Gutenberg +10 Modules-All in One Solution (formerly WooLentor) Multiple Vulnerabilities (2.5.3)
|
CVE-2023-0231
CVE-2023-0232
CWE-79
CWE-915
|
CWE-79
CWE-915
|
High
|
|
WordPress Plugin Shoppable Images Multiple Vulnerabilities (1.0.0)
|
CWE-352
CWE-915
|
CWE-352
CWE-915
|
High
|
|
WordPress Plugin Shoppable Images Multiple Vulnerabilities (1.2.3)
|
CVE-2023-25698
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Shop Page WP Cross-Site Scripting (1.2.7)
|
CVE-2021-24811
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shopp Arbitrary File Upload (1.4)
|
CVE-2021-24493
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Shopping Cart & eCommerce Store Arbitrary File Upload (3.0.8)
|
CVE-2014-9308
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Shopping Cart & eCommerce Store Cross-Site Request Forgery (5.1.0)
|
CVE-2021-34645
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Shopping Cart & eCommerce Store Information Disclosure (2.0.5)
|
CVE-2014-4942
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Shopping Cart & eCommerce Store Multiple Security Bypass Vulnerabilities (3.0.20)
|
CVE-2015-2673
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Shopping Cart & eCommerce Store Unspecified Vulnerability (3.1.9)
|
|
|
High
|
|
WordPress Plugin Shopping Cart Multiple SQL Injection and Arbitrary File Upload Vulnerabilities (8.1.14)
|
CWE-89
CWE-434
|
CWE-89
CWE-434
|
High
|
|
WordPress Plugin Shopp Multiple Vulnerabilities (1.0.17)
|
CWE-79
CWE-200
CWE-434
|
CWE-79
CWE-200
CWE-434
|
High
|
|
WordPress Plugin Shortcode Addons-with Visual Composer, Divi, Beaver Builder and Elementor Extension Arbitrary File Upload (3.2.5)
|
CVE-2024-31114
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Shortcode Addons-with Visual Composer, Divi, Beaver Builder and Elementor Extension Function Injection (3.2.5)
|
CWE-306
|
CWE-306
|
High
|
|
WordPress Plugin Shortcode Factory Local File Inclusion (2.7)
|
CVE-2019-15322
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Shortcode for Font Awesome Cross-Site Scripting (1.4)
|
CVE-2023-0419
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortcode Ninja Cross-Site Scripting (1.4)
|
CVE-2014-4550
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortcoder-Create Shortcodes for Anything Security Bypass (6.3)
|
CVE-2023-49849
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Shortcode Redirect 'domain' Parameter Cross-Site Scripting (1.0.01)
|
CVE-2012-5325
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking 'pretty-bar.php' Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking 'slug' Parameter Cross-Site Scripting (1.5.5)
|
CVE-2011-5192
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Cross-Site Scripting (1.6.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Cross-Site Scripting (1.6.2)
|
CVE-2013-1636
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Cross-Site Scripting (1.6.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.5.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting Vulnerabilities (1.4.56)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting Vulnerabilities (2.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple SQL Injection Vulnerabilities (1.4.56)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Unspecified Vulnerabilities (1.6.3)
|
|
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Vulnerabilities (2.1.9)
|
CWE-20
CWE-79
|
CWE-20
CWE-79
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking SQL Injection (1.6.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Unspecified Vulnerability (2.1.8)
|
|
|
High
|
|
WordPress Plugin ShortPixel Adaptive Images-WebP, AVIF, CDN, Image Optimization Cross-Site Scripting (3.6.2)
|
CVE-2023-0334
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Show-Hide/Collapse-Expand Cross-Site Scripting (1.2.5)
|
CVE-2022-4829
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Showbiz Pro Responsive Teaser Arbitrary File Upload (1.7.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SH Slideshow 'ajax.php' SQL Injection (3.1.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SI CAPTCHA Anti-Spam Cross-Site Scripting (2.7.5)
|
CVE-2014-5190
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SI CAPTCHA Anti-Spam Serving Spam (3.0.2)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Sidebar Adder 2 Cross-Site Scripting (2.0.0)
|
CVE-2021-34666
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sidebar Login Cross-Site Scripting (2.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Side Cart Woocommerce (Ajax) Cross-Site Request Forgery (2.0)
|
CVE-2022-0215
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Sidekick Multiple Unspecified Vulnerabilities (2.2.1)
|
|
|
High
|
|
WordPress Plugin Side Menu-add fixed side buttons SQL Injection (3.1.3)
|
CVE-2021-24348
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Side Menu Lite-add sticky fixed buttons SQL Injection (2.2)
|
CVE-2021-24521
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Side Menu Lite-add sticky fixed buttons SQL Injection (2.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Side Menu Lite-add sticky fixed buttons SQL Injection (2.2.5)
|
CVE-2021-24580
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Sign-up Sheets Cross-Site Scripting (1.0.13)
|
CVE-2021-24440
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simba Plugin Updates Manager Multiple Cross-Site Request Forgery Vulnerabilities (1.6.16)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Similar Posts-Best Related Posts for WordPress Remote Code Execution (3.1.5)
|
CVE-2021-24537
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Simpel Reserveren 3 Cross-Site Scripting (3.5.2)
|
CVE-2016-1000149
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple 301 Redirects-Addon-Bulk Uploader Multiple Security Bypass Vulnerabilities (1.2.4)
|
CVE-2019-15776
CVE-2019-15818
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Simple 301 Redirects by BetterLinks Multiple Security Bypass Vulnerabilities (2.0.3)
|
CVE-2021-24352
CVE-2021-24353
CVE-2021-24354
CVE-2021-24355
CVE-2021-24356
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Simple 301 Redirects by BetterLinks Unspecified Vulnerability (1.06)
|
|
|
High
|
|
WordPress Plugin Simple:Press 'sf-header-forum.php' SQL Injection (4.3.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple:Press-WordPress Forum Arbitrary File Upload (6.6.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Simple:Press Security Bypass and Arbitrary File Upload Vulnerabilities (4.1.2)
|
CWE-264
CWE-434
|
CWE-264
CWE-434
|
High
|
|
WordPress Plugin Simple add pages or posts Cross-Site Request Forgery (1.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Simple Admin Language Change Security Bypass (2.0.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Simple Ads Manager Arbitrary File Upload (2.5.94)
|
CVE-2015-2825
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114)
|
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin Simple Ads Manager Local File Inclusion (2.10.0.130)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Simple Ads Manager Multiple Vulnerabilities (2.6.96)
|
CVE-2015-2824
CVE-2015-2826
CWE-89
CWE-200
|
CWE-89
CWE-200
|
High
|
|
WordPress Plugin Simple Ads Manager PHP Object Injection (2.9.8.125)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Simple Ads Manager SQL Injection (2.9.4.116)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Ajax Shoutbox SQL Injection (2.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Backup Arbitrary File Download (2.7.10)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Simple Backup Multiple Vulnerabilities (2.7.11)
|
CWE-22
CWE-73
|
CWE-22
CWE-73
|
High
|
|
WordPress Plugin Simple Banner Cross-Site Scripting (2.10.3)
|
CVE-2021-24574
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Banner Cross-Site Scripting (2.11.0)
|
CVE-2022-2515
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Behance Portfolio Cross-Site Scripting (0.2)
|
CVE-2021-34649
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Business Directory with Maps PHP Object Injection (3.6.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Simple Contact Info Arbitrary File Deletion (1.1.9)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Simple Custom CSS and JS Cross-Site Scripting (3.3)
|
CVE-2017-2285
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Download Button Shortcode 'file' Parameter Information Disclosure (1.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Simple Download Monitor Cross-Site Scripting (3.5.3)
|
CVE-2018-5212
CVE-2018-5213
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Download Monitor Cross-Site Scripting (3.9.10)
|
CVE-2021-24694
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Download Monitor Multiple Cross-Site Request Forgery Vulnerabilities (3.9.8)
|
CVE-2021-24696
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Simple Download Monitor Multiple Cross-Site Scripting Vulnerabilities (3.9.4)
|
CVE-2021-24693
CVE-2021-24697
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.2.8)
|
CWE-200
CWE-264
|
CWE-200
CWE-264
|
High
|
|
WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.8.8)
|
CVE-2020-5650
CVE-2020-5651
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.9.5.1)
|
CVE-2021-24695
CVE-2021-24698
CWE-200
CWE-264
|
CWE-200
CWE-264
|
High
|
|
WordPress Plugin Simple Dropbox Upload Arbitrary File Upload (1.8.8)
|
CVE-2013-5963
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Simple Events Calendar Multiple Vulnerabilities (1.3.5)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Simple Events Calendar SQL Injection (1.3.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Events Calendar SQL Injection (1.4.0)
|
CVE-2021-24552
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Feature Requests Free Unspecified Vulnerability (1.0.4)
|
|
|
High
|
|
WordPress Plugin Simple Fields Cross-Site Scripting (1.4.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Fields Cross-Site Scripting (1.4.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Fields Local File Inclusion (0.3.5)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Simple File Downloader Cross-Site Scripting (1.0.4)
|
CVE-2022-4764
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple File List Arbitrary File Deletion (4.2.7)
|
CVE-2020-12832
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Simple File List Arbitrary File Download (3.2.7)
|
CVE-2022-1119
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Simple File List Arbitrary File Upload (4.2.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Simple File List Cross-Site Scripting (4.4.11)
|
CVE-2022-3062
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple File List Multiple Vulnerabilities (3.2.4)
|
CWE-73
CWE-538
|
CWE-73
CWE-538
|
High
|
|
WordPress Plugin Simple Flash Video Cross-Site Scripting (1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SimpleFlickr Cross-Site Request Forgery (3.0.3)
|
CVE-2014-9396
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Simple Giveaways-Grow your business, email lists and traffic with contests Cross-Site Scripting (2.36.0)
|
CVE-2021-24298
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Giveaways-Grow your business, email lists and traffic with contests Security Bypass (2.17.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Simple Gmail Login Stack Trace Information Disclosure (1.1.3)
|
CVE-2012-6313
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Simple History Information Disclosure (1.0.7)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Simple History Information Disclosure (2.7.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Simple Image Gallery Cross-Site Scripting (1.0.6)
|
CVE-2021-39313
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Image Manipulator Arbitrary File Download (1.0)
|
CVE-2015-1000010
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Simple Image Sizes Unspecified Vulnerability (2.2.4)
|
|
|
High
|
|
WordPress Plugin Simple Instagram Feed Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Job Board Cross-Site Scripting (2.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Job Board Cross-Site Scripting (2.9.4)
|
CVE-2021-39328
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Job Board Directory Traversal (2.9.3)
|
CVE-2020-35749
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Simple JWT Login-Login and Register to WordPress using JWT Cross-Site Request Forgery (3.2.0)
|
CVE-2021-24804
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Simple JWT Login-Login and Register to WordPress using JWT Insecure Password Creation (3.2.1)
|
CVE-2021-24998
CWE-326
|
CWE-326
|
High
|
|
WordPress Plugin Simplelife Cross-Site Request Forgery (1.2)
|
CVE-2014-9395
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Simple Link Directory Cross-Site Scripting (7.3.4)
|
CVE-2019-13463
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Link Directory PHP Object Injection (5.5.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Simple Login Log Multiple Vulnerabilities (0.9.3)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Simple Login Log SQL Injection (1.1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Mail Address Encoder Cross-Site Scripting (1.6.1)
|
CVE-2019-15833
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Matted Thumbnails Cross-Site Scripting (1.01)
|
CVE-2021-38339
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Membership Cross-Site Request Forgery (3.8.4)
|
CVE-2019-14328
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Simple Membership Cross-Site Scripting (3.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Membership Cross-Site Scripting (3.5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Membership Security Bypass (3.8.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Simple Membership SQL Injection (4.0.3)
|
CVE-2021-29232
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Page Ordering Cross-Site Scripting (2.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple PDF Viewer Cross-Site Scripting (1.9)
|
CVE-2023-23817
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Personal Message SQL Injection (1.0.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Photo Gallery Cross-Site Scripting (1.8.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Photo Gallery SQL Injection (1.7.9)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simple Popup Newsletter Cross-Site Scripting (1.4.7)
|
CVE-2021-34658
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Post Cross-Site Scripting (1.1)
|
CVE-2021-24567
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Retail Menus SQL Injection (4.0.1)
|
CVE-2014-5183
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin simpleSAMLphp Authentication Cross-Site Scripting (0.7.0)
|
CVE-2021-38320
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Schools Staff Directory Arbitrary File Upload (1.1)
|
CVE-2021-24663
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Simple Security Multiple Cross-Site Scripting Vulnerabilities (1.1.5)
|
CVE-2014-9570
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple SEO Cross-Site Scripting (1.7.91)
|
CVE-2022-1628
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Share Buttons Adder Cross-Site Scripting (5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Share Buttons Adder Multiple Vulnerabilities (4.4)
|
CVE-2014-4717
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Cross-Site Scripting (3.5.7)
|
CVE-2022-4472
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Unspecified Vulnerability (1.53)
|
|
|
High
|
|
WordPress Plugin Simple Slider 'New Image' Field Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Slideshow Manager Multiple Cross-Site Scripting Vulnerabilities (2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Slideshow Manager Multiple Unspecified Vulnerabilities (2.1)
|
|
|
High
|
|
WordPress Plugin Simple Slide Show TimThumb Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone Cross-Site Scripting (3.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone Cross-Site Scripting (3.2.2)
|
CVE-2021-24486
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone Cross-Site Scripting (3.2.3)
|
CVE-2021-24656
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone Privilege Escalation (2.0.21)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone Unspecified Vulnerability (3.2.0)
|
|
|
High
|
|
WordPress Plugin simple sort&search Cross-Site Scripting (0.0.3)
|
CVE-2021-24433
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Sticky Footer Cross-Site Request Forgery (1.3.2)
|
CVE-2014-9454
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Simple URLs-Link Cloaking, Product Displays, and Affiliate Link Management Multiple Vulnerabilities (114)
|
CVE-2023-0098
CVE-2023-0099
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Simple Video Embedder Cross-Site Scripting (2.2)
|
CVE-2022-44590
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple visitor stat Cross-Site Scripting (1.0)
|
CVE-2014-9453
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simple Yearly Archive Cross-Site Scripting (2.1.8)
|
CVE-2023-25484
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simplified Content Cross-Site Scripting (1.0.0)
|
CVE-2016-1000150
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simplr Registration Form Plus+ Privilege Escalation (2.4.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Simply Instagram Cross-Site Scripting (1.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Simply Poll Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.4.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Simply Poll SQL Injection (1.4.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Simply Show Hooks Malicious Code (1.2.1)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Simply Static Arbitrary File Download (1.6.2)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Simply Static Multiple Vulnerabilities (1.7.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Sina Extension for Elementor Local File Inclusion (2.2.0)
|
CVE-2019-15839
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Sina Extension for Elementor Multiple Cross-Site Scripting Vulnerabilities (3.3.11)
|
CVE-2021-24269
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Site Analytics Multiple Vulnerabilities (1.4.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Site Editor-WordPress Site Builder-Theme Builder and Page Builder Local File Inclusion (1.1.1)
|
CVE-2018-7422
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin SiteGround Security Security Bypass (1.2.4)
|
CVE-2022-0993
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin SiteGround Security Security Bypass (1.2.5)
|
CVE-2022-0992
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin SiteGuard WP Information Disclosure (1.7.6)
|
CVE-2024-37881
CWE-201
|
CWE-201
|
High
|
|
WordPress Plugin Site Import Remote File Inclusion (1.0.1)
|
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin Site Kit by Google Security Bypass (1.7.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Sitemap Cross-Site Scripting (4.3)
|
CVE-2022-4545
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sitemap Index Cross-Site Scripting (1.2.3)
|
CVE-2023-23816
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Site Offline Or Coming Soon Or Maintenance Mode Cross-Site Request Forgery (1.4.3)
|
CVE-2020-35773
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Site Offline Or Coming Soon Or Maintenance Mode Security Bypass (1.5.2)
|
CVE-2022-1580
CWE-693
|
CWE-693
|
High
|
|
WordPress Plugin Site Reviews Cross-Site Scripting (2.15.2)
|
CVE-2018-0603
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Site Reviews Cross-Site Scripting (5.13.0)
|
CVE-2021-24603
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Site Reviews Cross-Site Scripting (5.17.2)
|
CVE-2021-24973
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Site Reviews CSV Injection (6.2.0)
|
CVE-2022-46801
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin Site Reviews Multiple Vulnerabilities (6.5.1)
|
CVE-2023-27625
CWE-79
CWE-862
|
CWE-79
CWE-862
|
High
|
|
WordPress Plugin Sitesassure WP Malware Scanner Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sitewide Notice WP Cross-Site Scripting (2.2)
|
CVE-2021-24592
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sketchus Pricing Tables Unspecified Vulnerability (2.0)
|
|
|
High
|
|
WordPress Plugin SKU Shortlink For WooCommerce Arbitrary File Disclosure (1.3.4)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Skype Legacy Buttons Multiple Vulnerabilities (3.0.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Skysa App Bar Integration 'submit' Parameter Cross-Site Scripting (1.03)
|
CVE-2011-5179
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slack-Chat Information Disclosure (1.5.5)
|
CVE-2019-14367
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Sliced Invoices-WordPress Invoice Multiple Vulnerabilities (3.8.2)
|
CWE-79
CWE-89
CWE-200
|
CWE-79
CWE-89
CWE-200
|
High
|
|
WordPress Plugin Slick Popup:Contact Form 7 Popup Privilege Escalation (1.7.1)
|
CVE-2019-15867
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin SlickQuiz Multiple Vulnerabilities (1.3.7.1)
|
CVE-2019-12516
CVE-2019-12517
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Slickr Flickr Cross-Site Scripting (2.8.1)
|
CVE-2022-3021
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SlideDeck 2 Lite Responsive Content Slider Cross-Site Scripting (2.3.18)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SlideDeck 2 Lite Responsive Content Slider Local/Remote File Inclusion (2.3.3)
|
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin SlideDeck 2 Lite Responsive Content Slider Multiple Cross-Site Scripting Vulnerabilities (2.1.20130228)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slider by 10Web-Responsive Image Slider Cross-Site Request Forgery (1.2.22)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Slider by 10Web-Responsive Image Slider SQL Injection (1.2.35)
|
CVE-2021-24132
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Slider by 10Web-Responsive Image Slider Unspecified Vulnerability (1.1.9)
|
|
|
High
|
|
WordPress Plugin Slider by Soliloquy-Responsive Image Slider for WordPress Cross-Site Scripting (2.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slider Hero with Animation, Video Background Cross-Site Request Forgery (8.2.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Slider Hero with Animation, Video Background Cross-Site Scripting (8.4.3)
|
CVE-2022-3074
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slider Hero with Animation, Video Background SQL Injection (8.2.6)
|
CVE-2021-24506
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Slider Hero with Animation, Video Background Unspecified Vulnerability (5.5.0)
|
|
|
High
|
|
WordPress Plugin SLIDER PHOTO GALLERY Multiple Vulnerabilities (1.0)
|
CWE-89
CWE-538
|
CWE-89
CWE-538
|
High
|
|
WordPress Plugin Slider Revolution Responsive Arbitrary File Upload (3.0.95)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Slideshow Gallery 2 'border' Parameter Cross-Site Scripting (1.1.4)
|
CVE-2012-5229
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Arbitrary File Upload (1.4.6)
|
CVE-2014-5460
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Cross-Site Scripting (1.5.3.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Cross-Site Scripting (1.6.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Cross-Site Scripting (1.7.3)
|
CVE-2021-24882
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Multiple Cross-Site Scripting Vulnerabilities (1.6.5)
|
CVE-2018-17946
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Multiple Unspecified Vulnerabilities (1.5.3.3)
|
|
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Multiple Vulnerabilities (1.5.1)
|
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Multiple Vulnerabilities (1.5.3)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Multiple Vulnerabilities (1.6.8)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Unspecified Vulnerability (1.6.2)
|
|
|
High
|
|
WordPress Plugin Slideshow Gallery LITE Unspecified Vulnerability (1.7.4.2)
|
|
|
High
|
|
WordPress Plugin Slideshow Information Disclosure (2.2.21)
|
CVE-2015-3634
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Slideshow Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (2.1.12)
|
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin Slideshow Multiple Cross-Site Scripting Vulnerabilities (2.1.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slideshow Pro 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Slideshow Pro Arbitrary File Upload (2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Sliding Recent Posts Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Sliding Social Icons Cross-Site Request Forgery (1.61)
|
CVE-2014-9437
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Request Forgery (4.8.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (0.9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (2.8.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (3.5.5)
|
CVE-2014-100027
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (3.9.1)
|
CVE-2015-1204
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.1.5.2)
|
CVE-2015-9273
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.8)
|
CVE-2019-15112
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.9.2)
|
CVE-2022-4310
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (5.0.4)
|
CVE-2022-45366
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Cross-Site Scripting (5.0.8)
|
CVE-2023-40676
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Slimstat Analytics Multiple Vulnerabilities (5.0.9)
|
CVE-2023-4597
CVE-2023-4598
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Slimstat Analytics PHP Object Injection (4.7)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Slimstat Analytics Security Bypass (5.0.5.1)
|
CVE-2023-33994
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Slimstat Analytics SQL Injection (3.9.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Slimstat Analytics SQL Injection (4.9.3.2)
|
CVE-2023-0630
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Slimstat Analytics SQL Injection (4.9.3.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Slimstat Analytics SQL Injection (5.0.4)
|
CVE-2022-45373
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SL User Create Information Disclosure (0.2.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin smart Archive Page Remove Unspecified Vulnerability (3)
|
|
|
High
|
|
WordPress Plugin Smart Email Alerts Cross-Site Scripting (1.0.10)
|
CVE-2021-34642
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smartest Way To Design & Customize WordPress Comments & Comment Form-WP Comment Designer Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.3)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Smart Flv 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CVE-2013-1765
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smart Forms-when you need more than just a contact form Cross-Site Scripting (2.1.0)
|
CVE-2014-8803
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smart Forms-when you need more than just a contact form Cross-Site Scripting (2.6.15)
|
CVE-2019-5924
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smart Forms-when you need more than just a contact form Security Bypass (2.6.70)
|
CVE-2022-0163
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Smart Forms-when you need more than just a contact form Security Bypass (2.6.84)
|
CVE-2023-49856
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Smart Google Code Inserter Multiple Vulnerabilities (3.4)
|
CVE-2018-3810
CVE-2018-3811
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Smart Layers by AddThis Unspecified Vulnerability (1.0.1)
|
|
|
High
|
|
WordPress Plugin Smart Manager for WooCommerce & WpeC Multiple Unspecified Vulnerabilities (3.9.13)
|
|
|
High
|
|
WordPress Plugin Smart Manager for WooCommerce & WPeC SQL Injection (3.9.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Smart Marketing SMS and Newsletters Forms Cross-Site Scripting (1.1.1)
|
CVE-2017-18010
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smart Marketing SMS and Newsletters Forms Security Bypass (2.6.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Smart Reporter for WooCommerce and WP eCommerce Multiple Unspecified Vulnerabilities (2.9.2)
|
|
|
High
|
|
WordPress Plugin Smart Scroll Posts for WordPress includes Backdoor [Only if downloaded via the vendor website] (2.0.8)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Smart Slider 2 Multiple Cross-Site Scripting Vulnerabilities (2.3.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smart Slider 3 Cross-Site Scripting (3.5.0.8)
|
CVE-2021-24382
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smart Slider 3 PRO Cross-Site Scripting (3.5.0.8)
|
CVE-2021-24382
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smart Slideshow 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Smart Slideshow Arbitrary File Upload (2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Smash Balloon Social Post Feed Cross-Site Scripting (2.19.1)
|
CVE-2021-24508
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smash Balloon Social Post Feed Cross-Site Scripting (4.1)
|
CVE-2021-25065
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smash Balloon Social Post Feed Security Bypass (4.0)
|
CVE-2021-24918
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Smash Balloon Social Post Feed Unspecified Vulnerability (2.4.2)
|
|
|
High
|
|
WordPress Plugin SmokeSignal Cross-Site Scripting (1.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smooth Scroll Page Up/Down Buttons Cross-Site Scripting (1.3)
|
CVE-2021-24331
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Smooth Slider SQL Injection (2.6.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Smooth Slider SQL Injection (2.8.6)
|
CVE-2018-5373
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SMS Alert Order Notifications-WooCommerce Cross-Site Scripting (3.4.6)
|
CVE-2021-24588
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SMS OVH Cross-Site Scripting (0.1)
|
CVE-2021-38357
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SMTP by BestWebSoft Cross-Site Scripting (1.0.9)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18518
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SMTP Mail Cross-Site Scripting (1.1.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SMTP Mail Cross-Site Scripting (1.3.1)
|
CVE-2023-3092
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SMTP Mailer Cross-Site Request Forgery (1.0.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin SMTP Mail SQL Injection (1.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Smush Image Compression and Optimization Directory Traversal (2.7.5)
|
CVE-2017-15079
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Smush Image Compression and Optimization Multiple Vulnerabilities (2.9.1)
|
CWE-79
CWE-915
|
CWE-79
CWE-915
|
High
|
|
WordPress Plugin SnapApp Multiple Cross-Site Scripting Vulnerabilities (1.5)
|
CVE-2014-4596
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Snazzy Archives Cross-Site Scripting (1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Snazzy Maps Cross-Site Request Forgery (1.1.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Snazzy Maps Multiple Cross-Site Scripting Vulnerabilities (1.1.3)
|
CVE-2018-17947
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sniplets Multiple Input Validation Vulnerabilities (1.2.2)
|
CVE-2008-1059
CVE-2008-1060
CVE-2008-1061
CWE-79
CWE-94
CWE-95
|
CWE-79
CWE-94
CWE-95
|
High
|
|
WordPress Plugin Snow Monkey Forms Directory Traversal (5.1.1)
|
CVE-2023-28413
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Sociable Cross-Site Scripting (4.3.4.1)
|
CVE-2021-24612
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Articles Security Bypass (2.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Social Auto Poster-WordPress Scheduler & Marketing Arbitrary File Upload (5.3.14)
|
CVE-2024-6756
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Social Auto Poster-WordPress Scheduler & Marketing Cross-Site Scripting (5.3.14)
|
CVE-2024-6753
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Auto Poster-WordPress Scheduler & Marketing Security Bypass (5.3.14)
|
CVE-2024-6750
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Social Auto Poster includes Backdoor [Only if downloaded via the vendor website] (2.1.3)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Social Buttons Pack by BestWebSoft Cross-Site Scripting (1.1.0)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18500
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Connect Cross-Site Scripting (1.0.4)
|
CVE-2014-4551
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Count Plus Cross-Site Scripting (3.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Discussions Remote File Include and Information Disclosure Vulnerabilities (6.1.1)
|
CWE-94
CWE-200
|
CWE-94
CWE-200
|
High
|
|
WordPress Plugin Social Essentials-Social Stats and Sharing Buttons Cross-Site Scripting (1.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SocialFit 'msg' Parameter Cross-Site Scripting (1.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Gallery and Widget Security Bypass (2.2.5)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin SocialGrid 'default_services' Parameter Cross-Site Scripting (2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Hashtags Cross-Site Scripting (3.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social LikeBox & Feed Cross-Site Scripting (2.8.4)
|
CVE-2019-15781
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Like Box and Page by WpDevArt Cross-Site Scripting (0.8.40)
|
CVE-2023-0177
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Like Box and Page by WpDevArt Unspecified Vulnerability (0.8.39)
|
|
|
High
|
|
WordPress Plugin Social Login by BestWebSoft Cross-Site Scripting (0.1)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18501
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Login Lite For WooCommerce Security Bypass (1.6.0)
|
CVE-2024-4552
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Social Login WP Cross-Site Request Forgery (5.0.0.0)
|
CVE-2022-38063
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Social Media Flying Icons-Floating Social Media Icon Cross-Site Scripting (2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Media Flying Icons-Floating Social Media Icon Multiple Unspecified Vulnerabilities (4.2.3)
|
|
|
High
|
|
WordPress Plugin Social Media Share Buttons & Social Sharing Icons Cross-Site Scripting (1.1.1.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Media Share Buttons & Social Sharing Icons Cross-Site Scripting (2.1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Media Share Buttons & Social Sharing Icons Multiple Unspecified Vulnerabilities (1.2.1)
|
|
|
High
|
|
WordPress Plugin Social Media Share Buttons & Social Sharing Icons Security Bypass (1.5.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Social Media Tab Remote Code Execution (1.0.9)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Social Media Widget by Acurax Cross-Site Request Forgery (3.2.5)
|
CVE-2018-6357
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Social Media Widget by Acurax Cross-Site Scripting (2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Media Widget by Acurax Multiple Unspecified Vulnerabilities (3.2.3)
|
|
|
High
|
|
WordPress Plugin Social Media Widget Serving Spam (4.0)
|
CVE-2013-1949
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Social Metrics Tracker Cross-Site Scripting (1.6.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Networking & E-commerce Arbitrary File Upload (0.0.32)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Social Network Tabs Information Disclosure (1.7.1)
|
CVE-2018-20555
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Social Photo Gallery Remote Code Execution (1.0)
|
CVE-2019-14467
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Social Review includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Social Rocket-Social Sharing Cross-Site Request Forgery (1.2.9)
|
CVE-2020-5611
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Social Share Button Cross-Site Scripting (2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Share Buttons-Social Pug Cross-Site Scripting (1.2.5)
|
CVE-2016-10736
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Share Buttons-Social Pug Multiple Unspecified Vulnerabilities (1.3.1)
|
|
|
High
|
|
WordPress Plugin Social Share Icons & Social Share Buttons Cross-Site Scripting (3.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Share Icons & Social Share Buttons Security Bypass (2.4.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Social Share Icons & Social Share Buttons Security Bypass (3.0.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Social Share Icons & Social Share Buttons Unspecified Vulnerability (1.4)
|
|
|
High
|
|
WordPress Plugin Social Sharing-Kiwi Security Bypass (2.0.10)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Social Sharing-Kiwi Security Bypass (2.1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.25)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.39)
|
CVE-2021-24746
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.44)
|
CVE-2022-4451
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Sharing-Sassy Social Share PHP Object Injection (3.3.23)
|
CVE-2021-39321
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Social Sharing-Social Warfare Cross-Site Scripting (3.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Sharing-Social Warfare Malicious Code (4.4.7.1)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Social Sharing-Social Warfare Multiple Vulnerabilities (3.5.2)
|
CVE-2019-9978
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin Social Sharing Toolkit Cross-Site Scripting (2.1.1)
|
CVE-2013-6280
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Sharing Toolkit Cross-Site Scripting (2.6)
|
CVE-2022-4835
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Slider 'rA[]' Parameter SQL Injection (5.6.5)
|
CVE-2011-5286
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Social Slider Widget Cross-Site Scripting (1.8.4)
|
CVE-2021-24196
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Social Sticky Animated Backdoor (1.0)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Social Tape Cross-Site Request Forgery (1.0)
|
CVE-2021-24411
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin SodaHead Polls Multiple Cross-Site Scripting Vulnerabilities (2.0.2)
|
CVE-2011-5304
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Software License Manager Cross-Site Request Forgery (4.4.5)
|
CVE-2021-20782
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Software License Manager Cross-Site Request Forgery (4.5.0)
|
CVE-2021-24711
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Software License Manager Cross-Site Scripting (4.4.7)
|
CVE-2021-24560
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Software License Manager Cross-Site Scripting (4.4.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Solidres-Hotel booking for WordPress Multiple Cross-Site Scripting Vulnerabilities (0.9.4)
|
CVE-2023-1374
CVE-2023-1377
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Solve Media CAPTCHA Cross-Site Request Forgery (1.1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Sooqr Search Restricted File Upload (1.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SoundCloud Is Gold 'width' Parameter Cross-Site Scripting (2.1)
|
CVE-2012-6624
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SoundCloud Is Gold Cross-Site Scripting (2.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SoundPress Cross-Site Scripting (2.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Soundy Audio Playlist Cross-Site Scripting (4.6)
|
CVE-2018-6001
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Soundy Background Music Cross-Site Scripting (3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Soundy Background Music Cross-Site Scripting (3.9)
|
CVE-2018-6002
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin sourceAFRICA Cross-Site Scripting (0.1.3)
|
CVE-2015-6920
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin spam-byebye Cross-Site Scripting (2.2.1)
|
CVE-2018-16206
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SpamBam Key Calculation Security Bypass (2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Spam Free WordPress Security Bypass (1.9.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.113)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.127.3)
|
CVE-2019-17515
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.136.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.154)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Multiple Cross-Site Scripting Vulnerabilities (5.173)
|
CVE-2022-28221
CVE-2022-28222
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.148)
|
CVE-2021-24131
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.153.3)
|
CVE-2021-24295
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.185)
|
CVE-2022-3302
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SpamTask Arbitrary File Upload (1.3.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SpeakOut! Email Petitions Cross-Site Scripting (2.13.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Special Text Boxes Arbitrary File Upload (5.1.90)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Special Text Boxes Unspecified Vulnerability (5.5.102)
|
|
|
High
|
|
WordPress Plugin Spectra-WordPress Gutenberg Blocks Cross-Site Scripting (1.14.11)
|
CVE-2020-36656
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spectra-WordPress Gutenberg Blocks Cross-Site Scripting (1.25.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spectra-WordPress Gutenberg Blocks Multiple Security Bypass Vulnerabilities (2.3.0)
|
CVE-2023-23729
CVE-2023-23730
CVE-2023-23735
CVE-2023-23738
CVE-2023-23825
CVE-2023-23834
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Spectra-WordPress Gutenberg Blocks Security Bypass (1.14.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Spellchecker 'general.php' Local and Remote File Include Vulnerabilities (3.1)
|
CWE-22
CWE-94
|
CWE-22
CWE-94
|
High
|
|
WordPress Plugin Spicy Blogroll Local File Include (1.0.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin spideranalyse Cross-Site Scripting (0.0.1)
|
CVE-2021-38350
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spider Calendar Cross-Site Scripting (1.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spider Calendar Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin SpiderCatalog 's_p_c_t' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SpiderCatalog Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.4.6)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin SpiderCatalog SQL Injection (1.7.3)
|
CVE-2021-24625
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SpiderCatalog Unspecified Vulnerability (1.6.8)
|
|
|
High
|
|
WordPress Plugin Spider FAQ Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spiffy Calendar Cross-Site Scripting (3.2.0)
|
CVE-2017-9420
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spiffy Calendar Security Bypass (4.9.10)
|
CVE-2024-30528
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Spiffy Calendar SQL Injection (4.9.11)
|
CVE-2024-38692
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Spiffy XSPF Player SQL Injection (0.1)
|
CVE-2013-3530
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Splash Header Cross-Site Scripting (1.20.7)
|
CVE-2021-24587
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Splashing Images Multiple Vulnerabilities (2.1)
|
CVE-2018-6194
CVE-2018-6195
CWE-79
CWE-915
|
CWE-79
CWE-915
|
High
|
|
WordPress Plugin SPNbabble Cross-Site Request Forgery (1.4.1)
|
CVE-2014-9339
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Sponsors Carousel Cross-Site Scripting (4.02)
|
CVE-2023-23808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SportsPress-Sports Club & League Manager Cross-Site Scripting (2.7.1)
|
CVE-2020-13892
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sports Rankings and Lists Cross-Site Scripting (3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spot.IM Comments Cross-Site Scripting (4.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spotlight Cross-Site Scripting (4.7)
|
CVE-2014-4552
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spotlight Social Feeds [Block, Shortcode, and Widget] Cross-Site Scripting (1.4.2)
|
CVE-2023-0379
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spotlight Social Feeds [Block, Shortcode, and Widget] Security Bypass (0.10.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin SP Project & Document Manager Arbitrary File Upload (4.21)
|
CVE-2021-24347
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SP Project & Document Manager Arbitrary File Upload (4.22)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SP Project & Document Manager Cross-Site Scripting (4.25)
|
CVE-2021-38315
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SP Project & Document Manager Multiple SQL Injection Vulnerabilities (2.4.3)
|
CVE-2014-9178
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SP Project & Document Manager Multiple Vulnerabilities (2.5.9.7)
|
CWE-79
CWE-89
CWE-200
CWE-434
|
CWE-79
CWE-89
CWE-200
CWE-434
|
High
|
|
WordPress Plugin SP Project & Document Manager SQL Injection (2.5.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SP Project & Document Manager Unspecified Vulnerability (2.5.7.3)
|
|
|
High
|
|
WordPress Plugin SP Project & Document Manager Unspecified Vulnerability (2.5.8.0)
|
|
|
High
|
|
WordPress Plugin SP Project & Document Manager Unspecified Vulnerability (2.6.2.5)
|
|
|
High
|
|
WordPress Plugin Spreadsheet (wpSS) 'ss_id' Parameter SQL Injection (0.61)
|
CVE-2008-1982
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Spreadsheet (wpSS) Cross-Site Scripting (0.62)
|
CVE-2014-8364
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Spreadsheet (wpSS) SQL Injection (0.62)
|
CVE-2014-8363
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Spreadsheet Cross-Site Scripting (2.0)
|
CVE-2013-6281
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SP Rental Manager SQL Injection (1.5.3)
|
CVE-2021-38324
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Spryng Payments for WooCommerce Cross-Site Scripting (1.6.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Squeeze Arbitrary File Upload (1.4)
|
CVE-2024-35767
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SrbTransLatin Multiple Vulnerabilities (1.46)
|
CVE-2018-5368
CVE-2018-5369
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin SRS Simple Hits Counter SQL Injection (1.0.4)
|
CVE-2020-5766
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities (1.4.3)
|
CWE-352
CWE-538
|
CWE-352
CWE-538
|
High
|
|
WordPress Plugin SS Downloads Multiple Cross-Site Scripting Vulnerabilities (1.4.4.1)
|
CVE-2014-4554
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SSL Insecure Content Fixer Information Disclosure (2.0.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin SS Quiz Cross-Site Request Forgery and Access Security Bypass Vulnerabilities (1.11)
|
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin SS Quiz Multiple Unspecified Vulnerabilities (1.12)
|
|
|
High
|
|
WordPress Plugin St-Daily-Tip Cross-Site Request Forgery (4.7)
|
CVE-2021-24487
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Staff Directory-Employee Directory for WordPress Unspecified Vulnerability (3.6.1)
|
|
|
High
|
|
WordPress Plugin Staff Directory:Company Directory Cross-Site Request Forgery (3.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin StageShow Multiple Vulnerabilities (5.0.8)
|
CVE-2015-5461
CWE-79
CWE-352
CWE-601
|
CWE-79
CWE-352
CWE-601
|
High
|
|
WordPress Plugin Stallion WordPress SEO Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Starbox-the Author Box for Humans Cross-Site Scripting (3.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Starfish Review Generation & Marketing for WordPress Security Bypass (2.0.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Stars Menu Cross-Site Scripting (1.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Starter Templates-Elementor, WordPress & Beaver Builder Templates Cross-Site Request Forgery (3.1.20)
|
CVE-2022-46851
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Starter Templates-Elementor, WordPress & Beaver Builder Templates Cross-Site Scripting (1.3.20)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Starter Templates-Elementor, WordPress & Beaver Builder Templates Security Bypass (2.7.0)
|
CVE-2021-42360
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Startklar Elementor Addons Arbitrary File Deletion (1.7.13)
|
CVE-2024-4346
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Startklar Elementor Addons Arbitrary File Upload (1.7.13)
|
CVE-2024-4345
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Startklar Elementor Addons Directory Traversal (1.7.15)
|
CVE-2024-5153
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Station Pro Cross-Site Scripting (2.2.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Statistics Remote Code Execution (1.8)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin StatPressCN 'wp-admin/admin.php' Multiple Cross-Site Scripting Vulnerabilities (1.9.0)
|
CVE-2011-0641
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin StatPress Cross-Site Scripting (1.2.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin StatPress Multiple Unspecified Vulnerabilities (1.4.1)
|
|
|
High
|
|
WordPress Plugin Stealth Login Page Unspecified Vulnerability (1.1.3)
|
|
|
High
|
|
WordPress Plugin Stetic Cross-Site Request Forgery (1.0.6)
|
CVE-2021-42364
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Sticky Ad Bar Cross-Site Scripting (1.3.1)
|
CVE-2023-25784
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sticky Menu, Sticky Header (or anything!) on Scroll Cross-Site Request Forgery (2.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Sticky Menu on Scroll, Sticky Header, Sticky Welcome Bar for Any Theme-myStickymenu Unspecified Vulnerability (2.1.4)
|
|
|
High
|
|
WordPress Plugin Sticky Popup Cross-Site Scripting (1.2)
|
CVE-2022-1750
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sticky Related Posts Cross-Site Scripting (1.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin stm-megamenu Local File Inclusion (2.3.12)
|
CVE-2024-35677
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Stockdio Historical Chart Cross-Site Scripting (2.7.2)
|
CVE-2020-28707
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stock in & out Cross-Site Scripting (1.0.4)
|
CVE-2021-24346
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stock in & out SQL Injection (1.0.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Stockists Manager for Woocommerce Cross-Site Request Forgery (1.0.2.1)
|
CVE-2022-2518
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Stock market charts from finviz Cross-Site Scripting (1.0)
|
CVE-2023-23809
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stock Ticker Security Bypass (3.23.0)
|
CVE-2023-27626
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Stop Spammers Security-Block Spam Users, Comments, Forms Cross-Site Scripting (6.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stop Spammers Security-Block Spam Users, Comments, Forms Cross-Site Scripting (2021.8)
|
CVE-2021-24245
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stop Spammers Security-Block Spam Users, Comments, Forms Cross-Site Scripting (2021.17)
|
CVE-2021-24517
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stop User Enumeration Cross-Site Scripting (1.3.7)
|
CVE-2017-18536
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stop User Enumeration Security Bypass (1.3.18)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Stop User Enumeration User Enumeration (1.2.4)
|
CWE-203
|
CWE-203
|
High
|
|
WordPress Plugin Stop User Enumeration User Enumeration (1.3.4)
|
CWE-203
|
CWE-203
|
High
|
|
WordPress Plugin Stop User Enumeration User Enumeration (1.3.8)
|
CWE-203
|
CWE-203
|
High
|
|
WordPress Plugin Storefront Footer Text Cross-Site Scripting (1.0.1)
|
CVE-2021-24607
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales Cross-Site Request Forgery (3.98.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales SQL Injection (3.11)
|
CVE-2014-8621
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales SQL Injection (3.33.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Store Locator Plus for WordPress Cross-Site Scripting (4.5.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Store Locator Plus for WordPress Cross-Site Scripting (5.5.15)
|
CVE-2021-24290
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Store Locator Plus for WordPress Multiple Vulnerabilities (3.0.1)
|
CWE-89
CWE-200
|
CWE-89
CWE-200
|
High
|
|
WordPress Plugin Store Locator Plus for WordPress Open Email Relay (4.2.25)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Store Locator Plus for WordPress Privilege Escalation (5.5.14)
|
CVE-2021-24289
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Store Locator Plus for WordPress SQL Injection (3.8.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin StoryChief Cross-Site Scripting (1.0.30)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin StreamCast-Radio Player for WordPress Cross-Site Scripting (2.1)
|
CVE-2021-24416
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stream Cross-Site Scripting (3.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stream SQL Injection (3.8.1)
|
CVE-2021-24772
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Stream Video Player Cross-Site Request Forgery (1.4.0)
|
CVE-2013-2706
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin String locator PHAR Deserialization (2.5.0)
|
CVE-2022-2434
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Stripe For WooCommerce Security Bypass (3.3.9)
|
CVE-2021-39347
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Stripe Payment for WooCommerce Cross-Site Scripting (3.5.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stripe Payment for WooCommerce Security Bypass (3.7.7)
|
CVE-2023-3162
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin Stripe Payment for WooCommerce Security Bypass (3.7.9)
|
CVE-2023-4040
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Stripe Payments Cross-Site Scripting (2.0.39)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin stripShow SQL Injection (2.5.2)
|
CVE-2014-5184
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Strong Testimonials Cross-Site Scripting (2.40.0)
|
CVE-2020-8549
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Strong Testimonials Multiple Cross-Site Scripting Vulnerabilities (2.31.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Structured Content (JSON-LD) #wpsc Cross-Site Scripting (1.5)
|
CVE-2022-4715
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin STT2 Extension Add Terms Unspecified Vulnerability (1.0.2)
|
|
|
High
|
|
WordPress Plugin Student Result or Employee Database Security Bypass (1.6.3)
|
CVE-2017-14766
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Style It Cross-Site Scripting (1.0)
|
CVE-2014-4555
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Style Kits-Advanced Theme Styles for Elementor Cross-Site Request Forgery (1.8.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Stylish Cost Calculator Cross-Site Scripting (7.0.3)
|
CVE-2021-24822
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Stylish Price List Security Bypass (6.8.14)
|
CVE-2021-24757
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin Stylish Price List Security Bypass (6.9.0)
|
CVE-2021-24770
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin Subscribe2 Cross-Site Scripting (10.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Subscribe2 Multiple Cross-Site Scripting Vulnerabilities (8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Subscribe2 Unspecified Vulnerability (10.20.5)
|
|
|
High
|
|
WordPress Plugin Subscribe Form Remote Command Execution (1.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Subscriber by BestWebSoft Cross-Site Scripting (1.3.4)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18502
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Subscribe Sidebar by Blubrry Cross-Site Scripting (1.3.1)
|
CVE-2020-25033
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Subscribe to Comments Local File Inclusion (2.1.2)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Subscribe to Comments Multiple Cross-Site Scripting Vulnerabilities (2.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Subscribe To Comments Reloaded Cross-Site Scripting (150611)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Subscribe To Comments Reloaded Multiple Vulnerabilities (140204)
|
CVE-2014-2274
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Subscribe to Comments Unsubscribe Challenge Information Disclosure (2.0.2)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Subscriptions & Memberships for PayPal Cross-Site Scripting (1.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Subscriptions & Memberships for PayPal Unspecified Vulnerability (1.1.5)
|
|
|
High
|
|
WordPress Plugin Sucuri Security-Auditing, Malware Scanner and Security Hardening Cross-Site Scripting (1.7.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Sunshine Photo Cart Cross-Site Request Forgery (2.8.28)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Supafolio Multiple Unspecified Vulnerabilities (2.1.0)
|
|
|
High
|
|
WordPress Plugin Super CAPTCHA 'admin.php' SQL Injection (2.2.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Super Forms-Drag & Drop Form Builder Arbitrary File Upload (4.9.700)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Super Interactive Maps for WordPress Arbitrary File Upload (1.9)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Super Interactive Maps for WordPress SQL Injection (2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Super Logos Showcase for WordPress Arbitrary File Upload (2.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Super Refer A Friend Information Disclosure (1.0)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Super Simple Custom CSS Cross-Site Scripting (1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Super Store Finder for WordPress (Google Maps Store Locator) Arbitrary File Upload (6.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Super Store Finder for WordPress (Google Maps Store Locator) SQL Injection (6.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SupportCandy Arbitrary File Upload (2.0.0)
|
CVE-2019-11223
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin SupportEzzy Ticket System Cross-Site Scripting (1.2.5)
|
CVE-2014-9179
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SupportFlow Multiple Cross-Site Scripting Vulnerabilities (0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Support Ticket System By Phoeniixx Unspecified Vulnerability (2.7)
|
|
|
High
|
|
WordPress Plugin Support Ticket System Multiple SQL Injection Vulnerabilities (1.2)
|
CVE-2015-7670
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Survey Maker-Best WordPress Survey Cross-Site Scripting (2.0.6)
|
CVE-2021-26256
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Survey Maker-Best WordPress Survey Cross-Site Scripting (3.1.3)
|
CVE-2023-0038
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Survey Maker-Best WordPress Survey SQL Injection (1.5.5)
|
CVE-2021-24459
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Survey Maker-Best WordPress Survey SQL Injection (3.1.1)
|
CVE-2023-23490
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Survey Maker-Best WordPress Survey Unspecified Vulnerability (3.2.0)
|
|
|
High
|
|
WordPress Plugin Surveys SQL Injection (1.01.8)
|
CVE-2017-1002020
CVE-2017-1002021
CVE-2017-1002022
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin SVG Support Cross-Site Scripting (2.3.19)
|
CVE-2021-24686
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SVG Support Cross-Site Scripting (2.4.2)
|
CVE-2022-1755
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SVG Support Cross-Site Scripting (2.5.1)
|
CVE-2022-4022
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SW Ajax WooCommerce Search Cross-Site Scripting (1.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Swift Landing Page Cross-Site Request Forgery (1.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Swim Team Arbitrary File Download (1.44.1077)
|
CVE-2015-5471
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Swipe Checkout for eShop Cross-Site Scripting (3.7.0)
|
CVE-2014-4556
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Swipe Checkout for Jigoshop Cross-Site Scripting (3.1.0)
|
CVE-2014-4557
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Swipe Checkout for WooCommerce Cross-Site Scripting (2.7.1)
|
CVE-2014-4558
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Swipe Checkout for WP e-Commerce Multiple Cross-Site Scripting Vulnerabilities (3.1.0)
|
CVE-2014-4559
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.7)
|
CVE-2024-5204
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.8)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Symbiostock-Sell Photos Online For Free! Arbitrary File Upload (6.0.0)
|
CVE-2023-49814
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Synchi Arbitrary File Deletion (5.1)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Sync to Etsy Marketplace from WooCommerce Cross-Site Request Forgery (3.3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Syndication Links Cross-Site Scripting (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SyntaxHighlighter Evolved Cross-Site Scripting (3.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SyntaxHighlighter Evolved Cross-Site Scripting (3.1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin SyntaxHighlighter Evolved Cross-Site Scripting (3.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Table Maker Multiple Vulnerabilities (1.7)
|
CWE-89
CWE-915
|
CWE-89
CWE-915
|
High
|
|
WordPress Plugin TableOn-WordPress Posts Table Filterable Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TablePress CSV Injection (1.9.2)
|
CVE-2019-20180
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin TablePress Unspecified Vulnerability (1.7)
|
|
|
High
|
|
WordPress Plugin TablePress XML External Entity Injection (1.8)
|
CVE-2017-10889
CWE-611
|
CWE-611
|
High
|
|
WordPress Plugin Tablesome-Responsive Table, Woocommerce Automation, Email Log, Form Automation-Contact Form 7, Elementor, WPForms, Forminator Cross-Site Request Forgery (1.0.25)
|
CVE-2024-31388
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Tablesome-Responsive Table, Woocommerce Automation, Email Log, Form Automation-Contact Form 7, Elementor, WPForms, Forminator Cross-Site Scripting (1.0.27)
|
CVE-2024-29110
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Cross-Site Scripting (3.7.1)
|
CVE-2022-40215
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.5.4)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.6.0)
|
CVE-2022-36375
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin Tabs Cross-Site Scripting (1.8.0)
|
CVE-2018-5312
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TagNinja 'id' Parameter Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tagregator Cross-Site Scripting (0.6)
|
CVE-2018-10752
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tags Cloud Manager Cross-Site Scripting (1.0.0)
|
CVE-2023-28166
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tajer Arbitrary File Upload (1.0.5)
|
CVE-2018-9206
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin TAKETIN To WP Membership PHP Object Injection (1.2.7)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin TallyKit Cross-Site Scripting (5.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tapfiliate Cross-Site Scripting (3.0.12)
|
CVE-2023-25789
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Target First Live chat Unspecified Vulnerability (1.0)
|
|
|
High
|
|
WordPress Plugin Task Manager Pro Multiple Vulnerabilities (1.3.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Tatsu Arbitrary File Upload (3.3.11)
|
CVE-2021-25094
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin TAuto Poster includes Backdoor [Only if downloaded via the vendor website] (1.4.5)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Taxonomy Converter Unspecified Vulnerability (1.1)
|
|
|
High
|
|
WordPress Plugin Taxonomy Images Multiple Unspecified Vulnerabilities (0.6)
|
|
|
High
|
|
WordPress Plugin TaxoPress-Create and Manage Taxonomies, Tags, Categories Cross-Site Scripting (3.0.7.1)
|
CVE-2021-24444
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TC Custom JavaScript Cross-Site Scripting (1.2.1)
|
CVE-2020-14063
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin tcS3 Cross-Site Scripting (2.1.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TDO Mini Forms Arbitrary File Upload (0.13.9)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin teachPress Unspecified Vulnerability (5.0.17)
|
|
|
High
|
|
WordPress Plugin Teamleader CRM Forms Cross-Site Scripting (2.0.0)
|
CVE-2021-30134
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Team Members Cross-Site Scripting (5.0.3)
|
CVE-2021-24128
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Team Members Cross-Site Scripting (5.1.0)
|
CVE-2022-1568
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Team Members Cross-Site Scripting (5.2.0)
|
CVE-2022-3936
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Team Members Unspecified Vulnerability (2.1.2)
|
|
|
High
|
|
WordPress Plugin Team Showcase Multiple Vulnerabilities (1.22.15)
|
CVE-2020-35937
CVE-2020-35939
CWE-79
CWE-915
|
CWE-79
CWE-915
|
High
|
|
WordPress Plugin Teaser Maker Cross-Site Scripting (0.1.114)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Telefication Server-Side Request Forgery (1.8.0)
|
CVE-2021-39339
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Telugu Bible Verse Daily Cross-Site Request Forgery (1.0)
|
CVE-2021-24410
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin TemplatesNext ToolKit Cross-Site Scripting (3.2.7)
|
CVE-2022-4678
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TemplatesNext ToolKit Cross-Site Scripting (3.2.8)
|
CVE-2023-0333
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Templatic Tevolution Arbitrary File Upload (2.3.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Tera Charts Cross-Site Scripting (1.0)
|
CVE-2016-1000151
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tera Charts Multiple Local File Inclusion Vulnerabilities (0.1)
|
CVE-2014-4940
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin TeraWallet-For WooCommerce Insecure Direct Object Reference (1.4.3)
|
CVE-2022-3995
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin TeraWallet-For WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (1.3.24)
|
CVE-2022-36401
CVE-2022-40198
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Terillion Reviews Profile Id Cross-Site Scripting (1.1)
|
CVE-2013-2501
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial-Best Testimonial Slider Cross-Site Scripting (2.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial Cross-Site Scripting (1.5.9)
|
CVE-2021-24598
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial Multiple Vulnerabilities (2.2)
|
CVE-2013-5672
CVE-2013-5673
CWE-79
CWE-89
CWE-352
|
CWE-79
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.2)
|
CVE-2020-26672
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonials by BestWebSoft Cross-Site Scripting (0.1.8)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18558
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial Slider Cross-Site Scripting (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial Slider Multiple Cross-Site Scripting Vulnerabilities (1.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial Slider SQL Injection (1.2.4)
|
CVE-2018-5372
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Testimonials Widget Cross-Site Scripting (3.5.1)
|
CVE-2021-24136
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Testimonial WordPress-AP Custom Testimonial includes Backdoor [Only if downloaded via the vendor website] (1.4.6)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Testimonial WordPress-AP Custom Testimonial Unspecified Vulnerability (1.4.7)
|
|
|
High
|
|
WordPress Plugin TextMe SMS Cross-Site Scripting (1.8.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Thank You Counter Button Cross-Site Scripting (1.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Thank You Counter Button Multiple Cross-Site Scripting Vulnerabilities (1.8.7)
|
CVE-2014-2315
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TheCartPress eCommerce Shopping Cart 'OptionsPostsList.php' Cross-Site Scripting (1.1.6)
|
CVE-2011-5207
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TheCartPress eCommerce Shopping Cart 'tcp_class_path' Parameter Remote File Include (1.1.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin TheCartPress eCommerce Shopping Cart Multiple Vulnerabilities (1.3.9)
|
CVE-2015-3300
CVE-2015-3301
CVE-2015-3302
CVE-2015-3986
CWE-79
CWE-98
CWE-284
CWE-352
|
CWE-79
CWE-98
CWE-284
CWE-352
|
High
|
|
WordPress Plugin TheCartPress eCommerce Shopping Cart Multiple Vulnerabilities (1.5.3.6)
|
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin TheCartPress eCommerce Shopping Cart Order Information Security Bypass (1.1.9.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin The Crawl Rate Tracker 'sbtracking-chart-data.php' SQL Injection (2.0.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin The Easiest WordPress Media Manager-WP Media Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin The Events Calendar:Eventbrite Tickets Cross-Site Scripting (3.9.6)
|
CVE-2015-5485
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin The Events Calendar Countdown Addon Security Bypass (1.3.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin The Events Calendar Cross-Site Scripting (3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin The Events Calendar Cross-Site Scripting (4.8.1)
|
CVE-2019-15109
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin The Events Calendar Open Redirect (4.1.1)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin The Events Calendar Security Bypass (3.11.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin The Events Calendar Unspecified Vulnerability (4.0.4)
|
|
|
High
|
|
WordPress Plugin The Guardian News Feed Cross-Site Request Forgery (0.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin The Holiday Calendar Cross-Site Scripting (1.11.2)
|
CVE-2015-9270
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Theme Blvd Layout Builder Multiple Security Bypass Vulnerabilities (2.0.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Theme Blvd Shortcodes Multiple Security Bypass Vulnerabilities (1.5.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Theme Blvd Sliders Multiple Security Bypass Vulnerabilities (1.2.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Theme Blvd Widget Areas Multiple Security Bypass Vulnerabilities (1.2.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Theme Check Cross-Site Request Forgery (20190208.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Theme Demo Import Arbitrary File Upload (1.1.0)
|
CVE-2022-1538
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Theme Editor Arbitrary File Download (2.5)
|
CVE-2021-24154
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Theme Editor Multiple Vulnerabilities (2.1)
|
CWE-352
CWE-434
|
CWE-352
CWE-434
|
High
|
|
WordPress Plugin ThemeGrill Demo Importer Cross-Site Request Forgery (1.6.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ThemeGrill Demo Importer Security Bypass (1.6.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin ThemeHigh WooCommerce Wishlist and Comparison Cross-Site Request Forgery (1.0.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Theme My Login Local File Inclusion (6.3.9)
|
CVE-2014-5155
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Theme My Login Security Bypass (6.4.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin ThemeREX Addons Remote Code Execution (All)
|
CVE-2020-10257
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Theme Test Drive Multiple Vulnerabilities (2.9)
|
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Theme Tuner 'tt-abspath' Parameter Remote File Include (0.7)
|
CVE-2012-0934
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Theme Tweaker Cross-Site Request Forgery (5.20)
|
CVE-2023-23713
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Themify-WooCommerce Product Filter SQL Injection (1.4.9)
|
CVE-2024-6027
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Themify Builder Cross-Site Scripting (5.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.5)
|
CVE-2021-24129
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.6)
|
CVE-2022-0200
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.0)
|
CVE-2022-4464
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.1)
|
CVE-2023-0362
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin The Official Facebook Chat Cross-Site Request Forgery (1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin The Official Facebook Chat Security Bypass (1.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin The Piecemaker 'php.php' Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin The Plus Addons for Elementor Cross-Site Scripting (4.1.11)
|
CVE-2021-24351
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin The Plus Addons for Elementor Open Redirect (4.1.9)
|
CVE-2021-24358
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin The Plus Addons for Elementor Page Builder Lite Multiple Cross-Site Scripting Vulnerabilities (2.0.5)
|
CVE-2021-24266
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin The Plus Addons for Elementor Security Bypass (4.1.6)
|
CVE-2021-24175
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin The Plus Addons for Elementor Security Bypass (4.1.10)
|
CVE-2021-24359
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin The Post Grid-Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Cross-Site Request Forgery (5.0.4)
|
CVE-2022-46853
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin The Sorter SQL Injection (1.0)
|
CVE-2021-24399
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin TheThe Layout Grid Cross-Site Scripting (1.0.0)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin The Welcomizer 'twiz-index.php' Cross-Site Scripting (1.3.9.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ThinkIT WP Contact Form Multiple Vulnerabilities (0.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin ThinkTwit Cross-Site Scripting (1.7.0)
|
CVE-2021-24582
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ThinkTwit Security Bypass (1.5.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thinkun Remind 'dirPath' Parameter Information Disclosure (1.1.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin ThirstyAffiliates Affiliate Link Manager Cross-Site Scripting (3.9.2)
|
CVE-2021-24127
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ThreeWP Email Reflector 'Subject' Field Cross-Site Scripting (1.15)
|
CVE-2012-2572
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Thrive Apprentice Security Bypass (2.3.9.3)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Architect Security Bypass (2.6.7.3)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Clever Widgets Security Bypass (1.56)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Comments Security Bypass (1.4.15.2)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Dashboard Security Bypass (2.3.9.2)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Headline Optimizer Security Bypass (1.3.7.2)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Leads Security Bypass (2.3.9.3)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Optimize Security Bypass (1.4.13.2)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Ovation Security Bypass (2.4.4)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Quiz Builder Security Bypass (2.3.9.3)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Themes Builder Security Bypass (2.2.3)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thrive Ultimatum Security Bypass (2.3.9.3)
|
CVE-2021-24219
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Thumbnail carousel slider Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Tickera-WordPress Event Ticketing Cross-Site Request Forgery (3.4.9.9)
|
CVE-2022-4549
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Tickera-WordPress Event Ticketing Cross-Site Request Forgery (3.5.1.0)
|
CVE-2023-23726
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Tickera-WordPress Event Ticketing Cross-Site Scripting (3.4.8.2)
|
CVE-2021-24797
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tickera-WordPress Event Ticketing Security Bypass (3.4.9.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Tickera-WordPress Event Ticketing Unspecified Vulnerability (3.4.6.7)
|
|
|
High
|
|
WordPress Plugin Ticket Manager Cross-Site Scripting (1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ticketrilla:Client PHP Object Injection (1.0.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Tidio Gallery Multiple Vulnerabilities (1.1)
|
CVE-2016-1000153
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Tidio Live Chat Cross-Site Request Forgery (4.1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Tierra's Billboard Manager SQL Injection (1.14)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Tigris for Salesforce PHP Object Injection (1.1.3)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Timber Cross-Site Scripting (1.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Timed Content Cross-Site Scripting (2.72)
|
CVE-2023-0067
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Timed Popup Cross-Site Request Forgery (1.3)
|
CVE-2014-9525
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Timeline Calendar SQL Injection (1.2)
|
CVE-2021-24553
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Timeline Event History PHP Object Injection (3.1)
|
CVE-2024-5726
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Timesheet by BestWebSoft Cross-Site Scripting (0.1.4)
|
CVE-2017-2171
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Time Sheets Cross-Site Scripting (1.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Time Sheets Multiple Cross-Site Scripting Vulnerabilities (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Timetable and Event Schedule by MotoPress Cross-Site Request Forgery (2.4.1)
|
CVE-2021-24583
CVE-2021-24584
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Timetable and Event Schedule by MotoPress Cross-Site Scripting (2.3.18)
|
CVE-2021-24724
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure (2.3.19)
|
CVE-2021-24585
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Timetable and Event Schedule by MotoPress Unspecified Vulnerability (2.4.3)
|
|
|
High
|
|
WordPress Plugin TinyMCE Advanced Cross-Site Request Forgery (4.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin TinyMCE Color Picker Multiple Vulnerabilities (1.1)
|
CVE-2014-3844
CVE-2014-3845
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin TinyMCE Custom Styles Cross-Site Scripting (1.1.2)
|
CVE-2023-23995
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tinymce Thumbnail Gallery 'href' Parameter Information Disclosure (1.0.7)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Tiny URL Cross-Site Scripting (1.3.2)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Titan Anti-spam & Security Cross-Site Scripting (4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Titan Anti-spam & Security Security Bypass (7.3.0)
|
CVE-2022-2877
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Titan Framework Cross-Site Scripting (1.5.2)
|
CVE-2014-6444
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Titan Framework Cross-Site Scripting (1.7.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Titan Framework Cross-Site Scripting (1.12.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TI WooCommerce Wishlist Security Bypass (1.21.11)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Toggle The Title Cross-Site Scripting (1.4)
|
CVE-2019-14795
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Token Manager 'tid' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin to Manage/Design WordPress Blog-WP Blog Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.0)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Tom M8te Directory Traversal (1.5.3)
|
CVE-2014-5187
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin ToolBar to Share Cross-Site Request Forgery (2.0)
|
CVE-2022-1918
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin ToolPage Cross-Site Scripting (1.6.1)
|
CVE-2014-4560
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Toolset Types-Custom Post Types, Custom Fields and Taxonomies Cross-Site Scripting (1.8.7.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Toolset Types-Custom Post Types, Custom Fields and Taxonomies Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.2.1.1)
|
CVE-2013-2768
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Toolset Types-Custom Post Types, Custom Fields and Taxonomies Multiple Unspecified Vulnerabilities (2.2.2)
|
|
|
High
|
|
WordPress Plugin Toolset Types-Custom Post Types, Custom Fields and Taxonomies PHP Object Injection (1.5.7)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Toolset Types-Custom Post Types, Custom Fields and Taxonomies Privilege Escalation (2.3.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Tooltipy (tooltips for WP) Multiple Vulnerabilities (5.0.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Top 10-Popular posts for WordPress Cross-Site Request Forgery (1.9.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Top 10-Popular posts for WordPress Cross-Site Request Forgery (2.9.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Top 10-Popular posts for WordPress Cross-Site Scripting (2.3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Top 10-Popular posts for WordPress Cross-Site Scripting (3.2.2)
|
CVE-2022-4570
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Top 10-Popular posts for WordPress Multiple Vulnerabilities (3.2.3)
|
CVE-2023-25993
CWE-352
CWE-862
|
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Top 10-Popular posts for WordPress Multiple Vulnerabilities (3.2.4)
|
CVE-2023-26008
CWE-79
CWE-284
|
CWE-79
CWE-284
|
High
|
|
WordPress Plugin Top 10-Popular posts for WordPress SQL Injection (2.4.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Top Quark Architecture 'script.php' Arbitrary File Upload (2.1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Total Donations for Wordpress Security Bypass (2.0.5)
|
CVE-2019-6703
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility includes Backdoor [Only if downloaded via the vendor website] (1.0.4)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Total Sales For Woocommerce Cross-Site Scripting (1.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Total Security Multiple Unspecified Vulnerabilities (3.4.1)
|
|
|
High
|
|
WordPress Plugin Total Security Multiple Vulnerabilities (3.4)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Total Team Lite-Responsive Team Manager/Showcase for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.1.1)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Total Upkeep-WordPress Backup plus Restore & Migrate by BoldGrid Information Disclosure (1.14.9)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin To Top Security Bypass (2.2.2)
|
CVE-2021-24752
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin tPlayer-Audio Player for WordPress Multiple Cross-Site Scripting Vulnerabilities (1.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tracking Code Manager Multiple Vulnerabilities (1.11.1)
|
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
WordPress Plugin Track That Stat 'data' Parameter Cross-Site Scripting (1.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TRADIES Information Disclosure (2.2.6)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Traffic Analyzer Cross-Site Scripting (3.3.2)
|
CVE-2013-3526
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Traffic Analyzer SQL Injection (3.4.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Traffic Manager Multiple Vulnerabilities (1.4.5)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Translate Multilingual sites-TranslatePress Cross-Site Scripting (2.0.8)
|
CVE-2021-24610
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (4.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (5.0.05)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (6.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (6.0.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Translate WordPress with GTranslate Cross-Site Scripting (2.8.51)
|
CVE-2020-11930
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Translate WordPress with GTranslate Cross-Site Scripting (2.8.64)
|
CVE-2021-34630
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Translate WordPress with GTranslate Open Redirect (2.8.10)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Transposh WordPress Translation Cross-Site Scripting (0.8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Transposh WordPress Translation Multiple Cross-Site Scripting Vulnerabilities (1.0.7)
|
CVE-2021-24910
CVE-2021-24911
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Transposh WordPress Translation Multiple Vulnerabilities (1.0.8.1)
|
CVE-2021-24912
CVE-2022-2461
CVE-2022-2462
CVE-2022-2536
CVE-2022-25810
CVE-2022-25811
CWE-89
CWE-200
CWE-264
CWE-285
CWE-352
|
CWE-89
CWE-200
CWE-264
CWE-285
CWE-352
|
High
|
|
WordPress Plugin Trashbin 'mtb_undelete' Parameter Cross-Site Scripting (0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Travel Management Privilege Escalation (1.5)
|
CVE-2019-15773
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Travelpayouts:All Travel Brands in One Place Cross-Site Request Forgery (1.0.16)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Travelpayouts:All Travel Brands in One Place Cross-Site Scripting (0.7.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TR Easy Google Analytics Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Triagis WordPress Security Evaluation-Check Folder Permissions, Fix For Common Security Vulnerabilities Multiple Cross-Site Request Forgery Vulnerabilities (1.15)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin True Ranker Directory Traversal (2.2.2)
|
CVE-2021-39312
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Trust Form Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TubePress Cross-Site Scripting (1.6.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tune Library 'letter' Parameter SQL Injection (1.5.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Tune Library SQL Injection (1.5.4)
|
CVE-2015-3314
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (1.5.2)
|
CVE-2020-8615
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (2.6.1)
|
CVE-2024-1503
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.1)
|
CVE-2021-24455
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.10)
|
CVE-2021-24873
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.11)
|
CVE-2021-25017
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (2.0.9)
|
CVE-2022-2563
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (2.6.2)
|
CVE-2024-3994
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Insecure Direct Object Reference (2.7.0)
|
CVE-2024-4279
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Local File Inclusion (1.8.7)
|
CVE-2021-24242
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Cross-Site Scripting Vulnerabilities (1.9.8)
|
CVE-2021-24740
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Vulnerabilities (1.7.6)
|
CVE-2021-24181
CVE-2021-24184
CVE-2021-24185
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.1)
|
CVE-2024-1502
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.2)
|
CVE-2024-3553
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.7.0)
|
CVE-2024-4223
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (1.8.2)
|
CVE-2021-24182
CVE-2021-24183
CVE-2021-24186
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (2.6.1)
|
CVE-2024-1751
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (2.7.0)
|
CVE-2024-4318
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Tutor LMS Elementor Addons Cross-Site Scripting (2.1.3)
|
CVE-2024-29913
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tweet Blender Cross-Site Scripting (4.0.1)
|
CVE-2013-6342
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin TweetScribe Cross-Site Request Forgery (1.1)
|
CVE-2014-9399
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Tweet Wheel Multiple Cross-Site Scripting Vulnerabilities (1.0.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Tweet Wheel Spam (0.3)
|
CWE-702
|
CWE-702
|
High
|
|
WordPress Plugin Twenty20 Image Before-After Cross-Site Scripting (1.5.9)
|
CVE-2022-4580
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Twenty20 Image Before-After Malicious Code (1.6.3)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin twimp-wp-twitter multi publisher Cross-Site Request Forgery (0.1)
|
CVE-2014-9397
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Twitch Player Cross-Site Scripting (2.1.0)
|
CVE-2023-25464
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Twitget Cross-Site Request Forgery (3.3.2)
|
CVE-2014-2559
CVE-2014-2995
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Twitter Button by BestWebSoft Cross-Site Request Forgery (2.14)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Twitter Button by BestWebSoft Cross-Site Scripting (2.54)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18505
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Twitter Button by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (2.36)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Twitter Cards Meta Multiple Vulnerabilities (2.4.5)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin TwitterCart Security Bypass (2.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin twitterDash Cross-Site Request Forgery (2.1)
|
CVE-2014-9368
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Twitter Feed:Embedded Timeline 'url' Parameter Cross-Site Scripting (0.3.1)
|
CVE-2010-4825
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Twitter Feed Cross-Site Scripting (2.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Twitter Friends Widget Cross-Site Scripting (3.1)
|
CVE-2021-38322
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Twitter LiveBlog Cross-Site Request Forgery (1.1.2)
|
CVE-2014-9398
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Two-Factor Authentication-Clockwork SMS Cross-Site Scripting (1.0.3)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Two Factor Authentication Cross-Site Request Forgery (1.3.12)
|
CVE-2018-20231
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Two Factor Authentication Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)
|
CWE-22
CWE-352
|
CWE-22
CWE-352
|
High
|
|
WordPress Plugin typofr Cross-Site Scripting (0.11)
|
CVE-2021-34657
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin U BuddyPress Forum Attachment 'fileurl' Parameter Remote File Disclosure (1.1.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin uCan Post Multiple HTML Injection Vulnerabilities (1.0.09)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin uCare-Support Ticket System Cross-Site Scripting (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin uContext for Amazon Cross-Site Request Forgery (3.9.1)
|
CVE-2022-2541
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin uContext for Clickbank Cross-Site Request Forgery (3.9.1)
|
CVE-2022-2542
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download (1.0.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin UiPress lite-Effortless custom dashboards, admin themes and pages SQL Injection (3.4.06)
|
CVE-2024-38788
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Uji Countdown Cross-Site Scripting (2.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Uji Countdown Cross-Site Scripting (2.2)
|
CVE-2022-3837
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UK Cookie Consent Cross-Site Scripting (2.3.9)
|
CVE-2018-10310
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UK Cookie Cross-Site Request Forgery (1.1)
|
CVE-2013-2180
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Addons for Beaver Builder Cross-Site Scripting (1.24.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Addons for Beaver Builder Security Bypass (1.24.0)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Ultimate Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (1.29.2)
|
CVE-2021-24271
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Addons for Elementor Security Bypass (1.20.0)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Ultimate Addons for Elementor Security Bypass (1.24.1)
|
CVE-2020-13125
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Addons for Visual Composer Multiple Vulnerabilities (3.16.10)
|
CWE-79
CWE-94
CWE-352
|
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress Plugin Ultimate Affiliate Pro Multiple Cross-Site Scripting Vulnerabilities (3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Appointment Booking & Scheduling Cross-Site Scripting (1.1.9)
|
CVE-2020-24313
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Appointment Booking & Scheduling Unspecified Vulnerability (1.1.10)
|
|
|
High
|
|
WordPress Plugin Ultimate Category Excluder Cross-Site Request Forgery (1.1)
|
CVE-2020-35135
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Coming Soon, Maintenance Mode for WordPress-Everest Coming Soon Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.0)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin Ultimate FAQ Cross-Site Scripting (1.8.21)
|
CVE-2019-15643
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate FAQ Cross-Site Scripting (1.8.29)
|
CVE-2020-7107
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate FAQ Security Bypass (1.8.24)
|
CVE-2019-17232
CVE-2019-17233
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress Security Bypass (2.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Gift Cards For WooCommerce Cross-Site Request Forgery (2.1.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Google Analytics Cross-Site Request Forgery (1.6.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Instagram Feed Cross-Site Scripting (1.2)
|
CVE-2017-16758
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Instagram Feed Unspecified Vulnerability (1.3)
|
|
|
High
|
|
WordPress Plugin Ultimate Maps by Supsystic Cross-Site Scripting (1.2.4)
|
CVE-2021-24274
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Maps by Supsystic SQL Injection (1.1.12)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Arbitrary File Deletion (1.0.78)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Arbitrary File Upload (1.0.83)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Arbitrary File Upload (2.0.21)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Request Forgery (2.0.6)
|
CVE-2018-10233
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Request Forgery (2.0.39)
|
CVE-2019-10673
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (1.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (1.2.995)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (1.3.28)
|
CVE-2015-8354
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.10)
|
CVE-2018-10234
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.17)
|
CVE-2018-13136
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.25)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.51)
|
CVE-2019-14946
CVE-2019-14947
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.1.19)
|
CVE-2021-24306
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.3.2)
|
CVE-2022-1208
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.4.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.8.3)
|
CVE-2024-2123
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.8.4)
|
CVE-2024-2765
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Information Disclosure (1.2.5)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Local File Inclusion (1.3.64)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Multiple Cross-Site Scripting Vulnerabilities (2.0.27)
|
CVE-2018-17866
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Multiple Vulnerabilities (1.3.88)
|
CVE-2018-0585
CVE-2018-0586
CVE-2018-0587
CVE-2018-0588
CVE-2018-0589
CVE-2018-0590
CWE-22
CWE-79
CWE-284
CWE-434
|
CWE-22
CWE-79
CWE-284
CWE-434
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Multiple Vulnerabilities (2.0.45)
|
CWE-73
CWE-79
CWE-538
|
CWE-73
CWE-79
CWE-538
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Multiple Vulnerabilities (2.5.0)
|
CVE-2022-2445
CVE-2022-3361
CVE-2022-3383
CVE-2022-3384
CWE-22
CWE-94
|
CWE-22
CWE-94
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Open Redirect (2.0.33)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Open Redirect (2.1.6)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Open Redirect (2.3.1)
|
CVE-2022-1209
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Privilege Escalation (2.0.50)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Privilege Escalation (2.1.11)
|
CVE-2020-36155
CVE-2020-36156
CVE-2020-36157
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Privilege Escalation (2.6.6)
|
CVE-2023-3460
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Remote Code Execution (2.0.32)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (1.3.52)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (1.3.75)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (1.3.83)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (2.1.2)
|
CVE-2020-6859
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership SQL Injection (2.8.2)
|
CVE-2024-1071
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Unspecified Vulnerability (2.0.40)
|
|
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Unspecified Vulnerability (2.1.3)
|
|
|
High
|
|
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Unspecified Vulnerability (2.1.12)
|
CVE-2020-36170
|
|
High
|
|
WordPress Plugin Ultimate Membership Pro Cross-Site Request Forgery (8.6.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Membership Pro Cross-Site Request Forgery (8.6.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate Membership Pro Security Bypass (8.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Ultimate Membership Pro SQL Injection (3.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ultimate Membership Pro SQL Injection (6.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ultimate Profile Builder By CMSHelpLive Multiple Vulnerabilities (2.3.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Ultimate Responsive Image Slider Unspecified Vulnerability (3.3.2)
|
|
|
High
|
|
WordPress Plugin Ultimate Reviews PHP Object Injection (2.0.18)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Ultimate Reviews PHP Object Injection (2.1.32)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Ultimate SMS Notifications for WooCommerce CSV Injection (1.4.1)
|
CVE-2022-2429
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin ULTIMATE TABLES SQL Injection (1.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Ultimate Tag Cloud Widget Unspecified Vulnerability (2.3)
|
|
|
High
|
|
WordPress Plugin Ultimate TinyMCE 'swfupload.swf' Cross-Site Scripting (3.5)
|
CVE-2012-3414
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimate TinyMCE Multiple Unspecified Vulnerabilities (5.0)
|
|
|
High
|
|
WordPress Plugin ULTIMATE VIDEO GALLERY Cross-Site Scripting (1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UltimateWoo-The Ultimate WooCommerce with Unlimited Usage PHP Object Injection (0.1.10)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Ultimate WordPress Auction Cross-Site Request Forgery (1.0.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Ultimate WordPress Auction Multiple Vulnerabilities (4.0.5)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Ultimate WP Query Search Filter Cross-Site Scripting (1.0.10)
|
CVE-2023-23832
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Ultimeter Security Bypass (1.9.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.4.1)
|
CVE-2023-23714
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Unconfirmed Cross-Site Scripting (1.2.3)
|
CVE-2014-100018
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Under Construction, Coming Soon & Maintenance Mode Multiple Vulnerabilities (1.1.1)
|
CWE-79
CWE-918
|
CWE-79
CWE-918
|
High
|
|
WordPress Plugin Under Construction/Maintenance Mode from Acurax Multiple Unspecified Vulnerabilities (2.5.2)
|
|
|
High
|
|
WordPress Plugin underConstruction Cross-Site Request Forgery (1.08)
|
CVE-2013-2699
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin underConstruction Cross-Site Scripting (1.18)
|
CVE-2021-39320
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Under Construction Open Redirect (3.20)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Under Construction Unspecified Vulnerability (3.25)
|
|
|
High
|
|
WordPress Plugin Under Construction Unspecified Vulnerability (3.85)
|
|
|
High
|
|
WordPress Plugin UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin UnGallery Local File Disclosure (1.5.8)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Unite Gallery Lite Multiple Vulnerabilities (1.4.6)
|
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin Universal Analytics Cross-Site Scripting (1.3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Universal Post Manager Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.9)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Universal Star Rating Unspecified Vulnerability (1.10.3)
|
|
|
High
|
|
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (1.5.107)
|
CVE-2024-3190
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Remote Code Execution (1.5.89)
|
CVE-2023-6743
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.107)
|
CVE-2024-4779
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.109)
|
CVE-2024-5329
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Unlimited Pop-Ups Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Unlimited PopUps SQL Injection (4.5.3)
|
CVE-2021-24631
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Unyson Information Disclosure (2.7.18)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Updater by BestWebSoft Cross-Site Scripting (1.34)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18565
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.22.24)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.23.3)
|
CVE-2023-32960
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.9.63)
|
CVE-2015-9360
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.13.4)
|
CVE-2017-18593
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.16.65)
|
CVE-2021-25022
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.16.68)
|
CVE-2021-25089
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.22.8)
|
CVE-2022-0864
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Multiple Vulnerabilities (1.16.58)
|
CVE-2021-24423
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Privilege Escalation (1.23.2)
|
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.9.50)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.22.1)
|
CVE-2022-0633
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Uploader 'num' Parameter Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Uploader 'uploadify.php' Arbitrary File Upload (1.0.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Uploader Cross-Site Scripting and Arbitrary File Upload Vulnerabilities (1.0.4)
|
CVE-2013-2287
CVE-2013-2288
CWE-79
CWE-434
|
CWE-79
CWE-434
|
High
|
|
WordPress Plugin Upload File Type Settings Cross-Site Scripting (1.1)
|
CVE-2023-25781
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Uploadify Integration Multiple Cross-Site Scripting Vulnerabilities (0.9.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Uploadify Remote File Upload (1.0)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin UPM Polls 'PID' Parameter SQL Injection (1.0.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin UPM Polls 'qid' Parameter SQL Injection (1.0.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin URL Cloak & Encrypt Cross-Site Scripting (2.0)
|
CVE-2014-4563
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Use Any Font Unspecified Vulnerability (4.3.6)
|
|
|
High
|
|
WordPress Plugin User Access Manager Cross-Site Scripting (1.2.6.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Access Manager Cross-Site Scripting (1.2.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Access Manager Unspecified Vulnerability (1.2.6.9)
|
|
|
High
|
|
WordPress Plugin User Activation Email Cross-Site Scripting (1.3.0)
|
CVE-2021-38325
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Activity Log Multiple Cross-Site Scripting Vulnerabilities (1.4.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Activity Log Multiple Vulnerabilities (1.2.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin User Activity Security Bypass (1.0.1)
|
CVE-2022-4550
CWE-290
|
CWE-290
|
High
|
|
WordPress Plugin User Avatar TimThumb Arbitrary File Upload (1.3.7)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin User Avatar Unspecified Vulnerability (1.4.6)
|
|
|
High
|
|
WordPress Plugin User Control SQL Injection (2.1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin User Domain Whitelist Multiple Vulnerabilities (1.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin user files Arbitrary File Upload (2.4.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin User Login History Multiple Cross-Site Scripting Vulnerabilities (1.5.2)
|
CVE-2017-15867
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Login Log Cross-Site Scripting (2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Meta 'uploader.php' Arbitrary File Upload (1.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin User Meta Manager Information Disclosure (3.4.7)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin User Meta Manager Multiple Vulnerabilities (3.4.6)
|
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Username Changer Multiple Vulnerabilities (1.4)
|
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin Usernoise modal feedback/contact form Cross-Site Scripting (3.7.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Photo 'user-photo.php' Arbitrary File Upload (0.9.4)
|
CVE-2013-1916
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin User Photo Cross-Site Scripting (0.9.5.1)
|
CVE-2012-2920
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Cross-Site Scripting (2.33)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Cross-Site Scripting (4.9.23)
|
CVE-2018-16285
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Cross-Site Scripting (4.9.33)
|
CVE-2019-14470
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Multiple Cross-Site Request Forgery Vulnerabilities (5.1.0)
|
CVE-2023-2438
CVE-2023-2497
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.1)
|
CVE-2023-2437
CVE-2023-2440
CVE-2023-2446
CVE-2023-2447
CVE-2023-2449
CVE-2023-6007
CVE-2023-6008
CWE-200
CWE-269
CWE-345
CWE-352
CWE-862
|
CWE-200
CWE-269
CWE-345
CWE-352
CWE-862
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.4)
|
CVE-2023-2448
CVE-2023-6009
CWE-269
CWE-862
|
CWE-269
CWE-862
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.20)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.27)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin UserPro-Community and User Profile Security Bypass (4.9.17)
|
CVE-2017-16562
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor 'key' Parameter Security Bypass (1.1.24)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Request Forgery (3.6.4)
|
CVE-2021-36915
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (2.0.2)
|
CVE-2014-8492
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (2.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (2.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (3.4.7)
|
CVE-2021-24448
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (3.6.1)
|
CVE-2022-0653
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (3.6.7)
|
CVE-2022-0884
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Information Disclosure (3.9.0)
|
CVE-2023-0814
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Multiple Cross-Site Scripting Vulnerabilities (1.1.65)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Multiple Unspecified Vulnerabilities (2.5.7)
|
|
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Privilege Escalation (2.4.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Security Bypass (1.1.59)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Security Bypass (2.3.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Security Bypass (3.1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Security Bypass (3.4.8)
|
CVE-2021-24527
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Security Bypass (3.11.8)
|
CVE-2024-6695
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor SQL Injection (3.3.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Unspecified Vulnerability (2.1.3)
|
|
|
High
|
|
WordPress Plugin User Profile Picture Information Disclosure (2.4.0)
|
CVE-2021-24170
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin User Registration, Login & Landing Pages-LeadMagic Cross-Site Scripting (1.2.7)
|
CVE-2022-0232
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form, and User Profile Privilege Escalation (3.1.5)
|
CVE-2024-2417
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form, and User Profile Privilege Escalation (3.2.0.1)
|
CVE-2024-4958
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Arbitrary File Upload (2.2.4)
|
CVE-2022-3912
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Arbitrary File Upload (3.0.2)
|
CVE-2023-3342
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Cross-Site Scripting (1.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Cross-Site Scripting (2.0.1)
|
CVE-2021-24654
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Cross-Site Scripting (2.3.0)
|
CVE-2023-23987
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile PHP Object Injection (2.3.2.1)
|
CVE-2023-27459
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile PHP Object Injection (3.0.1)
|
CVE-2023-3343
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Security Bypass (2.3.2.1)
|
CVE-2023-29429
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin User Rights Access Manager Security Bypass (1.0.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Rights Access Manager Security Bypass (1.0.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.5.5)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18566
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Role Editor Cross-Site Request Forgery (3.12)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin User Role Editor Cross-Site Scripting (4.37)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin User Role Editor Security Bypass (4.24)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin User Self Delete SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Users to CSV Cross-Site Request Forgery (1.4.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin User Submitted Posts Arbitrary File Upload (20190426)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin User Submitted Posts Cross-Site Scripting (20151113)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Users Ultra Membership Arbitrary File Upload (1.5.58)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Users Ultra Membership Cross-Site Scripting (1.5.78)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Users Ultra Membership Multiple Vulnerabilities (1.5.62)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Users Ultra SQL Injection (1.3.58)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Users Ultra SQL Injection (1.4.35)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Users Ultra SQL Injection (1.5.15)
|
CVE-2015-4109
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin UsersWP-Front-end login form, User Registration, User Profile & Members Directory for WP Cross-Site Scripting (1.2.2.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin UsersWP-Front-end login form, User Registration, User Profile & Members Directory for WP CSV Injection (1.2.3.9)
|
CVE-2022-47442
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin UsersWP-Front-end login form, User Registration, User Profile & Members Directory for WP Security Bypass (1.2.3)
|
CVE-2022-0442
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin UsersWP-Front-end login form, User Registration, User Profile & Members Directory for WP SQL Injection (1.2.10)
|
CVE-2024-6265
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin User Verification Security Bypass (1.0.93)
|
CVE-2022-4693
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin uTubeVideo Gallery Cross-Site Scripting (2.0.7)
|
CVE-2023-0151
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin uTubeVideo Gallery Unspecified Vulnerability (2.0.4)
|
|
|
High
|
|
WordPress Plugin uTubeVideo Gallery Unspecified Vulnerability (2.0.6)
|
|
|
High
|
|
WordPress Plugin Validated Cross-Site Scripting (1.0.2)
|
CVE-2014-4564
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Variation Swatches for WooCommerce Cross-Site Scripting (1.0.61)
|
CVE-2019-14774
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Variation Swatches for WooCommerce Cross-Site Scripting (2.1.1)
|
CVE-2021-42367
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VaultPress Cross-Site Scripting (1.7.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin VaultPress Remote Code Execution (1.9.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin VaultPress Unspecified Vulnerability (1.7.1)
|
|
|
High
|
|
WordPress Plugin VDZ CallBack Cross-Site Scripting (1.14.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VDZ Google Analytics or Google Tag Manager/GTM Cross-Site Scripting (1.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VDZ VERIFICATION (Custom Meta Tags) Cross-Site Scripting (1.3.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Velvet Blues Update URLs Unspecified Vulnerability (2.1)
|
|
|
High
|
|
WordPress Plugin VendorFuel Local File Overwrite (1.3.1)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Venture Event Manager Cross-Site Scripting (3.2.4)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Verification Code for Comments Multiple Cross-Site Scripting Vulnerabilities (2.1.0)
|
CVE-2014-4565
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Verify Google Webmaster Tools Unspecified Vulnerability (1.3)
|
|
|
High
|
|
WordPress Plugin Verse-O-Matic Cross-Site Request Forgery (4.1.1)
|
CVE-2021-24466
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Vertical News Scroller Cross-Site Scripting (1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Vertical News Scroller Unspecified Vulnerability (1.19)
|
|
|
High
|
|
WordPress Plugin Vertical SlideShow 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Vertical SlideShow Arbitrary File Upload (2.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Verve Meta Boxes TimThumb Arbitrary File Upload (1.2.8)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin verwei.se-WordPress-Twitter Cross-Site Scripting (1.0.2)
|
CVE-2014-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Very Simple Quiz Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video.js-HTML5 Video Player for Wordpress Cross-Site Scripting (3.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video.js-HTML5 Video Player for Wordpress Cross-Site Scripting (4.5.0)
|
CVE-2022-4786
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Chat Multiple Cross-Site Scripting Vulnerabilities (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Comments Webcam Recorder Cross-Site Scripting (1.55)
|
CVE-2014-4567
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (3.8.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (3.9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (4.0.9)
|
CVE-2022-4578
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Conferencing with Zoom Information Disclosure (3.8.16)
|
CVE-2022-0384
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Video Downloader for TikTok Directory Traversal (1.3)
|
CVE-2020-24143
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Video Embed & Thumbnail Generator 'kg_callffmpeg.php' Multiple Remote Code Execution Vulnerabilities (1.1)
|
CVE-2012-1785
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Video Embed & Thumbnail Generator Cross-Site Scripting (4.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Embed & Thumbnail Generator Information Disclosure (1.1)
|
CVE-2012-1786
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Video Embed SQL Injection (1.0)
|
CVE-2021-24337
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin VIDEO GALLERY 'upload1.php' Arbitrary File Upload (1.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Video Gallery-Best WordPress YouTube Gallery Multiple Vulnerabilities (1.7.6)
|
CVE-2023-25979
CVE-2023-25988
CWE-79
CWE-862
|
CWE-79
CWE-862
|
High
|
|
WordPress Plugin Video Gallery-Vimeo and YouTube Gallery Cross-Site Scripting (1.1.4)
|
CVE-2021-24515
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Gallery /w YouTube, Vimeo Arbitrary File Upload (8.48)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Video Gallery /w YouTube, Vimeo Multiple Vulnerabilities (8.80)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Video Lead Form 'errMsg' Parameter Cross-Site Scripting (0.5)
|
CVE-2012-6312
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Lessons Manager-Best Video Course LMS Cross-Site Scripting (1.7.1)
|
CVE-2021-24713
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Lessons Manager-Video Lessons LMS for eLearning Site Cross-Site Scripting (3.5.8)
|
CVE-2021-24713
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Metabox Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Player for YouTube Cross-Site Scripting (1.3)
|
CVE-2021-24414
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Player Unspecified Vulnerability (1.1.4)
|
|
|
High
|
|
WordPress Plugin Video Posts Webcam Recorder Cross-Site Scripting (1.55.4)
|
CVE-2014-4568
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Video Sidebar Widgets Cross-Site Scripting (6.1)
|
CVE-2022-4785
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Videos on Admin Dashboard Cross-Site Scripting (1.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VideoWhisper Video Conference Integration 'vw_upload.php' Arbitrary File Upload (4.51)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin VideoWhisper Video Conference Integration Arbitrary File Upload (4.91.8)
|
CVE-2015-9271
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin VideoWhisper Video Presentation 'c_status.php' SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin VideoWhisper Video Presentation 'vw_upload.php' Arbitrary File Upload (3.17)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin VideoWhisper Video Presentation Arbitrary File Upload (3.31.17)
|
CVE-2015-9272
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin VideoWhisper Video Presentation Multiple Cross-Site Scripting Vulnerabilities (3.25)
|
CVE-2014-4570
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Videox7 UGC 'listid' Parameter Cross-Site Scripting (2.5.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin View All Post's Pages Cross-Site Scripting (0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VikBooking Hotel Booking Engine & PMS Cross-Site Scripting (1.5.8)
|
CVE-2022-1528
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Cross-Site Request Forgery Vulnerabilities (1.5.12)
|
CVE-2023-25707
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.3)
|
CVE-2022-27862
CVE-2022-27863
CWE-200
CWE-434
|
CWE-200
CWE-434
|
High
|
|
WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.7)
|
CVE-2022-1407
CVE-2022-1408
CVE-2022-1409
CWE-79
CWE-352
CWE-434
|
CWE-79
CWE-352
CWE-434
|
High
|
|
WordPress Plugin VikRentCar Car Rental Management System Cross-Site Request Forgery (1.1.6)
|
CVE-2021-24388
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin VikRentCar Car Rental Management System Cross-Site Scripting (1.1.9)
|
CVE-2021-24519
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Viper's Video Quicktags Unspecified Vulnerability (6.4.4)
|
|
|
High
|
|
WordPress Plugin Viral Quiz Maker-OnionBuzz SQL Injection (1.2.1)
|
CVE-2019-14231
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Viral Quiz Maker-OnionBuzz SQL Injection (1.2.6)
|
CVE-2019-14230
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Virim PHP Object Injection (0.4)
|
CVE-2019-12240
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Virtual Robots.txt Cross-Site Scripting (1.9)
|
CVE-2021-28121
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Virtue/Pinnacle ToolKit Unspecified Vulnerability (2.5)
|
|
|
High
|
|
WordPress Plugin Vision Interactive For WordPress Cross-Site Scripting (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visitor Maps and Who's Online Cross-Site Scripting (1.5.8.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visitors Cross-Site Scripting (0.3)
|
CVE-2021-24350
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visitors Online by BestWebSoft Cross-Site Scripting (0.9)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18537
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visitor Traffic Real Time Statistics Cross-Site Request Forgery (1.12)
|
CVE-2019-15832
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Visitor Traffic Real Time Statistics Cross-Site Request Forgery (2.12)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Visitor Traffic Real Time Statistics Security Bypass (2.11)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Visitor Traffic Real Time Statistics SQL Injection (3.8)
|
CVE-2021-24829
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Visitor Traffic Real Time Statistics Unspecified Vulnerability (2.13)
|
|
|
High
|
|
WordPress Plugin Visitor Traffic Real Time Statistics Unspecified Vulnerability (4.2)
|
|
|
High
|
|
WordPress Plugin Visual Composer:Page Builder for WordPress Local File Inclusion (5.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Visual Composer:Page Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (4.7.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages Multiple Cross-Site Scripting Vulnerabilities (26.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages Multiple Cross-Site Scripting Vulnerabilities (45.0)
|
CVE-2022-2516
CVE-2022-2430
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visual CSS Style Editor Cross-Site Request Forgery (7.2.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Visual CSS Style Editor Security Bypass (7.1.9)
|
CVE-2019-11886
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Visual Email Designer for WooCommerce SQL Injection (1.7.1)
|
CVE-2022-3860
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Visual Form Builder Cross-Site Scripting (2.8.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visual Form Builder Cross-Site Scripting (3.0.3)
|
CVE-2021-24514
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visual Form Builder Multiple Cross-Site Scripting Vulnerabilities (2.8.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visual Form Builder Multiple Vulnerabilities (2.8.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Visual Form Builder Unspecified Vulnerability (3.0.5)
|
|
|
High
|
|
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Cross-Site Scripting (3.9.1)
|
CVE-2022-46848
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Cross-Site Scripting (3.9.4)
|
CVE-2023-23708
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Multiple Vulnerabilities (3.3.0)
|
CVE-2019-16931
CVE-2019-16932
CWE-79
CWE-918
|
CWE-79
CWE-918
|
High
|
|
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress PHAR Deserialization (3.7.9)
|
CVE-2022-2444
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Security Bypass (3.10.15)
|
CVE-2024-3750
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress SQL Injection (3.11.1)
|
CVE-2024-35736
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Unspecified Vulnerability (1.5.6)
|
|
|
High
|
|
WordPress Plugin Visual Link Preview Security Bypass (2.2.2)
|
CVE-2021-24635
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Visual Website Collaboration, Feedback & Project Management-Atarim Cross-Site Scripting (3.30)
|
CVE-2024-2793
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Vitamin Multiple Arbitrary File Disclosure Vulnerabilities (1.0.0)
|
CVE-2012-6651
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin VK All in One Expansion Unit Cross-Site Scripting (9.85.0.1)
|
CVE-2023-0230
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VK Gallery TimThumb Arbitrary File Upload (1.1.0)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin VKontakte API Cross-Site Scripting (2.7)
|
CVE-2009-4168
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Vmax Project Manager Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Vmax Project Manager Local File Inclusion (1.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin VM Backups Cross-Site Request Forgery (1.0)
|
CVE-2021-24172
CVE-2021-24173
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin VN-Calendar Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CVE-2014-4571
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Vodpod Video Gallery 'gid' Parameter Cross-Site Scripting (3.1.5)
|
CVE-2010-4875
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Vospari Forms Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VO Store Locator-WP Store Locator Unspecified Vulnerability (3.2.14)
|
|
|
High
|
|
WordPress Plugin Votecount for Balatarin Cross-Site Scripting (0.1.1)
|
CVE-2014-4572
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin VR Calendar Cross-Site Request Forgery (2.3.3)
|
CVE-2022-3852
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin VRView Cross-Site Scripting (1.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin vSlider Multi Image Slider for WordPress Arbitrary File Upload (4.1.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin vSlider Multi Image Slider for WordPress Multiple Vulnerabilities (4.1.2)
|
CVE-2023-25797
CWE-79
CWE-352
CWE-862
|
CWE-79
CWE-352
CWE-862
|
High
|
|
WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue Cross-Site Request Forgery (3.4.31)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue Unspecified Vulnerability (4.0.2)
|
|
|
High
|
|
WordPress Plugin W3 Total Cache Arbitrary File Disclosure (0.9.3)
|
CVE-2019-6715
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin W3 Total Cache Backdoor (0.9.2.2)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin W3 Total Cache Information Disclosure (0.9.2.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin W3 Total Cache Multiple Unspecified Vulnerabilities (0.9.5.1)
|
|
|
High
|
|
WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4)
|
CVE-2014-8724
CVE-2014-9414
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4.1)
|
CWE-73
CWE-79
CWE-94
CWE-200
CWE-305
CWE-400
CWE-434
CWE-918
|
CWE-73
CWE-79
CWE-94
CWE-200
CWE-305
CWE-400
CWE-434
CWE-918
|
High
|
|
WordPress Plugin W3 Total Cache PHP Code Injection (0.9.2.8)
|
CVE-2013-2010
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin W3 Total Cache Server-Side Request Forgery (0.9.7.3)
|
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin W3SCloud Contact Form 7 to Zoho CRM Cross-Site Scripting (1.1.2)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin W4 Post List Cross-Site Scripting (2.4.4)
|
CVE-2023-27413
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin W4 Post List Multiple Vulnerabilities (2.4.5)
|
CVE-2023-0374
CVE-2023-1371
CVE-2023-1373
CWE-79
CWE-200
|
CWE-79
CWE-200
|
High
|
|
WordPress Plugin WA Form Builder SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Waitlist Woocommerce (Back in stock notifier) Cross-Site Request Forgery (2.5.1)
|
CVE-2022-0215
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Walk Score Multiple Cross-Site Scripting Vulnerabilities (0.5.5)
|
CVE-2014-4573
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wallable-Social Networking Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WangGuard Cross-Site Scripting (1.7.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WangGuard Multiple Vulnerabilities (1.7.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WappPress-Create Mobile App for any WordPress site with our Mobile App Builder in just 1 minute Arbitrary File Upload (5.0.3)
|
CVE-2023-49815
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Warranties and Returns for WooCommerce Security Bypass (5.2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WassUp Real Time Analytics 'spy.php' SQL Injection (1.4.3)
|
CVE-2008-0520
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WassUp Real Time Analytics Cross-Site Scripting (1.8.3)
|
CVE-2012-2633
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WassUp Real Time Analytics Cross-Site Scripting (1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WassUp Real Time Analytics Unspecified Vulnerability (1.7.2)
|
|
|
High
|
|
WordPress Plugin WatchMan-Site7 Cross-Site Request Forgery (3.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WatchTowerHQ Privilege Escalation (3.6.16)
|
CVE-2023-25701
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin WatchTowerHQ Security Bypass (3.6.15)
|
CVE-2022-44583
CVE-2022-44584
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WatuPRO Multiple Vulnerabilities (4.8.8.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WatuPRO SQL Injection (5.5.3.6)
|
CVE-2017-9834
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Watu Quiz Cross-Site Scripting (2.4.9)
|
CVE-2014-8804
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Watu Quiz Cross-Site Scripting (3.1.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Watu Quiz Cross-Site Scripting (3.1.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.8.1)
|
CVE-2023-0428
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.8.2)
|
CVE-2023-0429
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9)
|
CVE-2023-0968
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9.2)
|
CVE-2023-30483
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Watu Quiz Unspecified Vulnerability (2.6)
|
|
|
High
|
|
WordPress Plugin Wbcom Designs-BuddyPress Group Reviews Security Bypass (2.8.3)
|
CVE-2022-2108
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WBW Currency Switcher for WooCommerce Cross-Site Scripting (1.6.5)
|
CVE-2022-2575
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WC Duplicate Order Security Bypass (1.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WC Duplicate Order Unspecified Vulnerability (1.3)
|
|
|
High
|
|
WordPress Plugin WCFM-Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible SQL Injection (6.5.11)
|
CVE-2021-24835
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WCFM-Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible Unspecified Vulnerability (6.5.12)
|
|
|
High
|
|
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Cross-Site Request Forgery (2.9.10)
|
CVE-2022-4941
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Insecure Direct Object Reference (2.10.7)
|
CVE-2023-2276
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Privilege Escalation (2.10.0)
|
CVE-2022-4939
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Request Forgery (1.3.3)
|
CVE-2021-24683
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Scripting (1.3.5)
|
CVE-2021-24709
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Weather for us-animated weather widget Crypto Mining (1.8)
|
CWE-829
|
CWE-829
|
High
|
|
WordPress Plugin Weaver Show Posts Cross-Site Scripting (1.6)
|
CVE-2023-1404
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Weaver Xtreme Theme Support Cross-Site Scripting (6.2.6)
|
CVE-2023-0276
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Webapp builder (Free mobile apps native iPhone iOS & Android Winphone mobile apps) Arbitrary File Upload (2.0)
|
CVE-2017-1002002
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Web Application Firewall-website security Privilege Escalation (2.1.1)
|
CVE-2024-2172
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin Web Application Firewall-website security Unspecified Vulnerability (2.1.2)
|
|
|
High
|
|
WordPress Plugin WebARX Cross-Site Scripting (1.3.0)
|
CVE-2019-17213
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Web Directory Free SQL Injection (1.6.9)
|
CVE-2024-3552
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WebEngage Feedback, Survey and Notification Cross-Site Scripting (2.0.0)
|
CVE-2014-4574
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Web Forms for Vtiger wordpress Lead capture and Contacts Sync Unspecified Vulnerability (1.0.0)
|
|
|
High
|
|
WordPress Plugin WebHotelier for WordPress Cross-Site Scripting (1.5)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Web Invoice-Invoicing and billing for WordPress Multiple SQL Injection Vulnerabilities (2.1.3)
|
CVE-2022-4371
CVE-2022-4372
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WebLibrarian Cross-Site Scripting (3.4.8.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WebLibrarian Multiple Unspecified Vulnerabilities (2.6.3.1)
|
|
|
High
|
|
WordPress Plugin WebLibrarian SQL Injection (3.5.4)
|
CVE-2019-1010034
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Webmention Cross-Site Scripting (4.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WebP Converter for Media Cross-Site Request Forgery (1.0.2)
|
CVE-2019-15834
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WebP Express Arbitrary File Disclosure (0.14.10)
|
CVE-2019-15330
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin WebP Express Cross-Site Scripting (0.14.4)
|
CVE-2019-15837
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WebP Express Unspecified Vulnerability (0.14.21)
|
|
|
High
|
|
WordPress Plugin Websimon Tables Cross-Site Scripting (1.3.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Website FAQ 'website-faq-widget.php' SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Web Stories Server-Side Request Forgery (1.24.0)
|
CVE-2022-3708
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin Web to Print Online Designer Security Bypass (2.3.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Web Tripwire Arbitrary File Upload (0.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Wechat Broadcast Local/Remote File Inclusion (1.2.0)
|
CVE-2018-16283
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin Wechat Reward Cross-Site Request Forgery (1.7)
|
CVE-2021-24615
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Weekly Schedule Cross-Site Scripting (3.4.2)
|
CVE-2021-24309
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress CSV Injection (1.4.7)
|
CVE-2020-22276
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress CSV Injection (1.6.3)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress Supply Chain Attack [Polyfill.io] (1.6.23)
|
CWE-1372
|
CWE-1372
|
High
|
|
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress Unspecified Vulnerability (1.5.3)
|
|
|
High
|
|
WordPress Plugin Welcart e-Commerce Cross-Site Scripting (2.2.3)
|
CVE-2021-20734
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Welcart e-Commerce Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.2.1)
|
CVE-2012-5177
CVE-2012-5178
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Welcart e-Commerce Information Disclosure (2.2.7)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Welcart e-Commerce Multiple SQL Injection Vulnerabilities (1.5.2)
|
CVE-2015-7791
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.3.12)
|
CVE-2014-10016
CVE-2014-10017
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.4.17)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.8.2)
|
CVE-2016-4825
CVE-2016-4826
CVE-2016-4827
CVE-2016-4828
CWE-20
CWE-79
CWE-287
|
CWE-20
CWE-79
CWE-287
|
High
|
|
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.3)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.9)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.35)
|
CVE-2020-28339
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Welcart e-Commerce SQL Injection (2.0.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Welcome Announcement Multiple Cross-Site Scripting Vulnerabilities (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin We�re Open! Cross-Site Scripting (1.41)
|
CVE-2022-3139
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WF Cookie Consent Cross-Site Scripting (1.1.3)
|
CVE-2018-10371
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin White Label CMS Cross-Site Request Forgery (1.5)
|
CVE-2012-5387
CVE-2012-5388
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin White Label CMS Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin White Label CMS Cross-Site Scripting (2.2.8)
|
CVE-2022-0422
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin White Label CMS PHP Object Injection (2.4)
|
CVE-2022-4302
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WHIZZ Cross-Site Request Forgery (1.1)
|
CVE-2017-8099
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WHIZZ Cross-Site Scripting (1.0.7)
|
CVE-2016-1000154
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WHMCS Bridge Cross-Site Scripting (6.2)
|
CVE-2021-4074
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WHOIS 'domain' Parameter Cross-Site Scripting (1.4.2.2)
|
CVE-2011-5194
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wholesale Market Arbitrary File Download (2.2.0)
|
CVE-2022-4298
CWE-552
|
CWE-552
|
High
|
|
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.6)
|
CVE-2022-4106
CWE-552
|
CWE-552
|
High
|
|
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7)
|
CVE-2022-4108
CWE-552
|
CWE-552
|
High
|
|
WordPress Plugin Wholesale Market for WooCommerce Directory Traversal (1.0.8)
|
CVE-2022-4109
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WH Testimonials Cross-Site Scripting (3.0.0)
|
CVE-2023-1372
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WhyDoWork AdSense Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.2)
|
CVE-2014-9099
CVE-2014-9100
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Widget Control Powered By Everyblock Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Widget for Facebook Page Feeds Cross-Site Scripting (5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Widget Logic Cross-Site Request Forgery (5.9.0)
|
CVE-2019-12826
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Widget Logic Cross-Site Request Forgery (5.10.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Widget Settings Importer/Exporter Cross-Site Scripting (1.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Widgets for SiteOrigin Security Bypass (1.4.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Widgets for SiteOrigin Unspecified Vulnerability (1.4.4)
|
|
|
High
|
|
WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7)
|
CVE-2022-4661
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Widget Shortcode Cross-Site Scripting (0.3.5)
|
CVE-2022-4473
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Widgets on Pages Cross-Site Scripting (1.6.0)
|
CVE-2022-4488
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WikiPop Cross-Site Scripting (2.0)
|
CVE-2014-4575
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Windows Desktop and iPhone Photo Uploader Arbitrary File Upload (1.8)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Windsor Strava Athlete Unspecified Vulnerability (1.3.5)
|
|
|
High
|
|
WordPress Plugin Wise Agent Lead Capture Forms Cross-Site Scripting (1.0)
|
CVE-2021-38335
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wise Chat CSV Injection (2.8.3)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Wise Chat Open Redirect (2.6.3)
|
CVE-2019-6780
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WishList Member X Remote Code Execution (3.25.1)
|
CVE-2024-37109
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WishList Member X SQL Injection (3.25.1)
|
CVE-2024-37112
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WL Katalogsok PHP Object Injection (3.5.4)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WM Simple Captcha Security Bypass (2.0.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WolfNet IDX for WordPress Multiple Unspecified Vulnerabilities (1.14.7)
|
|
|
High
|
|
WordPress Plugin Wonder PDF Embed Cross-Site Scripting (1.6)
|
CVE-2021-24541
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WonderPlugin Audio Player Multiple Vulnerabilities (2.0)
|
CVE-2015-2199
CVE-2015-2218
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Wonder Video Embed Cross-Site Scripting (1.7)
|
CVE-2021-24540
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce-GloBee Payment Gateway Security Bypass (1.1.1)
|
CVE-2018-20782
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Woocommerce-Recent Purchases Local File Inclusion (1.0.1)
|
CVE-2024-35634
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WooCommerce-Store Exporter CSV Injection (2.3.1)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin WooCommerce-Store Exporter Multiple Cross-Site Scripting Vulnerabilities (1.7.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce-Store Exporter Privilege Escalation (1.8.3)
|
CVE-2016-10935
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce-Store Toolkit Privilege Escalation (1.5.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce-Store Toolkit Privilege Escalation (1.5.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Address Book Cross-Site Request Forgery (1.5.6)
|
CVE-2019-15770
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Admin Security Bypass (2.6.3)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WooCommerce Affiliate-Coupon Affiliates Cross-Site Request Forgery (4.11.3.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Affiliate-Coupon Affiliates Cross-Site Scripting (4.11.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Woocommerce Aliexpress Dropshipping Lite PHP Object Injection (1.0.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce Amazon Affiliates Multiple Vulnerabilities (8.0)
|
CWE-434
CWE-538
|
CWE-434
CWE-538
|
High
|
|
WordPress Plugin WooCommerce Anti-Fraud Security Bypass (3.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Arbitrary File Deletion (3.4.5)
|
CVE-2018-20714
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin WooCommerce Arbitrary File Download (3.4.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin WooCommerce Blocks Security Bypass (3.7.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Blocks SQL Injection (5.5.0)
|
CVE-2021-32789
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WooCommerce BuddyPress Integration Security Bypass (3.2.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce BuddyPress Integration Unspecified Vulnerability (3.2.6.1)
|
|
|
High
|
|
WordPress Plugin WooCommerce Cart Expiration PHP Object Injection (0.1.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce Catalog Enquiry Arbitrary File Upload (3.0.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Woocommerce Categories in gallery format Cross-Site Scripting (1.0.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Woocommerce Category Banner Management Security Bypass (1.1.1)
|
CVE-2018-11579
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Checkout For Digital Goods Cross-Site Request Forgery (2.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Checkout Manager Arbitrary File Upload (4.2.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WooCommerce Checkout Manager Cross-Site Request Forgery (4.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Checkout Manager Multiple Unspecified Vulnerabilities (3.6.9)
|
|
|
High
|
|
WordPress Plugin WooCommerce Conversion Tracking Cross-Site Request Forgery (2.0.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Cross-Seller Unspecified Vulnerability (1.0.2)
|
|
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Request Forgery (2.2.2)
|
CVE-2014-6313
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Request Forgery (3.6.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (2.0.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (2.0.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (2.2.10)
|
CVE-2015-2069
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (2.4.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (2.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (2.6.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (2.6.8)
|
CVE-2016-10112
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (3.4.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (3.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (3.5.4)
|
CVE-2019-9168
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (5.1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Cross-Site Scripting (8.9.2)
|
CVE-2024-37297
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Woocommerce CSV importer Arbitrary File Deletion (3.3.6)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Woocommerce CSV importer Unspecified Vulnerability (3.4.0)
|
|
|
High
|
|
WordPress Plugin WooCommerce Customers Manager Multiple Vulnerabilities (26.5)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Customers Manager Privilege Escalation (26.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Customers Manager Unspecified Vulnerability (26.6)
|
|
|
High
|
|
WordPress Plugin WooCommerce Dynamic Pricing & Discounts Multiple Vulnerabilities (2.4.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Email Test Information Disclosure (1.5)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WooCommerce Enhanced Ecommerce Analytics Integration with Conversion Tracking Multiple Vulnerabilities (1.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WooCommerce EnvioPack Cross-Site Scripting (1.2)
|
CVE-2021-39314
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Export Orders and More Cross-Site Scripting (2.0.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Extra Product Options Multiple Vulnerabilities (4.5.3)
|
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin WooCommerce Help Scout Arbitrary File Upload (2.9)
|
CVE-2021-24212
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WooCommerce HTML Injection (6.5.1)
|
CVE-2022-2099
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Information Disclosure (4.5.2)
|
CVE-2020-29156
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WooCommerce Instamojo Cross-Site Scripting (0.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Multi Currency-Currency Switcher Security Bypass (2.1.17)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Multilingual-run WooCommerce with WPML Multiple Unspecified Vulnerabilities (3.5.4)
|
|
|
High
|
|
WordPress Plugin WooCommerce Multiple Vulnerabilities (2.3.5)
|
CVE-2015-2329
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WooCommerce Multiple Vulnerabilities (6.2.0)
|
CVE-2022-0775
CWE-22
CWE-863
|
CWE-22
CWE-863
|
High
|
|
WordPress Plugin WooCommerce Object Injection (2.3.10)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce OpenPOS Arbitrary File Deletion (6.4.4)
|
CVE-2024-37932
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin WooCommerce OpenPOS SQL Injection (6.4.4)
|
CVE-2024-37933
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WooCommerce Open Redirect (3.7.0)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Woocommerce Payment Gateway per Category Cross-Site Scripting (2.0.10)
|
CVE-2021-38341
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Payments-Fully Integrated Solution Built and Supported by Woo Security Bypass (5.6.1)
|
CVE-2023-28121
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin WooCommerce PayPal Checkout Payment Gateway Parameter Tampering (1.6.8)
|
CVE-2019-7441
CWE-472
|
CWE-472
|
High
|
|
WordPress Plugin WooCommerce PayPlug Unspecified Vulnerability (3.1.0)
|
|
|
High
|
|
WordPress Plugin WooCommerce PayU India (PayUmoney-PayUbiz) Parameter Tampering (2.1.1)
|
CVE-2019-14978
CWE-472
|
CWE-472
|
High
|
|
WordPress Plugin WooCommerce PDF Invoice Bulk Download Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce PDF Invoices & Packing Slips Cross-Site Request Forgery (2.2.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce PDF Invoices & Packing Slips Cross-Site Scripting (2.0.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce PDF Vouchers-Ultimate Gift Cards Security Bypass (4.9.3)
|
CVE-2024-7027
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin WooCommerce PDF Vouchers-Ultimate Gift Cards Unspecified Vulnerability (4.9.4)
|
|
|
High
|
|
WordPress Plugin WooCommerce PHP Object Injection (3.1.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce PHP Object Injection (3.2.3)
|
CVE-2017-18356
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce Possible Remote Code Execution (3.4.5)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WooCommerce Possible Remote Code Execution (3.5.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WooCommerce Potential PHP Object Injection (3.4.4)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce Predictive Search Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Privilege Escalation (3.5.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Product Attachment Cross-Site Scripting (1.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Woocommerce Product Designer Arbitrary File Upload (3.0.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WooCommerce Product Feed for Google, Facebook, eBay and Many More Cross-Site Request Forgery (1.5.24)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Product Feed for Google, Facebook, eBay and Many More Cross-Site Request Forgery (1.5.26)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Product Feed for Google, Facebook, eBay and Many More Cross-Site Scripting (3.1.14)
|
CVE-2019-1010124
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Product Feed for Google, Facebook, eBay and Many More Security Bypass (2.2.26)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Product Feed Manager Security Bypass (2.2.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Woocommerce Products Price Bulk Edit Cross-Site Scripting (2.2.0)
|
CVE-2019-14796
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Product Table Lite Cross-Site Scripting (2.3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Product Vendors Cross-Site Scripting (2.0.35)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Quick Reports Cross-Site Scripting (1.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Remote Code Execution (4.0.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WooCommerce SagePay Direct Payment Gateway Multiple Cross-Site Scripting Vulnerabilities (0.1.6.6)
|
CVE-2014-4549
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Salesforce Integration Cross-Site Scripting (1.5.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Save For Later Cart Enhancement PHP Object Injection (1.0.6)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce Security Bypass (2.1.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Security Bypass (4.6.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Security Bypass (5.6.0)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WooCommerce Security Bypass (6.3.0)
|
CWE-863
|
CWE-863
|
High
|
|
WordPress Plugin WooCommerce Smart Coupons Security Bypass (4.6.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Social Login PHP Object Injection (2.6.2)
|
CVE-2024-5871
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce Social Login PHP Object Injection (2.6.3)
|
CVE-2024-37502
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WooCommerce Social Login Privilege Escalation (2.7.3)
|
CVE-2024-6636
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WooCommerce SQL Injection (5.5.0)
|
CVE-2021-32790
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WooCommerce Stock Manager Cross-Site Request Forgery (2.5.7)
|
CVE-2021-34619
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Stock Manager Security Bypass (1.0.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Subscriptions Cross-Site Scripting (2.6.2)
|
CVE-2019-18834
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooCommerce Unspecified Vulnerability (3.5.3)
|
|
|
High
|
|
WordPress Plugin WooCommerce Unspecified Vulnerability (3.9.1)
|
|
|
High
|
|
WordPress Plugin WooCommerce Unspecified Vulnerability (4.2.0)
|
|
|
High
|
|
WordPress Plugin WooCommerce Upload Files Arbitrary File Upload (59.3)
|
CVE-2021-24171
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WooCommerce Upload My File Cross-Site Request Forgery (0.3.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Woocommerce User Email Verification Security Bypass (3.3.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WooCommerce Weight Based Shipping Cross-Site Request Forgery (5.4.1)
|
CVE-2022-46794
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WooCommerce Zoho Integration-CRM, Books, Invoice, Inventory Cross-Site Scripting (1.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7)
|
CVE-2021-24938
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7.2)
|
CVE-2021-25043
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7.4)
|
CVE-2022-0234
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Local File Inclusion (1.3.6.2)
|
CVE-2021-24566
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin Woo Custom Checkout Field Multiple Vulnerabilities (1.3.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Cross-Site Request Forgery (2.3.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Cross-Site Scripting (2.2.7)
|
CVE-2019-16289
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Multiple Vulnerabilities (2.2.4)
|
CVE-2019-15858
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Security Bypass (2.2.5)
|
CVE-2019-14773
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Woo Email Control Cross-Site Scripting (1.01)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Woo Import Export Arbitrary File Deletion (1.0)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin WooPay-Inicis Cross-Site Scripting (1.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Woopra Analytics Arbitrary File Upload (1.4.3.1)
|
CVE-2009-4140
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Woosaleskit Bar Cross-Site Scripting (1.0.0)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WooSidebars Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordable Security Bypass (3.1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordApp Mobile App-Convert your WordPress Site to a Mobile App Cross-Site Scripting (2.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Word Balloon Cross-Site Scripting (4.19.2)
|
CVE-2022-4751
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (3.3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (3.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (3.8.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (5.1.2)
|
CVE-2014-4664
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (5.1.4)
|
CVE-2014-4932
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (5.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (6.0.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (6.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (7.6.0)
|
CVE-2022-3144
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (5.2.3)
|
CWE-79
CWE-693
|
CWE-79
CWE-693
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (5.2.4)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (7.1.12)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin Wordfence Security-Firewall & Malware Scan Unspecified Vulnerability (5.3.2)
|
|
|
High
|
|
WordPress Plugin WordLift-AI powered SEO-Schema Cross-Site Scripting (3.37.1)
|
CVE-2022-3069
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Word of the day Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPoints Multiple Vulnerabilities (1.7.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPoints Multiple Vulnerabilities (1.10.2)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WordPress+Microsoft Office 365/Azure AD-LOGIN Cross-Site Scripting (15.3)
|
CVE-2021-43409
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress+Microsoft Office 365/Azure AD-LOGIN Unspecified Vulnerability (11.6)
|
CVE-2020-26511
|
|
High
|
|
WordPress Plugin WordPress-Amazon-Associate (WPAA) Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress-Amazon-Associate (WPAA) Multiple Cross-Site Scripting Vulnerabilities (1.7.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress.com Custom CSS Cross-Site Scripting (1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Access Areas Security Bypass (1.3.0)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WordPress Advanced Ticket System, Elite Support Helpdesk Cross-Site Scripting (1.0.63)
|
CVE-2021-24623
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Ad Widget Local File Inclusion (2.11.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WordPress Affiliates-SliceWP Cross-Site Scripting (1.0.45)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Alipay/Tenpay/PayPal Cross-Site Scripting (3.6.0)
|
CVE-2014-4514
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Alipay/Tenpay/PayPal SQL Injection (3.7.2)
|
CVE-2021-24390
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Appointment Booking and Online Scheduling by Appointy Cross-Site Scripting (2.40)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Appointment Schedule Booking System Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Automatic 'q' Parameter SQL Injection (2.0.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Automatic Security Bypass (3.53.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Automatic SQL Injection (3.92.0)
|
CVE-2024-27956
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Backend Customizer-Everest Admin Theme Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin WordPress Backup and Migrate-Backup Guard Arbitrary File Upload (1.0.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Backup and Migrate-Backup Guard Arbitrary File Upload (1.5.9)
|
CVE-2021-24155
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Backup and Migrate-Backup Guard Cross-Site Request Forgery (1.1.90)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Backup and Migrate-Backup Guard Cross-Site Scripting (1.1.46)
|
CVE-2017-10837
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Backup and Migrate-Backup Guard Multiple Unspecified Vulnerabilities (1.1.29)
|
|
|
High
|
|
WordPress Plugin WordPress Backup and Migrate-Backup Guard Multiple Unspecified Vulnerabilities (1.1.32)
|
|
|
High
|
|
WordPress Plugin WordPress Backup and Migrate-Backup Guard Unspecified Vulnerability (1.0.6)
|
|
|
High
|
|
WordPress Plugin WordPress Backup to Dropbox Cross-Site Scripting (4.0)
|
CVE-2014-9310
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Backup to Dropbox Information Disclosure (4.7.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WordPress Backup to Ziddu Cross-Site Scripting (1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Bitcoin Payments-Blockonomics Cross-Site Scripting (3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Bitcoin Payments-Blockonomics Cross-Site Scripting (3.5.7)
|
CVE-2022-47145
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Book List Arbitrary File Upload (5.0.11)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Books Gallery Cross-Site Request Forgery (4.4.8)
|
CVE-2023-23705
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Books Gallery Security Bypass (3.5)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WordPress Books Gallery Unspecified Vulnerability (4.4.1)
|
|
|
High
|
|
WordPress Plugin WordPress Button Plugin MaxButtons Cross-Site Scripting (1.26.0)
|
CVE-2014-7181
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Button Plugin MaxButtons Cross-Site Scripting (6.18)
|
CVE-2017-2169
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Button Plugin MaxButtons Multiple Cross-Site Scripting Vulnerabilities (1.36)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Button Plugin MaxButtons Security Bypass (1.19.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Calls to Action Cross-Site Scripting (2.2.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Calls to Action Multiple Cross-Site Scripting Vulnerabilities (2.5.0)
|
CVE-2015-8350
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Calls to Action Multiple Vulnerabilities (2.3.7)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPress Calls to Action Unspecified Vulnerability (2.3.1)
|
|
|
High
|
|
WordPress Plugin WordPress Calls to Action Unspecified Vulnerability (2.3.5)
|
|
|
High
|
|
WordPress Plugin WordPress Clean Up & Optimizer-Clean Up Optimizer Multiple Unspecified Vulnerabilities (4.0.12)
|
|
|
High
|
|
WordPress Plugin WordPress Clean Up & Optimizer-Clean Up Optimizer SQL Injection (3.0.13)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Colorbox Lightbox Cross-Site Scripting (1.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Comment Rating Cross-Site Scripting (1.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Comments Import & Export Cross-Site Request Forgery (2.1.10)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Comments Import & Export CSV Injection (2.0.4)
|
CVE-2018-11526
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin WordPress Connect Cross-Site Scripting (2.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Console Security Bypass (0.3.9)
|
CVE-2023-28168
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WordPress Contact Forms by Cimatti Cross-Site Scripting (1.4.11)
|
CVE-2021-24744
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Content Slide Multiple Vulnerabilities (1.4.2)
|
CVE-2013-2708
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Wordpress Countdown Widget Cross-Site Scripting (3.1.9.2)
|
CVE-2022-2944
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Custom Global Variable Unspecified Vulnerability (3.0.0)
|
|
|
High
|
|
WordPress Plugin WordPress Custom Settings Cross-Site Scripting (1.0)
|
CVE-2023-23806
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager 'cid' Parameter Cross-Site Scripting (2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Arbitrary File Upload (2.8.97)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.8.99)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.9.60)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (3.2.12)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.5.8)
|
CVE-2013-7319
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.7.94)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)
|
CVE-2017-18032
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.86)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.93)
|
CVE-2019-15889
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Scripting (3.2.15)
|
CVE-2021-24773
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Cross-Site Scripting (3.2.21)
|
CVE-2021-24969
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Download Manager Directory Traversal (2.6.95)
|
CVE-2014-8585
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WordPress Download Manager Multiple Security Bypass Vulnerabilities (2.6.92)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (2.8.7)
|
CWE-264
CWE-538
|
CWE-264
CWE-538
|
High
|
|
WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (2.9.49)
|
CVE-2017-2216
CVE-2017-2217
CWE-79
CWE-601
|
CWE-79
CWE-601
|
High
|
|
WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (3.1.24)
|
CVE-2021-34638
CVE-2021-34639
CWE-22
CWE-434
|
CWE-22
CWE-434
|
High
|
|
WordPress Plugin WordPress Download Manager Open Redirect (2.9.50)
|
CVE-2017-2217
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WordPress Download Manager Remote Code Execution (2.7.4)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WordPress Download Manager Security Bypass (2.7.2)
|
CVE-2014-9260
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Download Manager Unspecified Vulnerability (2.9.96)
|
|
|
High
|
|
WordPress Plugin WordPress Download Manager Unspecified Vulnerability (3.1.18)
|
|
|
High
|
|
WordPress Plugin WordPress Easy Custom Js And Css Cross-Site Scripting (1.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Email Marketing-WP Email Capture Multiple Vulnerabilities (3.9.3)
|
CVE-2023-23723
CVE-2023-23724
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPress Email Template Designer-WP HTML Mail Cross-Site Request Forgery (3.0.6)
|
CVE-2021-20779
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Email Template Designer-WP HTML Mail Cross-Site Scripting (3.0.9)
|
CVE-2022-0218
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Email Template Designer-WP HTML Mail HTML Injection (2.9.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Facebook Multiple Cross-Site Scripting Vulnerabilities (1.0.10)
|
CVE-2015-1582
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Facebook SQL Injection (1.0.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Facebook SQL Injection (1.0.13)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress fancyBox Lightbox Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress File Monitor Cross-Site Scripting (2.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress File Upload Arbitrary File Upload (3.4.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress File Upload Arbitrary File Upload (3.8.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress File Upload Cross-Site Request Forgery (2.4.1)
|
CVE-2014-5199
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress File Upload Cross-Site Scripting (4.3.2)
|
CVE-2018-9172
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress File Upload Cross-Site Scripting (4.3.3)
|
CVE-2018-9844
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress File Upload Directory Traversal (4.12.2)
|
CVE-2020-10564
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WordPress File Upload Multiple Unspecified Vulnerabilities (3.10.0)
|
|
|
High
|
|
WordPress Plugin WordPress File Upload Multiple Vulnerabilities (2.7.6)
|
CWE-79
CWE-200
CWE-352
CWE-434
|
CWE-79
CWE-200
CWE-352
CWE-434
|
High
|
|
WordPress Plugin WordPress Filter Gallery Cross-Site Scripting (0.1.5)
|
CVE-2022-4142
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Filter Gallery Security Bypass (0.0.6)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WordPress Firewall 2 Multiple Vulnerabilities (1.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPress Form Customizer-CF7 Customizer Cross-Site Scripting (1.6.1)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordpress Forms Multiple Vulnerabilities (0.2.7.1)
|
CWE-434
CWE-915
|
CWE-434
CWE-915
|
High
|
|
WordPress Plugin WordPress Framework Possible Backdoor (1.0)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin WordPress Gallery-NextGEN Gallery Cross-Site Request Forgery (3.28)
|
CVE-2022-38468
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Gallery Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Gallery MaxGalleria Unspecified Vulnerability (6.0.8)
|
|
|
High
|
|
WordPress Plugin WordPress Geo-CF Geo Cross-Site Scripting (7.13.11)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Arbitrary File Upload (2.8.1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Cross-Site Scripting (5.6.0.2)
|
CVE-2022-4466
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Directory Traversal (5.5.4)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Multiple Vulnerabilities (5.5.3)
|
CVE-2022-2433
CVE-2022-2943
CVE-2022-2945
CWE-22
CWE-352
CWE-538
|
CWE-22
CWE-352
CWE-538
|
High
|
|
WordPress Plugin WordPress Infinite Scroll-Ajax Load More SQL Injection (5.3.1)
|
CVE-2021-24140
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Unspecified Vulnerability (2.11.0)
|
|
|
High
|
|
WordPress Plugin WordPress InviteBox for viral Refer-a-Friend Promotions Cross-Site Scripting (1.4.1)
|
CVE-2021-38359
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Landing Page-Squeeze Page-Responsive Landing Page Builder Free-WP Lead Plus X Multiple Vulnerabilities (0.98)
|
CVE-2020-11508
CVE-2020-11509
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPress Landing Pages Cross-Site Scripting (1.8.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Landing Pages Cross-Site Scripting (1.8.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Landing Pages Cross-Site Scripting (2.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Landing Pages Multiple Unspecified Vulnerabilities (1.7.8)
|
|
|
High
|
|
WordPress Plugin WordPress Landing Pages Multiple Vulnerabilities (1.8.4)
|
CVE-2015-4064
CVE-2015-4065
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WordPress Landing Pages Remote Code Execution (1.9.0)
|
CVE-2015-5227
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WordPress Landing Pages SQL Injection (1.2.1)
|
CVE-2013-6243
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (1.8.1)
|
|
|
High
|
|
WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.0.2)
|
|
|
High
|
|
WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.2.6)
|
|
|
High
|
|
WordPress Plugin WordPress Leads Cross-Site Scripting (1.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Leads Unspecified Vulnerability (1.6.8)
|
|
|
High
|
|
WordPress Plugin WordPress Mega Menu-QuadMenu Remote Code Execution (2.0.6)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Wordpress Membership SwiftCloud.io SQL Injection (1.0)
|
CVE-2021-24392
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Request Forgery (1.2.7.2)
|
CVE-2021-20781
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Meta Data and Taxonomies Filter (MDTF) PHP Object Injection (1.2.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WordPress Meta Robots SQL Injection (2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Mobile app Builder-Convert WordPress site to native mobile apps Arbitrary File Upload (1.05)
|
CVE-2017-1002001
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Mobile Pack Information Disclosure (2.0.1)
|
CVE-2014-5337
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Mobile Pack Information Disclosure (2.1.2)
|
CVE-2015-9269
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WordPress OpenID Connect Client Cross-Site Scripting (2.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Page Contact SQL Injection (1.0)
|
CVE-2021-24403
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Payments-GetPaid Cross-Site Scripting (2.3.3)
|
CVE-2021-24369
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress PDF Light Viewer Command Injection (1.4.11)
|
CVE-2021-24684
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WordPress Photo Gallery-Image Gallery Cross-Site Request Forgery (1.0.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Photo Gallery by Gallery Bank Cross-Site Scripting (3.0.69)
|
CVE-2014-8758
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Photo Gallery by Gallery Bank Cross-Site Scripting (3.0.228)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Photo Gallery by Gallery Bank Multiple Cross-Site Scripting Vulnerabilities (2.0.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.101)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.229)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (3.1.26)
|
|
|
High
|
|
WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (4.0.48)
|
|
|
High
|
|
WordPress Plugin Wordpress Picture/Portfolio/Media Gallery Server-Side Request Forgery (3.0.1)
|
CVE-2024-5021
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin WordPress Ping Optimizer Cross-Site Request Forgery (2.35.1.2.3)
|
CVE-2022-1591
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Poll Cross-Site Request Forgery (34.05)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Poll Multiple SQL Injection and Security Bypass Vulnerabilities (34.04)
|
CVE-2013-1400
CVE-2013-1401
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
WordPress Plugin WordPress Poll Multiple SQL Injection Vulnerabilities (33.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Poll Multiple Unspecified Vulnerabilities (35.0)
|
|
|
High
|
|
WordPress Plugin Wordpress Poll SQL Injection (36)
|
CVE-2020-24315
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (3.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.3)
|
CVE-2021-36872
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Popular Posts Multiple Vulnerabilities (5.3.2)
|
CVE-2021-20746
CVE-2021-42362
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin WordPress Popular Posts TimThumb Arbitrary File Upload (2.1.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Cross-Site Scripting (2.6.0)
|
CVE-2021-39325
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Security Bypass (1.1.4.5)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Security Bypass (2.6.4)
|
CVE-2021-39341
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Portfolio and Gallery-GridKit Gallery Unspecified Vulnerability (1.8.18)
|
|
|
High
|
|
WordPress Plugin WordPress prettyPhoto Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Related Posts Cross-Site Request Forgery (2.6.1)
|
CVE-2013-3476
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Related Posts Cross-Site Scripting (3.6.4)
|
CVE-2021-24211
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress renaming tool by Vlajo Arbitrary File Download (1.0)
|
CVE-2015-4703
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin WordPress Responsive Preview Cross-Site Scripting (1.1)
|
CVE-2014-4594
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Robots.txt optimization (+ XML Sitemap)-Website traffic, SEO & ranking Booster Cross-Site Request Forgery (1.4.5)
|
CVE-2023-25706
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Robots.txt optimization (+ XML Sitemap)-Website traffic, SEO & ranking Booster Security Bypass (1.2.5.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Robots.txt optimization (+ XML Sitemap)-Website traffic, SEO & ranking Booster Security Bypass (1.4.3)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WordPress Sentinel Multiple Vulnerabilities (1.0.0)
|
CVE-2011-5224
CVE-2011-5225
CVE-2011-5226
CWE-79
CWE-89
CWE-352
|
CWE-79
CWE-89
CWE-352
|
High
|
|
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Cross-Site Scripting (5.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Cross-Site Scripting (5.10.1)
|
CVE-2021-24525
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Directory Traversal (4.9.9)
|
CVE-2017-2245
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Multiple Vulnerabilities (4.9.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Unspecified Vulnerability (4.10.2)
|
|
|
High
|
|
WordPress Plugin WordPress Simple Ecommerce Shopping Cart-Sell products through Paypal Arbitrary File Upload (2.2.5)
|
CVE-2021-24620
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WordPress Simple Shop Cross-Site Scripting (1.2)
|
CVE-2021-38340
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Simple Shopping Cart Cross-Site Request Forgery (3.5)
|
CVE-2013-2705
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Simple Shopping Cart Cross-Site Scripting (4.6.1)
|
CVE-2022-4672
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Slider-WP 1 Slider includes Backdoor [Only if downloaded via the vendor website] (1.2.9)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin WordPress Slider Block Gutenslider Cross-Site Scripting (5.1.5)
|
CVE-2021-24640
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Cross-Site Request Forgery (7.1.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Multiple Vulnerabilities (7.5.14)
|
CVE-2023-23706
CVE-2023-23710
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.5.12)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.0)
|
CVE-2023-25455
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.4)
|
CVE-2023-2982
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Unspecified Vulnerability (5.1)
|
|
|
High
|
|
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Unspecified Vulnerability (7.2)
|
|
|
High
|
|
WordPress Plugin WordPress Social Login Cross-Site Scripting (2.0.3)
|
CVE-2014-4576
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Social Ring (Facebook Like, Google +1, ReTweet, LinkedIn and Pin It) Cross-Site Scripting (1.1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Multiple Cross-Site Scripting Vulnerabilities (7.8.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Security Bypass (7.10.6)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Security Bypass (7.12.37)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin WordPress Social Share Buttons & Analytics-GetSocial.io Cross-Site Request Forgery (4.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Social Stream Information Disclosure (1.6)
|
CWE-522
|
CWE-522
|
High
|
|
WordPress Plugin WordPress Social Stream Security Bypass (1.5.15)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll PHP Object Injection (1.5.5)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll SQL Injection (1.1.91)
|
CVE-2015-2090
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll Unspecified Vulnerability (1.5.8.5)
|
|
|
High
|
|
WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Cross-Site Request Forgery (4.4)
|
CVE-2019-5992
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Multiple Cross-Site Scripting Vulnerabilities (4.3.9.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wordpress Uninstall Cross-Site Request Forgery (1.2.1)
|
CVE-2015-9332
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress Users 'uid' Parameter SQL Injection (1.3)
|
CVE-2011-4669
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wordpress vertical image slider Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Cross-Site Request Forgery Vulnerabilities (2.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Vulnerabilities (2.3.1)
|
CVE-2014-9097
CVE-2014-9098
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WORDPRESS VIDEO GALLERY Open Email Relay (2.8)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.0)
|
CVE-2013-3478
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.7)
|
CVE-2015-2065
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Video Player Cross-Site Scripting (1.5.1)
|
CVE-2014-8584
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WordPress Video Player Multiple SQL Injection Vulnerabilities (1.5.16)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress Video Player Multiple Vulnerabilities (1.5.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WordPress WP-Advanced-Search Cross-Site Request Forgery (3.3.8)
|
CVE-2022-47447
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WordPress WP-Advanced-Search Remote Code Execution (3.3.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.6)
|
CVE-2020-12104
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Wordspew 'id' Parameter SQL Injection (1.16)
|
CVE-2008-0682
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.3.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.5.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin World of Warcraft-Armory Table Cross-Site Scripting (0.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin World Travel Information Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wow Forms-create any form with custom style SQL Injection (2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Wow Forms-create any form with custom style SQL Injection (3.1.3)
|
CVE-2021-24628
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Wow Moodboard Lite Open Redirect (1.1.1.1)
|
CVE-2015-4070
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WoWPth Cross-Site Scripting (2.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wow Viral Signups SQL Injection (2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wp-autosuggest SQL Injection (0.24)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Backgrounds Lite Cross-Site Request Forgery (2.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-Ban Cross-Site Scripting (1.69)
|
CVE-2022-4260
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Ban Security Bypass (1.63)
|
CVE-2014-6230
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WP-BlipBot Cross-Site Scripting (3.0.9)
|
CVE-2014-4580
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Board SQL Injection (1.1)
|
CVE-2021-24404
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wp-buddha-free-adwords Security Bypass (1.0.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP-Business Directory (wp-ttisbdir) Multiple Cross-Site Scripting Vulnerabilities (1.0.2)
|
CVE-2014-4599
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)
|
CVE-2008-0490
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wp-championship SQL Injection (5.8)
|
CVE-2015-5308
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Client Lite::Client Portals, File Sharing, Messaging & Invoicing Local File Inclusion (1.1.1)
|
CVE-2014-2383
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP-Contact Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CVE-2014-4583
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-CopyProtect [Protect your blog posts] Cross-Site Scripting (3.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Cron Dashboard Cross-Site Scripting (1.1.5)
|
CVE-2013-6991
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Cumulus 'tagcloud.swf' Cross-Site Scripting (1.22)
|
CVE-2009-4168
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Curriculo Vitae Free Arbitrary File Upload (6.3)
|
CVE-2021-24222
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Wp-D3 Cross-Site Request Forgery (2.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-DBManager 'wp-config.php' Arbitrary File Download (2.60)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP-DBManager Arbitrary File Deletion (2.79.1)
|
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin WP-DBManager Multiple Vulnerabilities (2.71)
|
CVE-2014-8334
CVE-2014-8335
CVE-2014-8336
CWE-95
CWE-200
|
CWE-95
CWE-200
|
High
|
|
WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)
|
CVE-2008-1646
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-DownloadManager Cross-Site Request Forgery (1.60)
|
CVE-2013-2697
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-DownloadManager Cross-Site Scripting (1.67)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wp-easybooking Cross-Site Scripting (1.0.3)
|
CVE-2014-4584
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-FaceThumb 'pagination_wp_facethumb' Parameter Cross-Site Scripting (0.1)
|
CVE-2012-2371
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-FaceThumb Cross-Site Scripting (1.0)
|
CVE-2014-4585
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-FB-AutoConnect Multiple Cross-Site Request Forgery Vulnerabilities (4.0.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-FeedStats de HTML Injection (2.3)
|
CVE-2007-4104
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Filebase Download Manager 'base' Parameter SQL Injection (0.2.9)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.1.02)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Filebase Download Manager Multiple Unspecified Vulnerabilities (0.2.9.24)
|
|
|
High
|
|
WordPress Plugin WP-Filebase Download Manager Remote Code Execution (0.3.0.03)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Wp-FileManager 'ajaxfilemanager.php' Arbitrary File Upload (1.2)
|
CVE-2008-0222
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin wp-FileManager Arbitrary File Disclosure (1.3.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin wp-football Multiple Cross-Site Scripting Vulnerabilities (1.1)
|
CVE-2014-4586
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Footnotes 'admin_panel.php' Multiple Remote Vulnerabilities (2.2)
|
CVE-2008-0691
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Forum 'forum_feed.php' SQL Injection (1.7.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Forum 'sendmail.php' SQL Injection (1.7.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Forum Multiple SQL Injection Vulnerabilities (1.7.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Forum Multiple SQL Injection Vulnerabilities (2.3)
|
CVE-2009-3703
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Forum SQL Injection (1.7.4)
|
CVE-2008-0388
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Forum SQL Injection (2.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-HR Manager:The Human Resources Unspecified Vulnerability (2.9.4)
|
|
|
High
|
|
WordPress Plugin Wp-ImageZoom 'file' Parameter Information Disclosure (1.0.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Wp-ImageZoom SQL Injection (1.0.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Wp-Insert Cross-Site Scripting (2.5.0)
|
CVE-2023-25461
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Invoice-Web Invoice and Billing Multiple Vulnerabilities (4.1.0)
|
CWE-200
CWE-264
|
CWE-200
CWE-264
|
High
|
|
WordPress Plugin WP-Lister Lite for Amazon Cross-Site Scripting (2.4.3)
|
CVE-2022-4369
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Lister Lite for Amazon Directory Traversal (0.9.6.35)
|
CVE-2017-1000170
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP-Lister Lite for eBay Cross-Site Scripting (2.0.8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Lister Lite for eBay Directory Traversal (2.0.20)
|
CVE-2017-1000170
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Arbitrary File Upload (8.0.31)
|
CVE-2019-11185
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Request Forgery (8.0.37)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (4.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (6.2.01)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (6.2.03)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (7.0.06)
|
CVE-2017-2187
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (7.1.04)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.05)
|
CVE-2018-9864
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.07)
|
CVE-2018-11105
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.17)
|
CVE-2018-18460
CVE-2019-9913
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.27)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.1.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Information Disclosure (8.0.28)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Multiple Vulnerabilities (4.3.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Remote Code Execution (7.0.01)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP-Live Chat by 3CX Security Bypass (8.0.32)
|
CVE-2019-12498
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin WP-Lytebox 'pg' Parameter Local File Inclusion (1.3)
|
CVE-2009-4672
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP-Matomo (WP-Piwik) Cross-Site Scripting (1.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Matomo (WP-Piwik) Cross-Site Scripting (1.0.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Matomo (WP-Piwik) Unspecified Vulnerability (1.0.18)
|
|
|
High
|
|
WordPress Plugin WP-Members Membership Cross-Site Request Forgery (3.2.7)
|
CVE-2019-15660
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-Members Membership Cross-Site Scripting (3.1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Members Membership Cross-Site Scripting (3.1.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Members Membership Cross-Site Scripting (3.1.7)
|
CVE-2017-2222
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Members Membership Cross-Site Scripting (3.4.9.2)
|
CVE-2024-1852
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Members Membership Multiple Cross-Site Scripting Vulnerabilities (2.8.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Members Membership Unspecified Vulnerability (3.1.9.2)
|
|
|
High
|
|
WordPress Plugin wp-microblogs Cross-Site Scripting (0.4.0)
|
CVE-2014-4590
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Mon Arbitrary File Disclosure (0.5.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin wp-mpdf Cross-Site Request Forgery (3.5.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-OliveCart Multiple Vulnerabilities (3.1.2)
|
CVE-2016-4903
CVE-2016-4904
CVE-2016-4905
CWE-79
CWE-89
CWE-352
|
CWE-79
CWE-89
CWE-352
|
High
|
|
WordPress Plugin WP-Optimize Multiple Vulnerabilities (1.8.9.9)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP-Paginate Cross-Site Scripting (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Paginate Cross-Site Scripting (2.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wp-picasa-image Cross-Site Scripting (1.0)
|
CVE-2014-4591
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Polls Cross-Site Scripting (2.60)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Polls Cross-Site Scripting (2.69)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Polls Cross-Site Scripting (2.73)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Polls SQL Injection (2.61)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Polls SQL Injection (2.71)
|
CVE-2015-9352
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-PostRatings '[ratings]' Shortcode SQL Injection (1.61)
|
CVE-2011-4646
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-PostRatings Cross-Site Scripting (1.50)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-PostRatings Cross-Site Scripting (1.86)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-PostRatings SQL Injection (1.83.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-PostViews Cross-Site Request Forgery (1.62)
|
CVE-2013-3252
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-Predict 'predictId' Parameter Blind SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Print Cross-Site Request Forgery (2.51)
|
CVE-2013-2693
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Wp-Pro-Quiz Cross-Site Request Forgery (0.37)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management Arbitrary File Upload (1.35.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management Information Disclosure (1.38.3.2)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management SQL Injection (1.36.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wp-publications Local File Inclusion (0.0)
|
CVE-2021-38360
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Cross-Site Scripting (16.24.47)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Security Bypass (16.26.6)
|
CVE-2024-1175
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More SQL Injection (16.26.5)
|
CVE-2024-32709
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-reCAPTCHA Cross-Site Scripting (3.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-reCAPTCHA HTML Injection and Cross-Site Request Forgery Vulnerabilities (2.9.8.2)
|
CVE-2011-0759
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP-RecentComments 'page' Parameter Cross-Site Scripting (2.0.6)
|
CVE-2012-1068
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-RecentComments Information Disclosure (2.2.7)
|
CVE-2023-23886
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP-RecentComments SQL Injection (2.0.7)
|
CVE-2012-1067
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-RESTful Multiple Cross-Site Scripting Vulnerabilities (0.1)
|
CVE-2014-4595
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-SendSMS Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-SpamFree Anti-Spam 'id' Parameter SQL Injection (3.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-SpamFree Anti-Spam Cross-Site Scripting (2.1.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Spreadplugin Cross-Site Scripting (3.8.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Spreadplugin Multiple Vulnerabilities (4.4.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP-Spreadshirt-Gallery Cross-Site Scripting (1.3)
|
CVE-2014-4553
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-StarsRateBox 'j' Parameter SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Stateless-Google Cloud Storage Remote Code Execution (2.2.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP-Stats 'author' Parameter SQL Injection (2.0)
|
CVE-2006-0238
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Stats-Dashboard Multiple Cross-Site Scripting Vulnerabilities (2.6.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Stats-Dashboard SQL Injection (2.9.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-Stats Multiple Vulnerabilities (2.51)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP-Syntax Remote PHP Code Execution (0.9.9)
|
CVE-2009-2852
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin WP-T-Wap Cross-Site Scripting (1.13.2)
|
CVE-2021-38331
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Table Reloaded Cross-Site Scripting (1.9.3)
|
CVE-2013-1463
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-Testimonials SQL Injection (3.4.1)
|
CVE-2017-9418
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wp-tmkm-amazon Cross-Site Scripting (1.5b)
|
CVE-2014-4598
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-TopBar Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (4.02)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP-TopBar SQL Injection (5.36)
|
CVE-2023-23824
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP-UserAgent Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-UserOnline Cross-Site Scripting (2.87.6)
|
CVE-2022-2473
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-UserOnline Cross-Site Scripting (2.88.0)
|
CVE-2022-2941
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-UserOnline URL HTML Injection (2.62)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-ViperGB Cross-Site Request Forgery (1.3.10)
|
CVE-2014-9460
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP-ViperGB Cross-Site Scripting (1.3.15)
|
CVE-2015-9356
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP-VR-view-Add Photo Sphere, 360 video to WordPress Cross-Site Scripting (1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wp2android-webapp native mobile app builder free (android, IOs, Winphone mobile App) Arbitrary File Upload (1.1.4)
|
CVE-2017-1002003
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP24 Domain Check Cross-Site Scripting (1.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP125 Cross-Site Request Forgery (1.4.9)
|
CVE-2013-2700
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP125 Multiple Cross-Site Scripting Vulnerabilities (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP?????? Cross-Site Scripting (1.3.9)
|
CVE-2023-25787
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Academic People List Cross-Site Scripting (0.4.1)
|
CVE-2021-38316
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Accessibility Cross-Site Scripting (1.6.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Accurate Form Data Multiple Vulnerabilities (1.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Activity Log Cross-Site Request Forgery (4.1.3.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Activity Log Cross-Site Scripting (2.4.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Activity Log Information Disclosure (3.1.1)
|
CVE-2018-8719
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP Activity Log PHP Object Injection (3.2.5)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Activity Log Premium SQL Injection (4.6.4)
|
CVE-2024-2018
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Activity Log Security Bypass (3.3.1.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Activity Log Security Bypass (4.0.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Activity Log SQL Injection (4.1.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Add Mime Types Cross-Site Request Forgery (2.2.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Ad Guru Lite Cross-Site Scripting (1.6.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Admin UI Customize Cross-Site Scripting (1.5.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Advanced Comment Cross-Site Scripting (0.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Advanced Importer Cross-Site Scripting (2.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Affiliate Disclosure Security Bypass (1.1.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Affiliate Platform Multiple Vulnerabilities (6.3.9)
|
CVE-2022-3896
CVE-2022-3897
CVE-2022-3898
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Airbnb Review Slider SQL Injection (3.2)
|
CVE-2023-0262
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Ajax Recent Posts 'number' Parameter Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP All Backup Unspecified Vulnerability (1.5)
|
|
|
High
|
|
WordPress Plugin WP ALL Export Pro Multiple Vulnerabilities (1.7.8)
|
CVE-2022-3394
CVE-2022-3395
CWE-89
CWE-94
|
CWE-89
CWE-94
|
High
|
|
WordPress Plugin WP AmASIN-The Amazon Affiliate Shop Directory Traversal (0.9.6)
|
CVE-2014-4577
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP App Maker Cross-Site Scripting (1.0.16.4)
|
CVE-2014-4578
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Armour-Honeypot Anti Spam Cross-Site Scripting (1.5.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Athletics SQL Injection (1.1.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Attachment Export Arbitrary File Download (0.2.3)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin WP Auctions 'wpa_id' Parameter SQL Injection (1.8.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wp audio gallery playlist 'playlist.php' SQL Injection (0.12)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP AutoComplete Search SQL Injection (1.0.4)
|
CVE-2022-4297
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Background Takeover Directory Traversal (4.1.4)
|
CVE-2018-9118
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP BaiDu Submit Cross-Site Scripting (1.2.1)
|
CVE-2023-25796
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPBakery Page Builder Clipboard Cross-Site Scripting (4.5.5)
|
CVE-2021-24243
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPBakery Page Builder Clipboard Security Bypass (4.5.7)
|
CVE-2021-24244
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPBakery Page Builder Cross-Site Scripting (6.4.0)
|
CVE-2020-28650
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Bannerize 'ajax_clickcounter.php' SQL Injection (2.8.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Bannerize 'ajax_sorter.php' SQL Injection (2.8.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Bannerize SQL Injection (4.0.2)
|
CVE-2021-39351
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Banners Lite Cross-Site Scripting (1.40)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP BASE Booking of Appointments, Services and Events PHP Object Injection (3.5.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Basic Elements Cross-Site Request Forgery (5.2.15)
|
CVE-2022-47139
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Better Permalinks Cross-Site Request Forgery (3.0.4)
|
CVE-2019-15835
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots Cross-Site Scripting (6.61)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots SQL Injection (6.59)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots Unspecified Vulnerability (6.66)
|
|
|
High
|
|
WordPress Plugin WPBook Cross-Site Request Forgery (2.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Booking Calendar Multiple Vulnerabilities (3.0.0)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP Booking Cross-Site Scripting (1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Booking System Cross-Site Scripting (1.3.3)
|
CVE-2017-2168
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Booking System Multiple Vulnerabilities (1.5.1)
|
CVE-2019-12239
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin WP Business Directory Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Business Intelligence Lite Arbitrary File Upload (1.0.6)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Business Intelligence Lite SQL Injection (1.6.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Cross-Site Scripting (2.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Cross-Site Scripting (2.2.24)
|
CVE-2024-5427
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Local File Inclusion (2.2.25)
|
CVE-2024-5431
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Security Bypass (2.2.22)
|
CVE-2023-47805
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Server-Side Request Forgery (2.2.23)
|
CVE-2024-1855
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin WP Canvas-Shortcodes Cross-Site Scripting (2.06)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPCB Cross-Site Scripting (2.4.8)
|
CVE-2014-4581
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wpCentral Privilege Escalation (1.5.0)
|
CVE-2020-9043
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin wpCentral Security Bypass (1.4.7)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Cross-Site Request Forgery (2.0.1.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Cross-Site Request Forgery (2.7.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Cross-Site Scripting (9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Multiple Security Bypass Vulnerabilities (8.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (8.9)
|
CVE-2021-37597
CVE-2021-37598
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (9.0)
|
CVE-2022-2939
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (9.3.2)
|
CVE-2022-4417
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP CleanFix Cross-Site Request Forgery (2.4.4)
|
CVE-2013-2108
CVE-2013-2109
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Code Highlight.js Cross-Site Request Forgery (0.6.2)
|
CVE-2019-12934
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Code Highlight.js Cross-Site Scripting (0.6.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Coder-add custom html, css and js code Cross-Site Request Forgery (2.5.1)
|
CVE-2021-25053
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Coder-add custom html, css and js code Cross-Site Request Forgery (2.5.2)
|
CVE-2022-2388
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Coder-add custom html, css and js code SQL Injection (2.5.3)
|
CVE-2023-0895
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WPCOM Member Malicious Code (1.3.16)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin WP Comment Remix SQL Injection and HTML Injection Vulnerabilities (1.4.3)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin wpCommentTwit Cross-Site Request Forgery (0.5)
|
CVE-2014-9340
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Construction Mode Cross-Site Request Forgery (1.8)
|
CVE-2014-4854
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Construction Mode Cross-Site Request Forgery (1.91)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Construction Mode Cross-Site Request Forgery (3.31)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Consultant Cross-Site Scripting (1.0)
|
CVE-2014-4582
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Content Copy Protection & No Right Click Cross-Site Request Forgery (3.1.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Content Copy Protection & No Right Click Security Bypass (3.1.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Content Filter Unspecified Vulnerability (2.42)
|
|
|
High
|
|
WordPress Plugin Wp Cookie Choice Cross-Site Request Forgery (1.1.0)
|
CVE-2021-24595
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Cost Estimation & Payment Forms Builder Directory Traversal (9.659)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Cost Estimation & Payment Forms Builder Multiple Vulnerabilities (9.642)
|
CWE-73
CWE-434
|
CWE-73
CWE-434
|
High
|
|
WordPress Plugin WP Courses LMS Cross-Site Scripting (2.0.43)
|
CVE-2021-24621
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Courses LMS Security Bypass (2.0.28)
|
CVE-2020-26876
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Crontrol Cross-Site Scripting (1.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPCS-WordPress Currency Switcher Cross-Site Request Forgery (1.1.6)
|
CVE-2021-20780
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP CSS 'wp-css-compress.php' Local File Disclosure (2.0.5)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP CSV Exporter SQL Injection (1.3.6)
|
CVE-2022-3249
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP CSV Unspecified Vulnerability (1.7.8.0)
|
|
|
High
|
|
WordPress Plugin wpcu3er 'ajaxReq.php' Arbitrary File Upload (0.55)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Custom Admin Interface PHP Object Injection (7.28)
|
CVE-2022-4043
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Custom Admin Login Page Logo Unspecified Vulnerability (1.4.1)
|
|
|
High
|
|
WordPress Plugin WP Custom Cursors Multiple Vulnerabilities (3.0)
|
CVE-2022-3149
CVE-2022-3150
CVE-2022-3151
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin WP Customer Area Cross-Site Request Forgery (8.1.3)
|
CVE-2022-4745
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Customer Area Cross-Site Scripting (7.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Customer Reviews Cross-Site Scripting (3.4.2)
|
CVE-2021-24135
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Customer Reviews Cross-Site Scripting (3.5.5)
|
CVE-2021-24296
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Customer Reviews Multiple Vulnerabilities (3.0.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Customer Reviews Unspecified Vulnerability (3.0.7)
|
|
|
High
|
|
WordPress Plugin WP Custom Fields Search Cross-Site Scripting (0.3.28)
|
CVE-2017-9419
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Custom Fields Search Cross-Site Scripting (1.2.34)
|
CVE-2022-47157
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Customize Login Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Custom Pages 'url' Parameter Local File Disclosure (0.5.0.1)
|
CVE-2011-1669
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Wp custom slider SQL Injection (1.6.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Dark Mode-Best Dark Mode & Social Sharing for WordPress Cross-Site Scripting (3.0.6)
|
CVE-2022-4714
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Data Access Privilege Escalation (5.3.7)
|
CVE-2023-1874
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin WP Data Access Security Bypass (5.1.3)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WP Data Access SQL Injection (4.3.1)
|
CVE-2021-24866
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Database Backup Cross-Site Request Forgery (4.3.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Database Backup Cross-Site Request Forgery (5.1.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Database Backup Cross-Site Scripting (3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Database Backup Cross-Site Scripting (5.1.1)
|
CVE-2019-14949
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Database Backup Unspecified Vulnerability (4.1)
|
|
|
High
|
|
WordPress Plugin WP Database Reset Multiple Security Bypass Vulnerabilities (3.1)
|
CVE-2020-7047
CVE-2020-7048
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) Multiple Vulnerabilities (3.4.1)
|
CVE-2021-24197
CVE-2021-24198
CVE-2021-24199
CVE-2021-24200
CWE-89
CWE-284
|
CWE-89
CWE-284
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) Security Bypass (6.3.2)
|
CVE-2024-3821
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) SQL Injection (3.4)
|
CVE-2021-26754
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) SQL Injection (6.3.1)
|
CVE-2024-3820
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Arbitrary File Upload (1.5.3)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Cross-Site Scripting (1.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Cross-Site Scripting (2.1.49)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Multiple Cross-Site Scripting Vulnerabilities (2.1.27)
|
CVE-2022-25618
CVE-2022-29432
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Multiple Vulnerabilities (1.2.2)
|
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Multiple Vulnerabilities (2.0.11)
|
CVE-2019-6011
CVE-2019-6012
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts SQL Injection (1.5.3)
|
CVE-2014-9175
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Datepicker Security Bypass (2.1.0)
|
CVE-2024-3895
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WP Debugging Security Bypass (2.10.2)
|
CVE-2021-24779
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Design Maps & Places Cross-Site Scripting (1.2)
|
CVE-2021-38334
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Dev Powers:ACF Color Coded Field Types Security Bypass (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Dialog Cross-Site Scripting (1.2.5.5)
|
CVE-2021-24600
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Discourse Unspecified Vulnerability (0.9.7)
|
|
|
High
|
|
WordPress Plugin WP Docs Multiple Vulnerabilities (1.1.7)
|
CWE-352
CWE-915
|
CWE-352
CWE-915
|
High
|
|
WordPress Plugin WP Doctor Potential Malicious Code (1.7)
|
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin WP Domain Redirect SQL Injection (1.0)
|
CVE-2021-24401
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP DoNotTrack Cross-Site Scripting (0.8.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Download Codes Cross-Site Scripting (2.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wp Dreamwork Gallery 'upload.php' Arbitrary File Upload (2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin wp Dreamwork Gallery Arbitrary File Upload (2.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP DS FAQ 'ajax.php' SQL Injection (1.3.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP DS FAQ Plus Cross-Site Scripting (1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP DSGVO Tools (GDPR) Cross-Site Request Forgery (2.2.18)
|
CVE-2019-15777
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP DSGVO Tools (GDPR) Cross-Site Scripting (3.1.23)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP DSGVO Tools (GDPR) PHP Object Injection (2.0.4)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP DSGVO Tools (GDPR) Security Bypass (3.1.23)
|
CVE-2021-42359
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP DSGVO Tools (GDPR) Unspecified Vulnerability (3.1.26)
|
|
|
High
|
|
WordPress Plugin WP Dynamic Keywords Injector Cross-Site Request Forgery (2.3.15)
|
CVE-2022-47141
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP e-Commerce-Clockwork SMS Cross-Site Scripting (2.0.5)
|
CVE-2017-17780
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP e-Commerce-Store Exporter Privilege Escalation (1.6.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP e-Commerce-Store Toolkit Privilege Escalation (2.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP e-Commerce-Store Toolkit Privilege Escalation (2.0.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP e-Commerce Predictive Search Cross-Site Scripting (1.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP e-Commerce Shop Styling Arbitrary File Download (2.5)
|
CVE-2015-5468
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP e-Commerce Shop Styling Local File Inclusion (2.9.1)
|
CVE-2014-2383
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP e-Commerce Shop Styling Remote File Inclusion (1.7.2)
|
CVE-2013-0724
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP E-Signature Remote Code Execution (1.5.6.5)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP Easy Columns Cross-Site Scripting (2.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Easy full backup Information Disclosure (1.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP Easy Gallery 'add-gallery.php' Arbitrary File Upload (1.8)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Easy Gallery 'select_gallery' Parameter Cross-Site Scripting (1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Easy Gallery Cross-Site Scripting (4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Easy Gallery Cross-Site Scripting (4.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Easy Gallery Cross-Site Scripting (4.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Easy Gallery Multiple Unspecified Vulnerabilities (2.7)
|
|
|
High
|
|
WordPress Plugin WP EasyPay-Square for WordPress Cross-Site Request Forgery (3.2.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Easy Poll Multiple Vulnerabilities (1.1.3)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Easy Post Types Cross-Site Scripting (1.4.3)
|
CVE-2014-4524
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Easy Slideshow Multiple Cross-Site Request Forgery Vulnerabilities (1.0.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Easy Stats 'homep' Parameter Remote File Include (1.8)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP eCommerce 'cart_messages[]' Parameter Cross-Site Scripting (3.8.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP eCommerce 'collected_data[]' SQL Injection (3.8.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP eCommerce 'cs1' Parameter SQL Injection (3.8.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP eCommerce 'wpsc-transaction_results_functions.php' SQL Injection (3.8.7.5)
|
CVE-2012-5310
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP eCommerce Cross-Site Scripting (3.9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP eCommerce HTML Injection (3.8.7.1)
|
CVE-2011-5104
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP eCommerce Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (3.8.9)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP eCommerce Multiple Unspecified Vulnerabilities (3.9.3)
|
|
|
High
|
|
WordPress Plugin WP eCommerce Multiple Vulnerabilities (3.8.9.5)
|
CVE-2012-2399
CVE-2012-3414
CWE-22
CWE-79
CWE-94
CWE-434
|
CWE-22
CWE-79
CWE-94
CWE-434
|
High
|
|
WordPress Plugin WP eCommerce Multiple Vulnerabilities (3.9.1)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP eCommerce Security Bypass (3.8.14.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP eCommerce SQL Injection (3.11.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Editor.md Cross-Site Scripting (1.6)
|
CVE-2017-9336
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Editor.md Cross-Site Scripting (10.0.1)
|
CVE-2018-18919
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Editor Arbitrary File Upload (1.2.5.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Editor Cross-Site Scripting (1.2.6.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Editor Multiple Vulnerabilities (1.2.5.3)
|
CWE-22
CWE-88
|
CWE-22
CWE-88
|
High
|
|
WordPress Plugin WP Editor SQL Injection (1.2.6.3)
|
CVE-2021-24151
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Edit Unspecified Vulnerability (3.0)
|
|
|
High
|
|
WordPress Plugin WPE Indoshipping Multiple Remote File Inclusion Vulnerabilities (2.5.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP Elegant Testimonial Cross-Site Scripting (1.1.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Email Template HTML Injection (2.2.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Email Template PHP Object Injection (2.4.0)
|
CVE-2019-10912
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin WP Email Users SQL Injection (1.4.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.6.11)
|
CVE-2021-24793
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP ERP-Complete WordPress Business Manager with HR, CRM & Accounting Systems for Small Businesses Cross-Site Request Forgery (1.6.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP ERP-Complete WordPress Business Manager with HR, CRM & Accounting Systems for Small Businesses Cross-Site Request Forgery (1.7.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Events Calendar SQL Injection (1.0)
|
CVE-2018-5315
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP fail2ban Security Bypass (4.0.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Fast Cache Multiple Vulnerabilities (1.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Fastest Cache Arbitrary File Deletion (0.8.9.0)
|
CVE-2019-6726
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin WP Fastest Cache Cross-Site Request Forgery (0.8.3.4)
|
CVE-2015-4089
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Fastest Cache Cross-Site Request Forgery (0.9.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Fastest Cache Cross-Site Scripting (0.8.5.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Fastest Cache Directory Traversal (0.8.9.5)
|
CVE-2019-13635
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Fastest Cache Directory Traversal (0.9.1.6)
|
CVE-2021-20714
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Fastest Cache Local File Inclusion (0.8.5.9)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.8.5.7)
|
CWE-22
CWE-264
|
CWE-22
CWE-264
|
High
|
|
WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.8.5.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.9.4)
|
CVE-2021-24869
CVE-2021-24870
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Plugin WP Fastest Cache SQL Injection (0.8.4.8)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Fastest Cache SQL Injection (0.8.7.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Fastest Cache SQL Injection (1.2.1)
|
CVE-2023-6063
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Fastest Cache Unspecified Vulnerability (0.8.8.5)
|
|
|
High
|
|
WordPress Plugin WP Favorite Posts Cross-Site Scripting (1.6.5)
|
CVE-2016-1160
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Featured Post with thumbnail 'src' Parameter Cross-Site Scripting (3.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Flash Player Multiple Cross-Site Scripting Vulnerabilities (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Floating Menu-One page navigator, sticky menu for WordPress Cross-Site Scripting (1.3.0)
|
CVE-2020-25378
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Floating Menu-One page navigator, sticky menu for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.4.4)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin WP Flow Plus Unspecified Vulnerability (2.2.0)
|
|
|
High
|
|
WordPress Plugin WP Font Awesome Cross-Site Scripting (1.7.8)
|
CVE-2023-0271
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wpForo Forum Cross-Site Scripting (1.4.11)
|
CVE-2018-11709
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wpForo Forum Cross-Site Scripting (2.1.8)
|
CVE-2023-2309
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wpForo Forum Multiple Vulnerabilities (2.1.7)
|
CVE-2023-2249
CWE-22
CWE-502
CWE-918
|
CWE-22
CWE-502
CWE-918
|
High
|
|
WordPress Plugin wpForo Forum Open Redirect (1.9.6)
|
CVE-2021-24406
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin wpForo Forum SQL Injection (1.4.9)
|
CVE-2018-11515
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wpForo Forum SQL Injection (2.3.3)
|
CVE-2024-3200
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Forum Multiple Security Vulnerbilities (1.7.8)
|
CWE-79
CWE-89
CWE-201
CWE-425
CWE-472
|
CWE-79
CWE-89
CWE-201
CWE-425
CWE-472
|
High
|
|
WordPress Plugin WP Forum Server 'edit_post_id' Parameter SQL Injection (1.7)
|
CVE-2012-6625
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3)
|
CVE-2012-6622
CVE-2012-6623
CVE-2012-6625
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP Forum Server Multiple SQL Injection (1.6.5)
|
CVE-2011-1047
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Fountain Cross-Site Scripting (1.5.9)
|
CVE-2021-34653
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Front-End Repository Manager Arbitrary File Upload (1.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Frontend Profile Multiple Vulnerabilities (0.2.1)
|
CVE-2019-15110
CVE-2019-15111
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin WP Frontend Profile Security Bypass (1.2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPFront Notification Bar Cross-Site Scripting (1.9.1.04012)
|
CVE-2021-24518
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPFront Notification Bar Cross-Site Scripting (2.0.0.07176)
|
CVE-2021-24601
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPFront Scroll Top Cross-Site Scripting (2.0.5.07184)
|
CVE-2021-24564
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPFront Scroll Top Cross-Site Scripting (2.0.6.07225)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPFront User Role Editor Multiple Cross-Site Scripting Vulnerabilities (2.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPFront User Role Editor Unspecified Vulnerability (2.14.1)
|
|
|
High
|
|
WordPress Plugin WP FullCalendar Security Bypass (1.4.1)
|
CVE-2022-3891
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin WP FuneralPress Multiple Cross-Site Scripting Vulnerabilities (1.1.6)
|
CVE-2013-3529
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Fusion Lite-Marketing Automation for WordPress Multiple Vulnerabilities (3.37.18)
|
CVE-2021-34660
CVE-2021-34661
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WPGateway Privilege Escalation (3.5)
|
CVE-2022-3180
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin WP GDPR Multiple Vulnerabilities (2.1.1)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin WpGenius Job Listing Cross-Site Scripting (1.0.2)
|
CVE-2021-39335
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Geoloc Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Githuber MD Arbitrary File Upload (1.4.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP GitHub Tools Cross-Site Scripting (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPGlobus-Multilingual Everything! Multiple Vulnerabilities (1.9.6)
|
CVE-2018-5361
CVE-2018-5362
CVE-2018-5363
CVE-2018-5364
CVE-2018-5365
CVE-2018-5366
CVE-2018-5367
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WPGlobus Translate Options Cross-Site Scripting (2.1.0)
|
CVE-2023-25711
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Glossary 'ajax.php' SQL Injection (0.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Google Fonts Cross-Site Scripting (3.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Maps Cross-Site Request Forgery (7.11.27)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Google Maps Cross-Site Scripting (6.3.14)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Maps Cross-Site Scripting (7.10.41)
|
CVE-2019-9912
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Maps Cross-Site Scripting (7.11.34)
|
CVE-2019-14792
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Maps Cross-Site Scripting (8.1.11)
|
CVE-2021-24383
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Maps Multiple Cross-Site Scripting Vulnerabilities (6.0.26)
|
CVE-2014-7182
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Maps Multiple Cross-Site Scripting Vulnerabilities (8.1.12)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Maps SQL Injection (7.11.17)
|
CVE-2019-10692
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Google Maps Unspecified Vulnerability (6.2.1)
|
|
|
High
|
|
WordPress Plugin WP Google Maps Unspecified Vulnerability (8.0.25)
|
|
|
High
|
|
WordPress Plugin WP Google Review Slider Cross-Site Scripting (11.5)
|
CVE-2022-4242
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Google Review Slider SQL Injection (6.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Google Review Slider SQL Injection (11.7)
|
CVE-2023-0259
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP GPX Maps 'wp-gpx-maps_admin_tracks.php' Arbitrary File Upload (1.1.22)
|
CVE-2012-6649
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WPGraphQL Denial of Service (1.3.5)
|
CVE-2021-31157
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin WPGraphQL Security Bypass (0.2.3)
|
CVE-2019-9879
CVE-2019-9880
CVE-2019-9881
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Gravity Forms Insightly Cross-Site Scripting (1.0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Gravity Forms Zendesk Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Gravity Forms Zoho CRM Add-on Cross-Site Scripting (1.1.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP GuestMap Multiple Cross-Site Scripting Vulnerabilities (1.8)
|
CVE-2014-4587
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Hardening-Fix Your WordPress Security Cross-Site Scripting (1.2.1)
|
CVE-2021-24373
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Header Images Cross-Site Scripting (2.0.0)
|
CVE-2021-24798
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Helper Premium Cross-Site Scripting (4.2)
|
CVE-2023-0448
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin wp heyloyalty Remote Code Execution (1.1.4)
|
CVE-2017-9841
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP Hide & Security Enhancer Arbitrary File Download (1.3.9.2)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin WPhone Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Hotel Booking Cross-Site Request Forgery (1.10.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Hotel Booking Cross-Site Request Forgery (1.10.5)
|
CVE-2021-36852
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Hotel Booking PHP Object Injection (1.10.3)
|
CVE-2020-29047
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Hotel Booking Remote Code Execution (1.10.2)
|
CVE-2020-29047
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin WP Hotel Booking SQL Injection (2.1.0)
|
CVE-2024-3605
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP htaccess Control Unspecified Vulnerability (2.4)
|
|
|
High
|
|
WordPress Plugin WP Htaccess Editor Unspecified Vulnerability (1.0.1)
|
|
|
High
|
|
WordPress Plugin WP HTML Author Bio Cross-Site Scripting (1.2.0)
|
CVE-2021-24545
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP HTML Sitemap Cross-Site Request Forgery (1.2)
|
CVE-2014-2675
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Human Resource Management Security Bypass (2.2.5)
|
CVE-2019-9573
CVE-2019-9574
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Human Resource Management Security Bypass (2.2.14)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Humans.txt Cross-Site Scripting (1.0.6)
|
CVE-2022-3392
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP iCommerce-the first interactive ecommerce for wordpress SQL Injection (1.1.1)
|
CVE-2021-24402
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Idea Stream Cross-Site Scripting (2.1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Image Zoom Denial of Service (1.23)
|
CWE-400
|
CWE-400
|
High
|
|
WordPress Plugin WP Image Zoom Local File Inclusion (1.46)
|
CVE-2021-24447
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Import Export Information Disclosure (3.9.15)
|
CVE-2022-0236
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP Import Export Lite Information Disclosure (3.9.15)
|
CVE-2022-0236
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP Import Export Lite Security Bypass (3.9.4)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WP Infusionsoft WooCommerce Cross-Site Scripting (1.0.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Inimat Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Insightly for Contact Form 7 and Ninja Forms Cross-Site Scripting (1.0.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Instagram-Best Instagram Feeds Cross-Site Scripting (1.0.19)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure (1.2.1)
|
CVE-2019-14365
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP Inventory Manager Cross-Site Scripting (1.7.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Inventory Manager Unspecified Vulnerability (1.8.1)
|
|
|
High
|
|
WordPress Plugin WPJobBoard Cross-Site Scripting (5.5.3)
|
CVE-2020-9019
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPJobBoard Cross-Site Scripting (5.6.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPJobBoard Multiple Cross-Site Scripting Vulnerabilities (4.5.1)
|
CVE-2017-15375
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPJobBoard SQL Injection (5.6.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Job Manager Cross-Site Request Forgery (1.25.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Job Manager Cross-Site Scripting (1.23.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Job Manager Cross-Site Scripting (1.26.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Job Manager PHP Object Injection (1.29.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Job Manager PHP Object Injection (1.31.2)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Job Manager Privilege Escalation (1.34.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Job Manager Privilege Escalation (1.34.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Job Manager Unspecified Vulnerability (1.32.2)
|
|
|
High
|
|
WordPress Plugin WP Jobs Cross-Site Scripting (1.6)
|
CVE-2017-14751
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Jobs SQL Injection (1.4)
|
CVE-2017-9603
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP jPlayer Cross-Site Scripting (0.1)
|
CVE-2013-1942
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP JS Cross-Site Scripting (2.0.6)
|
CVE-2022-1567
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Js External Link Info Cross-Site Scripting (1.21)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Js External Link Info Open Redirect (1.21)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WP Keyword Link Multiple Cross-Site Scripting Vulnerabilities (1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Last Modified Info Cross-Site Scripting (1.6.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Lead Management Cross-Site Scripting (3.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Learn Manager Cross-Site Scripting (1.1.2)
|
CVE-2021-24504
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Learn Manager Security Bypass (1.1.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Legal Pages Cross-Site Scripting (1.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Like Button Security Bypass (1.6.0)
|
CVE-2019-13344
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Limit Login Attempts Security Bypass (2.6.4)
|
CVE-2022-4303
CWE-693
|
CWE-693
|
High
|
|
WordPress Plugin WP Limit Login Attempts SQL Injection (2.0.0)
|
CVE-2015-6829
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Limit Posts Automatically Cross-Site Request Forgery (0.7)
|
CVE-2014-9401
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Link To Us Multiple Cross-Site Scripting Vulnerabilities (2.0)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Live.php 's' Parameter Cross-Site Scripting (1.2.1)
|
CVE-2012-5346
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Live Chat Support Pro Arbitrary File Upload (8.0.06)
|
CVE-2018-12426
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Live Chat Support Pro Unspecified Vulnerability (8.0.07)
|
|
|
High
|
|
WordPress Plugin WP Login Security and History Cross-Site Request Forgery (1.0)
|
CVE-2021-24328
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Logs Book Cross-Site Scripting (1.0.1)
|
CVE-2024-4477
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mail Cross-Site Scripting (1.1)
|
CVE-2017-5942
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mail Log Cross-Site Request Forgery (1.0.1)
|
CVE-2022-45807
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Mail Log Cross-Site Scripting (1.1.1)
|
CVE-2023-3088
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.8.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)
|
CVE-2023-3081
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mail Logging Multiple Unspecified Vulnerabilities (1.5.0)
|
|
|
High
|
|
WordPress Plugin WP Mail Logging Security Bypass (1.9.9)
|
CVE-2021-38314
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WP Mail Logging Security Bypass (1.11.2)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WP Mail SMTP by WPForms Cross-Site Scripting (1.3.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mail SMTP by WPForms Unspecified Vulnerability (0.9.5)
|
|
|
High
|
|
WordPress Plugin WP Mailster Cross-Site Scripting (1.5.4.0)
|
CVE-2017-17451
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mailster Cross-Site Scripting (1.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mailto Links-Manage Email Links Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Maintenance Cross-Site Request Forgery (5.0.5)
|
CVE-2019-19979
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Maintenance Mode & Site Under Construction Cross-Site Request Forgery (1.8.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Maintenance Mode & Site Under Construction Security Bypass (1.8.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Maintenance Mode Cross-Site Request Forgery (1.8.7)
|
CVE-2013-3250
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Maintenance Mode Cross-Site Scripting (2.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Maintenance Mode Multiple Vulnerabilities (2.0.3)
|
CVE-2018-20154
CVE-2018-20155
CWE-200
CWE-264
|
CWE-200
CWE-264
|
High
|
|
WordPress Plugin WP Maintenance Mode Remote Code Execution (2.0.6)
|
CVE-2018-20156
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP Mapa Politico Espana Cross-Site Scripting (3.6.2)
|
CVE-2021-24609
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.0.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.2.3)
|
CVE-2022-25600
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.4.2)
|
CVE-2023-28172
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Scripting (4.0.3)
|
CVE-2018-0577
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Scripting (4.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Scripting (4.3.9)
|
CVE-2023-23878
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Multiple Cross-Site Scripting Vulnerabilities (2.3.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.0.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.4)
|
CVE-2021-24130
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.6.1)
|
CVE-2024-2386
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Unspecified Vulnerability (3.1.6)
|
|
|
High
|
|
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution 'uploadify.php' Arbitrary File Upload (1.6.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Download (2.4.0)
|
CVE-2014-9013
CVE-2014-9014
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Upload (1.2.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Upload (2.4.1)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Marketplace TimThumb Arbitrary File Upload (1.1.0)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin WP Mass Mail Open Email Relay (2.45)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Media Cleaner Multiple Cross-Site Scripting Vulnerabilities (2.2.6)
|
CVE-2015-2195
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mega Menu Security Bypass (1.3.9)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WP Mega Menu Security Bypass (1.4.0)
|
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin WP Mega Menu Unspecified Vulnerability (1.4.1)
|
|
|
High
|
|
WordPress Plugin WP Membership Multiple Vulnerabilities (1.2.3)
|
CVE-2015-4038
CVE-2015-4039
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin WP Meta and Date Remover Cross-Site Request Forgery (1.7.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Migrate DB Security Bypass (0.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPMK Ajax Finder Cross-Site Request Forgery (1.0.1)
|
CVE-2022-1749
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WPMktgEngine Security Bypass (3.7.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Request Forgery (4.3.6)
|
CVE-2020-10568
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.6.3)
|
CVE-2018-18069
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPML (WordPress Multilingual) Multiple Vulnerabilities (3.1.8.6)
|
CVE-2015-2314
CVE-2015-2315
CVE-2015-2791
CVE-2015-2792
CWE-79
CWE-89
CWE-284
|
CWE-79
CWE-89
CWE-284
|
High
|
|
WordPress Plugin WPML Translation Management PHP Object Injection (2.4.1)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Mobile Detector Arbitrary File Upload (3.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Mobile Detector Cross-Site Scripting (3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mobile Detector Multiple Vulnerabilities (3.8)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Mobile Detector Unspecified Vulnerability (2.1)
|
|
|
High
|
|
WordPress Plugin WP Mobile Edition Arbitrary File Disclosure (2.2.7)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Mobile Edition Multiple Vulnerabilities (2.4)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Cross-Site Scripting (2.8.2.2)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Security Bypass (2.7.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPMovieLibrary Multiple Cross-Site Scripting Vulnerabilities (2.1.4.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wp Multiple Meta Box SQL Injection (1.0.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Munich Blocks-Gutenberg Blocks for WordPress Security Bypass (0.7.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP No External Links Cross-Site Scripting (3.5.15)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP No External Links Cross-Site Scripting (3.5.18)
|
CVE-2017-15863
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP No External Links Spam Injection (4.2.2)
|
CWE-610
|
CWE-610
|
High
|
|
WordPress Plugin WP OAuth Server (OAuth Authentication) Cross-Site Scripting (4.2.1)
|
CVE-2022-3892
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP OAuth Server (OAuth Authentication) Security Bypass (3.1.4)
|
CWE-326
|
CWE-326
|
High
|
|
WordPress Plugin WP Offload SES Lite Cross-Site Scripting (1.4.4)
|
CVE-2021-24494
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities (1.3.1)
|
CWE-22
CWE-538
|
CWE-22
CWE-538
|
High
|
|
WordPress Plugin WP Open Graph Cross-Site Request Forgery (1.6.1)
|
CVE-2019-5960
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Open Social Cross-Site Scripting (5.0)
|
CVE-2023-25792
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.6)
|
CVE-2022-40963
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.8)
|
CVE-2022-3830
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Page Builder Multiple Vulnerabilities (1.2.3)
|
CVE-2021-24207
CVE-2021-24208
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin WP Page Widget Cross-Site Scripting (2.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Payeezy Pay Local File Inclusion (2.97)
|
CVE-2018-20985
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP People 'wp-people-popup.php' SQL Injection (2.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Performance Score Booster-Optimize Speed, Enable Cache & Page Preload Cross-Site Request Forgery (2.0)
|
CVE-2021-24776
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Photo Album 'id' Parameter Cross-Site Scripting (1.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)
|
CVE-2008-0939
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Photo Album Plus 'wppa-album' Parameter SQL Injection (4.1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Photo Album Plus Cross-Site Request Forgery (4.8.11)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (4.9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.2)
|
CVE-2013-3254
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.10)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.17)
|
CVE-2014-8814
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (6.1.2)
|
CVE-2015-3647
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album Plus Multiple Cross-Site Scripting Vulnerabilities (5.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (6.5.00)
|
|
|
High
|
|
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (7.2.04)
|
|
|
High
|
|
WordPress Plugin WP PHP widget Information Disclosure (1.0.2)
|
CVE-2013-0721
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP Pipes Unspecified Vulnerability (1.28)
|
|
|
High
|
|
WordPress Plugin WPPizza Cross-Site Scripting (2.11.8.17)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Planet Cross-Site Scripting (0.1)
|
CVE-2014-4592
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Plugin Info Card Unspecified Vulnerability (2.3.6)
|
|
|
High
|
|
WordPress Plugin WP Plugin Manager (WPPM) Cross-Site Scripting (1.6.4.b)
|
CVE-2014-4593
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Poll Maker-Best WordPress Poll for Voting Contest Arbitrary File Upload (3.4)
|
CVE-2024-32514
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Popup Banners includes Backdoor [Only if downloaded via the vendor website] (1.2.3)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin WP Popup Builder-Popup Forms, Marketing PoPuP & Newsletter Multiple Vulnerabilities (1.2.8)
|
CVE-2022-2404
CVE-2022-2405
CWE-79
CWE-862
|
CWE-79
CWE-862
|
High
|
|
WordPress Plugin WP Popup Lite-Responsive popup for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin WP Popups-WordPress Popup builder Cross-Site Scripting (2.1.4.6)
|
CVE-2022-4716
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Portfolio Gallery Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Post Page Clone SQL Injection (1.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Post Popup Directory Traversal (2.0)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Post Popup Directory Traversal (2.1.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Post Rating Security Bypass (2.4.6)
|
CVE-2023-25785
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WP Posts Carousel Cross-Site Scripting (1.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Post to PDF Cross-Site Scripting (2.3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Post to PDF Enhanced Cross-Site Scripting (1.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Prayer Cross-Site Request Forgery (1.5.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Prayer Cross-Site Scripting (1.6.1)
|
CVE-2021-24313
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Prayer Cross-Site Scripting (1.9.6)
|
CVE-2023-25705
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Prayer Multiple Cross-Site Request Forgery Vulnerabilities (1.6.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Print Friendly Cross-Site Scripting (0.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Print Friendly Security Bypass (0.5.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Private Content Plus Cross-Site Request Forgery (3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Private Content Plus Security Bypass (1.31)
|
CVE-2019-15816
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Private Message Insecure Direct Object Reference (1.0.5)
|
CVE-2023-0453
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin WP Private Messages SQL Injection (1.0.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP PRO Advertising System-All In One Ad Manager SQL Injection (4.6.18)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Product Review Lite Cross-Site Scripting (3.7.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Product Review Lite Unspecified Vulnerability (3.7.6)
|
|
|
High
|
|
WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Request Forgery (2.4.0)
|
CVE-2020-36745
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Request Forgery (2.4.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Scripting (2.4.13)
|
CVE-2021-36826
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Privilege Escalation (2.6.4)
|
CVE-2023-3636
CWE-269
|
CWE-269
|
High
|
|
WordPress Plugin WP Publication Archive 'file' Parameter Directory Traversal (2.3)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WpPygments Multiple Cross-Site Scripting Vulnerabilities (0.3.2)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPQA-Builder forms Addon For WordPress Insecure Direct Object Reference (5.9.2)
|
CVE-2022-3343
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin WP Quick Booking Manager Cross-Site Scripting (1.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Quick FrontEnd Editor Multiple Vulnerabilities (5.5)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin WP Reactions Lite Cross-Site Scripting (1.3.5)
|
CVE-2021-24723
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Real Estate Unspecified Vulnerability (2.0)
|
|
|
High
|
|
WordPress Plugin WP Realtime Sitemap Multiple Unspecified Vulnerabilities (1.5.5)
|
|
|
High
|
|
WordPress Plugin WP Reroute Email Cross-Site Request Forgery (1.4.6)
|
CVE-2023-27606
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Reroute Email Cross-Site Scripting (1.4.9)
|
CVE-2023-3168
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Reroute Email SQL Injection (1.4.6)
|
CVE-2023-27605
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Reset-Most Advanced WordPress Reset Tool Cross-Site Scripting (1.86)
|
CVE-2021-24424
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Responsive Tabs horizontal vertical and accordion Tabs Unspecified Vulnerability (1.1.1)
|
|
|
High
|
|
WordPress Plugin WP Responsive Testimonials Slider And Widget Cross-Site Scripting (1.5)
|
CVE-2022-4750
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP REST API (WP API) Cross-Site Request Forgery (1.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP REST API (WP API) Cross-Site Scripting (1.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP REST API (WP API) Information Disclosure (1.2)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP REST API (WP API) Security Bypass (1.2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Retina 2x Cross-Site Scripting (5.2.0)
|
CVE-2018-0511
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Review Multiple Unspecified Vulnerabilities (2.0)
|
|
|
High
|
|
WordPress Plugin WP Review Slider SQL Injection (10.9)
|
CVE-2022-0383
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Review Slider SQL Injection (12.1)
|
CVE-2023-0260
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Review Unspecified Vulnerability (5.2.1)
|
|
|
High
|
|
WordPress Plugin WP Rocket Local File Inclusion (2.10.3)
|
CVE-2017-11658
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Rollback Multiple Vulnerabilities (1.2.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.1)
|
CVE-2021-24768
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.2)
|
CVE-2021-24988
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.3)
|
CVE-2022-0189
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Multiple Unspecified Vulnerabilities (4.6.8)
|
|
|
High
|
|
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Security Bypass (4.6.3)
|
CVE-2014-9314
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Unspecified Vulnerability (4.8.2)
|
|
|
High
|
|
WordPress Plugin WP RSS By Publishers Multiple SQL Injection Vulnerabilities (0.1)
|
CVE-2022-4358
CVE-2022-4359
CVE-2022-4360
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP RSS Multi Importer Multiple Cross-Site Request Forgery Vulnerabilities (3.11)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP RSS Multi Importer Multiple Vulnerabilities (3.15)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP Rss Poster SQL Injection (1.0.0)
|
CVE-2014-4938
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Safe Search 'v1' Parameter Cross-Site Scripting (0.7)
|
CVE-2010-4518
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPS Bidouille Multiple Vulnerabilities (1.12.2)
|
CWE-79
CWE-352
CWE-434
|
CWE-79
CWE-352
CWE-434
|
High
|
|
WordPress Plugin WPS Child Theme Generator Directory Traversal (1.1)
|
CVE-2019-15822
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WPS Cleaner Multiple Cross-Site Request Forgery Vulnerabilities (1.4.4)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Scrippets Cross-Site Scripting (1.5.1)
|
CVE-2021-38333
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Security Question Cross-Site Request Forgery (1.0.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Security Safe Cross-Site Request Forgery (2.2.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Selected Text Sharer Multiple Vulnerabilities (1.0)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP SEO Redirect 301 Cross-Site Request Forgery (2.3.1)
|
CVE-2021-24832
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP SEO Tags Cross-Site Scripting (2.2.7)
|
CVE-2021-34665
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP SEO TDK Security Bypass (2.0.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Server Health Stats Cross-Site Scripting (1.6.10)
|
CVE-2022-2887
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Server Health Stats Malicious Code (1.7.6)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin WP Server Log Viewer Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Session Manager SQL Injection (1.2.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WPS Hide Login Cross-Site Request Forgery (1.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WPS Hide Login Multiple Security Bypass Vulnerabilities (1.5.2.2)
|
CVE-2019-15823
CVE-2019-15824
CVE-2019-15825
CVE-2019-15826
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPS Hide Login Security Bypass (1.5.4.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPS Hide Login Security Bypass (1.9)
|
CVE-2021-24917
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Shieldon-WordPress Firewall Cross-Site Scripting (1.6.3)
|
CVE-2021-24124
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPshop-eCommerce Arbitrary File Upload (1.3.9.5)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin wpShopGermany Free Arbitrary File Upload (4.0.10)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Shopify Cross-Site Scripting (2.0.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Shop Multiple SQL Injection Vulnerabilities (3.4.3.15)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Shop Multiple Vulnerabilities (3.4.3.18)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Silverlight Media Player Cross-Site Scripting (0.8)
|
CVE-2014-4589
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Simple Booking Calendar Cross-Site Request Forgery (1.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Simple Booking Calendar SQL Injection (2.0.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Simple Cart Arbitrary File Upload (1.0.15)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Simple Login Registration Cross-Site Scripting (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP SimpleMail Multiple Cross-Site Scripting Vulnerabilities (1.0.6)
|
CVE-2012-2579
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Simple Spreadsheet Fetcher for Google Cross-Site Request Forgery (0.3.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Sitemap Page Cross-Site Scripting (1.6.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Sitemap Page Cross-Site Scripting (1.6.6)
|
CVE-2021-24715
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP SlackSync Information Disclosure (1.8.5)
|
CVE-2019-14366
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WPS Limit Login Multiple Vulnerabilities (1.4.5)
|
CWE-79
CWE-264
CWE-352
|
CWE-79
CWE-264
CWE-352
|
High
|
|
WordPress Plugin WP smart CRM & Invoices FREE Cross-Site Scripting (1.8.7)
|
CVE-2020-25375
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Smart Image II Cross-Site Scripting (0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Smart Import: Import any XML File to WordPress Cross-Site Scripting (1.0.2)
|
CVE-2022-40209
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Smart Import: Import any XML File to WordPress Server-Side Request Forgery (1.0.0)
|
CVE-2020-24147
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin WP Smart Security PHP Object Injection (1.0)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Smiley Multiple Vulnerabilities (1.4.1)
|
CVE-2015-4139
CVE-2015-4140
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP SMS Cross-Site Scripting (5.4.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP SMS Cross-Site Scripting (5.4.12)
|
CVE-2021-24561
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Social Bookmarking Light Cross-Site Scripting (1.7.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Social Feed Gallery Cross-Site Request Forgery (2.4.7)
|
CVE-2019-15779
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Social Feed Gallery Unspecified Vulnerability (2.1.1)
|
|
|
High
|
|
WordPress Plugin WP Social Invitations Cross-Site Scripting (1.4.4.2)
|
CVE-2014-4597
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (2.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (7.2)
|
CVE-2022-2763
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Social Sharing Cross-Site Scripting (2.2)
|
CVE-2022-4198
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Songbook Cross-Site Scripting (2.0.11)
|
CVE-2021-34655
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Source Control Directory Traversal (3.0.0)
|
CVE-2014-5368
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Spell Check Cross-Site Request Forgery (7.1.9)
|
CVE-2019-6027
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Spell Check Cross-Site Scripting (9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Arbitrary File Upload (3.4.3)
|
CVE-2024-3412
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Cross-Site Scripting (2.9.17)
|
CVE-2022-2737
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Information Disclosure (3.4.3)
|
CVE-2024-3682
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Server-Side Request Forgery (3.4.3)
|
CVE-2024-4469
CWE-918
|
CWE-918
|
High
|
|
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Unspecified Vulnerability (2.4.3)
|
|
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (8.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (9.1.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (9.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (12.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (12.0.8.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (12.0.9)
|
CVE-2017-10991
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (12.6.3)
|
CVE-2019-10864
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (12.6.5)
|
CVE-2019-12566
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (12.6.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (13.0.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Cross-Site Scripting (13.2.1)
|
CVE-2022-27231
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Multiple Cross-Site Scripting Vulnerabilities (2.2.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Multiple Cross-Site Scripting Vulnerabilities (12.0.1)
|
CVE-2017-2135
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Multiple Cross-Site Scripting Vulnerabilities (12.0.4)
|
CVE-2017-2136
CVE-2017-2147
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Statistics Multiple Unspecified Vulnerabilities (9.6.5)
|
|
|
High
|
|
WordPress Plugin WP Statistics Multiple Vulnerabilities (13.1.5)
|
CVE-2022-0651
CVE-2022-25148
CVE-2022-25149
CVE-2022-25305
CVE-2022-25306
CVE-2022-25307
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP Statistics SQL Injection (9.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Statistics SQL Injection (12.0.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Statistics SQL Injection (12.6.6.1)
|
CVE-2019-13275
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Statistics SQL Injection (13.0.7)
|
CVE-2021-24340
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Statistics SQL Injection (13.1.4)
|
CVE-2022-0513
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Statistics SQL Injection (13.2.8)
|
CVE-2022-4230
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wpStoreCart 'upload.php' Arbitrary File Upload (2.5.29)
|
CVE-2012-3576
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Subscribe Cross-Site Scripting (1.0.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Subtitle Unspecified Vulnerability (2.5)
|
|
|
High
|
|
WordPress Plugin WP Sudoku Plus Unspecified Vulnerability (1.4)
|
|
|
High
|
|
WordPress Plugin wp superb Slideshow 'upload.php' Arbitrary File Upload (2.2)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin wp superb Slideshow Arbitrary File Upload (2.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin wp superb Slideshow Information Disclosure (2.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin WP Super Cache Cache Poisoning (1.8)
|
CWE-349
|
CWE-349
|
High
|
|
WordPress Plugin WP Super Cache Cross-Site Scripting (1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Super Cache Cross-Site Scripting (1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Super Cache Cross-Site Scripting (1.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Super Cache Cross-Site Scripting (1.7.2)
|
CVE-2021-24329
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Super Cache Multiple Vulnerabilities (1.4.4)
|
CWE-22
CWE-23
CWE-79
CWE-915
|
CWE-22
CWE-23
CWE-79
CWE-915
|
High
|
|
WordPress Plugin WP Super Cache PHP Code Injection (1.2)
|
CVE-2013-2009
CVE-2013-2011
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin WP Super Cache Remote Code Execution (1.7.1)
|
CVE-2021-24209
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WP Support Plus Responsive Ticket System Cross-Site Scripting (9.1.1)
|
CVE-2019-7299
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Support Plus Responsive Ticket System Multiple Vulnerabilities (4.1)
|
CWE-22
CWE-89
CWE-200
|
CWE-22
CWE-89
CWE-200
|
High
|
|
WordPress Plugin WP Support Plus Responsive Ticket System PHP Object Injection (9.0.3)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin WP Support Plus Responsive Ticket System Privilege Escalation (7.1.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Support Plus Responsive Ticket System Security Bypass (7.1.4)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin WP Support Plus Responsive Ticket System SQL Injection (7.1.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Support Plus Responsive Ticket System Unspecified Vulnerability (8.0.7)
|
|
|
High
|
|
WordPress Plugin WP Survey And Quiz Tool 'action' Parameter Cross-Site Scripting (1.2.1)
|
CVE-2010-4630
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Survey And Quiz Tool 'rowcount' Parameter Cross-Site Scripting (2.9.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Survey Plus Security Bypass (1.0)
|
CVE-2021-24801
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP SVG Icons Cross-Site Request Forgery (3.2.1)
|
CVE-2019-14216
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP SVG Icons Multiple Unspecified Vulnerabilities (3.1.8.1)
|
|
|
High
|
|
WordPress Plugin WP SVG images Cross-Site Scripting (3.3)
|
CVE-2021-24386
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Symposium 'get_profile_avatar.php' SQL Injection (0.64)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Symposium Arbitrary File Upload (14.11)
|
CVE-2014-10021
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Symposium Arbitrary File Upload Vulnerabilities (11.11.26)
|
CVE-2011-5051
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP Symposium A Social Network For WordPress Multiple Cross-Site Scripting Vulnerabilities (12.07.07)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Symposium A Social Network For WordPress Multiple SQL Injection Vulnerabilities (12.06.16)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Symposium Cross-Site Scripting (11.11.26)
|
CVE-2011-3841
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Symposium Cross-Site Scripting (13.02)
|
CVE-2013-2695
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Symposium Cross-Site Scripting (15.8.1)
|
CVE-2015-9414
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Symposium Multiple SQL Injection Vulnerabilities (12.09)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Symposium Multiple Vulnerabilities (14.05.02)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Symposium Multiple Vulnerabilities (14.10)
|
CVE-2014-8809
CVE-2014-8810
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP Symposium Open Redirect (13.04)
|
CVE-2013-2694
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WP Symposium Open Redirect (13.12)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WP Symposium Pro Social Network Cross-Site Scripting (16.01)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Symposium Pro Social Network Multiple Vulnerabilities (15.12)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin WP Symposium SQL Injection (15.1)
|
CVE-2015-3325
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Symposium SQL Injection (15.5.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Symposium Toolbar Unspecified Vulnerability (0.26.0)
|
|
|
High
|
|
WordPress Plugin WP Table Builder-WordPress Table Cross-Site Scripting (1.3.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Table Builder-WordPress Table Cross-Site Scripting (1.4.6)
|
CVE-2022-46852
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Table Builder-WordPress Table Security Bypass (1.3.15)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WP Taxonomy Import Cross-Site Scripting (1.0.4)
|
CVE-2022-2669
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Telegram (Auto Post and Notifications) Unspecified Vulnerability (2.1.8)
|
|
|
High
|
|
WordPress Plugin wptf-image-gallery Arbitrary File Download (1.0.3)
|
CVE-2015-1000007
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin WP TFeed includes Backdoor [Only if downloaded via the vendor website] (1.6.7)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin WP to Twitter Authorization Bypass (2.9.3)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP to Twitter Cross-Site Request Forgery (3.2.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP to Twitter Cross-Site Scripting (3.0.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP to Twitter Security Bypass (3.2.19)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WPtouch 'wptouch_redirect' Parameter URI Redirection (1.9.32)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WPtouch 'wptouch_settings' Parameter Cross-Site Scripting (1.9.20)
|
CVE-2010-4779
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPtouch Arbitrary File Upload (3.4.6)
|
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin WPtouch Backdoor (1.9.28)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin WPtouch Cross-Site Request Forgery (1.9.31)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WPtouch Cross-Site Scripting (3.7.5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPtouch Cross-Site Scripting (4.3.42)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPtouch Multiple Cross-Site Scripting Vulnerabilities (3.7.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPtouch Open Redirect (3.4.9)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin WPtouch Security Bypass (3.4.2)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin WP Travel-Best Travel Booking, Tour Management Engine Cross-Site Request Forgery (4.4.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP TripAdvisor Review Slider Cross-Site Scripting (11.8)
|
CVE-2023-6037
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP TripAdvisor Review Slider SQL Injection (10.7)
|
CVE-2023-0261
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP TripAdvisor Review Slider SQL Injection (12.6)
|
CVE-2024-35630
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP ULike Cross-Site Scripting (3.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP ULike Multiple Vulnerabilities (3.1)
|
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
WordPress Plugin WP Ultimate Email Marketer Multiple Vulnerabilities (1.1.0)
|
CVE-2013-3263
CVE-2013-3264
CVE-2014-4600
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin WP Ultimate Exporter Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Ultimate Exporter SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Ultimate Recipe Cross-Site Scripting (3.12.6)
|
CVE-2019-15836
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Unique Article Header Image Cross-Site Request Forgery (1.0)
|
CVE-2014-9400
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP Upload Restriction Multiple Vulnerabilities (2.2.3)
|
CVE-2021-34625
CVE-2021-34626
CVE-2021-34627
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
WordPress Plugin WPUpper Share Buttons Cross-Site Scripting (3.42)
|
CVE-2022-3838
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP User-Custom Registration Forms, Login and User Profile Multiple Vulnerabilities (7.0)
|
CVE-2022-4049
CVE-2022-4519
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin WP User Frontend-Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission Arbitrary File Upload (2.3.10)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin WP User Frontend-Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission Supply Chain Attack [Polyfill.io] (4.0.7)
|
CWE-1372
|
CWE-1372
|
High
|
|
WordPress Plugin WP User Groups Cross-Site Request Forgery (2.0.0)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP User Manager-User Profile Builder & Membership Security Bypass (2.6.2)
|
CWE-639
|
CWE-639
|
High
|
|
WordPress Plugin WP Users Exporter CSV Injection (1.4.2)
|
CVE-2022-3026
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin WP User Switch Security Bypass (1.0.2)
|
CVE-2023-2546
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin WP Vault Local File Inclusion (0.8.6.6)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin WP Video Lightbox Cross-Site Scripting (1.7.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Video Lightbox Cross-Site Scripting (1.9.2)
|
CVE-2021-24665
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Visitor Statistics (Real Time Traffic) Cross-Site Scripting (6.4)
|
CVE-2022-4656
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Visitor Statistics (Real Time Traffic) Security Bypass (5.4)
|
CVE-2021-25042
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (4.7)
|
CVE-2021-24750
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (5.5)
|
CVE-2022-0410
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (5.7)
|
CVE-2022-33965
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (6.8.1)
|
CVE-2023-0600
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP Visitor Statistics (Real Time Traffic) Unspecified Vulnerability (4.8)
|
|
|
High
|
|
WordPress Plugin WP VR-360 Panorama and Virtual Tour Builder For WordPress Cross-Site Request Forgery (8.2.7)
|
CVE-2023-25708
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin WP VR-360 Panorama and Virtual Tour Builder For WordPress Cross-Site Scripting (8.2.6)
|
CVE-2023-0174
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP w3all phpBB Multiple Unspecified Vulnerabilities (1.6.3)
|
|
|
High
|
|
WordPress Plugin WP Web Scraper Unspecified Vulnerability (2.4)
|
|
|
High
|
|
WordPress Plugin WP Whois Domain Cross-Site Scripting (1.0.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP Widget Cache Cross-Site Scripting (0.26)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP with Spritz Local/Remote File Inclusion (1.0)
|
CWE-98
|
CWE-98
|
High
|
|
WordPress Plugin WP Yelp Review Slider SQL Injection (7.0)
|
CVE-2023-0263
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin WP YouTube Live Cross-Site Scripting (1.7.21)
|
CVE-2022-1187
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WP YouTube Live Cross-Site Scripting (1.8.2)
|
CVE-2022-1334
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WPZOOM Portfolio Cross-Site Scripting (1.2.1)
|
CVE-2022-4789
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wrapper Link Elementor Malicious Code (1.0.3)
|
CVE-2024-6297
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin WR ContactForm SQL Injection (1.1.9)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin wSecure Lite Remote Code Execution (2.3)
|
CVE-2016-10960
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin WTI Like Post Cross-Site Scripting (1.4.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin WTI Like Post SQL Injection (1.4.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Wu-Rating Cross-Site Scripting (1.0 12319)
|
CVE-2014-4601
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wufoo Shortcode Cross-Site Scripting (1.47)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wufoo Shortcode Cross-Site Scripting (1.50)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wufoo Shortcode Cross-Site Scripting (1.51)
|
CVE-2022-4679
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Wunderbar Basic Cross-Site Scripting (1.1.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin XCloner-Backup and Restore Multiple Vulnerabilities (3.1.2)
|
CVE-2015-4336
CVE-2015-4337
CVE-2015-4338
CWE-79
CWE-94
|
CWE-79
CWE-94
|
High
|
|
WordPress Plugin XData Toolkit Arbitrary File Upload (1.9)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin XEN Carousel Multiple Cross-Site Scripting Vulnerabilities (0.12.2)
|
CVE-2014-4602
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Xerte Online 'save.php' Arbitrary File Upload (0.32)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin XforWooCommerce Security Bypass (1.6.4)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Xhanch-My Twitter Cross-Site Request Forgery (2.7.6)
|
CVE-2013-3253
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Xhanch-My Twitter Multiple Cross-Site Request Forgery Vulnerabilities (2.7.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin xili-language Multiple Unspecified Vulnerabilities (2.17.0)
|
|
|
High
|
|
WordPress Plugin xili-tidy-tags Cross-Site Request Forgery (1.12.03)
|
CVE-2022-47448
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Xllentech English Islamic Calendar SQL Injection (2.6.7)
|
CVE-2021-24341
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin XML File Export Import for Stamps.com and WooCommerce Cross-Site Request Forgery (1.1.8)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (3.9)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (4.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin XO Event Calendar Cross-Site Scripting (2.3.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Xorbin Analog Flash Clock Cross-Site Scripting (1.0)
|
CVE-2013-4692
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Xorbin Digital Flash Clock Cross-Site Scripting (1.0)
|
CVE-2013-4693
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin XO Security Cross-Site Scripting (1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin xPinner Lite Multiple Vulnerabilities (2.2)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Xtreme Locator Dealer Locator SQL Injection (1.5)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin XVE Various Embed Multiple Cross-Site Scripting Vulnerabilities (1.0.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yahoo! Updates for WordPress Multiple Cross-Site Scripting Vulnerabilities (1.0)
|
CVE-2014-4603
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yakadanda Google+ Hangout Events Cross-Site Scripting (0.3.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YaMaps for WordPress Cross-Site Scripting (0.6.25)
|
CVE-2023-0270
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yandex.News Feed by Teplitsa Cross-Site Scripting (1.12.5)
|
CVE-2023-25052
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yandex Money button Cross-Site Scripting (2.3.3)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YARPP-Yet Another Related Posts Cross-Site Scripting (5.30.2)
|
CVE-2022-4471
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YARPP-Yet Another Related Posts Local File Inclusion (5.30.3)
|
CVE-2022-45374
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin YARPP-Yet Another Related Posts Multiple Vulnerabilities (4.2.4)
|
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin YARPP-Yet Another Related Posts PHP Object Injection (4.4)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin YARPP-Yet Another Related Posts SQL Injection (5.30.2)
|
CVE-2023-0579
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Yasr-Yet Another Stars Rating SQL Injection (0.9.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (0.9.1)
|
|
|
High
|
|
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (1.3.2)
|
|
|
High
|
|
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (1.7.0)
|
|
|
High
|
|
WordPress Plugin YAS Slideshow Arbitrary File Upload (3.4)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin YAWPP (Yet Another WordPress Petition Plugin) SQL Injection (1.2)
|
CVE-2014-5182
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2)
|
CVE-2022-2371
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2.1)
|
CVE-2022-2372
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.4.5)
|
CVE-2023-3093
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YaySMTP-Simple WP SMTP Mail Information Disclosure (2.2)
|
CVE-2022-2369
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Yes-co ORES Cross-Site Scripting (1.3.44)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yes/No Chart SQL Injection (1.0.11)
|
CVE-2021-24360
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Yet Another bol.com Cross-Site Scripting (1.4)
|
CVE-2021-38330
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yet Another Photoblog Unspecified Vulnerability (1.10.6)
|
|
|
High
|
|
WordPress Plugin YITH Advanced Refund System for WooCommerce Security Bypass (1.0.10)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH Color and Label Variations for WooCommerce Security Bypass (1.8.11)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH Custom Thank You Page for Woocommerce Security Bypass (1.1.6)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH Desktop Notifications for WooCommerce Security Bypass (1.2.7)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH Maintenance Mode Cross-Site Scripting (1.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH Maintenance Mode Cross-Site Scripting (1.3.7)
|
CVE-2021-36841
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH Maintenance Mode Multiple Cross-Site Scripting Vulnerabilities (1.3.8)
|
CVE-2021-36845
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH PayPal Express Checkout for WooCommerce Security Bypass (1.2.5)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH Pre-Order for WooCommerce Security Bypass (1.1.9)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH Product Size Charts for WooCommerce Security Bypass (1.1.11)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Added to Cart Popup Security Bypass (1.3.11)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Advanced Reviews Security Bypass (1.3.9)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Affiliates Security Bypass (1.6.3)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Ajax Product Filter Cross-Site Scripting (3.11.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH WooCommerce Ajax Search Security Bypass (1.6.9)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)
|
|
|
High
|
|
WordPress Plugin YITH WooCommerce Authorize.net Payment Gateway Security Bypass (1.1.12)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Badge Management Security Bypass (1.3.19)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Best Sellers Security Bypass (1.1.11)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Brands Add-On Security Bypass (1.3.6)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Bulk Product Editing Security Bypass (1.2.13)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Cart Messages Security Bypass (1.4.3)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Compare PHP Object Injection (2.0.9)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin YITH WooCommerce Compare Security Bypass (2.3.13)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Frequently Bought Together Security Bypass (1.2.10)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.3.0)
|
CVE-2021-3120
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.19.0)
|
CVE-2022-45359
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin YITH WooCommerce Gift Cards Premium Unspecified Vulnerability (3.20.0)
|
|
|
High
|
|
WordPress Plugin YITH WooCommerce Gift Cards Security Bypass (1.3.7)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Gift Cards Unspecified Vulnerability (2.14.0)
|
|
|
High
|
|
WordPress Plugin YITH WooCommerce Mailchimp Security Bypass (2.1.3)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Multi-step Checkout Security Bypass (1.7.4)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Multi Vendor Cross-Site Scripting (3.8.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH WooCommerce Multi Vendor Security Bypass (3.4.0)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Order Tracking Security Bypass (1.2.10)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce PDF Invoice and Shipping List Security Bypass (1.2.12)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Points and Rewards Security Bypass (1.3.4)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Product Add-Ons Cross-Site Scripting (2.2.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH WooCommerce Product Add-Ons Multiple Vulnerabilities (2.0.7)
|
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin YITH WooCommerce Product Add-Ons Security Bypass (1.5.21)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Product Bundles Security Bypass (1.1.15)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Questions and Answers Security Bypass (1.1.9)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Quick View Security Bypass (1.3.13)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Recover Abandoned Cart Security Bypass (1.3.2)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Request A Quote Security Bypass (1.4.7)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Social Login Security Bypass (1.3.4)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Stripe Security Bypass (2.0.1)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Subscription Security Bypass (1.3.4)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Waiting List Security Bypass (1.3.9)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Wishlist Security Bypass (2.2.13)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin YITH WooCommerce Wishlist SQL Injection (2.1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin YITH WooCommerce Wishlist Unspecified Vulnerability (2.0.6)
|
|
|
High
|
|
WordPress Plugin YITH WooCommerce Zoom Magnifier Cross-Site Scripting (1.1.8)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH WooCommerce Zoom Magnifier Cross-Site Scripting (1.2.6)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YITH WooCommerce Zoom Magnifier Security Bypass (1.3.11)
|
CVE-2019-16251
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Request Forgery (3.3.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (2.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (2.1.1)
|
CVE-2012-6692
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (3.2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (3.4.0)
|
CVE-2021-24153
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (5.7.1)
|
CVE-2017-16842
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (11.5)
|
CVE-2019-13478
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (20.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (21.0)
|
CVE-2023-40680
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (22.5)
|
CVE-2024-4041
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Cross-Site Scripting (22.6)
|
CVE-2024-4984
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Yoast SEO Information Disclosure (3.2.4)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Yoast SEO Possible Remote Code Execution (9.1.0)
|
CVE-2018-19370
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Yoast SEO Security Bypass (1.4.6)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Yoast SEO SQL Injection (1.7.3.3)
|
CVE-2015-2292
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Yoast SEO Unspecified Vulnerability (5.9.2)
|
|
|
High
|
|
WordPress Plugin yolink Search for WordPress 'bulkcrawl.php' SQL Injection (1.1.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin yolink Search for WordPress Cross-Site Scripting (2.5)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Cross-Site Scripting (5.7.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Cross-Site Scripting (5.8.0)
|
CVE-2017-2127
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Cross-Site Scripting (6.0.2)
|
CVE-2019-9914
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Cross-Site Scripting (6.1.1)
|
CVE-2021-24885
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Cross-Site Scripting (6.1.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Cross-Site Scripting (6.2.7)
|
CVE-2021-24454
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Cross-Site Scripting (6.3.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Multiple Cross-Site Scripting Vulnerabilities (4.9.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Multiple Cross-Site Scripting Vulnerabilities (6.3.0)
|
CVE-2021-24833
CVE-2021-24834
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YOP Poll Unspecified Vulnerability (5.7.7)
|
|
|
High
|
|
WordPress Plugin youForms for WordPress-Creating Forms for CopeCart Cross-Site Scripting (1.0.5)
|
CVE-2021-24596
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Your Text Manager Cross-Site Scripting (0.3.0)
|
CVE-2014-4604
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YouSayToo auto-publishing 'submit' Parameter Cross-Site Scripting (1.0.1)
|
CVE-2012-0901
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin You Shang Cross-Site Scripting (1.0.1)
|
CVE-2021-24597
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YouTube Advanced by Embed Plus Cross-Site Scripting (5.3)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Youtube Channel Gallery Cross-Site Scripting (2.4)
|
CVE-2022-4783
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YouTube Cross-Site Request Forgery (11.8.1)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin YouTube Embed Cross-Site Scripting (3.3.2)
|
CVE-2015-6535
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YouTube Embed Cross-Site Scripting (5.0.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YouTube Embed Cross-Site Scripting (5.2.1)
|
CVE-2021-24471
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Youtube Feeder Cross-Site Request Forgery (2.0.1)
|
CVE-2021-34633
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin YouTube Gallery-Best YouTube Video Gallery Cross-Site Scripting (3.2.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Youtube shortcode Cross-Site Scripting (1.8.5)
|
CVE-2023-23687
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin YouTube Video Inserter Cross-Site Scripting (1.2.1.0)
|
CVE-2021-38327
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress Cross-Site Scripting (1.0.6)
|
CVE-2021-24443
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress Cross-Site Scripting (1.2.1)
|
CVE-2023-0059
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress SQL Injection (1.1.9)
|
CVE-2022-1950
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress SQL Injection (1.2.5)
|
CVE-2024-4742
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin YT-Audio:Audio Hosting From YouTube in WordPress 'v' Parameter Cross-Site Scripting (1.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin yURL ReTwitt Cross-Site Request Forgery (1.4)
|
CVE-2014-9341
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Z-URL Preview Cross-Site Scripting (1.6.2)
|
CVE-2017-18012
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Z-Vote 'zvote' Parameter SQL Injection (1.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ZdStatistics Cross-Site Scripting (2.0.1)
|
CVE-2014-4605
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zedity:The Easiest Way To Create Posts & Pages Cross-Site Scripting (2.5.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zedity:The Easiest Way To Create Posts & Pages Unspecified Vulnerability (5.0.2)
|
|
|
High
|
|
WordPress Plugin Zedna Contact form Arbitrary File Upload (1.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Zedna Contact form Directory Traversal (1.1)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Zedna eBook download Directory Traversal (1.1)
|
CVE-2016-10924
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin ZeenShare Cross-Site Scripting (1.0.1)
|
CVE-2014-4606
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin zeList Directory Cross-Site Scripting (0.5.11.07)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zendesk Chat Cross-Site Request Forgery (1.4.5)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Zendesk Chat Cross-Site Scripting (1.2.5)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zendesk Chat Unspecified Vulnerability (1.3.9)
|
|
|
High
|
|
WordPress Plugin Zendesk Help Center by BestWebSoft Cross-Site Scripting (1.0.4)
|
CVE-2017-2171
CVE-2017-2171
CVE-2017-18542
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zeno Font Resizer Cross-Site Scripting (1.7.9)
|
CVE-2023-25442
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zephyr Project Manager Cross-Site Scripting (3.2.40)
|
CVE-2022-1822
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zephyr Project Manager Multiple Vulnerabilities (3.2.42)
|
CVE-2022-2840
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Zero BS WordPress CRM Cross-Site Request Forgery (2.99.9)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Zero Spam SQL Injection (2.1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Zibbra Cross-Site Scripting (1.7.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zielke Specialized Catalog Arbitrary File Upload (3.0.7)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Zingiri Web Shop 'abspath' Parameter Remote File Include (2.4.6)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3)
|
CWE-95
|
CWE-95
|
High
|
|
WordPress Plugin Zingiri Web Shop 'uploadfilexd.php' Arbitrary File Upload (2.4.3)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Zingiri Web Shop 'wpabspath' Parameter Remote File Include (2.2.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Zingiri Web Shop Cross-Site Scripting (2.4.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (2.3.5)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting Vulnerabilities (2.4.1)
|
CVE-2012-6506
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zingiri Web Shop Unspecified Vulnerability (2.6.5)
|
|
|
High
|
|
WordPress Plugin Zip Attachments Arbitrary File Download (1.4)
|
CVE-2015-4694
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Zita Elementor Site Library Arbitrary File Upload (1.6.1)
|
CVE-2024-37420
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Zlick Paywall Security Bypass (2.2.1)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin zM Ajax Login & Register Multiple Vulnerabilities (1.0.9)
|
CVE-2015-4153
CVE-2015-4465
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
WordPress Plugin ZM Gallery SQL Injection (1.0)
|
CVE-2016-10940
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.6.9.1)
|
CVE-2019-19306
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.7.2.8)
|
CVE-2021-33849
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zoho CRM Lead Magnet Unspecified Vulnerability (1.7.2.9)
|
|
|
High
|
|
WordPress Plugin Zoho Marketing Automation SQL Injection (1.2.7)
|
CVE-2024-37225
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Zoho SalesIQ Multiple Vulnerabilities (1.0.8)
|
CVE-2019-5962
CVE-2019-5963
CVE-2019-15644
CVE-2019-15645
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin ZooEffect for Video player Photo Gallery Slideshow jQuery and audio/music/podcast-HTML Cross-Site Scripting (1.01)
|
CVE-2011-5180
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Arbitrary File Upload (2.0)
|
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Directory Traversal (6.45)
|
CVE-2021-39316
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Zotpress 'citation' Parameter Cross-Site Scripting (2.6.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Zotpress SQL Injection (6.1.2)
|
CVE-2016-1000217
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin ZTR Zeumic Work Timer Multiple Unspecified Vulnerabilities (1.0.6)
|
|
|
High
|
|
WordPress Plugin ZWM Zeumic Work Management Multiple Unspecified Vulnerabilities (1.0.11)
|
|
|
High
|
|
WordPress Plugin ZX_CSV Upload Multiple Vulnerabilities (1)
|
CWE-89
CWE-352
|
CWE-89
CWE-352
|
High
|
|
WordPress Possible Security Bypass Vulnerability (0.70 - 4.7.4)
|
CVE-2017-8295
CWE-264
|
CWE-264
|
High
|
|
WordPress Possible SQL Injection Vulnerability (0.70 - 3.6.1)
|
CVE-2017-16510
CWE-89
|
CWE-89
|
High
|
|
WordPress Same Origin Method Execution (SOME) Vulnerability (0.70 - 3.7.13)
|
CVE-2016-4566
CWE-79
|
CWE-79
|
High
|
|
WordPress Server-Side Request Forgery (3.7 - 6.1.1)
|
CVE-2022-3590
CWE-918
|
CWE-918
|
High
|
|
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-4029)
|
CVE-2016-4029
CWE-918
|
CWE-918
|
High
|
|
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-9066)
|
CVE-2017-9066
CWE-918
|
CWE-918
|
High
|
|
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10673)
|
CVE-2019-10673
CWE-352
|
CWE-352
|
High
|
|
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-31216)
|
CVE-2023-31216
CWE-352
|
CWE-352
|
High
|
|
WordPress Ultimate Member Plugin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-3966)
|
CVE-2022-3966
CWE-22
|
CWE-22
|
High
|
|
WordPress Ultimate Member Plugin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-0308)
|
CVE-2025-0308
CWE-138
|
CWE-138
|
High
|
|
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36156)
|
CVE-2020-36156
CWE-269
|
CWE-269
|
High
|
|
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3383)
|
CVE-2022-3383
|
|
High
|
|
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3384)
|
CVE-2022-3384
|
|
High
|
|
WordPress Ultimate Member Plugin Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10270)
|
CVE-2019-10270
CWE-640
|
CWE-640
|
High
|
|
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2018-6389)
|
CVE-2018-6389
CWE-400
|
CWE-400
|
High
|
|
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2023-22622)
|
CVE-2023-22622
CWE-400
|
CWE-400
|
High
|
|
WordPress Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-14028)
|
CVE-2018-14028
CWE-434
|
CWE-434
|
High
|
|
WordPress Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2017-5493)
|
CVE-2017-5493
CWE-338
|
CWE-338
|
High
|
|
WordPress Use of Insufficiently Random Values Vulnerability (CVE-2017-17091)
|
CVE-2017-17091
CWE-330
|
CWE-330
|
High
|
|
WordPress User-Agent SQL Injection Vulnerability (1.5.2)
|
CVE-2006-1012
CWE-89
|
CWE-89
|
High
|
|
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2014-6412)
|
CVE-2014-6412
CWE-640
|
CWE-640
|
High
|
|
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2020-11027)
|
CVE-2020-11027
CWE-640
|
CWE-640
|
High
|
|
XOOPS CVE-2009-3963 Vulnerability (CVE-2009-3963)
|
CVE-2009-3963
|
|
High
|
|
XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0612)
|
CVE-2008-0612
CWE-22
|
CWE-22
|
High
|
|
XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3296)
|
CVE-2008-3296
CWE-22
|
CWE-22
|
High
|
|
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2002-2391)
|
CVE-2002-2391
CWE-138
|
CWE-138
|
High
|
|
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0611)
|
CVE-2008-0611
CWE-138
|
CWE-138
|
High
|
|
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4433)
|
CVE-2008-4433
CWE-138
|
CWE-138
|
High
|
|
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5665)
|
CVE-2008-5665
CWE-138
|
CWE-138
|
High
|
|
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7290)
|
CVE-2017-7290
CWE-138
|
CWE-138
|
High
|
|
XOOPS Other Vulnerability (CVE-2005-0743)
|
CVE-2005-0743
|
|
High
|
|
XOOPS Other Vulnerability (CVE-2005-2113)
|
CVE-2005-2113
|
|
High
|
|
XOOPS Other Vulnerability (CVE-2007-0377)
|
CVE-2007-0377
|
|
High
|
|
XWiki Cleartext Storage of Sensitive Information Vulnerability (CVE-2023-50719)
|
CVE-2023-50719
CWE-312
|
CWE-312
|
High
|
|
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-41927)
|
CVE-2022-41927
CWE-352
|
CWE-352
|
High
|
|
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-29213)
|
CVE-2023-29213
CWE-352
|
CWE-352
|
High
|
|
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-40572)
|
CVE-2023-40572
CWE-352
|
CWE-352
|
High
|
|
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-46242)
|
CVE-2023-46242
CWE-352
|
CWE-352
|
High
|
|
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-48293)
|
CVE-2023-48293
CWE-352
|
CWE-352
|
High
|
|
XWiki CVE-2022-31166 Vulnerability (CVE-2022-31166)
|
CVE-2022-31166
|
|
High
|
|
XWiki CVE-2023-26471 Vulnerability (CVE-2023-26471)
|
CVE-2023-26471
|
|
High
|
|
XWiki CVE-2023-26474 Vulnerability (CVE-2023-26474)
|
CVE-2023-26474
|
|
High
|
|
XWiki CVE-2023-35166 Vulnerability (CVE-2023-35166)
|
CVE-2023-35166
|
|
High
|
|
XWiki CVE-2023-40573 Vulnerability (CVE-2023-40573)
|
CVE-2023-40573
|
|
High
|
|
XWiki CVE-2023-48241 Vulnerability (CVE-2023-48241)
|
CVE-2023-48241
|
|
High
|
|
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-41936)
|
CVE-2022-41936
CWE-359
|
CWE-359
|
High
|
|
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-29208)
|
CVE-2023-29208
CWE-668
|
CWE-668
|
High
|
|
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-34467)
|
CVE-2023-34467
CWE-668
|
CWE-668
|
High
|
|
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-35151)
|
CVE-2023-35151
CWE-668
|
CWE-668
|
High
|
|
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-29517)
|
CVE-2023-29517
CWE-200
|
CWE-200
|
High
|
|
XWiki Improper Authentication Vulnerability (CVE-2022-36092)
|
CVE-2022-36092
CWE-287
|
CWE-287
|
High
|
|
XWiki Improper Authentication Vulnerability (CVE-2022-36093)
|
CVE-2022-36093
CWE-287
|
CWE-287
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-11057)
|
CVE-2020-11057
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29209)
|
CVE-2023-29209
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29210)
|
CVE-2023-29210
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29211)
|
CVE-2023-29211
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29212)
|
CVE-2023-29212
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29214)
|
CVE-2023-29214
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29509)
|
CVE-2023-29509
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30537)
|
CVE-2023-30537
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35150)
|
CVE-2023-35150
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35152)
|
CVE-2023-35152
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37909)
|
CVE-2023-37909
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37914)
|
CVE-2023-37914
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-40177)
|
CVE-2023-40177
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46243)
|
CVE-2023-46243
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721)
|
CVE-2023-50721
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50723)
|
CVE-2023-50723
CWE-94
|
CWE-94
|
High
|
|
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)
|
CVE-2020-13654
CWE-116
|
CWE-116
|
High
|
|
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36099)
|
CVE-2022-36099
CWE-116
|
CWE-116
|
High
|
|
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100)
|
CVE-2022-36100
CWE-116
|
CWE-116
|
High
|
|
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-41934)
|
CVE-2022-41934
CWE-116
|
CWE-116
|
High
|
|
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-26472)
|
CVE-2023-26472
CWE-116
|
CWE-116
|
High
|
|
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-45135)
|
CVE-2023-45135
CWE-116
|
CWE-116
|
High
|
|
XWiki Improper Handling of Insufficient Privileges Vulnerability (CVE-2024-21648)
|
CVE-2024-21648
CWE-274
|
CWE-274
|
High
|
|
XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-37913)
|
CVE-2023-37913
CWE-22
|
CWE-22
|
High
|
|
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41928)
|
CVE-2022-41928
CWE-707
|
CWE-707
|
High
|
|
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41931)
|
CVE-2022-41931
CWE-707
|
CWE-707
|
High
|
|
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-29511)
|
CVE-2023-29511
CWE-707
|
CWE-707
|
High
|
|
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-37462)
|
CVE-2023-37462
CWE-707
|
CWE-707
|
High
|
|
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-50722)
|
CVE-2023-50722
CWE-707
|
CWE-707
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15252)
|
CVE-2020-15252
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29510)
|
CVE-2023-29510
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29512)
|
CVE-2023-29512
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29514)
|
CVE-2023-29514
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29516)
|
CVE-2023-29516
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29518)
|
CVE-2023-29518
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29519)
|
CVE-2023-29519
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29521)
|
CVE-2023-29521
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29522)
|
CVE-2023-29522
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29523)
|
CVE-2023-29523
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29524)
|
CVE-2023-29524
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29525)
|
CVE-2023-29525
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29526)
|
CVE-2023-29526
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29527)
|
CVE-2023-29527
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36469)
|
CVE-2023-36469
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36470)
|
CVE-2023-36470
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4641)
|
CVE-2010-4641
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21380)
|
CVE-2021-21380
CWE-138
|
CWE-138
|
High
|
|
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)
|
CVE-2023-26475
CWE-269
|
CWE-269
|
High
|
|
XWiki Improper Privilege Management Vulnerability (CVE-2023-34465)
|
CVE-2023-34465
CWE-269
|
CWE-269
|
High
|
|
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)
|
CVE-2023-26476
CWE-307
|
CWE-307
|
High
|
|
XWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-27480)
|
CVE-2023-27480
CWE-611
|
CWE-611
|
High
|
|
XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468)
|
CVE-2023-36468
CWE-459
|
CWE-459
|
High
|
|
XWiki Incorrect Authorization Vulnerability (CVE-2023-32069)
|
CVE-2023-32069
CWE-863
|
CWE-863
|
High
|
|
XWiki Incorrect Authorization Vulnerability (CVE-2023-46244)
|
CVE-2023-46244
CWE-863
|
CWE-863
|
High
|
|
XWiki Incorrect Use of Privileged APIs Vulnerability (CVE-2022-24821)
|
CVE-2022-24821
CWE-648
|
CWE-648
|
High
|
|
XWiki Missing Authorization Vulnerability (CVE-2022-36091)
|
CVE-2022-36091
CWE-862
|
CWE-862
|
High
|
|
XWiki Missing Authorization Vulnerability (CVE-2022-41930)
|
CVE-2022-41930
CWE-862
|
CWE-862
|
High
|
|
XWiki Missing Authorization Vulnerability (CVE-2022-41937)
|
CVE-2022-41937
CWE-862
|
CWE-862
|
High
|
|
XWiki Missing Authorization Vulnerability (CVE-2023-37910)
|
CVE-2023-37910
CWE-862
|
CWE-862
|
High
|
|
XWiki Missing Authorization Vulnerability (CVE-2024-43401)
|
CVE-2024-43401
CWE-862
|
CWE-862
|
High
|
|
XWiki Other Vulnerability (CVE-2022-36090)
|
CVE-2022-36090
|
|
High
|
|
XWiki Other Vulnerability (CVE-2023-26478)
|
CVE-2023-26478
|
|
High
|
|
XWiki Other Vulnerability (CVE-2023-29507)
|
CVE-2023-29507
|
|
High
|
|
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470)
|
CVE-2023-26470
CWE-787
|
CWE-787
|
High
|
|
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986)
|
CVE-2024-31986
CWE-352
|
CWE-352
|
High
|
|
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988)
|
CVE-2024-31988
CWE-352
|
CWE-352
|
High
|
|
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31465)
|
CVE-2024-31465
CWE-94
|
CWE-94
|
High
|
|
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984)
|
CVE-2024-31984
CWE-94
|
CWE-94
|
High
|
|
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899)
|
CVE-2024-37899
CWE-94
|
CWE-94
|
High
|
|
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901)
|
CVE-2024-37901
CWE-94
|
CWE-94
|
High
|
|
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31981)
|
CVE-2024-31981
CWE-862
|
CWE-862
|
High
|
|
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983)
|
CVE-2024-31983
CWE-862
|
CWE-862
|
High
|
|
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31987)
|
CVE-2024-31987
CWE-862
|
CWE-862
|
High
|
|
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31997)
|
CVE-2024-31997
CWE-862
|
CWE-862
|
High
|
|
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)
|
CVE-2023-48240
CWE-918
|
CWE-918
|
High
|
|
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619)
|
CVE-2022-23619
CWE-640
|
CWE-640
|
High
|
|
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269)
|
CVE-2022-0269
CWE-352
|
CWE-352
|
High
|
|
YOURLS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0088)
|
CVE-2022-0088
CWE-352
|
CWE-352
|
High
|
|
YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734)
|
CVE-2021-3734
CWE-1021
|
CWE-1021
|
High
|
|
ZenCart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-11675)
|
CVE-2017-11675
CWE-94
|
CWE-94
|
High
|
|
ZenCart Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-3291)
|
CVE-2021-3291
CWE-138
|
CWE-138
|
High
|
|
ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2254)
|
CVE-2009-2254
CWE-138
|
CWE-138
|
High
|
|
ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)
|
CVE-2024-5762
CWE-829
|
CWE-829
|
High
|
|
ZenCart Other Vulnerability (CVE-2009-4323)
|
CVE-2009-4323
|
|
High
|
|
Zenphoto Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5593)
|
CVE-2020-5593
CWE-138
|
CWE-138
|
High
|
|
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6666)
|
CVE-2007-6666
CWE-138
|
CWE-138
|
High
|
|
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4566)
|
CVE-2009-4566
CWE-138
|
CWE-138
|
High
|
|
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4906)
|
CVE-2010-4906
CWE-138
|
CWE-138
|
High
|
|
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5591)
|
CVE-2015-5591
CWE-138
|
CWE-138
|
High
|
|
Zenphoto Improper Privilege Management Vulnerability (CVE-2018-0610)
|
CVE-2018-0610
CWE-269
|
CWE-269
|
High
|
|
Zenphoto Other Vulnerability (CVE-2007-0616)
|
CVE-2007-0616
|
|
High
|
|
Zenphoto Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-36079)
|
CVE-2020-36079
CWE-434
|
CWE-434
|
High
|
|
Zope Web Application Server CVE-2011-2528 Vulnerability (CVE-2011-2528)
|
CVE-2011-2528
|
|
High
|
|
Zope Web Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-41050)
|
CVE-2023-41050
CWE-200
|
CWE-200
|
High
|
|
Zope Web Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)
|
CVE-2021-32633
CWE-22
|
CWE-22
|
High
|
|
Zope Web Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32674)
|
CVE-2021-32674
CWE-22
|
CWE-22
|
High
|
|
Zope Web Application Server Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2021-32811)
|
CVE-2021-32811
CWE-915
|
CWE-915
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2000-0483)
|
CVE-2000-0483
|
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2000-0725)
|
CVE-2000-0725
|
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2000-1211)
|
CVE-2000-1211
|
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2001-1227)
|
CVE-2001-1227
|
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2001-1278)
|
CVE-2001-1278
|
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2002-0170)
|
CVE-2002-0170
|
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2002-0688)
|
CVE-2002-0688
|
|
High
|
|
Zope Web Application Server Other Vulnerability (CVE-2005-3323)
|
CVE-2005-3323
|
|
High
|
