Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

High Severity Vulnerabilities

Found 12791 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
WordPress Plugin WP YouTube Live Cross-Site Scripting (1.7.21)
CVE-2022-1187
CWE-79
High
WordPress Plugin WP YouTube Live Cross-Site Scripting (1.8.2)
CVE-2022-1334
CWE-79
High
WordPress Plugin WPGateway Privilege Escalation (3.5)
CVE-2022-3180
CWE-269
High
WordPress Plugin WPMK Ajax Finder Cross-Site Request Forgery (1.0.1)
CVE-2022-1749
CWE-352
High
WordPress Plugin WPtouch Cross-Site Scripting (4.3.42)
-
CWE-79
High
WordPress Plugin Zephyr Project Manager Cross-Site Scripting (3.2.40)
CVE-2022-1822
CWE-79
High
WordPress Plugin Zephyr Project Manager Multiple Vulnerabilities (3.2.42)
CVE-2022-2840
CWE-89
High
WordPress Plugin 3D Tag Cloud Cross-Site Request Forgery (3.8)
CVE-2022-36417
CWE-352
High
WordPress Plugin 3dady real-time web stats Cross-Site Request Forgery (1.0)
-
CWE-352
High
WordPress Plugin AdminPad Cross-Site Request Forgery (2.1)
CVE-2022-2762
CWE-352
High
WordPress Plugin Backup Scheduler Cross-Site Request Forgery (1.5.13)
CVE-2022-38079
CWE-352
High
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Multiple Vulnerabilities (6.9.9)
CVE-2022-3247
CWE-918
High
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Security Bypass (6.9.11)
CVE-2022-3622
CWE-862
High
WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Multiple Cross-Site Request Forgery Vulnerabilities (1.1.4)
CVE-2021-36855
CWE-352
High
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (3.0.30)
CVE-2022-3350
CWE-79
High
WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.5)
-
CWE-79
High
WordPress Plugin Export any WordPress data to XML/CSV SQL Injection (1.3.4)
CVE-2022-1800
CWE-89
High
WordPress Plugin Export Post Info Cross-Site Scripting (1.1.0)
CVE-2022-38068
CWE-79
High
WordPress Plugin Export Post Info CSV Injection (1.2.0)
CVE-2022-38061
CWE-1236
High
WordPress Plugin FavIcon Switcher Cross-Site Request Forgery (1.2.11)
CVE-2022-40219
CWE-352
High
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.15.5)
CVE-2022-3300
CWE-89
High
WordPress Plugin Forym-Modern Discussion Forum for Wordpress-Forums Cross-Site Scripting (1.5.8)
-
CWE-79
High
WordPress Plugin Frontend File Manager Cross-Site Request Forgery (21.3)
CVE-2022-3126
CWE-352
High
WordPress Plugin Helpful Information Disclosure (4.5.25)
CVE-2022-2834
CWE-200
High
WordPress Plugin Helpful Security Bypass (4.5.14)
-
CWE-264
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Upload (6.4)
-
CWE-434
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (6.4.2)
CVE-2022-0360
CWE-79
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Multiple Vulnerabilities (6.5.7)
CVE-2022-3244
CWE-862
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Security Bypass (6.4.1)
-
CWE-862
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Server-Side Request Forgery (6.5.2)
CVE-2022-1977
CWE-918
High
WordPress Plugin Kadence WooCommerce Email Designer PHP Object Injection (1.5.6)
CVE-2022-3335
CWE-915
High
WordPress Plugin Kraken.io Image Optimizer Cross-Site Request Forgery (2.6.5)
CVE-2022-38454
CWE-352
High
WordPress Plugin LBstopattack Cross-Site Request Forgery (1.1.2)
CVE-2022-3097
CWE-352
High
WordPress Plugin Manage Notification E-mails Cross-Site Request Forgery (1.8.2)
CVE-2022-34654
CWE-352
High
WordPress Plugin miniOrange Discord Integration Security Bypass (2.1.5)
CVE-2022-3082
CWE-284
High
WordPress Plugin Passster-Password Protection Weak Encoding (3.5.5.5.1)
CVE-2022-3206
CWE-326
High
WordPress Plugin Post to CSV by BestWebSoft CSV Injection (1.4.0)
CVE-2022-3393
CWE-1236
High
WordPress Plugin Retain Live Chat Cross-Site Scripting (0.1)
CVE-2022-3391
CWE-79
High
WordPress Plugin Search Logger-Know What Your Visitors Search SQL Injection (0.9)
CVE-2022-3131
CWE-89
High
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.185)
CVE-2022-3302
CWE-89
High
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Cross-Site Scripting (3.7.1)
CVE-2022-40215
CWE-79
High
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.5.4)
-
CWE-862
High
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.6.0)
CVE-2022-36375
CWE-863
High
WordPress Plugin We�re Open! Cross-Site Scripting (1.41)
CVE-2022-3139
CWE-79
High
WordPress Plugin WP ALL Export Pro Multiple Vulnerabilities (1.7.8)
CVE-2022-3395
CWE-94
High
WordPress Plugin WP Custom Cursors Multiple Vulnerabilities (3.0)
CVE-2022-3151
CWE-352
High
WordPress Plugin WP Humans.txt Cross-Site Scripting (1.0.6)
CVE-2022-3392
CWE-79
High
WordPress Plugin WP Super Cache Cache Poisoning (1.8)
-
CWE-349
High
WordPress Plugin 3DPrint Cross-Site Request Forgery (3.5.4.7)
CVE-2022-3899
CWE-352
High
WordPress Plugin Add Comments Cross-Site Scripting (1.0.1)
CVE-2022-3909
CWE-79
High
WordPress Plugin Advanced Import:One Click Import for WordPress or Theme Demo Data Cross-Site Request Forgery (1.3.7)
CVE-2022-3677
CWE-352
High
WordPress Plugin Advanced WP Columns Cross-Site Scripting (2.0.6)
CVE-2022-3426
CWE-79
High
WordPress Plugin BeCustom Cross-Site Request Forgery (1.0.5.2)
CVE-2022-3747
CWE-352
High
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.19)
CVE-2022-3922
CWE-79
High
WordPress Plugin Clerk Security Bypass (3.8.3)
CVE-2022-3907
CWE-200
High
WordPress Plugin Comic Book Management System SQL Injection (2.1.0)
CVE-2022-3856
CWE-89
High
WordPress Plugin Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list CSV Injection (2.0.68)
CVE-2022-3603
CWE-1236
High
WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty Multiple Cross-Site Scripting Vulnerabilities (2.8.3)
CVE-2021-36846
CWE-79
High
WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty SQL Injection (3.0.2)
CVE-2022-3858
CWE-89
High
WordPress Plugin Follow Me Cross-Site Request Forgery (3.1.1)
CVE-2022-3240
CWE-352
High
WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.5)
CVE-2022-3764
CWE-89
High
WordPress Plugin Form Vibes-Database Manager for Forms Unspecified Vulnerability (1.4.2)
-
-
High
WordPress Plugin ImageMagick Engine Cross-Site Request Forgery (1.7.4)
CVE-2022-2441
CWE-352
High
WordPress Plugin Log HTTP Requests Cross-Site Scripting (1.3.1)
CVE-2022-3402
CWE-79
High
WordPress Plugin Permalink Manager Lite Cross-Site Request Forgery (2.2.20.1)
CVE-2022-4021
CWE-352
High
WordPress Plugin Permalink Manager Lite Cross-Site Request Forgery (2.2.19.2)
-
CWE-352
High
WordPress Plugin Permalink Manager Lite Cross-Site Scripting (2.2.14)
CVE-2022-0201
CWE-79
High
WordPress Plugin Photospace Gallery Cross-Site Scripting (2.3.5)
CVE-2022-3991
CWE-79
High
WordPress Plugin Plug your WooCommerce into the largest catalog of customized print products from Helloprint Cross-Site Scripting (1.4.6)
CVE-2022-3908
CWE-79
High
WordPress Plugin PostmagThemes Demo Import Arbitrary File Upload (1.0.7)
CVE-2022-1540
CWE-434
High
WordPress Plugin Restaurant Menu-Food Ordering System-Table Reservation Cross-Site Request Forgery (2.3.1)
CVE-2022-3776
CWE-352
High
WordPress Plugin Restaurant Menu-Food Ordering System-Table Reservation Security Bypass (2.3.0)
CVE-2022-2696
CWE-862
High
WordPress Plugin Salon Booking System Cross-Site Scripting (7.9.3)
CVE-2022-43487
CWE-79
High
WordPress Plugin Salon Booking System Multiple Information Disclosure Vulnerabilities (7.6.2)
CVE-2022-0920
CWE-200
High
WordPress Plugin Seed Social Cross-Site Scripting (2.0.3)
CVE-2022-3836
CWE-79
High