Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

High Severity Vulnerabilities

Found 12675 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Squeeze Arbitrary File Upload (1.4)
CVE-2024-35767
CWE-434
High
WordPress Plugin Startklar Elementor Addons Arbitrary File Deletion (1.7.13)
CVE-2024-4346
CWE-73
High
WordPress Plugin Startklar Elementor Addons Arbitrary File Upload (1.7.13)
CVE-2024-4345
CWE-434
High
WordPress Plugin Startklar Elementor Addons Directory Traversal (1.7.15)
CVE-2024-5153
CWE-22
High
WordPress Plugin stm-megamenu Local File Inclusion (2.3.12)
CVE-2024-35677
CWE-22
High
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.7)
CVE-2024-5204
CWE-287
High
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.8)
-
CWE-862
High
WordPress Plugin Themify-WooCommerce Product Filter SQL Injection (1.4.9)
CVE-2024-6027
CWE-89
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (1.5.107)
CVE-2024-3190
CWE-79
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Remote Code Execution (1.5.89)
CVE-2023-6743
CWE-94
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.109)
CVE-2024-5329
CWE-89
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.107)
CVE-2024-4779
CWE-89
High
WordPress Plugin User Registration-Custom Registration Form, Login Form, and User Profile Privilege Escalation (3.2.0.1)
CVE-2024-4958
CWE-269
High
WordPress Plugin Visual Website Collaboration, Feedback & Project Management-Atarim Cross-Site Scripting (3.30)
CVE-2024-2793
CWE-79
High
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress SQL Injection (3.11.1)
CVE-2024-35736
CWE-89
High
WordPress Plugin Web Directory Free SQL Injection (1.6.9)
CVE-2024-3552
CWE-89
High
WordPress Plugin WishList Member X Remote Code Execution (3.25.1)
CVE-2024-37109
CWE-94
High
WordPress Plugin WishList Member X SQL Injection (3.25.1)
CVE-2024-37112
CWE-89
High
WordPress Plugin WooCommerce Cross-Site Scripting (8.9.2)
CVE-2024-37297
CWE-79
High
WordPress Plugin Woocommerce-Recent Purchases Local File Inclusion (1.0.1)
CVE-2024-35634
CWE-22
High
WordPress Plugin Wordpress Picture/Portfolio/Media Gallery Server-Side Request Forgery (3.0.1)
CVE-2024-5021
CWE-918
High
WordPress Plugin WP Hotel Booking SQL Injection (2.1.0)
CVE-2024-3605
CWE-89
High
WordPress Plugin WP Logs Book Cross-Site Scripting (1.0.1)
CVE-2024-4477
CWE-79
High
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Security Bypass (16.26.6)
CVE-2024-1175
CWE-862
High
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More SQL Injection (16.26.5)
CVE-2024-32709
CWE-89
High
WordPress Plugin WP Server Health Stats Malicious Code (1.7.6)
CVE-2024-6297
CWE-506
High
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Arbitrary File Upload (3.4.3)
CVE-2024-3412
CWE-434
High
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Information Disclosure (3.4.3)
CVE-2024-3682
CWE-200
High
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Server-Side Request Forgery (3.4.3)
CVE-2024-4469
CWE-918
High
WordPress Plugin WP TripAdvisor Review Slider Cross-Site Scripting (11.8)
CVE-2023-6037
CWE-79
High
WordPress Plugin WP TripAdvisor Review Slider SQL Injection (12.6)
CVE-2024-35630
CWE-89
High
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) Security Bypass (6.3.2)
CVE-2024-3821
CWE-862
High
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) SQL Injection (6.3.1)
CVE-2024-3820
CWE-89
High
WordPress Plugin wpForo Forum SQL Injection (2.3.3)
CVE-2024-3200
CWE-89
High
WordPress Plugin Wrapper Link Elementor Malicious Code (1.0.3)
CVE-2024-6297
CWE-506
High
WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress SQL Injection (1.2.5)
CVE-2024-4742
CWE-89
High
WordPress Plugin Zoho Marketing Automation SQL Injection (1.2.7)
CVE-2024-37225
CWE-89
High
WordPress Plugin Advanced AJAX Page Loader Cross-Site Request Forgery (2.7.7)
CVE-2024-6310
CWE-352
High
WordPress Plugin Advanced Classifieds & Directory Pro Local File Inclusion (3.1.3)
CVE-2024-37501
CWE-22
High
WordPress Plugin Advanced File Manager Directory Traversal (5.1)
CVE-2023-3814
CWE-22
High
WordPress Plugin Advanced File Manager Information Disclosure (5.2.4)
CVE-2024-5598
CWE-200
High
WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress Arbitrary File Creation (1.1.5)
CVE-2024-6467
CWE-73
High
WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress Security Bypass (1.1.5)
CVE-2024-6660
CWE-863
High
WordPress Plugin Attachment File Icons (AF Icons) Cross-Site Request Forgery (1.3)
CVE-2024-6309
CWE-352
High
WordPress Plugin Auto Featured Image Arbitrary File Upload (1.2)
CVE-2024-6054
CWE-434
High
WordPress Plugin AWSM Team-Team Showcase Local File Inclusion (1.3.1)
CVE-2024-37454
CWE-22
High
WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Local File Inclusion (1.1.13)
CVE-2024-38717
CWE-22
High
WordPress Plugin Brafton Cross-Site Scripting (3.4.7)
CVE-2016-10973
CWE-79
High
WordPress Plugin Britetechs Companion Malicious Code (2.2.7)
CVE-2024-6297
CWE-506
High
WordPress Plugin Brizy-Page Builder Arbitrary File Upload (2.4.44)
CVE-2024-3242
CWE-434
High
WordPress Plugin Brizy-Page Builder Multiple Vulnerabilities (2.4.43)
CVE-2024-3711
CWE-862
High
WordPress Plugin Brizy-Page Builder Security Bypass (2.4.44)
CVE-2024-1937
CWE-862
High
WordPress Plugin Brizy-Page Builder Unspecified Vulnerability (2.4.45)
-
-
High
WordPress Plugin Church Admin Arbitrary File Upload (4.4.6)
CVE-2024-37418
CWE-434
High
WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) Cross-Site Scripting (3.2.0)
CVE-2024-4869
CWE-79
High
WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) CSV Injection (2.2.5)
CVE-2023-23678
CWE-1236
High
WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) Security Bypass (3.0.2)
CVE-2024-3599
CWE-862
High
WordPress Plugin Default Thumbnail Plus Arbitrary File Upload (1.0.2.3)
CVE-2024-6161
CWE-434
High
WordPress Plugin Digital River Global Commerce Supply Chain Attack [Polyfill.io] (2.0.2)
-
CWE-1372
High
WordPress Plugin DirectoryPress-Business Directory And Classified Ad Listing SQL Injection (3.6.10)
CVE-2024-38755
CWE-89
High
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (5.7.26)
CVE-2024-5703
CWE-862
High
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.25)
CVE-2024-6172
CWE-89
High
WordPress Plugin Event post Local File Inclusion (5.9.5)
CVE-2024-38735
CWE-22
High
WordPress Plugin Events Calendar for Google Local File Inclusion (2.1.0)
CVE-2024-38716
CWE-22
High
WordPress Plugin ExS Widgets Local File Inclusion (0.3.1)
CVE-2024-38715
CWE-22
High
WordPress Plugin File Manager Advanced Shortcode Arbitrary File Upload (2.5.3)
CVE-2023-7061
CWE-434
High
WordPress Plugin File Manager Advanced Shortcode Directory Traversal (2.4)
CVE-2023-7062
CWE-22
High
WordPress Plugin Filter & Grids Local File Inclusion (2.8.32)
CVE-2024-6164
CWE-22
High
WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.10)
CVE-2024-5325
CWE-89
High
WordPress Plugin FormLift for Infusionsoft Web Forms SQL Injection (7.5.17)
CVE-2024-38773
CWE-89
High
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.46.7212)
CVE-2024-6338
CWE-89
High
WordPress Plugin Gutenberg Forms-WordPress Form Builder Arbitrary File Upload (2.2.9)
CVE-2024-6313
CWE-434
High
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce SQL Injection (1.3.6)
CVE-2024-6457
CWE-89
High
WordPress Plugin Import Spreadsheets from Microsoft Excel Arbitrary File Upload (10.1.4)
CVE-2024-38734
CWE-434
High
WordPress Plugin Import Spreadsheets from Microsoft Excel Cross-Site Scripting (10.1.3)
CVE-2023-48289
CWE-79
High