Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Registrations for the Events Calendar-Event Registration Cross-Site Scripting (2.7.9)
CVE-2021-25083
CWE-79
High
WordPress Plugin Stylish Cost Calculator Cross-Site Scripting (7.0.3)
CVE-2021-24822
CWE-79
High
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.25)
-
CWE-79
High
WordPress Plugin Smash Balloon Social Post Feed Security Bypass (4.0)
CVE-2021-24918
CWE-264
High
WordPress Plugin Smash Balloon Social Post Feed Cross-Site Scripting (4.1)
CVE-2021-25065
CWE-79
High
WordPress Plugin Slideshow Gallery LITE Unspecified Vulnerability (1.7.4.2)
-
-
High
WordPress Plugin Slideshow Gallery LITE Cross-Site Scripting (1.7.3)
CVE-2021-24882
CWE-79
High
WordPress Plugin Shop Page WP Cross-Site Scripting (1.2.7)
CVE-2021-24811
CWE-79
High
WordPress Plugin Reviews Plus Denial of Service (1.2.13)
CVE-2021-24894
CWE-400
High
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
CVE-2009-3548
-
High
WordPress Plugin Registrations for the Events Calendar-Event Registration SQL Injection (2.7.5)
CVE-2021-24943
CWE-89
High
WordPress Plugin Registrations for the Events Calendar-Event Registration Cross-Site Scripting (2.7.4)
CVE-2021-24876
CWE-79
High
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
CVE-2009-3631
CWE-94
High
WordPress Plugin Photoswipe Masonry Gallery Unspecified Vulnerability (1.2.17)
-
-
High
WordPress Plugin Photoswipe Masonry Gallery Cross-Site Scripting (1.2.14)
CVE-2022-0750
CWE-79
High
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.11)
-
CWE-89
High
PHP CVE-2009-3559 Vulnerability (CVE-2009-3559)
CVE-2009-3559
-
High
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.8)
CVE-2022-0349
CWE-89
High
WordPress Plugin Ninja Forms with File Uploads Extension Cross-Site Scripting (3.3.12)
CVE-2022-0889
CWE-79
High
WordPress Plugin Ninja Forms with File Uploads Extension Arbitrary File Upload (3.3.0)
CVE-2022-0888
CWE-434
High
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.23)
CVE-2021-24975
CWE-79
High
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Request Forgery (4.3.24)
CVE-2021-25072
CWE-352
High
WordPress Plugin myCred-Points, Rewards, Gamification, Ranks, Badges & Loyalty SQL Injection (2.2)
CVE-2021-24755
CWE-89
High
WordPress Plugin Frontend File Manager Cross-Site Request Forgery (21.3)
CVE-2022-3126
CWE-352
High
WordPress Plugin Helpful Security Bypass (4.5.14)
-
CWE-264
High
WordPress Plugin WP Mega Menu Security Bypass (1.3.9)
-
CWE-284
High
WordPress Plugin GS Filterable Portfolio Cross-Site Scripting (1.6.0)
CVE-2023-0540
CWE-79
High
WordPress Plugin HashBar-WordPress Notification Bar Cross-Site Scripting (1.3.5)
CVE-2022-4650
CWE-79
High
WordPress Plugin GS Products Slider for WooCommerce Cross-Site Scripting (1.5.8)
CVE-2023-0492
CWE-79
High
WordPress Plugin GS Portfolio for Envato Cross-Site Scripting (1.3.8)
CVE-2023-0559
CWE-79
High
PHP Other Vulnerability (CVE-2007-5424)
CVE-2007-5424
-
High
WordPress Plugin GS Logo Slider-Ticker, Grid, List, Table & Filter Views Unspecified Vulnerability (3.3.8)
-
-
High
WordPress Plugin GS Logo Slider-Ticker, Grid, List, Table & Filter Views Cross-Site Scripting (3.3.7)
CVE-2022-4624
CWE-79
High
WordPress Plugin GS Insever Portfolio Cross-Site Scripting (1.4.4)
CVE-2023-0539
CWE-79
High
Oracle Database Server CVE-2007-5505 Vulnerability (CVE-2007-5505)
CVE-2007-5505
-
High
Oracle Database Server Resource Management Errors Vulnerability (CVE-2007-5506)
CVE-2007-5506
-
High
WordPress Plugin GS Books Showcase Cross-Site Scripting (1.3.0)
CVE-2023-0541
CWE-79
High
WordPress Plugin Icon Widget Cross-Site Scripting (1.2.6)
CVE-2022-4763
CWE-79
High
WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.8.8)
CVE-2022-4653
CWE-79
High
WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.9.9)
CVE-2023-0378
CWE-79
High
WordPress Plugin GPT AI Power Security Bypass (1.4.37)
CVE-2023-0405
CWE-862
High
Oracle Database Server CVE-2007-5512 Vulnerability (CVE-2007-5512)
CVE-2007-5512
-
High
WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.24.0)
CVE-2023-0224
CWE-89
High
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.23.2)
CVE-2022-4448
CWE-79
High
WordPress Plugin GigPress SQL Injection (2.3.28)
CVE-2023-0381
CWE-89
High
Oracle Application Server CVE-2007-5516 Vulnerability (CVE-2007-5516)
CVE-2007-5516
-
High
Oracle Application Server CVE-2007-5517 Vulnerability (CVE-2007-5517)
CVE-2007-5517
-
High
Oracle Application Server CVE-2007-5518 Vulnerability (CVE-2007-5518)
CVE-2007-5518
-
High
WordPress Plugin Hueman Addons Cross-Site Scripting (2.3.3)
CVE-2022-4784
CWE-79
High
WordPress Plugin Intuitive Custom Post Order Multiple Vulnerabilities (3.1.3)
CVE-2022-4386
CWE-862
High
Oracle Application Server CVE-2007-5520 Vulnerability (CVE-2007-5520)
CVE-2007-5520
-
High
WordPress Plugin Loan Comparison Multiple Cross-Site Scripting Vulnerabilities (1.5.2)
CVE-2023-0442
CWE-79
High
WordPress Plugin Media Library Assistant SQL Injection (3.05)
CVE-2023-0279
CWE-89
High
WordPress Plugin Media Library Assistant Information Disclosure (3.00)
CVE-2022-41618
CWE-200
High
WordPress Plugin Markup (JSON-LD) structured in schema.org Cross-Site Scripting (4.8.1)
CVE-2022-4666
CWE-79
High
WordPress Plugin Mapwiz SQL Injection (1.0.1)
CVE-2022-4546
CWE-89
High
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-4825)
CVE-2007-4825
CWE-22
High
WordPress Plugin Login with phone number Cross-Site Scripting (1.4.1)
CVE-2023-23492
CWE-79
High
WordPress Plugin Login Logout Menu Multiple Cross-Site Scripting Vulnerabilities (1.3.3)
CVE-2022-4625
CWE-79
High
WordPress Plugin Login Logout Menu Cross-Site Scripting (1.3.3)
CVE-2022-4622
CWE-79
High
WordPress Plugin Login as User or Customer Privilege Escalation (3.2)
CVE-2022-4305
CWE-269
High
WordPress Plugin Location Weather Cross-Site Scripting (1.3.3)
CVE-2023-0360
CWE-79
High
WordPress Plugin List Pages Shortcode Cross-Site Scripting (1.7.4)
CVE-2022-4757
CWE-79
High
WordPress Plugin Judge.me Product Reviews for WooCommerce Cross-Site Scripting (1.3.20)
CVE-2023-0061
CWE-79
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-4894)
CVE-2007-4894
CWE-138
High
WordPress Plugin Lightweight Accordion Cross-Site Scripting (1.5.14)
CVE-2023-0373
CWE-79
High
WordPress Plugin Lightbox Gallery Cross-Site Scripting (0.9.4)
CVE-2022-4682
CWE-79
High
WordPress Plugin LearnPress-WordPress LMS PHP Object Injection (4.1.7.1)
CVE-2022-3360
CWE-915
High
WordPress Plugin LearnPress-WordPress LMS Multiple Vulnerabilities (4.1.7.3.2)
CVE-2022-47615
CWE-89
High
Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5090)
CVE-2007-5090
CWE-264
High
WordPress Plugin LearnPress-WordPress LMS Cross-Site Scripting (4.1.6.5)
-
CWE-79
High
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Cross-Site Scripting (1.4.9.5)
CVE-2021-25067
CWE-79
High
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Cross-Site Scripting (1.4.9.8.9)
CVE-2022-4718
CWE-79
High
WordPress Plugin Justified Gallery Cross-Site Scripting (1.7.0)
CVE-2022-4651
CWE-79
High
Oracle Application Server CVE-2007-5519 Vulnerability (CVE-2007-5519)
CVE-2007-5519
-
High