Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

High Severity Vulnerabilities

Found 12791 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.24)
CVE-2024-32701
CWE-862
High
WordPress Plugin Lifeline Donation Security Bypass (1.2.6)
CVE-2024-5432
CWE-287
High
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes SQL Injection (7.6.2)
CVE-2024-4743
CWE-89
High
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Security Bypass (2.7.2)
CVE-2024-5324
CWE-862
High
WordPress Plugin Login with phone number Security Bypass (1.7.26)
CVE-2024-5150
CWE-287
High
WordPress Plugin Mailster-Email Newsletter for WordPress Local File Inclusion (4.0.6)
CVE-2024-32523
CWE-22
High
WordPress Plugin MW WP Form Arbitrary File Deletion (5.0.3)
CVE-2023-6559
CWE-73
High
WordPress Plugin MW WP Form Cross-Site Scripting (5.0.6)
CVE-2024-24804
CWE-79
High
WordPress Plugin NextMove Lite-Thank You Page for WooCommerce Cross-Site Request Forgery (2.18.1)
CVE-2024-32104
CWE-352
High
WordPress Plugin NextMove Lite-Thank You Page for WooCommerce Security Bypass (2.17.0)
CVE-2024-25092
CWE-862
High
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.8.2)
CVE-2024-1698
CWE-89
High
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Cross-Site Scripting (4.2.2)
CVE-2023-6000
CWE-79
High
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Cross-Site Scripting (4.2.6)
CVE-2024-30184
CWE-79
High
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Cross-Site Scripting (4.2.7)
CVE-2024-2506
CWE-79
High
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Security Bypass (4.3.0)
-
CWE-862
High
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Server-Side Request Forgery (4.2.5)
CVE-2023-6294
CWE-918
High
WordPress Plugin Post Grid Gutenberg Blocks and WordPress Blog-PostX Security Bypass (4.1.2)
CVE-2024-5326
CWE-862
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.7.0)
CVE-2023-5958
CWE-79
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.8.6)
CVE-2023-6629
CWE-79
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.8.7)
CVE-2023-7027
CWE-79
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Security Bypass (2.8.7)
CVE-2023-6875
CWE-862
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark SQL Injection (2.8.6)
CVE-2023-6620
CWE-89
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark SQL Injection (2.9.3)
CVE-2024-5207
CWE-89
High
WordPress Plugin PowerPress Podcasting by Blubrry Malicious Code (11.9.4)
CVE-2024-6297
CWE-506
High
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (9.0.1)
CVE-2024-3592
CWE-89
High
WordPress Plugin Responsive Owl Carousel for Elementor Local File Inclusion (1.2.0)
CVE-2024-5345
CWE-22
High
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Security Bypass (4.4.2)
CVE-2024-1318
CWE-862
High
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Server-Side Request Forgery (4.4.7)
CVE-2023-6805
CWE-918
High
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator SQL Injection (4.4.2)
CVE-2024-1317
CWE-89
High
WordPress Plugin Salon Booking System Arbitrary File Upload (10.2)
CVE-2024-3229
CWE-434
High
WordPress Plugin Seo Optimized Images Malicious Code (2.1.2)
CVE-2024-6297
CWE-506
High
WordPress Plugin Shariff Wrapper Local File Inclusion (4.6.13)
CVE-2024-4098
CWE-22
High
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Request Forgery (19.1.10)
CVE-2024-4344
CWE-352
High
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Scripting (18.5.7)
CVE-2024-22163
CWE-79
High
WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Local File Inclusion (18.5.9)
CVE-2023-6989
CWE-22
High
WordPress Plugin Shortcode Addons-with Visual Composer, Divi, Beaver Builder and Elementor Extension Arbitrary File Upload (3.2.5)
CVE-2024-31114
CWE-434
High
WordPress Plugin Shortcode Addons-with Visual Composer, Divi, Beaver Builder and Elementor Extension Function Injection (3.2.5)
-
CWE-306
High
WordPress Plugin Simply Show Hooks Malicious Code (1.2.1)
CVE-2024-6297
CWE-506
High
WordPress Plugin SiteGuard WP Information Disclosure (1.7.6)
CVE-2024-37881
CWE-201
High
WordPress Plugin Social Login Lite For WooCommerce Security Bypass (1.6.0)
CVE-2024-4552
CWE-287
High
WordPress Plugin Social Sharing-Social Warfare Malicious Code (4.4.7.1)
CVE-2024-6297
CWE-506
High
WordPress Plugin Squeeze Arbitrary File Upload (1.4)
CVE-2024-35767
CWE-434
High
WordPress Plugin Startklar Elementor Addons Arbitrary File Deletion (1.7.13)
CVE-2024-4346
CWE-73
High
WordPress Plugin Startklar Elementor Addons Arbitrary File Upload (1.7.13)
CVE-2024-4345
CWE-434
High
WordPress Plugin Startklar Elementor Addons Directory Traversal (1.7.15)
CVE-2024-5153
CWE-22
High
WordPress Plugin stm-megamenu Local File Inclusion (2.3.12)
CVE-2024-35677
CWE-22
High
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.7)
CVE-2024-5204
CWE-287
High
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.8)
-
CWE-862
High
WordPress Plugin Themify-WooCommerce Product Filter SQL Injection (1.4.9)
CVE-2024-6027
CWE-89
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (1.5.107)
CVE-2024-3190
CWE-79
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Remote Code Execution (1.5.89)
CVE-2023-6743
CWE-94
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.109)
CVE-2024-5329
CWE-89
High
WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.107)
CVE-2024-4779
CWE-89
High
WordPress Plugin User Registration-Custom Registration Form, Login Form, and User Profile Privilege Escalation (3.2.0.1)
CVE-2024-4958
CWE-269
High
WordPress Plugin Visual Website Collaboration, Feedback & Project Management-Atarim Cross-Site Scripting (3.30)
CVE-2024-2793
CWE-79
High
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress SQL Injection (3.11.1)
CVE-2024-35736
CWE-89
High
WordPress Plugin Web Directory Free SQL Injection (1.6.9)
CVE-2024-3552
CWE-89
High
WordPress Plugin WishList Member X Remote Code Execution (3.25.1)
CVE-2024-37109
CWE-94
High
WordPress Plugin WishList Member X SQL Injection (3.25.1)
CVE-2024-37112
CWE-89
High
WordPress Plugin WooCommerce Cross-Site Scripting (8.9.2)
CVE-2024-37297
CWE-79
High
WordPress Plugin Woocommerce-Recent Purchases Local File Inclusion (1.0.1)
CVE-2024-35634
CWE-22
High
WordPress Plugin Wordpress Picture/Portfolio/Media Gallery Server-Side Request Forgery (3.0.1)
CVE-2024-5021
CWE-918
High
WordPress Plugin WP Hotel Booking SQL Injection (2.1.0)
CVE-2024-3605
CWE-89
High
WordPress Plugin WP Logs Book Cross-Site Scripting (1.0.1)
CVE-2024-4477
CWE-79
High
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Security Bypass (16.26.6)
CVE-2024-1175
CWE-862
High
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More SQL Injection (16.26.5)
CVE-2024-32709
CWE-89
High
WordPress Plugin WP Server Health Stats Malicious Code (1.7.6)
CVE-2024-6297
CWE-506
High
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Arbitrary File Upload (3.4.3)
CVE-2024-3412
CWE-434
High
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Information Disclosure (3.4.3)
CVE-2024-3682
CWE-200
High
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Server-Side Request Forgery (3.4.3)
CVE-2024-4469
CWE-918
High
WordPress Plugin WP TripAdvisor Review Slider Cross-Site Scripting (11.8)
CVE-2023-6037
CWE-79
High
WordPress Plugin WP TripAdvisor Review Slider SQL Injection (12.6)
CVE-2024-35630
CWE-89
High
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) Security Bypass (6.3.2)
CVE-2024-3821
CWE-862
High
WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts (Premium) SQL Injection (6.3.1)
CVE-2024-3820
CWE-89
High
WordPress Plugin wpForo Forum SQL Injection (2.3.3)
CVE-2024-3200
CWE-89
High