Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Login or Logout Menu Item Security Bypass (1.1.1)
CVE-2019-15820
CWE-264
High
WordPress Plugin Login rebuilder Cross-Site Request Forgery (1.1.3)
CVE-2014-3882
CWE-352
High
WordPress Plugin Login Security Solution Multiple Unspecified Vulnerabilities (0.50.0)
-
-
High
WordPress Plugin Login Widget With Shortcode Cross-Site Request Forgery (3.1.1)
CVE-2014-6312
CWE-352
High
WordPress Plugin Login With Ajax Cross-Site Request Forgery (3.0.4.1)
CVE-2013-2707
CWE-352
High
WordPress Plugin Login With Ajax Cross-Site Scripting (3.0.4)
CVE-2012-4283
CWE-79
High
WordPress Plugin Login With Ajax Cross-Site Scripting (3.1.6)
-
CWE-79
High
WordPress Plugin Login With Ajax Security Bypass (3.1.2)
-
CWE-284
High
WordPress Plugin Login with Azure (Azure SSO) Cross-Site Scripting (1.4.4)
-
CWE-79
High
WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.3)
-
CWE-79
High
WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.8)
CVE-2022-4200
CWE-79
High
WordPress Plugin Login with phone number Cross-Site Scripting (1.4.1)
CVE-2023-23492
CWE-79
High
WordPress Plugin Login with phone number Security Bypass (1.7.26)
CVE-2024-5150
CWE-287
High
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)
CVE-2022-0215
CWE-352
High
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Scripting (1.4)
CVE-2020-36715
CWE-79
High
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Security Bypass (2.7.2)
CVE-2024-5324
CWE-862
High
WordPress Plugin Loginizer Cross-Site Scripting (1.3.9)
CVE-2018-11366
CWE-79
High
WordPress Plugin Loginizer Multiple Vulnerabilities (1.3.5)
CVE-2017-12651
CWE-352
High
WordPress Plugin Loginizer SQL Injection (1.6.3)
CVE-2020-27615
CWE-89
High
WordPress Plugin Logo Carousel Cross-Site Request Forgery (1.7.4)
-
CWE-352
High
WordPress Plugin Logo Carousel Cross-Site Scripting (1.7.1)
-
CWE-79
High
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Cross-Site Request Forgery (2.0)
CVE-2021-24913
CWE-352
High
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Cross-Site Scripting (1.2.3)
CVE-2021-24729
CWE-79
High
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Security Bypass (1.2.4)
CVE-2021-24730
CWE-264
High
WordPress Plugin Logo Slider and Showcase Security Bypass (1.3.36)
CVE-2021-24742
CWE-863
High
WordPress Plugin LOGOSWARE SUITE Uploader Arbitrary File Upload (1.1.6)
-
CWE-434
High
WordPress Plugin M-vSlider SQL Injection (2.1.3)
CVE-2021-24557
CWE-89
High
WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)
-
CWE-22
High
WordPress Plugin MAC PHOTO GALLERY 'macalbajax.php' Multiple Cross-Site Scripting Vulnerabilities (2.10)
-
CWE-79
High
WordPress Plugin MAC PHOTO GALLERY 'upload-file.php' Arbitrary File Upload (2.7)
-
CWE-434
High
WordPress Plugin MAC PHOTO GALLERY Arbitrary File Download (3.0)
-
CWE-538
High
WordPress Plugin MAC PHOTO GALLERY Multiple Security Bypass Vulnerabilities (3.0)
-
CWE-285
High
WordPress Plugin Magee Shortcodes Cross-Site Scripting (1.6.3)
-
CWE-79
High
WordPress Plugin Magic Fields 2 Cross-Site Scripting (2.3.2.4)
-
CWE-79
High
WordPress Plugin Magic Fields 2 Unspecified Vulnerability (2.3.2.2)
-
-
High
WordPress Plugin Magic Fields Arbitrary File Upload (1.6.3.2)
-
CWE-434
High
WordPress Plugin Magic Fields Cross-Site Scripting (1.7.1)
-
CWE-79
High
WordPress Plugin Magic Post Voice Cross-Site Scripting (1.2)
CVE-2021-39315
CWE-79
High
WordPress Plugin Magn WP Drag and Drop Upload Arbitrary File Upload (1.1.4)
-
CWE-20
High
WordPress Plugin Mail Control-Email Customizer, SMTP Deliverability, logging, open and click Tracking Cross-Site Scripting (0.3.1)
CVE-2023-3158
CWE-79
High
WordPress Plugin Mail logging-WP Mail Catcher Cross-Site Scripting (2.1.2)
CVE-2023-3080
CWE-79
High
WordPress Plugin Mail Masta Local File Inclusion (1.0)
CVE-2016-10956
CWE-22
High
WordPress Plugin Mail Masta Multiple SQL Injection Vulnerabilities (1.0)
CVE-2017-6578
CWE-89
High
WordPress Plugin Mail On Update Cross-Site Request Forgery (5.1.0)
CVE-2013-2107
CWE-352
High
WordPress Plugin Mail Queue Cross-Site Scripting (1.1)
CVE-2023-3167
CWE-79
High
WordPress Plugin Mail Subscribe List Unspecified Vulnerability (2.0.9)
-
-
High
WordPress Plugin MailArchiver Cross-Site Scripting (2.10.1)
CVE-2023-3136
CWE-79
High
WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1)
-
CWE-22
High
WordPress Plugin MailChimp Forms by MailMunch Unspecified Vulnerability (2.0.6.3)
-
-
High
WordPress Plugin MailChimp List Subscribe Form Multiple Unspecified Vulnerabilities (1.1)
-
-
High
WordPress Plugin MailCWP Arbitrary File Upload (1.100)
CVE-2016-1000156
CWE-434
High
WordPress Plugin MailCWP Arbitrary File Upload (1.99)
CVE-2015-1000000
CWE-434
High
WordPress Plugin Mailing List 'dl.php' Arbitrary File Download (1.4.1)
-
CWE-22
High
WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)
-
CWE-94
High
WordPress Plugin MailPoet Newsletters (Previous) 'swfupload.swf' Cross-Site Scripting (2.1.6)
CVE-2012-3414
CWE-79
High
WordPress Plugin MailPoet Newsletters (Previous) Arbitrary File Upload (2.6.7)
CVE-2014-4726
CWE-434
High
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Request Forgery (2.6.10)
CVE-2014-3907
CWE-352
High
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.11)
-
CWE-79
High
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.19)
-
CWE-79
High
WordPress Plugin MailPoet Newsletters (Previous) Multiple Unspecified Vulnerabilities (2.7.1)
-
-
High
WordPress Plugin MailPoet Newsletters (Previous) Multiple Vulnerabilities (2.7.2)
-
CWE-89
High
WordPress Plugin MailPoet Newsletters (Previous) Security Bypass (2.8.1)
CVE-2018-20853
CWE-264
High
WordPress Plugin MailPoet Newsletters (Previous) SQL Injection (2.2)
CVE-2013-1408
CWE-89
High
WordPress Plugin MailPoet Newsletters (Previous) Unspecified Vulnerability (2.7.8)
-
-
High
WordPress Plugin MailPoet-emails and newsletters in WordPress Cross-Site Scripting (3.23.1)
CVE-2019-11843
CWE-79
High
WordPress Plugin MailPress Multiple Vulnerabilities (5.4.4)
-
CWE-264
High
WordPress Plugin MailPress Remote Code Execution (7.0.2)
-
CWE-94
High
WordPress Plugin Mailster-Email Newsletter for WordPress Cross-Site Scripting (2.4.5.1)
-
CWE-79
High
WordPress Plugin Mailster-Email Newsletter for WordPress Local File Inclusion (4.0.6)
CVE-2024-32523
CWE-22
High
WordPress Plugin Mailtree Log Mail Cross-Site Scripting (1.0.0)
CVE-2023-3135
CWE-79
High
WordPress Plugin MailUp newsletter sign-up form Security Bypass (1.3.2)
CVE-2013-2640
CWE-264
High
WordPress Plugin Maintenance Cross-Site Request Forgery (3.6.4)
-
CWE-352
High
WordPress Plugin Maintenance Cross-Site Scripting (4.02)
CVE-2021-24533
CWE-79
High
WordPress Plugin Maintenance Mode Under Construction Page Landing Page Possible Remote Code Execution (1.0.9)
CVE-2016-10045
CWE-94
High
WordPress Plugin Maintenance Mode Unspecified Vulnerability (1.3.3)
-
-
High