🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23101 vulnerabilities
in this category.
Critical: 1474
High: 12458
Medium: 8395
Low: 770
Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Import all XML, CSV & TXT into WordPress Server-Side Request Forgery (6.5.2)
CVE-2022-1977
CWE-918
High
Joomla Numeric Errors Vulnerability (CVE-2008-4102)
CVE-2008-4102
-
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Security Bypass (6.4.1)
-
CWE-862
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Multiple Vulnerabilities (6.5.7)
CVE-2022-3244
CWE-862
High
Joomla Improper Input Validation Vulnerability (CVE-2008-4105)
CVE-2008-4105
CWE-20
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (6.4.2)
CVE-2022-0360
CWE-79
High
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3747)
CVE-2008-3747
CWE-264
High
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.6.0)
CVE-2022-36375
CWE-863
High
WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.5)
CVE-2022-3764
CWE-89
High
WordPress Plugin Advanced WP Columns Cross-Site Scripting (2.0.6)
CVE-2022-3426
CWE-79
High
WordPress Plugin Follow Me Cross-Site Request Forgery (3.1.1)
CVE-2022-3240
CWE-352
High
WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty SQL Injection (3.0.2)
CVE-2022-3858
CWE-89
High
WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty Multiple Cross-Site Scripting Vulnerabilities (2.8.3)
CVE-2021-36846
CWE-79
High
WordPress Plugin Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list CSV Injection (2.0.68)
CVE-2022-3603
CWE-1236
High
WordPress Plugin Comic Book Management System SQL Injection (2.1.0)
CVE-2022-3856
CWE-89
High
WordPress Plugin Clerk Security Bypass (3.8.3)
CVE-2022-3907
CWE-200
High
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.19)
CVE-2022-3922
CWE-79
High
WordPress Plugin BeCustom Cross-Site Request Forgery (1.0.5.2)
CVE-2022-3747
CWE-352
High
Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481)
CVE-2008-3481
CWE-94
High
Coppermine Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3486)
CVE-2008-3486
CWE-22
High
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)
CVE-2008-3655
CWE-264
High
WordPress Plugin We�re Open! Cross-Site Scripting (1.41)
CVE-2022-3139
CWE-79
High
Ruby Resource Management Errors Vulnerability (CVE-2008-3656)
CVE-2008-3656
-
High
Ruby Improper Input Validation Vulnerability (CVE-2008-3657)
CVE-2008-3657
CWE-20
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3658)
CVE-2008-3658
CWE-119
High
WordPress Plugin Advanced Import:One Click Import for WordPress or Theme Demo Data Cross-Site Request Forgery (1.3.7)
CVE-2022-3677
CWE-352
High
WordPress Plugin Add Comments Cross-Site Scripting (1.0.1)
CVE-2022-3909
CWE-79
High
WordPress Plugin 3DPrint Cross-Site Request Forgery (3.5.4.7)
CVE-2022-3899
CWE-352
High
WordPress Plugin WP Super Cache Cache Poisoning (1.8)
-
CWE-349
High
WordPress Plugin WP Humans.txt Cross-Site Scripting (1.0.6)
CVE-2022-3392
CWE-79
High
WordPress Plugin WP Custom Cursors Multiple Vulnerabilities (3.0)
CVE-2022-3151
CWE-352
High
WordPress Plugin WP ALL Export Pro Multiple Vulnerabilities (1.7.8)
CVE-2022-3395
CWE-94
High
WordPress Plugin WP Custom Admin Interface PHP Object Injection (7.28)
CVE-2022-4043
CWE-915
High
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0)
CVE-2022-44737
CWE-352
High
WordPress Plugin Bootstrap Shortcodes Cross-Site Scripting (3.4.0)
CVE-2022-4777
CWE-79
High
WordPress Plugin WP Smart Import: Import any XML File to WordPress Server-Side Request Forgery (1.0.0)
CVE-2020-24147
CWE-918
High
WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.19.0)
CVE-2022-45359
CWE-434
High
WordPress Plugin WPQA-Builder forms Addon For WordPress Insecure Direct Object Reference (5.9.2)
CVE-2022-3343
CWE-639
High
WordPress Plugin WP User-Custom Registration Forms, Login and User Profile Multiple Vulnerabilities (7.0)
CVE-2022-4519
CWE-89
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0491)
CVE-2008-0491
CWE-138
High
WordPress Plugin WP Statistics SQL Injection (13.2.8)
CVE-2022-4230
CWE-89
High
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0611)
CVE-2008-0611
CWE-138
High
XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0612)
CVE-2008-0612
CWE-22
High
WordPress Plugin WP Statistics Cross-Site Scripting (13.2.1)
CVE-2022-27231
CWE-79
High
WordPress Plugin WP Social Sharing Cross-Site Scripting (2.2)
CVE-2022-4198
CWE-79
High
WordPress Plugin WP Smart Import: Import any XML File to WordPress Cross-Site Scripting (1.0.2)
CVE-2022-40209
CWE-79
High
WordPress Plugin YITH WooCommerce Gift Cards Unspecified Vulnerability (2.14.0)
-
-
High
WordPress Plugin WP RSS By Publishers Multiple SQL Injection Vulnerabilities (0.1)
CVE-2022-4360
CWE-89
High
WordPress Plugin WP-Lister Lite for Amazon Cross-Site Scripting (2.4.3)
CVE-2022-4369
CWE-79
High
osCommerce Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0719)
CVE-2008-0719
CWE-138
High
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (9.3.2)
CVE-2022-4417
CWE-264
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0795)
CVE-2008-0795
CWE-138
High
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Cross-Site Scripting (9.1)
-
CWE-79
High
WordPress Plugin WP-Ban Cross-Site Scripting (1.69)
CVE-2022-4260
CWE-79
High
WordPress Plugin WP AutoComplete Search SQL Injection (1.0.4)
CVE-2022-4297
CWE-89
High
WordPress Plugin WordPress Filter Gallery Security Bypass (0.0.6)
-
CWE-284
High
WordPress Plugin WordPress Filter Gallery Cross-Site Scripting (0.1.5)
CVE-2022-4142
CWE-79
High
WordPress Plugin YITH WooCommerce Gift Cards Premium Unspecified Vulnerability (3.20.0)
-
-
High
WordPress Plugin 0mk Shortener Cross-Site Request Forgery (0.2)
CVE-2022-2933
CWE-352
High
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.6)
CVE-2022-4106
CWE-552
High
WordPress Plugin Arigato Autoresponder and Newsletter Cross-Site Scripting (2.7.1.1)
CVE-2023-0543
CWE-79
High
Ext JS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2007-6758)
CVE-2007-6758
CWE-918
High
WordPress Plugin Booster Plus for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)
CVE-2022-4017
CWE-352
High
WordPress Plugin Booster Elite for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)
CVE-2022-4017
CWE-352
High
Internet Information Services CVE-2008-0074 Vulnerability (CVE-2008-0074)
CVE-2008-0074
-
High
WordPress Plugin Bold Timeline Lite Cross-Site Scripting (1.1.4)
CVE-2022-4828
CWE-79
High
WordPress Plugin Better Font Awesome Cross-Site Scripting (2.0.3)
CVE-2022-4512
CWE-79
High
WordPress Plugin BackUpWordPress Unspecified Vulnerability (3.12)
-
-
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0145)
CVE-2008-0145
CWE-264
High
OpenSSL Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2008-0166)
CVE-2008-0166
CWE-338
High
WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3)
CVE-2022-4790
CWE-79
High
WordPress Plugin amr shortcode any widget Cross-Site Scripting (4.0)
CVE-2022-4458
CWE-79
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0383)
CVE-2008-0383
CWE-138
High
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0194)
CVE-2008-0194
CWE-22
High
WordPress Plugin Amazon JS Cross-Site Scripting (0.10)
CVE-2023-0075
CWE-79
High
«
1
...
107
108
109
...
309
»
