Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin BuddyPress Cover Arbitrary File Upload (2.1.4.2)
CVE-2024-35746
CWE-434
High
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2002-2391)
CVE-2002-2391
CWE-138
High
WordPress Plugin Elementor Website Builder Arbitrary File Upload (3.18.1)
CVE-2023-48777
CWE-434
High
WordPress Plugin Deeper Comments Security Bypass (2.1.1)
-
CWE-862
High
WordPress Plugin Weaver Show Posts Cross-Site Scripting (1.6)
CVE-2023-1404
CWE-79
High
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.5)
CVE-2023-1839
CWE-79
High
WordPress Plugin Booking Calendar-Appointment Booking-BookIt Unspecified Vulnerability (2.3.8)
-
-
High
WordPress Plugin Booking Calendar-Appointment Booking-BookIt Security Bypass (2.3.7)
CVE-2023-2834
CWE-287
High
WordPress Plugin Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2)
CVE-2023-2986
CWE-326
High
WordPress Plugin YARPP-Yet Another Related Posts SQL Injection (5.30.2)
CVE-2023-0579
CWE-89
High
WordPress Plugin YARPP-Yet Another Related Posts Local File Inclusion (5.30.3)
CVE-2022-45374
CWE-22
High
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (6.8.1)
CVE-2023-0600
CWE-89
High
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.23.3)
CVE-2023-32960
CWE-352
High
WordPress Plugin Product Addons & Fields for WooCommerce Security Bypass (23.9)
CVE-2021-25018
CWE-862
High
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.6)
CVE-2023-2256
CWE-79
High
WordPress Plugin Otter-Gutenberg Blocks-Page Builder for Gutenberg Editor & FSE PHAR Deserialization (2.2.5)
CVE-2023-2288
CWE-502
High
WordPress Plugin LearnDash LMS SQL Injection (4.5.3)
CVE-2023-28777
CWE-89
High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.21)
CVE-2023-1835
CWE-79
High
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.3.0)
CVE-2023-1843
CWE-862
High
Zope Web Application Server Other Vulnerability (CVE-2005-3323)
CVE-2005-3323
-
High
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.2.1)
CVE-2023-0085
CWE-358
High
WordPress Plugin Image Optimizer by 10web-Image Optimizer and Compression Multiple Vulnerabilities (1.0.26)
CVE-2023-2122
CWE-79
High
WordPress Plugin Image Optimizer by 10web-Image Optimizer and Compression Directory Traversal (1.0.25)
-
CWE-22
High
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.15.727)
CVE-2022-25607
CWE-89
High
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.32.7212)
CVE-2023-30499
CWE-79
High
PHP Other Vulnerability (CVE-2005-3390)
CVE-2005-3390
-
High
PHP Other Vulnerability (CVE-2005-3391)
CVE-2005-3391
-
High
WordPress Plugin LearnDash LMS Insecure Direct Object Reference (4.6.0)
CVE-2023-3105
CWE-639
High
WordPress Plugin Mail logging-WP Mail Catcher Cross-Site Scripting (2.1.2)
CVE-2023-3080
CWE-79
High
OpenVPN AS Other Vulnerability (CVE-2005-3393)
CVE-2005-3393
-
High
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Privilege Escalation (2.10.0)
CVE-2022-4939
CWE-269
High
WordPress Plugin wpForo Forum Cross-Site Scripting (2.1.8)
CVE-2023-2309
CWE-79
High
WordPress Plugin WP User Switch Security Bypass (1.0.2)
CVE-2023-2546
CWE-287
High
WordPress Plugin WP Mail Logging Security Bypass (1.11.2)
-
CWE-862
High
WordPress Other Vulnerability (CVE-2005-2108)
CVE-2005-2108
-
High
WordPress Plugin WP Mail Logging Security Bypass (1.9.9)
CVE-2021-38314
CWE-284
High
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)
CVE-2023-3081
CWE-79
High
WordPress Plugin WP Mail Log Cross-Site Scripting (1.1.1)
CVE-2023-3088
CWE-79
High
XOOPS Other Vulnerability (CVE-2005-2113)
CVE-2005-2113
-
High
WordPress Plugin WP Mail Log Cross-Site Request Forgery (1.0.1)
CVE-2022-45807
CWE-352
High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.4)
CVE-2023-2982
CWE-287
High
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Insecure Direct Object Reference (2.10.7)
CVE-2023-2276
CWE-639
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.5.7)
CVE-2023-3082
CWE-79
High
e107 Other Vulnerability (CVE-2005-2559)
CVE-2005-2559
-
High
MySQL Other Vulnerability (CVE-2005-2572)
CVE-2005-2572
-
High
WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Cross-Site Request Forgery (2.9.10)
CVE-2022-4941
CWE-352
High
WordPress Other Vulnerability (CVE-2005-2612)
CVE-2005-2612
-
High
WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Arbitrary File Upload (3.0.2)
CVE-2023-3342
CWE-434
High
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Privilege Escalation (2.6.6)
CVE-2023-3460
CWE-269
High
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce Privilege Escalation (1.6.13)
CVE-2023-2833
CWE-269
High
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce CSV Injection (1.6.7)
CVE-2022-46809
CWE-1236
High
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)
CVE-2005-2946
CWE-327
High
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Multiple Cross-Site Request Forgery Vulnerabilities (2.5.6)
CVE-2023-3179
CWE-352
High
PHP Other Vulnerability (CVE-2005-3392)
CVE-2005-3392
-
High
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.18.727)
CVE-2022-25613
CWE-79
High
WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More Security Bypass (4.6.00)
CVE-2023-3126
CWE-862
High
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4875)
CVE-2005-4875
CWE-200
High
e107 Other Vulnerability (CVE-2005-4224)
CVE-2005-4224
-
High
WordPress Plugin WP Data Access Privilege Escalation (5.3.7)
CVE-2023-1874
CWE-269
High
Internet Information Services Unchecked Return Value Vulnerability (CVE-2005-4360)
CVE-2005-4360
CWE-252
High
WordPress Plugin WP Basic Elements Cross-Site Request Forgery (5.2.15)
CVE-2022-47139
CWE-352
High
WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.5)
-
CWE-89
High
WordPress Plugin WordPress WP-Advanced-Search Cross-Site Request Forgery (3.3.8)
CVE-2022-47447
CWE-352
High
WordPress Plugin WordPress Console Security Bypass (0.3.9)
CVE-2023-28168
CWE-862
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4836)
CVE-2005-4836
CWE-200
High
WordPress Plugin WooCommerce Weight Based Shipping Cross-Site Request Forgery (5.4.1)
CVE-2022-46794
CWE-352
High
WordPress Plugin WooCommerce Security Bypass (6.3.0)
-
CWE-863
High
WordPress Plugin WooCommerce Payments-Fully Integrated Solution Built and Supported by Woo Security Bypass (5.6.1)
CVE-2023-28121
CWE-269
High
WordPress Plugin WP Data Access Security Bypass (5.1.3)
-
CWE-862
High
WordPress Plugin WooCommerce Multiple Vulnerabilities (6.2.0)
CVE-2022-0775
CWE-863
High
WordPress Plugin WooCommerce HTML Injection (6.5.1)
CVE-2022-2099
CWE-79
High
WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)
-
CWE-862
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-0097)
CVE-2006-0097
CWE-119
High
WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7)
CVE-2022-4661
CWE-79
High
WordPress Plugin WH Testimonials Cross-Site Scripting (3.0.0)
CVE-2023-1372
CWE-79
High