🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Bulk Datetime Change Security Bypass (1.11)
CVE-2021-24842
CWE-264
High
WordPress Plugin BSK PDF Manager SQL Injection (3.1.1)
CVE-2021-24860
CWE-89
High
WordPress Plugin Amelia-Events & Appointments Booking Calendar Multiple Vulnerabilities (1.0.45)
CVE-2022-0687
CWE-352
High
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Scripting (3.0.38)
CVE-2021-24875
CWE-79
High
Moodle Credentials Management Errors Vulnerability (CVE-2009-4304)
CVE-2009-4304
-
High
WordPress Plugin Amelia-Events & Appointments Booking Calendar Cross-Site Scripting (1.0.46)
CVE-2022-0834
CWE-79
High
WordPress Plugin Advanced Forms for ACF Security Bypass (1.6.8)
CVE-2021-24892
CWE-264
High
WordPress Plugin Advanced Forms for ACF Pro Security Bypass (1.6.8)
CVE-2021-24892
CWE-264
High
ZenCart Other Vulnerability (CVE-2009-4323)
CVE-2009-4323
-
High
WordPress Plugin About Author Box Cross-Site Scripting (1.0.1)
CVE-2021-24745
CWE-79
High
WordPress Plugin YOP Poll Cross-Site Scripting (6.3.2)
-
CWE-79
High
WordPress Plugin WP Statistics SQL Injection (13.1.4)
CVE-2022-0513
CWE-89
High
WordPress Plugin WP Statistics Multiple Vulnerabilities (13.1.5)
CVE-2022-25307
CWE-89
High
Trac CVE-2009-4405 Vulnerability (CVE-2009-4405)
CVE-2009-4405
-
High
WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure (1.8.6)
CVE-2022-0345
CWE-200
High
WordPress Plugin Ecommerce-Two Factor Authentication Cross-Site Scripting (1.0.4)
-
CWE-79
High
WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard SQL Injection (4.1.7.1)
CVE-2021-24877
CWE-89
High
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.11)
-
-
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3697)
CVE-2009-3697
CWE-138
High
WordPress Plugin Ivory Search-WordPress Search Unspecified Vulnerability (5.4.3)
-
-
High
WordPress Plugin Ivory Search-WordPress Search Multiple Cross-Site Scripting Vulnerabilities (5.4)
CVE-2021-25105
CWE-79
High
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.6.6)
CVE-2021-36869
CWE-79
High
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.7.1)
-
CWE-79
High
WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.6.2)
CVE-2021-24714
CWE-79
High
WordPress Plugin Ibtana-Ecommerce Product Addons Cross-Site Scripting (0.2.3)
-
CWE-79
High
WordPress Plugin Header Footer Code Manager Cross-Site Scripting (1.1.16)
CVE-2022-0710
CWE-79
High
CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)
CVE-2009-3904
CWE-264
High
WordPress Plugin GenerateBlocks Cross-Site Scripting (1.3.5)
CVE-2021-24751
CWE-79
High
XOOPS CVE-2009-3963 Vulnerability (CVE-2009-3963)
CVE-2009-3963
-
High
WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.4.7)
CVE-2021-24891
CWE-79
High
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.9)
-
-
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4018)
CVE-2009-4018
CWE-264
High
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.15.2)
CVE-2021-24700
CWE-79
High
WordPress Plugin Falang multilanguage for WordPress Cross-Site Scripting (1.3.17)
-
CWE-79
High
WordPress Plugin Email Before Download Unspecified Vulnerability (6.9.3)
-
-
High
WordPress Plugin Email Before Download SQL Injection (6.7)
CVE-2021-24748
CWE-89
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4037)
CVE-2009-4037
CWE-138
High
WordPress Plugin Email Before Download SQL Injection (3.4)
-
CWE-89
High
WordPress Plugin Email Before Download SQL Injection (3.6)
-
CWE-89
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4045)
CVE-2009-4045
CWE-138
High
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4060)
CVE-2009-4060
CWE-138
High
WordPress Plugin WPGateway Privilege Escalation (3.5)
CVE-2022-3180
CWE-269
High
WordPress Plugin WPtouch Cross-Site Scripting (4.3.42)
-
CWE-79
High
WordPress Plugin Visual Form Builder Unspecified Vulnerability (3.0.5)
-
-
High
WordPress Plugin Genesis Columns Advanced Cross-Site Scripting (2.0.3)
CVE-2022-4706
CWE-79
High
Oracle Database Server CVE-2007-5520 Vulnerability (CVE-2007-5520)
CVE-2007-5520
-
High
Oracle Application Server CVE-2007-5521 Vulnerability (CVE-2007-5521)
CVE-2007-5521
-
High
Oracle Application Server CVE-2007-5523 Vulnerability (CVE-2007-5523)
CVE-2007-5523
-
High
Oracle Application Server CVE-2007-5524 Vulnerability (CVE-2007-5524)
CVE-2007-5524
-
High
Oracle Application Server CVE-2007-5525 Vulnerability (CVE-2007-5525)
CVE-2007-5525
-
High
Oracle Database Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5554)
CVE-2007-5554
CWE-200
High
WordPress Plugin GigPress Cross-Site Scripting (2.3.27)
CVE-2022-4759
CWE-79
High
WordPress Plugin GeoDirectory-WordPress Business Directory and Classified Ads Listings SQL Injection (2.2.23)
CVE-2023-0278
CWE-89
High
WordPress Plugin GeoDirectory-WordPress Business Directory and Classified Ads Listings Cross-Site Scripting (2.2.21)
CVE-2022-4775
CWE-79
High
WordPress Plugin GeoDirectory Location Manager Multiple SQL Injection Vulnerabilities (2.1.0.9)
CVE-2021-24361
CWE-89
High
WordPress Plugin Galleries by Angie Makes Cross-Site Scripting (1.67)
CVE-2022-4795
CWE-79
High
Oracle Application Server CVE-2007-5519 Vulnerability (CVE-2007-5519)
CVE-2007-5519
-
High
WordPress Plugin Form for WordPress-Zoho Forms Cross-Site Scripting (3.0)
CVE-2023-0169
CWE-79
High
WordPress Plugin FluentAuth-The Ultimate Authorization & Security for WordPress Security Bypass (1.0.1)
CVE-2022-4746
CWE-693
High
WordPress Plugin FL3R FeelBox Multiple Vulnerabilities (8.1)
CVE-2022-4553
CWE-352
High
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-5688)
CVE-2007-5688
CWE-138
High
WordPress Plugin Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9)
CVE-2023-0159
CWE-22
High
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5741)
CVE-2007-5741
CWE-94
High
WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.1.6)
CVE-2022-3811
CWE-79
High
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-5897)
CVE-2007-5897
CWE-119
High
WordPress Plugin Enable Media Replace Directory Traversal (3.6.3)
CVE-2022-2554
CWE-22
High
WordPress Plugin Enable Media Replace Arbitrary File Upload (4.0.1)
CVE-2023-0255
CWE-434
High
Oracle Application Server CVE-2007-5520 Vulnerability (CVE-2007-5520)
CVE-2007-5520
-
High
Oracle Application Server CVE-2007-5518 Vulnerability (CVE-2007-5518)
CVE-2007-5518
-
High
WordPress Plugin EmbedSocial-Social Media Feeds, Reviews and Galleries Cross-Site Scripting (1.1.27)
CVE-2023-0371
CWE-79
High
Oracle Database Server CVE-2007-5505 Vulnerability (CVE-2007-5505)
CVE-2007-5505
-
High
WordPress Plugin Intuitive Custom Post Order Multiple Vulnerabilities (3.1.3)
CVE-2022-4386
CWE-862
High
WordPress Plugin Icon Widget Cross-Site Scripting (1.2.6)
CVE-2022-4763
CWE-79
High
WordPress Plugin Hueman Addons Cross-Site Scripting (2.3.3)
CVE-2022-4784
CWE-79
High
WordPress Plugin HashBar-WordPress Notification Bar Cross-Site Scripting (1.3.5)
CVE-2022-4650
CWE-79
High
«
1
...
104
105
106
...
313
»