v.26.4.2314

High Severity Vulnerabilities

Found 13196 vulnerabilities at High severity.

Vulnerability Name

CVE

CWE

Severity

WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Cross-Site Scripting (9.8.4)

CVE-2022-4207

CWE-79

High

WordPress Plugin Image Optimizer, Resizer and CDN-Sirv Cross-Site Scripting (6.8.0)

CVE-2022-4119

CWE-79

High

WordPress Plugin Insert Pages Cross-Site Scripting (3.7.4)

CVE-2022-4483

CWE-79

High

WordPress Plugin Joy Of Text Lite-SMS messaging for WordPress SQL Injection (2.3.0)

CVE-2022-4099

CWE-89

High

WordPress Plugin LetsRecover-WooCommerce Abandoned Cart Notifications Multiple SQL Injection Vulnerabilities (1.1.0)

CVE-2022-4357

CWE-89

High

WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.8)

CVE-2022-4200

CWE-79

High

WordPress Plugin multimedial images SQL Injection (1.0b)

CVE-2022-4370

CWE-89

High

WordPress Plugin OneClick Chat to Order Cross-Site Scripting (1.0.4.1)

CVE-2022-4760

CWE-79

High

WordPress Plugin Page-list Cross-Site Scripting (5.2)

CVE-2022-4485

CWE-79

High

WordPress Plugin Product list Widget for Woocommerce Cross-Site Scripting (1.0)

CVE-2022-4329

CWE-79

High

WordPress Plugin Qe SEO Handyman SQL Injection (1.0)

CVE-2022-4352

CWE-89

High

WordPress Plugin Quote-O-Matic SQL Injection (1.0.5)

CVE-2022-4373

CWE-89

High

WordPress Plugin Search & Filter Cross-Site Scripting (1.2.15)

CVE-2022-4467

CWE-79

High

WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Cross-Site Scripting (3.5.7)

CVE-2022-4472

CWE-79

High

WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)

-

CWE-862

High

WordPress Plugin Sitemap Cross-Site Scripting (4.3)

CVE-2022-4545

CWE-79

High

WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.44)

CVE-2022-4451

CWE-79

High

WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.39)

CVE-2021-24746

CWE-79

High

WordPress Plugin Visual Email Designer for WooCommerce SQL Injection (1.7.1)

CVE-2022-3860

CWE-89

High

WordPress Plugin Web Invoice-Invoicing and billing for WordPress Multiple SQL Injection Vulnerabilities (2.1.3)

CVE-2022-4372

CWE-89

High

WordPress Plugin Wholesale Market Arbitrary File Download (2.2.0)

CVE-2022-4298

CWE-552

High

WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7)

CVE-2022-4108

CWE-552

High

WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.6)

CVE-2022-4106

CWE-552

High

WordPress Plugin Wholesale Market for WooCommerce Directory Traversal (1.0.8)

CVE-2022-4109

CWE-22

High

WordPress Plugin WordPress Filter Gallery Cross-Site Scripting (0.1.5)

CVE-2022-4142

CWE-79

High

WordPress Plugin WordPress Filter Gallery Security Bypass (0.0.6)

-

CWE-284

High

WordPress Plugin WP AutoComplete Search SQL Injection (1.0.4)

CVE-2022-4297

CWE-89

High

WordPress Plugin WP-Ban Cross-Site Scripting (1.69)

CVE-2022-4260

CWE-79

High

WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Cross-Site Scripting (9.1)

-

CWE-79

High

WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (9.3.2)

CVE-2022-4417

CWE-264

High

WordPress Plugin WP-Lister Lite for Amazon Cross-Site Scripting (2.4.3)

CVE-2022-4369

CWE-79

High

WordPress Plugin WP RSS By Publishers Multiple SQL Injection Vulnerabilities (0.1)

CVE-2022-4360

CWE-89

High

WordPress Plugin WP Smart Import: Import any XML File to WordPress Cross-Site Scripting (1.0.2)

CVE-2022-40209

CWE-79

High

WordPress Plugin WP Smart Import: Import any XML File to WordPress Server-Side Request Forgery (1.0.0)

CVE-2020-24147

CWE-918

High

WordPress Plugin WP Social Sharing Cross-Site Scripting (2.2)

CVE-2022-4198

CWE-79

High

WordPress Plugin WP Statistics Cross-Site Scripting (13.2.1)

CVE-2022-27231

CWE-79

High

WordPress Plugin WP Statistics SQL Injection (13.2.8)

CVE-2022-4230

CWE-89

High

WordPress Plugin WP User-Custom Registration Forms, Login and User Profile Multiple Vulnerabilities (7.0)

CVE-2022-4519

CWE-89

High

WordPress Plugin WPQA-Builder forms Addon For WordPress Insecure Direct Object Reference (5.9.2)

CVE-2022-3343

CWE-639

High

WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.19.0)

CVE-2022-45359

CWE-434

High

WordPress Plugin YITH WooCommerce Gift Cards Premium Unspecified Vulnerability (3.20.0)

-

-

High

WordPress Plugin YITH WooCommerce Gift Cards Unspecified Vulnerability (2.14.0)

-

-

High

WordPress Plugin 0mk Shortener Cross-Site Request Forgery (0.2)

CVE-2022-2933

CWE-352

High

WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.71)

CVE-2022-4758

CWE-79

High

WordPress Plugin 10Web Map Builder for Google Maps SQL Injection (1.0.72)

-

CWE-89

High

WordPress Plugin Accordion Shortcodes Cross-Site Scripting (2.4.2)

CVE-2022-4781

CWE-79

High

WordPress Plugin All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs-My Sticky Elements Cross-Site Scripting (2.0.3)

CVE-2022-0148

CWE-79

High

WordPress Plugin All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs-My Sticky Elements SQL Injection (2.0.8)

CVE-2023-0487

CWE-89

High

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Directory Traversal (5.1.4)

-

CWE-22

High

WordPress Plugin Amazon JS Cross-Site Scripting (0.10)

CVE-2023-0075

CWE-79

High

WordPress Plugin amr shortcode any widget Cross-Site Scripting (4.0)

CVE-2022-4458

CWE-79

High

WordPress Plugin Arigato Autoresponder and Newsletter Cross-Site Scripting (2.7.1.1)

CVE-2023-0543

CWE-79

High

WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3)

CVE-2022-4790

CWE-79

High

WordPress Plugin BackUpWordPress Unspecified Vulnerability (3.12)

-

-

High

WordPress Plugin Better Font Awesome Cross-Site Scripting (2.0.3)

CVE-2022-4512

CWE-79

High

WordPress Plugin Bold Timeline Lite Cross-Site Scripting (1.1.4)

CVE-2022-4828

CWE-79

High

WordPress Plugin Booster Elite for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)

CVE-2022-4017

CWE-352

High

WordPress Plugin Booster Plus for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)

CVE-2022-4017

CWE-352

High

WordPress Plugin Bootstrap Shortcodes Cross-Site Scripting (3.4.0)

CVE-2022-4777

CWE-79

High

WordPress Plugin BruteBank-WP Security & Firewall Cross-Site Request Forgery (1.8)

CVE-2022-4443

CWE-352

High

WordPress Plugin CBX Petition for WordPress SQL Injection (1.0.3)

CVE-2022-4383

CWE-89

High

WordPress Plugin ContentStudio Multiple Vulnerabilities (1.2.5)

CVE-2023-0558

CWE-862

High

WordPress Plugin Contextual Related Posts Cross-Site Scripting (3.3.0)

CVE-2023-0252

CWE-79

High

WordPress Plugin Contextual Related Posts Multiple Vulnerabilities (3.3.1)

-

CWE-862

High

WordPress Plugin Correos Woocommerce Arbitrary File Download (1.3.0.0)

CVE-2023-0331

CWE-552

High

WordPress Plugin CPT Bootstrap Carousel Cross-Site Scripting (1.12)

CVE-2022-4834

CWE-79

High

WordPress Plugin Custom 404 Pro Cross-Site Request Forgery (3.7.1)

CVE-2023-0385

CWE-352

High

WordPress Plugin Custom 404 Pro Unspecified Vulnerability (3.7.0)

-

-

High

WordPress Plugin Custom Add User Cross-Site Scripting (2.0.2)

CVE-2023-0043

CWE-79

High

WordPress Plugin Customer Reviews for WooCommerce Cross-Site Scripting (5.16.0)

CVE-2023-0079

CWE-79

High

WordPress Plugin Customer Reviews for WooCommerce Local File Inclusion (5.15.0)

CVE-2023-0080

CWE-22

High

WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Cross-Site Scripting (3.0.14)

CVE-2022-0533

CWE-79

High

WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Cross-Site Scripting (3.0.32)

CVE-2023-23874

CWE-79

High

WordPress Plugin Donation Block For PayPal Cross-Site Scripting (2.0.0)

CVE-2023-0535

CWE-79

High

WordPress Plugin Donation Block For PayPal Unspecified Vulnerability (1.0.0)

-

-

High