Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Multiple Vulnerabilities (2.9.9)
CVE-2022-2942
CWE-352
High
Apache HTTP Server Improper Locking Vulnerability (CVE-2009-2699)
CVE-2009-2699
CWE-667
High
WordPress Credentials Management Errors Vulnerability (CVE-2009-2762)
CVE-2009-2762
-
High
WordPress Plugin DX Share Selection Cross-Site Request Forgery (1.4)
CVE-2022-2001
CWE-352
High
WordPress Plugin Download Manager PHAR Deserialization (3.2.49)
CVE-2022-2436
CWE-502
High
WordPress Plugin Download Manager Multiple Cross-Site Scripting Vulnerabilities (3.2.48)
-
CWE-79
High
WordPress Plugin Download Manager Cross-Site Scripting (3.2.46)
CVE-2022-2101
CWE-79
High
WordPress Plugin Broken Link Checker PHAR Deserialization (1.11.16)
CVE-2022-2438
CWE-502
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2933)
CVE-2009-2933
CWE-138
High
Nginx Out-of-bounds Write Vulnerability (CVE-2009-2629)
CVE-2009-2629
CWE-787
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2978)
CVE-2009-2978
CWE-138
High
WordPress Plugin Autoptimize Cross-Site Scripting (3.1.0)
CVE-2022-2635
CWE-79
High
WordPress Plugin AnyMind Widget Cross-Site Request Forgery (1.1)
CVE-2022-2435
CWE-352
High
WordPress Plugin All-in-One Video Gallery Multiple Vulnerabilities (2.6.0)
CVE-2022-2633
CWE-918
High
WordPress Plugin WPS Hide Login Security Bypass (1.9)
CVE-2021-24917
CWE-264
High
WordPress Plugin WP Spell Check Cross-Site Scripting (9.2)
-
CWE-79
High
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.3)
CVE-2022-0189
CWE-79
High
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.2)
CVE-2021-24988
CWE-79
High
WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.1)
CVE-2021-24768
CWE-79
High
PHP Improper Input Validation Vulnerability (CVE-2009-3291)
CVE-2009-3291
CWE-20
High
WordPress Plugin Free Live Chat Support Cross-Site Request Forgery (1.0.11)
CVE-2022-2039
CWE-352
High
WordPress Plugin FreeMind WP Browser Cross-Site Request Forgery (1.2)
CVE-2022-2443
CWE-352
High
PHP CVE-2009-3293 Vulnerability (CVE-2009-3293)
CVE-2009-3293
-
High
WordPress Plugin Simple SEO Cross-Site Scripting (1.7.91)
CVE-2022-1628
CWE-79
High
WordPress Plugin WP-UserOnline Cross-Site Scripting (2.88.0)
CVE-2022-2941
CWE-79
High
WordPress Plugin WP-UserOnline Cross-Site Scripting (2.87.6)
CVE-2022-2473
CWE-79
High
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Multiple Vulnerabilities (5.5.3)
CVE-2022-2945
CWE-538
High
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress PHAR Deserialization (3.7.9)
CVE-2022-2444
CWE-502
High
WordPress Plugin uContext for Clickbank Cross-Site Request Forgery (3.9.1)
CVE-2022-2542
CWE-352
High
ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2254)
CVE-2009-2254
CWE-138
High
WordPress Plugin uContext for Amazon Cross-Site Request Forgery (3.9.1)
CVE-2022-2541
CWE-352
High
WordPress Plugin Transposh WordPress Translation Multiple Vulnerabilities (1.0.8.1)
CVE-2022-25811
CWE-352
High
WordPress Plugin String locator PHAR Deserialization (2.5.0)
CVE-2022-2434
CWE-502
High
WordPress Plugin Stockists Manager for Woocommerce Cross-Site Request Forgery (1.0.2.1)
CVE-2022-2518
CWE-352
High
WordPress Plugin Simple Banner Cross-Site Scripting (2.11.0)
CVE-2022-2515
CWE-79
High
WordPress Plugin Gallery for Social Photo Cross-Site Request Forgery (1.0.0.27)
CVE-2022-2224
CWE-352
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.1.3)
-
CWE-79
High
WordPress Plugin Migration, Backup, Staging-WPvivid PHAR Deserialization (0.9.74)
CVE-2022-2442
CWE-502
High
WordPress Plugin Migration, Backup, Staging-WPvivid Arbitrary File Deletion (0.9.76)
-
CWE-22
High
WordPress Plugin Link Optimizer Lite Cross-Site Request Forgery (1.4.5)
CVE-2022-2540
CWE-352
High
WordPress Plugin JoomSport-for Sports: Team & League, Football, Hockey & more Multiple SQL Injection Vulnerabilities (5.2.5)
CVE-2022-2718
CWE-89
High
WordPress Plugin Import any XML or CSV File to WordPress Arbitrary File Upload (3.6.7)
CVE-2022-1565
CWE-434
High
MySQL Use of Externally-Controlled Format String Vulnerability (CVE-2009-2446)
CVE-2009-2446
CWE-134
High
WordPress Plugin Image Slider Unspecified Vulnerability (1.1.119)
-
-
High
WordPress Plugin Image Slider Cross-Site Request Forgery (1.1.121)
CVE-2022-2223
CWE-352
High
WordPress Plugin Gallery for Social Photo Unspecified Vulnerability (1.0.0.25)
-
-
High
PHP CVE-2009-3292 Vulnerability (CVE-2009-3292)
CVE-2009-3292
-
High
WordPress Plugin Video Lessons Manager-Video Lessons LMS for eLearning Site Cross-Site Scripting (3.5.8)
CVE-2021-24713
CWE-79
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4037)
CVE-2009-4037
CWE-138
High
WordPress Plugin Ibtana-Ecommerce Product Addons Cross-Site Scripting (0.2.3)
-
CWE-79
High
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.3)
-
-
High
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.5)
-
-
High
WordPress Plugin Mang Board WP SQL Injection (1.9.9)
CVE-2021-26609
CWE-89
High
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard SQL Injection (4.1.7.1)
CVE-2021-24877
CWE-89
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3697)
CVE-2009-3697
CWE-138
High
WordPress Plugin Ivory Search-WordPress Search Unspecified Vulnerability (5.4.3)
-
-
High
WordPress Plugin Ivory Search-WordPress Search Multiple Cross-Site Scripting Vulnerabilities (5.4)
CVE-2021-25105
CWE-79
High
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.6.6)
CVE-2021-36869
CWE-79
High
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.7.1)
-
CWE-79
High
WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.6.2)
CVE-2021-24714
CWE-79
High
WordPress Plugin Header Footer Code Manager Cross-Site Scripting (1.1.16)
CVE-2022-0710
CWE-79
High
WordPress Plugin My Calendar Cross-Site Scripting (3.2.17)
CVE-2021-24927
CWE-79
High
CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)
CVE-2009-3904
CWE-264
High
WordPress Plugin GenerateBlocks Cross-Site Scripting (1.3.5)
CVE-2021-24751
CWE-79
High
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.11)
-
-
High
XOOPS CVE-2009-3963 Vulnerability (CVE-2009-3963)
CVE-2009-3963
-
High
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.9)
-
-
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4018)
CVE-2009-4018
CWE-264
High
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.15.2)
CVE-2021-24700
CWE-79
High
WordPress Plugin Falang multilanguage for WordPress Cross-Site Scripting (1.3.17)
-
CWE-79
High
WordPress Plugin Email Before Download Unspecified Vulnerability (6.9.3)
-
-
High
WordPress Plugin Email Before Download SQL Injection (6.7)
CVE-2021-24748
CWE-89
High
WordPress Plugin Media Tags Cross-Site Scripting (3.2.0.2)
CVE-2021-24899
CWE-79
High
WordPress Plugin myCred-Points, Rewards, Gamification, Ranks, Badges & Loyalty Cross-Site Scripting (2.3.2)
CVE-2021-25015
CWE-79
High
WordPress Plugin Video Lessons Manager-Best Video Course LMS Cross-Site Scripting (1.7.1)
CVE-2021-24713
CWE-79
High