Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Cross-Site Scripting (5.0.2)
CVE-2019-9576
CWE-79
High
WordPress Plugin Events Made Easy Arbitrary File Upload (2.1.1)
-
CWE-434
High
WordPress Plugin Entries For WPForms SQL Injection (1.4.0)
-
CWE-89
High
WordPress Plugin Easy Testimonial Slider Unspecified Vulnerability (1.0.2)
-
-
High
WordPress Plugin Delete Duplicate Posts Security Bypass (4.1.9.4)
-
CWE-264
High
WordPress Plugin Custom Login Page Customizer-LoginPress Unspecified Vulnerability (1.1.15)
-
-
High
WordPress Plugin Content Aware Sidebars-Unlimited Widget Areas Security Bypass (3.8)
-
CWE-264
High
WordPress Plugin Contact Form 7 Multi-Step Forms Security Bypass (3.0.8)
-
CWE-264
High
WordPress Plugin Campaign URL Builder Cross-Site Request Forgery (1.5.0)
-
CWE-352
High
WordPress Plugin Booking Calendar SQL Injection (8.4.4)
CVE-2018-20556
CWE-89
High
PHP Numeric Errors Vulnerability (CVE-2015-4022)
CVE-2015-4022
-
High
PHP Data Processing Errors Vulnerability (CVE-2015-4025)
CVE-2015-4025
-
High
WordPress Plugin Flexible Captcha Security Bypass (4.0)
-
CWE-264
High
PHP Data Processing Errors Vulnerability (CVE-2015-4026)
CVE-2015-4026
-
High
PHP Data Processing Errors Vulnerability (CVE-2015-4147)
CVE-2015-4147
-
High
WordPress Plugin Airtight Security & Features Formerly Redirect Editor And Security Unspecified Vulnerability (2.1.7)
-
-
High
WordPress Plugin Advanced Custom Fields (ACF) PHP Object Injection (5.7.10)
-
CWE-915
High
WordPress Plugin Ad Manager by WD-Advanced Ad Manager Multiple Vulnerabilities (1.0.11)
-
CWE-538
High
PHP Improper Input Validation Vulnerability (CVE-2015-4604)
CVE-2015-4604
CWE-20
High
PHP Improper Input Validation Vulnerability (CVE-2015-4605)
CVE-2015-4605
CWE-20
High
WordPress Plugin Accessibility Suite by Online ADA SQL Injection (2.0.10)
-
CWE-89
High
PHP Other Vulnerability (CVE-2015-4644)
CVE-2015-4644
-
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)
CVE-2015-4654
CWE-138
High
WordPress Plugin File Manager Remote Code Execution (4.5)
-
CWE-94
High
WordPress Plugin Font Organizer Cross-Site Scripting (2.1.1)
CVE-2019-9908
CWE-79
High
WordPress Plugin Parallax Scroll Cross-Site Scripting (2.0.1)
CVE-2019-7413
CWE-79
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
CVE-2015-3416
CWE-190
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3307)
CVE-2015-3307
CWE-119
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3329)
CVE-2015-3329
CWE-119
High
WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Cross-Site Scripting (2.7.9)
CVE-2019-9910
CWE-79
High
WordPress Plugin NextScripts:Social Networks Auto-Poster Unspecified Vulnerability (4.3.2)
-
-
High
WordPress Plugin NextGEN Gallery-WordPress Gallery PHP Object Injection (3.1.5)
-
CWE-915
High
Sqlite Use of Uninitialized Resource Vulnerability (CVE-2015-3414)
CVE-2015-3414
CWE-908
High
PHP Use of Uninitialized Resource Vulnerability (CVE-2015-3414)
CVE-2015-3414
CWE-908
High
PHP Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415)
CVE-2015-3415
CWE-404
High
Sqlite Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415)
CVE-2015-3415
CWE-404
High
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
CVE-2015-3416
CWE-190
High
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Upload (4.16.1)
CVE-2019-14794
CWE-434
High
WordPress Plugin FormCraft-Contact Form Builder Cross-Site Request Forgery (1.2.1)
CVE-2019-5920
CWE-352
High
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Deletion (4.16.2)
CVE-2019-14793
CWE-73
High
WordPress Plugin MailPress Remote Code Execution (7.0.2)
-
CWE-94
High
WordPress Plugin Logo Carousel Cross-Site Request Forgery (1.7.4)
-
CWE-352
High
WordPress Plugin Launcher:Coming Soon & Maintenance Mode Cross-Site Scripting (1.0.10)
CVE-2019-7411
CWE-79
High
WordPress Plugin JS Help Desk (formerly JS Support Ticket) SQL Injection (2.1.0)
-
CWE-89
High
Sqlite Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-3717)
CVE-2015-3717
CWE-120
High
WordPress Plugin Instagram Feed Unspecified Vulnerability (1.10.2)
-
-
High
qdPM Sensitive Information Disclosure Vulnerability (CVE-2015-3881)
CVE-2015-3881
-
High
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.3.0)
CVE-2019-9909
CWE-79
High
WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Multiple Vulnerabilities (1.5.4)
CVE-2019-9568
CWE-89
High
Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2775)
CVE-2015-2775
CWE-22
High
WordPress Plugin Import and export users and customers Multiple Vulnerabilities (1.14.0.2)
CVE-2019-15329
CWE-352
High
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.1)
-
CWE-264
High
WordPress Plugin WP Database Backup Cross-Site Request Forgery (5.1.2)
-
CWE-352
High
WordPress Plugin All-in-One Event Calendar Cross-Site Scripting (2.5.38)
-
CWE-79
High
WordPress Plugin Affiliates Manager Cross-Site Request Forgery (2.6.5)
CVE-2019-15868
CWE-352
High
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-1789)
CVE-2015-1789
CWE-119
High
WordPress Plugin Advanced Woo Search Unspecified Vulnerability (1.69)
-
-
High
WordPress Plugin Zielke Specialized Catalog Arbitrary File Upload (3.0.7)
-
CWE-434
High
WordPress Plugin WP Inventory Manager Cross-Site Scripting (1.7.8)
-
CWE-79
High
WordPress Plugin WP Human Resource Management Security Bypass (2.2.5)
CVE-2019-9574
CWE-264
High
WordPress Plugin WP Google Maps SQL Injection (7.11.17)
CVE-2019-10692
CWE-89
High
WordPress Plugin WP Google Maps Cross-Site Request Forgery (7.11.27)
-
CWE-352
High
WordPress Plugin Social Sharing-Social Warfare Cross-Site Scripting (3.5.3)
-
CWE-79
High
WordPress Plugin Battle Suit for Divi Security Bypass (1.10.1)
-
CWE-264
High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Unspecified Vulnerability (7.2)
-
-
High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Cross-Site Request Forgery (7.1.6)
-
CWE-352
High
WordPress Plugin WordPress Gallery MaxGalleria Unspecified Vulnerability (6.0.8)
-
-
High
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-1814)
CVE-2015-1814
CWE-264
High
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.93)
CVE-2019-15889
CWE-79
High
WordPress Plugin WooCommerce PayPal Checkout Payment Gateway Parameter Tampering (1.6.8)
CVE-2019-7441
CWE-472
High
WordPress Plugin WooCommerce Checkout Manager Arbitrary File Upload (4.2.6)
-
CWE-434
High
WordPress Plugin W3 Total Cache Arbitrary File Disclosure (0.9.3)
CVE-2019-6715
CWE-538
High
WordPress Plugin Visual CSS Style Editor Security Bypass (7.1.9)
CVE-2019-11886
CWE-264
High
WordPress Plugin Ultimate Responsive Image Slider Unspecified Vulnerability (3.3.2)
-
-
High
WordPress Plugin Analytics Cross-Site Scripting (1.2.3)
-
CWE-79
High