🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Log HTTP Requests Cross-Site Scripting (1.3.1)
CVE-2022-3402
CWE-79
High
WordPress Plugin ImageMagick Engine Cross-Site Request Forgery (1.7.4)
CVE-2022-2441
CWE-352
High
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.6.0)
CVE-2022-36375
CWE-863
High
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3747)
CVE-2008-3747
CWE-264
High
WordPress Plugin TeraWallet-For WooCommerce Insecure Direct Object Reference (1.4.3)
CVE-2022-3995
CWE-639
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4625)
CVE-2008-4625
CWE-138
High
Ruby Resource Management Errors Vulnerability (CVE-2008-4310)
CVE-2008-4310
-
High
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.15.5)
CVE-2022-3300
CWE-89
High
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4359)
CVE-2008-4359
CWE-200
High
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4360)
CVE-2008-4360
CWE-200
High
WordPress Plugin FavIcon Switcher Cross-Site Request Forgery (1.2.11)
CVE-2022-40219
CWE-352
High
WordPress Plugin Export Post Info CSV Injection (1.2.0)
CVE-2022-38061
CWE-1236
High
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4433)
CVE-2008-4433
CWE-138
High
WordPress Plugin Export Post Info Cross-Site Scripting (1.1.0)
CVE-2022-38068
CWE-79
High
WordPress Plugin Export any WordPress data to XML/CSV SQL Injection (1.3.4)
CVE-2022-1800
CWE-89
High
WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.5)
-
CWE-79
High
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (3.0.30)
CVE-2022-3350
CWE-79
High
WordPress Plugin Frontend File Manager Cross-Site Request Forgery (21.3)
CVE-2022-3126
CWE-352
High
WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Multiple Cross-Site Request Forgery Vulnerabilities (1.1.4)
CVE-2021-36855
CWE-352
High
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Security Bypass (6.9.11)
CVE-2022-3622
CWE-862
High
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Multiple Vulnerabilities (6.9.9)
CVE-2022-3247
CWE-918
High
WordPress Plugin Backup Scheduler Cross-Site Request Forgery (1.5.13)
CVE-2022-38079
CWE-352
High
Drupal CVE-2008-4793 Vulnerability (CVE-2008-4793)
CVE-2008-4793
-
High
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-4864)
CVE-2008-4864
CWE-190
High
WordPress Plugin AdminPad Cross-Site Request Forgery (2.1)
CVE-2022-2762
CWE-352
High
WordPress Plugin 3dady real-time web stats Cross-Site Request Forgery (1.0)
-
CWE-352
High
WordPress Plugin 3D Tag Cloud Cross-Site Request Forgery (3.8)
CVE-2022-36417
CWE-352
High
WordPress Plugin Zephyr Project Manager Multiple Vulnerabilities (3.2.42)
CVE-2022-2840
CWE-89
High
WordPress Plugin Forym-Modern Discussion Forum for Wordpress-Forums Cross-Site Scripting (1.5.8)
-
CWE-79
High
WordPress Plugin Helpful Information Disclosure (4.5.25)
CVE-2022-2834
CWE-200
High
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Cross-Site Scripting (3.7.1)
CVE-2022-40215
CWE-79
High
WordPress Plugin LBstopattack Cross-Site Request Forgery (1.1.2)
CVE-2022-3097
CWE-352
High
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.185)
CVE-2022-3302
CWE-89
High
Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929)
CVE-2008-3929
CWE-59
High
WordPress Plugin Search Logger-Know What Your Visitors Search SQL Injection (0.9)
CVE-2022-3131
CWE-89
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3965)
CVE-2008-3965
CWE-138
High
WordPress Plugin Retain Live Chat Cross-Site Scripting (0.1)
CVE-2022-3391
CWE-79
High
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3967)
CVE-2008-3967
CWE-264
High
WordPress Plugin Post to CSV by BestWebSoft CSV Injection (1.4.0)
CVE-2022-3393
CWE-1236
High
WordPress Plugin Passster-Password Protection Weak Encoding (3.5.5.5.1)
CVE-2022-3206
CWE-326
High
WordPress Plugin miniOrange Discord Integration Security Bypass (2.1.5)
CVE-2022-3082
CWE-284
High
WordPress Plugin Manage Notification E-mails Cross-Site Request Forgery (1.8.2)
CVE-2022-34654
CWE-352
High
WordPress Plugin Kraken.io Image Optimizer Cross-Site Request Forgery (2.6.5)
CVE-2022-38454
CWE-352
High
WordPress Plugin Helpful Security Bypass (4.5.14)
-
CWE-264
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4094)
CVE-2008-4094
CWE-138
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2008-4096)
CVE-2008-4096
CWE-20
High
WordPress Plugin Kadence WooCommerce Email Designer PHP Object Injection (1.5.6)
CVE-2022-3335
CWE-915
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Server-Side Request Forgery (6.5.2)
CVE-2022-1977
CWE-918
High
Joomla Numeric Errors Vulnerability (CVE-2008-4102)
CVE-2008-4102
-
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Security Bypass (6.4.1)
-
CWE-862
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Multiple Vulnerabilities (6.5.7)
CVE-2022-3244
CWE-862
High
Joomla Improper Input Validation Vulnerability (CVE-2008-4105)
CVE-2008-4105
CWE-20
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (6.4.2)
CVE-2022-0360
CWE-79
High
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Upload (6.4)
-
CWE-434
High
WordPress Plugin SVG Support Cross-Site Scripting (2.5.1)
CVE-2022-4022
CWE-79
High
WordPress Plugin Theme Demo Import Arbitrary File Upload (1.1.0)
CVE-2022-1538
CWE-434
High
WordPress Plugin 0mk Shortener Cross-Site Request Forgery (0.2)
CVE-2022-2933
CWE-352
High
WordPress Plugin Qe SEO Handyman SQL Injection (1.0)
CVE-2022-4352
CWE-89
High
WordPress Plugin Wholesale Market Arbitrary File Download (2.2.0)
CVE-2022-4298
CWE-552
High
WordPress Plugin Web Invoice-Invoicing and billing for WordPress Multiple SQL Injection Vulnerabilities (2.1.3)
CVE-2022-4372
CWE-89
High
WordPress Plugin Visual Email Designer for WooCommerce SQL Injection (1.7.1)
CVE-2022-3860
CWE-89
High
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.39)
CVE-2021-24746
CWE-79
High
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.44)
CVE-2022-4451
CWE-79
High
WordPress Plugin Sitemap Cross-Site Scripting (4.3)
CVE-2022-4545
CWE-79
High
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)
-
CWE-862
High
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Cross-Site Scripting (3.5.7)
CVE-2022-4472
CWE-79
High
WordPress Plugin Search & Filter Cross-Site Scripting (1.2.15)
CVE-2022-4467
CWE-79
High
WordPress Plugin Quote-O-Matic SQL Injection (1.0.5)
CVE-2022-4373
CWE-89
High
WordPress Plugin Product list Widget for Woocommerce Cross-Site Scripting (1.0)
CVE-2022-4329
CWE-79
High
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.6)
CVE-2022-4106
CWE-552
High
WordPress Plugin Page-list Cross-Site Scripting (5.2)
CVE-2022-4485
CWE-79
High
Python Incorrect Conversion between Numeric Types Vulnerability (CVE-2008-1721)
CVE-2008-1721
CWE-681
High
WordPress Plugin OneClick Chat to Order Cross-Site Scripting (1.0.4.1)
CVE-2022-4760
CWE-79
High
WordPress Plugin multimedial images SQL Injection (1.0b)
CVE-2022-4370
CWE-89
High
WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.8)
CVE-2022-4200
CWE-79
High
«
1
...
108
109
110
...
313
»