Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

High Severity Vulnerabilities

Found 12791 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (3.9.2)
CVE-2023-2732
CWE-287
High
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.10.7)
CVE-2023-3277
CWE-287
High
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud SQL Injection (4.10.8)
-
CWE-89
High
WordPress Plugin Popup-Popup More Popups Directory Traversal (2.2.4)
CVE-2024-0844
CWE-22
High
WordPress Plugin Premmerce Permalink Manager for WooCommerce Local File Inclusion (2.3.10)
CVE-2024-27971
CWE-22
High
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Request Forgery (5.3.0.0)
CVE-2024-2951
CWE-352
High
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Request Forgery (5.2.5.9)
CVE-2024-25935
CWE-352
High
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Scripting (5.2.5.9)
CVE-2024-29113
CWE-79
High
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Scripting (5.3.2.0)
CVE-2024-33947
CWE-79
High
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Privilege Escalation (5.3.0.0)
CVE-2024-1991
CWE-269
High
WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms SQL Injection (5.3.1.0)
CVE-2024-1990
CWE-89
High
WordPress Plugin Tablesome-Responsive Table, Woocommerce Automation, Email Log, Form Automation-Contact Form 7, Elementor, WPForms, Forminator Cross-Site Request Forgery (1.0.25)
CVE-2024-31388
CWE-352
High
WordPress Plugin Tablesome-Responsive Table, Woocommerce Automation, Email Log, Form Automation-Contact Form 7, Elementor, WPForms, Forminator Cross-Site Scripting (1.0.27)
CVE-2024-29110
CWE-79
High
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (2.6.1)
CVE-2024-1503
CWE-352
High
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (2.6.2)
CVE-2024-3994
CWE-79
High
WordPress Plugin Tutor LMS-eLearning and online course solution Insecure Direct Object Reference (2.7.0)
CVE-2024-4279
CWE-639
High
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.1)
CVE-2024-1502
CWE-862
High
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.7.0)
CVE-2024-4223
CWE-862
High
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.2)
CVE-2024-3553
CWE-862
High
WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (2.6.1)
CVE-2024-1751
CWE-89
High
WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (2.7.0)
CVE-2024-4318
CWE-89
High
WordPress Plugin Tutor LMS Elementor Addons Cross-Site Scripting (2.1.3)
CVE-2024-29913
CWE-79
High
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.8.4)
CVE-2024-2765
CWE-79
High
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.8.3)
CVE-2024-2123
CWE-79
High
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership SQL Injection (2.8.2)
CVE-2024-1071
CWE-89
High
WordPress Plugin User Registration-Custom Registration Form, Login Form, and User Profile Privilege Escalation (3.1.5)
CVE-2024-2417
CWE-269
High
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Security Bypass (3.10.15)
CVE-2024-3750
CWE-862
High
WordPress Plugin Web Application Firewall-website security Privilege Escalation (2.1.1)
CVE-2024-2172
CWE-269
High
WordPress Plugin Web Application Firewall-website security Unspecified Vulnerability (2.1.2)
-
-
High
WordPress Plugin WordPress Automatic SQL Injection (3.92.0)
CVE-2024-27956
CWE-89
High
WordPress Plugin WP Activity Log Premium SQL Injection (4.6.4)
CVE-2024-2018
CWE-89
High
WordPress Plugin WP Datepicker Security Bypass (2.1.0)
CVE-2024-3895
CWE-862
High
WordPress Plugin WP-Members Membership Cross-Site Scripting (3.4.9.2)
CVE-2024-1852
CWE-79
High
WordPress Plugin WP Poll Maker-Best WordPress Poll for Voting Contest Arbitrary File Upload (3.4)
CVE-2024-32514
CWE-434
High
WordPress Plugin Yoast SEO Cross-Site Scripting (20.2)
-
CWE-79
High
WordPress Plugin Yoast SEO Cross-Site Scripting (22.5)
CVE-2024-4041
CWE-79
High
WordPress Plugin Yoast SEO Cross-Site Scripting (22.6)
CVE-2024-4984
CWE-79
High
WordPress Plugin Yoast SEO Cross-Site Scripting (21.0)
CVE-2023-40680
CWE-79
High
WordPress Plugin 10Web AI Assistant-AI content writing assistant Security Bypass (1.0.18)
CVE-2023-6985
CWE-862
High
WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Information Disclosure (1.9.25)
CVE-2024-35171
CWE-200
High
WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Multiple Security Bypass Vulnerabilities (1.9.16)
CVE-2024-33912
CWE-862
High
WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Privilege Escalation (1.9.19)
CVE-2024-1505
CWE-269
High
WordPress Plugin Ad Invalid Click Protector (AICP) Malicious Code (1.2.9)
CVE-2024-6297
CWE-506
High
WordPress Plugin AliExpress Dropshipping with AliNext Lite Cross-Site Request Forgery (3.3.5)
CVE-2024-37212
CWE-352
High
WordPress Plugin AppPresser-Mobile App Framework Security Bypass (4.3.2)
CVE-2024-4611
CWE-287
High
WordPress Plugin AppPresser-Mobile App Framework Security Bypass (4.3.0)
CVE-2024-32776
CWE-862
High
WordPress Plugin BLAZE Retail Widget Malicious Code (2.5.2)
CVE-2024-6297
CWE-506
High
WordPress Plugin BuddyPress Cover Arbitrary File Upload (2.1.4.2)
CVE-2024-35746
CWE-434
High
WordPress Plugin Checkout Field Editor for WooCommerce (Pro) Arbitrary File Deletion (3.6.2)
CVE-2024-35658
CWE-73
High
WordPress Plugin Consulting Elementor Widgets Local File Inclusion (1.3.0)
CVE-2024-37089
CWE-22
High
WordPress Plugin Consulting Elementor Widgets SQL Injection (1.3.0)
CVE-2024-37090
CWE-89
High
WordPress Plugin Contact Form 7 Multi-Step Addon Malicious Code (1.0.5)
CVE-2024-6297
CWE-506
High
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.2)
CVE-2024-35678
CWE-89
High
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.0)
CVE-2023-29096
CWE-89
High
WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.1)
CVE-2023-36508
CWE-89
High
WordPress Plugin Content Blocks (Custom Post Widget) Local File Inclusion (3.3.0)
CVE-2024-3564
CWE-22
High
WordPress Plugin Cookie Information-Free GDPR Consent Solution Security Bypass (2.0.22)
CVE-2023-6700
CWE-862
High
WordPress Plugin Country State City Dropdown CF7 Security Bypass (2.7.1)
CVE-2024-3520
CWE-862
High
WordPress Plugin Country State City Dropdown CF7 SQL Injection (2.7.2)
CVE-2024-3495
CWE-89
High
WordPress Plugin Easy Digital Downloads-Recent Purchases Remote File Inclusion (1.0.2)
CVE-2024-35629
CWE-98
High
WordPress Plugin Elements For Elementor Local File Inclusion (2.1)
CVE-2024-5348
CWE-22
High
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.20)
CVE-2024-4295
CWE-89
High
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.23)
CVE-2024-5756
CWE-89
High
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.22)
CVE-2024-4845
CWE-89
High
WordPress Plugin File Manager Pro Arbitrary File Upload (8.3.4)
CVE-2023-6846
CWE-434
High
WordPress Plugin Gallery-Image and Video Gallery with Thumbnails SQL Injection (2.0.3)
CVE-2024-35750
CWE-89
High
WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block Cross-Site Scripting (2.5.18)
CVE-2023-6485
CWE-79
High
WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection (2.5.26)
CVE-2024-5522
CWE-89
High
WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection (2.5.24)
CVE-2024-1061
CWE-89
High
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv Arbitrary File Upload (7.2.6)
CVE-2024-5853
CWE-434
High
WordPress Plugin Insert or Embed Articulate Content into WordPress Arbitrary File Upload (4.3000000023)
CVE-2024-0757
CWE-434
High
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.22)
CVE-2024-2667
CWE-434
High
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.38)
CVE-2024-37228
CWE-434
High
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.38)
CVE-2024-4898
CWE-862
High
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.8)
CVE-2024-22145
CWE-862
High