🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Missing Authentication for Critical Function Vulnerability (CVE-2020-11028)
CVE-2020-11028
CWE-306
High
Sqlite Use After Free Vulnerability (CVE-2020-13871)
CVE-2020-13871
CWE-416
High
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.34)
-
CWE-79
High
WordPress Plugin ALO EasyMail Newsletter Multiple Vulnerabilities (2.6.00)
-
CWE-352
High
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.7)
CVE-2015-7320
CWE-89
High
Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)
CVE-2020-13763
CWE-281
High
WordPress Plugin BJ Lazy Load Remote Code Execution (0.7.5)
-
CWE-94
High
WordPress Plugin WP Symposium SQL Injection (15.5.1)
-
CWE-89
High
WordPress Plugin Contact Form 7 Security Bypass (4.1)
-
CWE-330
High
WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31)
CVE-2015-1874
CWE-352
High
WordPress Plugin Contextual Related Posts Cross-Site Request Forgery (1.8.6)
CVE-2013-2710
CWE-352
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13760)
CVE-2020-13760
CWE-352
High
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.9.7)
-
CWE-79
High
WordPress Plugin Contact Form Generator Multiple Cross-Site Request Forgery Vulnerabilities (2.1.86)
CVE-2015-6965
CWE-352
High
WordPress Plugin DVS Custom Notification Multiple Cross-Site Request Forgery Vulnerabilities (1.0.1)
CVE-2012-4921
CWE-352
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-11057)
CVE-2020-11057
CWE-94
High
WordPress Plugin Count per Day Information Disclosure (3.2.5)
-
CWE-200
High
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.6.6)
-
CWE-79
High
Drupal Improper Access Control Vulnerability (CVE-2020-13677)
CVE-2020-13677
CWE-284
High
WordPress Plugin Dropdown Menu Widget Cross-Site Request Forgery (1.9.1)
CVE-2013-2704
CWE-352
High
WordPress Plugin BuddyPress Security Bypass (2.3.4)
-
CWE-264
High
WordPress Plugin WP Statistics SQL Injection (9.4)
-
CWE-89
High
WordPress Plugin Comment Attachment Cross-Site Scripting (1.5.5)
CVE-2013-6010
CWE-79
High
WordPress Plugin WP REST API (WP API) Security Bypass (1.2.1)
-
CWE-264
High
WordPress Plugin Easy Coming Soon Cross-Site Scripting (1.6.2)
-
CWE-79
High
silverstripeCMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-9280)
CVE-2020-9280
CWE-434
High
WordPress Plugin WP OAuth Server (OAuth Authentication) Security Bypass (3.1.4)
-
CWE-326
High
Apache Traffic Server Memory Disclosure Vulnerability (CVE-2020-17508)
CVE-2020-17508
-
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10804)
CVE-2020-10804
CWE-138
High
Squid NULL Pointer Dereference Vulnerability (CVE-2020-14058)
CVE-2020-14058
CWE-476
High
WordPress Plugin WP-Polls Cross-Site Scripting (2.69)
-
CWE-79
High
Perl Integer Overflow or Wraparound Vulnerability (CVE-2020-10878)
CVE-2020-10878
CWE-190
High
WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.3.1)
-
CWE-89
High
WordPress Plugin WP REST API (WP API) Cross-Site Scripting (1.2.2)
-
CWE-79
High
WordPress Plugin Dynamic Widgets Multiple Cross-Site Scripting Vulnerabilities (1.5.10)
-
CWE-79
High
WordPress Plugin WP REST API (WP API) Information Disclosure (1.2)
-
CWE-200
High
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (0.5.26)
-
CWE-79
High
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.51)
-
CWE-79
High
WordPress Plugin Connections Business Directory Unspecified Vulnerability (0.7.1.5)
CVE-2011-5254
-
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10968)
CVE-2020-10968
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10969)
CVE-2020-10969
CWE-502
High
WordPress Plugin Display Widgets Cross-Site Scripting (2.03)
-
CWE-79
High
WordPress Plugin WP Statistics Cross-Site Scripting (9.5.1)
-
CWE-79
High
WordPress Plugin Contact Form 7 Security Bypass (3.7.1)
CVE-2014-2265
CWE-264
High
WordPress Plugin Crazy Bone Cross-Site Scripting (0.5.6)
-
CWE-79
High
WordPress Plugin Contact Form Builder-a plugin for creating contact and feedback forms Multiple SQL Injection Vulnerabilities (1.0.24)
-
CWE-89
High
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.225)
-
CWE-79
High
WordPress Plugin CKEditor for WordPress Cross-Site Scripting (4.5.3)
-
CWE-79
High
WordPress Plugin Category Order and Taxonomy Terms Order Cross-Site Scripting (1.4.6)
-
CWE-79
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-13950)
CVE-2020-13950
CWE-476
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13587)
CVE-2020-13587
CWE-138
High
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (1.2.3)
-
CWE-79
High
WordPress Plugin XCloner-Backup and Restore Multiple Vulnerabilities (3.1.2)
CVE-2015-4338
CWE-94
High
WordPress Plugin Stream Video Player Cross-Site Request Forgery (1.4.0)
CVE-2013-2706
CWE-352
High
WordPress Plugin WordPress Poll Multiple Unspecified Vulnerabilities (35.0)
-
-
High
Moodle Improper Privilege Management Vulnerability (CVE-2020-25699)
CVE-2020-25699
CWE-269
High
WordPress Plugin TheCartPress eCommerce Shopping Cart Multiple Vulnerabilities (1.3.9)
CVE-2015-3986
CWE-352
High
WordPress Plugin WordPress Related Posts Cross-Site Request Forgery (2.6.1)
CVE-2013-3476
CWE-352
High
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239)
CVE-2020-35239
CWE-352
High
WordPress Plugin Subscribe2 Cross-Site Scripting (10.15)
-
CWE-79
High
WordPress Plugin Subscribe Form Remote Command Execution (1.1)
-
CWE-94
High
Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)
CVE-2020-25710
CWE-617
High
PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)
CVE-2020-25696
-
High
Oracle HTTP Server Other Vulnerability (CVE-2020-35164)
CVE-2020-35164
-
High
Dolibarr Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-35136)
CVE-2020-35136
CWE-138
High
WordPress Plugin WordPress Sentinel Multiple Vulnerabilities (1.0.0)
CVE-2011-5226
CWE-352
High
WordPress Plugin SP Project & Document Manager SQL Injection (2.5.3)
-
CWE-89
High
WordPress Plugin Simple visitor stat Cross-Site Scripting (1.0)
CVE-2014-9453
CWE-79
High
Oracle Database Server CVE-2020-2968 Vulnerability (CVE-2020-2968)
CVE-2020-2968
-
High
WordPress Plugin Simple Ads Manager Multiple Vulnerabilities (2.6.96)
CVE-2015-2826
CWE-200
High
Moodle CVE-2020-25698 Vulnerability (CVE-2020-25698)
CVE-2020-25698
-
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)
CVE-2020-35452
CWE-787
High
WordPress Plugin Sidekick Multiple Unspecified Vulnerabilities (2.2.1)
-
-
High
SharePoint CVE-2020-0852 Vulnerability (CVE-2020-0852)
CVE-2020-0852
-
High
Squid Improper Input Validation Vulnerability (CVE-2020-25097)
CVE-2020-25097
CWE-20
High
«
1
...
25
26
27
...
313
»