Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Application Vulnerabilities

This page lists 23441 vulnerabilities in 68 categories.

Critical: 1499 High: 12791 Medium: 8230 Low: 857 Information: 64
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Locatoraid Store Locator Cross-Site Request Forgery (3.9.11)
CVE-2023-25709
CWE-352
High
WordPress Plugin Lockdown WP Admin Unspecified Vulnerability (1.1.2)
-
-
High
WordPress Plugin Loco Translate Local File Inclusion (2.2.1)
-
CWE-22
High
WordPress Plugin Loco Translate PHP Code Injection (2.5.3)
CVE-2021-24721
CWE-95
High
WordPress Plugin Loco Translate Unspecified Vulnerability (2.5.4)
-
-
High
WordPress Plugin Log Emails Information Disclosure (1.0.6)
-
CWE-200
High
WordPress Plugin Log HTTP Requests Cross-Site Scripting (1.3.1)
CVE-2022-3402
CWE-79
High
WordPress Plugin LOGIN AND REGISTRATION ATTEMPTS LIMIT Cross-Site Request Forgery (2.1)
CVE-2022-47138
CWE-352
High
WordPress Plugin Login as User or Customer Cross-Site Request Forgery (1.9)
-
CWE-352
High
WordPress Plugin Login as User or Customer Privilege Escalation (3.2)
CVE-2022-4305
CWE-269
High
WordPress Plugin Login as User or Customer Security Bypass (1.7)
-
CWE-264
High
WordPress Plugin Login Block IPs Cross-Site Request Forgery (1.0.0)
CVE-2022-3098
CWE-352
High
WordPress Plugin Login by Auth0 Cross-Site Scripting (3.11.2)
CVE-2019-20173
CWE-79
High
WordPress Plugin Login by Auth0 Multiple Vulnerabilities (3.11.3)
CVE-2020-7948
CWE-352
High
WordPress Plugin Login Logout Menu Cross-Site Scripting (1.3.3)
CVE-2022-4622
CWE-79
High
WordPress Plugin Login Logout Menu Multiple Cross-Site Scripting Vulnerabilities (1.3.3)
CVE-2022-4625
CWE-79
High
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.4.1)
-
CWE-264
High
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.6.11)
CVE-2022-2913
CWE-264
High
WordPress Plugin Login or Logout Menu Item Security Bypass (1.1.1)
CVE-2019-15820
CWE-264
High
WordPress Plugin Login rebuilder Cross-Site Request Forgery (1.1.3)
CVE-2014-3882
CWE-352
High
WordPress Plugin Login Security Solution Multiple Unspecified Vulnerabilities (0.50.0)
-
-
High
WordPress Plugin Login Widget With Shortcode Cross-Site Request Forgery (3.1.1)
CVE-2014-6312
CWE-352
High
WordPress Plugin Login With Ajax Cross-Site Request Forgery (3.0.4.1)
CVE-2013-2707
CWE-352
High
WordPress Plugin Login With Ajax Cross-Site Scripting (3.0.4)
CVE-2012-4283
CWE-79
High
WordPress Plugin Login With Ajax Cross-Site Scripting (3.1.6)
-
CWE-79
High
WordPress Plugin Login With Ajax Security Bypass (3.1.2)
-
CWE-284
High
WordPress Plugin Login with Azure (Azure SSO) Cross-Site Scripting (1.4.4)
-
CWE-79
High
WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.3)
-
CWE-79
High
WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.8)
CVE-2022-4200
CWE-79
High
WordPress Plugin Login with phone number Cross-Site Scripting (1.4.1)
CVE-2023-23492
CWE-79
High
WordPress Plugin Login with phone number Security Bypass (1.7.26)
CVE-2024-5150
CWE-287
High
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)
CVE-2022-0215
CWE-352
High
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Scripting (1.4)
CVE-2020-36715
CWE-79
High
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Security Bypass (2.7.2)
CVE-2024-5324
CWE-862
High
WordPress Plugin Loginizer Cross-Site Scripting (1.3.9)
CVE-2018-11366
CWE-79
High
WordPress Plugin Loginizer Multiple Vulnerabilities (1.3.5)
CVE-2017-12651
CWE-352
High
WordPress Plugin Loginizer SQL Injection (1.6.3)
CVE-2020-27615
CWE-89
High
WordPress Plugin Logo Carousel Cross-Site Request Forgery (1.7.4)
-
CWE-352
High
WordPress Plugin Logo Carousel Cross-Site Scripting (1.7.1)
-
CWE-79
High
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Cross-Site Request Forgery (2.0)
CVE-2021-24913
CWE-352
High
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Cross-Site Scripting (1.2.3)
CVE-2021-24729
CWE-79
High
WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Security Bypass (1.2.4)
CVE-2021-24730
CWE-264
High
WordPress Plugin Logo Slider and Showcase Security Bypass (1.3.36)
CVE-2021-24742
CWE-863
High
WordPress Plugin LOGOSWARE SUITE Uploader Arbitrary File Upload (1.1.6)
-
CWE-434
High
WordPress Plugin M-vSlider SQL Injection (2.1.3)
CVE-2021-24557
CWE-89
High
WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)
-
CWE-22
High
WordPress Plugin MAC PHOTO GALLERY 'macalbajax.php' Multiple Cross-Site Scripting Vulnerabilities (2.10)
-
CWE-79
High
WordPress Plugin MAC PHOTO GALLERY 'upload-file.php' Arbitrary File Upload (2.7)
-
CWE-434
High
WordPress Plugin MAC PHOTO GALLERY Arbitrary File Download (3.0)
-
CWE-538
High
WordPress Plugin MAC PHOTO GALLERY Multiple Security Bypass Vulnerabilities (3.0)
-
CWE-285
High
WordPress Plugin Magee Shortcodes Cross-Site Scripting (1.6.3)
-
CWE-79
High
WordPress Plugin Magic Fields 2 Cross-Site Scripting (2.3.2.4)
-
CWE-79
High
WordPress Plugin Magic Fields 2 Unspecified Vulnerability (2.3.2.2)
-
-
High
WordPress Plugin Magic Fields Arbitrary File Upload (1.6.3.2)
-
CWE-434
High
WordPress Plugin Magic Fields Cross-Site Scripting (1.7.1)
-
CWE-79
High
WordPress Plugin Magic Post Voice Cross-Site Scripting (1.2)
CVE-2021-39315
CWE-79
High
WordPress Plugin Magn WP Drag and Drop Upload Arbitrary File Upload (1.1.4)
-
CWE-20
High
WordPress Plugin Mail Control-Email Customizer, SMTP Deliverability, logging, open and click Tracking Cross-Site Scripting (0.3.1)
CVE-2023-3158
CWE-79
High
WordPress Plugin Mail logging-WP Mail Catcher Cross-Site Scripting (2.1.2)
CVE-2023-3080
CWE-79
High
WordPress Plugin Mail Masta Local File Inclusion (1.0)
CVE-2016-10956
CWE-22
High
WordPress Plugin Mail Masta Multiple SQL Injection Vulnerabilities (1.0)
CVE-2017-6578
CWE-89
High
WordPress Plugin Mail On Update Cross-Site Request Forgery (5.1.0)
CVE-2013-2107
CWE-352
High
WordPress Plugin Mail Queue Cross-Site Scripting (1.1)
CVE-2023-3167
CWE-79
High
WordPress Plugin Mail Subscribe List Unspecified Vulnerability (2.0.9)
-
-
High
WordPress Plugin MailArchiver Cross-Site Scripting (2.10.1)
CVE-2023-3136
CWE-79
High
WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1)
-
CWE-22
High
WordPress Plugin MailChimp Forms by MailMunch Unspecified Vulnerability (2.0.6.3)
-
-
High
WordPress Plugin MailChimp List Subscribe Form Multiple Unspecified Vulnerabilities (1.1)
-
-
High
WordPress Plugin MailCWP Arbitrary File Upload (1.100)
CVE-2016-1000156
CWE-434
High
WordPress Plugin MailCWP Arbitrary File Upload (1.99)
CVE-2015-1000000
CWE-434
High
WordPress Plugin Mailing List 'dl.php' Arbitrary File Download (1.4.1)
-
CWE-22
High
WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)
-
CWE-94
High
WordPress Plugin MailPoet Newsletters (Previous) 'swfupload.swf' Cross-Site Scripting (2.1.6)
CVE-2012-3414
CWE-79
High
WordPress Plugin MailPoet Newsletters (Previous) Arbitrary File Upload (2.6.7)
CVE-2014-4726
CWE-434
High
WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Request Forgery (2.6.10)
CVE-2014-3907
CWE-352
High