🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
OpenSSL Improper Authentication Vulnerability (CVE-2010-4252)
CVE-2010-4252
CWE-287
High
WordPress Plugin Cardinity Payment Gateway for WooCommerce Cross-Site Scripting (3.0.6)
-
CWE-79
High
WordPress Plugin Easiest Contact Form for WordPress-AP Contact Form includes Backdoor [Only if downloaded via the vendor website] (1.0.6)
CVE-2021-24867
CWE-912
High
WordPress Plugin Easy PayPal Events Cross-Site Scripting (1.1.1)
-
CWE-79
High
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4269)
CVE-2010-4269
CWE-138
High
WordPress Plugin Fetch Tweets Cross-Site Scripting (2.6.4)
-
CWE-79
High
WordPress Plugin Frontend Uploader Cross-Site Scripting (1.3.2)
CVE-2021-24563
CWE-79
High
WordPress Plugin Frontend Post WordPress-AccessPress Anonymous Post includes Backdoor [Only if downloaded via the vendor website] (2.8.0)
CVE-2021-24867
CWE-912
High
WordPress Plugin Free WordPress To Display Like/Dislike Comment Rating-Everest Comment Rating Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.4)
CVE-2021-24867
CWE-912
High
WordPress Plugin Free Responsive Tab For WordPress-Everest Tab Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.3)
CVE-2021-24867
CWE-912
High
WordPress Plugin Free Responsive Post/Article Author Section for WordPress-Ultimate Author Box Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2)
CVE-2021-24867
CWE-912
High
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Unspecified Vulnerability (5.0.12)
-
-
High
WordPress Plugin Form Store to DB Unspecified Vulnerability (1.1.0)
-
-
High
WordPress Plugin Form Store to DB includes Backdoor [Only if downloaded via the vendor website] (1.0.9)
CVE-2021-24867
CWE-912
High
WordPress Plugin Flat Preloader Cross-Site Scripting (1.5.4)
CVE-2021-24789
CWE-79
High
WordPress Plugin Flat Preloader Cross-Site Request Forgery (1.5.3)
CVE-2021-24685
CWE-352
High
WordPress Plugin Faster and Easier scroll to Top for WordPress-Smart Scroll to Top Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.3)
CVE-2021-24867
CWE-912
High
WordPress Plugin Easy PayPal Events Unspecified Vulnerability (1.1.6)
-
-
High
WordPress Plugin Far Future Expiry Header Cross-Site Request Forgery (1.4)
CVE-2021-24799
CWE-352
High
WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.0)
CVE-2021-24708
CWE-79
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3708)
CVE-2010-3708
CWE-20
High
WordPress Plugin Everest Review Lite-User/Admin review for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.7)
CVE-2021-24867
CWE-912
High
WordPress Plugin Everest GPlaces Business Reviews includes Backdoor [Only if downloaded via the vendor website] (1.0.9)
CVE-2021-24867
CWE-912
High
WordPress Plugin Events Made Easy SQL Injection (2.2.35)
CVE-2021-25030
CWE-89
High
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714)
CVE-2010-3714
CWE-264
High
WordPress Plugin Events Made Easy Cross-Site Scripting (2.2.23)
CVE-2021-24813
CWE-79
High
WordPress Plugin Embed Swagger Cross-Site Scripting (1.0.0)
CVE-2022-0381
CWE-79
High
WordPress Plugin Effectively Add & Customize Free Icons For WordPress Menus-WP Menu Icons Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
CVE-2021-24867
CWE-912
High
WordPress Plugin Booking.com Product Helper Unspecified Vulnerability (1.0.3)
-
-
High
WordPress Plugin Booking.com Product Helper Cross-Site Scripting (1.0.1)
CVE-2021-24645
CWE-79
High
WordPress Plugin Genie WP Favicon Cross-Site Request Forgery (0.5.2)
CVE-2021-24674
CWE-352
High
WordPress Plugin Wp Cookie Choice Cross-Site Request Forgery (1.1.0)
CVE-2021-24595
CWE-352
High
WordPress Plugin Accept Donations with PayPal Cross-Site Scripting (1.3.1)
CVE-2021-24815
CWE-79
High
WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3)
CVE-2021-24572
CWE-352
High
WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3.3)
CVE-2021-24989
CWE-352
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4696)
CVE-2010-4696
CWE-138
High
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Request Forgery (3.0.8)
CVE-2021-24766
CWE-352
High
WordPress Plugin 3DPrint Lite Cross-Site Scripting (1.9.1.5)
-
CWE-79
High
WordPress Plugin YITH WooCommerce Product Add-Ons Multiple Vulnerabilities (2.0.7)
-
CWE-79
High
WordPress Plugin YITH WooCommerce Product Add-Ons Cross-Site Scripting (2.2.2)
-
CWE-79
High
WordPress Plugin WP Import Export Lite Security Bypass (3.9.4)
-
CWE-284
High
WordPress Plugin WP Import Export Lite Information Disclosure (3.9.15)
CVE-2022-0236
CWE-200
High
WordPress Plugin WordPress PDF Light Viewer Command Injection (1.4.11)
CVE-2021-24684
CWE-94
High
WordPress Plugin AccessPress Custom CSS includes Backdoor [Only if downloaded via the vendor website] (2.0.1)
CVE-2021-24867
CWE-912
High
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Unspecified Vulnerability (1.2.6.2)
-
-
High
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Unspecified Vulnerability (1.2.6.1)
-
-
High
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Unspecified Vulnerability (1.2.6)
-
-
High
WordPress Plugin WooCommerce EnvioPack Cross-Site Scripting (1.2)
CVE-2021-39314
CWE-79
High
WordPress Plugin Wechat Reward Cross-Site Request Forgery (1.7)
CVE-2021-24615
CWE-352
High
WordPress Plugin Variation Swatches for WooCommerce Cross-Site Scripting (2.1.1)
CVE-2021-42367
CWE-79
High
WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Cross-Site Scripting Vulnerabilities (1.9.8)
CVE-2021-24740
CWE-79
High
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4903)
CVE-2010-4903
CWE-138
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4906)
CVE-2010-4906
CWE-138
High
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.10)
CVE-2021-24873
CWE-79
High
PHP Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2010-4657)
CVE-2010-4657
CWE-772
High
WordPress Plugin AccessPress Custom Post Type includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
CVE-2021-24867
CWE-912
High
WordPress Plugin Booking.com Banner Creator Unspecified Vulnerability (1.4.5)
-
-
High
WordPress Plugin Age Gate Unspecified Vulnerability (2.18.5)
-
-
High
CakePHP Improper Input Validation Vulnerability (CVE-2010-4335)
CVE-2010-4335
CWE-20
High
WordPress Plugin Booking.com Banner Creator Cross-Site Scripting (1.4.2)
CVE-2021-24646
CWE-79
High
WordPress Plugin Better Messages-Live Chat for WordPress, BuddyPress, BuddyBoss, Ultimate Member Multiple Vulnerabilities (1.9.9.37)
CVE-2021-24809
CWE-352
High
WordPress Plugin Beautiful Stat Counter for WordPress-Everest Counter Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.7)
CVE-2021-24867
CWE-912
High
WordPress Plugin Beautiful FAQ for WordPress-Everest FAQ Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
CVE-2021-24867
CWE-912
High
WordPress Plugin Batch Cat Security Bypass (0.3)
CVE-2021-24788
CWE-264
High
WordPress Plugin Badge Designer Lite For WooCommerce includes Backdoor [Only if downloaded via the vendor website] (1.1.0)
CVE-2021-24867
CWE-912
High
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Security Bypass (1.7.5)
CVE-2021-24717
CWE-863
High
WordPress Plugin AP Companion includes Backdoor [Only if downloaded via the vendor website] (1.0.6)
CVE-2021-24867
CWE-912
High
WordPress Plugin Allow REL= and HTML in Author Bios Cross-Site Scripting (.1)
-
CWE-79
High
WordPress Plugin Affiliates Manager SQL Injection (2.8.6)
CVE-2021-24844
CWE-89
High
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4641)
CVE-2010-4641
CWE-138
High
WordPress Plugin Affiliates Manager Cross-Site Scripting (2.8.9)
CVE-2021-25078
CWE-79
High
WordPress Plugin AdSanity Arbitrary File Upload (1.8.1)
-
CWE-434
High
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)
CVE-2010-4558
CWE-94
High
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.7.47)
CVE-2021-24616
CWE-79
High
WordPress Plugin Active Products Tables for WooCommerce. Best and Professional products tables for WooCommerce store Cross-Site Scripting (1.0.3.1)
-
CWE-79
High
«
1
...
116
117
118
...
313
»