Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ High Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
High Severity Vulnerabilities
Found
12791 vulnerabilities
at
High
severity.
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.21)
CVE-2023-1835
CWE-79
High
WordPress Plugin Otter-Gutenberg Blocks-Page Builder for Gutenberg Editor & FSE PHAR Deserialization (2.2.5)
CVE-2023-2288
CWE-502
High
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.5)
CVE-2023-1839
CWE-79
High
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.6)
CVE-2023-2256
CWE-79
High
WordPress Plugin Product Addons & Fields for WooCommerce Security Bypass (23.9)
CVE-2021-25018
CWE-862
High
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.23.3)
CVE-2023-32960
CWE-352
High
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (6.8.1)
CVE-2023-0600
CWE-89
High
WordPress Plugin YARPP-Yet Another Related Posts Local File Inclusion (5.30.3)
CVE-2022-45374
CWE-22
High
WordPress Plugin YARPP-Yet Another Related Posts SQL Injection (5.30.2)
CVE-2023-0579
CWE-89
High
WordPress Plugin Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2)
CVE-2023-2986
CWE-326
High
WordPress Plugin Booking Calendar-Appointment Booking-BookIt Security Bypass (2.3.7)
CVE-2023-2834
CWE-287
High
WordPress Plugin Booking Calendar-Appointment Booking-BookIt Unspecified Vulnerability (2.3.8)
-
-
High
WordPress Plugin LearnDash LMS Insecure Direct Object Reference (4.6.0)
CVE-2023-3105
CWE-639
High
WordPress Plugin LearnDash LMS SQL Injection (4.5.3)
CVE-2023-28777
CWE-89
High
WordPress Plugin Mail logging-WP Mail Catcher Cross-Site Scripting (2.1.2)
CVE-2023-3080
CWE-79
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.5.7)
CVE-2023-3082
CWE-79
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Multiple Cross-Site Request Forgery Vulnerabilities (2.5.6)
CVE-2023-3179
CWE-352
High
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce CSV Injection (1.6.7)
CVE-2022-46809
CWE-1236
High
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce Privilege Escalation (1.6.13)
CVE-2023-2833
CWE-269
High
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Privilege Escalation (2.6.6)
CVE-2023-3460
CWE-269
High
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Arbitrary File Upload (3.0.2)
CVE-2023-3342
CWE-434
High
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Cross-Site Request Forgery (2.9.10)
CVE-2022-4941
CWE-352
High
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Insecure Direct Object Reference (2.10.7)
CVE-2023-2276
CWE-639
High
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Privilege Escalation (2.10.0)
CVE-2022-4939
CWE-269
High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.4)
CVE-2023-2982
CWE-287
High
WordPress Plugin WP Mail Log Cross-Site Request Forgery (1.0.1)
CVE-2022-45807
CWE-352
High
WordPress Plugin WP Mail Log Cross-Site Scripting (1.1.1)
CVE-2023-3088
CWE-79
High
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)
CVE-2023-3081
CWE-79
High
WordPress Plugin WP Mail Logging Security Bypass (1.9.9)
CVE-2021-38314
CWE-284
High
WordPress Plugin WP Mail Logging Security Bypass (1.11.2)
-
CWE-862
High
WordPress Plugin WP User Switch Security Bypass (1.0.2)
CVE-2023-2546
CWE-287
High
WordPress Plugin wpForo Forum Cross-Site Scripting (2.1.8)
CVE-2023-2309
CWE-79
High
WordPress Plugin wpForo Forum Multiple Vulnerabilities (2.1.7)
CVE-2023-2249
CWE-918
High
WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More Security Bypass (4.6.00)
CVE-2023-3126
CWE-862
High
WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Cross-Site Scripting (1.7.0.10)
CVE-2022-47441
CWE-79
High
WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Privilege Escalation (1.7.0.12)
CVE-2023-4404
CWE-269
High
WordPress Plugin FluentSMTP-WP Mail SMTP, Amazon SES, SendGrid, MailGun and Any SMTP Connector Cross-Site Scripting (2.2.2)
CVE-2023-0219
CWE-79
High
WordPress Plugin FluentSMTP-WP Mail SMTP, Amazon SES, SendGrid, MailGun and Any SMTP Connector Cross-Site Scripting (2.2.4)
CVE-2023-3087
CWE-79
High
WordPress Plugin FlyingPress Security Bypass (3.9.6)
CVE-2022-4948
CWE-284
High
WordPress Plugin GD Mail Queue Cross-Site Scripting (3.9.3)
CVE-2023-3122
CWE-79
High
WordPress Plugin Lana Email Logger Cross-Site Scripting (1.0.2)
CVE-2023-3166
CWE-79
High
WordPress Plugin Mail Control-Email Customizer, SMTP Deliverability, logging, open and click Tracking Cross-Site Scripting (0.3.1)
CVE-2023-3158
CWE-79
High
WordPress Plugin Mail Queue Cross-Site Scripting (1.1)
CVE-2023-3167
CWE-79
High
WordPress Plugin MailArchiver Cross-Site Scripting (2.10.1)
CVE-2023-3136
CWE-79
High
WordPress Plugin Mailtree Log Mail Cross-Site Scripting (1.0.0)
CVE-2023-3135
CWE-79
High
WordPress Plugin SMTP Mail Cross-Site Scripting (1.3.1)
CVE-2023-3092
CWE-79
High
WordPress Plugin Stripe Payment for WooCommerce Security Bypass (3.7.9)
CVE-2023-4040
CWE-862
High
WordPress Plugin Stripe Payment for WooCommerce Security Bypass (3.7.7)
CVE-2023-3162
CWE-639
High
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Arbitrary File Upload (2.2.4)
CVE-2022-3912
CWE-434
High
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Cross-Site Scripting (2.3.0)
CVE-2023-23987
CWE-79
High
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile PHP Object Injection (3.0.1)
CVE-2023-3343
CWE-915
High
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile PHP Object Injection (2.3.2.1)
CVE-2023-27459
CWE-915
High
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Security Bypass (2.3.2.1)
CVE-2023-29429
CWE-862
High
WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Scripting (2.4.13)
CVE-2021-36826
CWE-79
High
WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Privilege Escalation (2.6.4)
CVE-2023-3636
CWE-269
High
WordPress Plugin WP Reroute Email Cross-Site Request Forgery (1.4.6)
CVE-2023-27606
CWE-352
High
WordPress Plugin WP Reroute Email Cross-Site Scripting (1.4.9)
CVE-2023-3168
CWE-79
High
WordPress Plugin WP Reroute Email SQL Injection (1.4.6)
CVE-2023-27605
CWE-89
High
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2.1)
CVE-2022-2372
CWE-79
High
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2)
CVE-2022-2371
CWE-79
High
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.4.5)
CVE-2023-3093
CWE-79
High
WordPress Plugin YaySMTP-Simple WP SMTP Mail Information Disclosure (2.2)
CVE-2022-2369
CWE-862
High
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (4.0.6)
CVE-2023-2087
CWE-352
High
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (3.8.5)
CVE-2022-47594
CWE-352
High
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Multiple PHP Object Injection Vulnerabilities (4.2.0)
CVE-2023-4402
CWE-915
High
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Multiple Security Bypass Vulnerabilities (4.0.6)
CVE-2023-2086
CWE-862
High
WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities (1.1.0)
CVE-2023-4402
CWE-915
High
WordPress Plugin Paid Memberships Pro-Content Restriction, User Registration, & Paid Subscriptions SQL Injection (2.9.11)
CVE-2023-0631
CWE-89
High
WordPress Plugin Slimstat Analytics Cross-Site Scripting (5.0.8)
CVE-2023-40676
CWE-79
High
WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.9.2)
CVE-2022-4310
CWE-79
High
WordPress Plugin Slimstat Analytics Cross-Site Scripting (5.0.4)
CVE-2022-45366
CWE-79
High
WordPress Plugin Slimstat Analytics Multiple Vulnerabilities (5.0.9)
CVE-2023-4598
CWE-89
High
WordPress Plugin Slimstat Analytics Security Bypass (5.0.5.1)
CVE-2023-33994
CWE-862
High
WordPress Plugin Slimstat Analytics SQL Injection (5.0.4)
CVE-2022-45373
CWE-89
High
WordPress Plugin Slimstat Analytics SQL Injection (4.9.3.3)
-
CWE-89
High
« Previous
1
...
163
164
165
166
167
168
169
170
171
Next »
