Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

High Severity Vulnerabilities

Found 5664 vulnerabilities at High severity.

Reference
Title
Technology
CVE-2022-3966
WordPress Ultimate Member Plugin Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
WordPress Ultimate Member Plugin
CVE-2022-3384
WordPress Ultimate Member Plugin Other Vulnerability
WordPress Ultimate Member Plugin
CVE-2022-3383
WordPress Ultimate Member Plugin Other Vulnerability
WordPress Ultimate Member Plugin
CVE-2023-31216
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability
WordPress Ultimate Member Plugin
CVE-2019-10270
WordPress Ultimate Member Plugin Weak Password Recovery Mechanism for Forgotten Password Vulnerability
WordPress Ultimate Member Plugin
CVE-2020-36156
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability
WordPress Ultimate Member Plugin
CVE-2019-10673
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability
WordPress Ultimate Member Plugin
CVE-2025-0308
WordPress Ultimate Member Plugin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
WordPress Ultimate Member Plugin
CVE-2022-45782
Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability
Dot CMS
CVE-2020-18875
Dot CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Dot CMS
CVE-2020-27848
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2017-3189
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability
Dot CMS
CVE-2017-3187
Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability
Dot CMS
CVE-2019-12872
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-10007
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-10008
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2017-11466
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability
Dot CMS
CVE-2016-8906
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-8905
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-8904
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-8903
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-8907
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-8908
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-8600
Dot CMS Permissions Privileges and Access Controls Vulnerability
Dot CMS
CVE-2016-4803
Dot CMS Other Vulnerability
Dot CMS
CVE-2016-4040
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2026-22750
Spring Cloud Gateway External Control of System or Configuration Setting Vulnerability
Spring Cloud Gateway
CVE-2023-6271
Wordpress Plugin Backup Migration Vulnerability
Wordpress Plugin Backup Migration
CVE-2023-7002
Wordpress Plugin Backup Migration Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Wordpress Plugin Backup Migration
CVE-2023-6266
Wordpress Plugin Backup Migration Files or Directories Accessible to External Parties Vulnerability
Wordpress Plugin Backup Migration