Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin WP Survey And Quiz Tool 'action' Parameter Cross-Site Scripting (1.2.1)
CVE-2010-4630
CWE-79
High
WordPress Plugin Events Manager Extended Multiple HTML Injection Vulnerabilities (3.1.2)
-
CWE-79
High
WordPress Plugin NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)
-
CWE-89
High
WordPress Plugin WP-UserOnline URL HTML Injection (2.62)
-
CWE-79
High
WordPress Plugin Simple:Press 'sf-header-forum.php' SQL Injection (4.3.0)
-
CWE-89
High
Grafana CVE-2023-1387 Vulnerability (CVE-2023-1387)
CVE-2023-1387
-
High
WordPress Plugin myLinksDump 'url' Parameter SQL Injection (1.2)
CVE-2010-2924
CWE-89
High
MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)
CVE-2023-1409
CWE-295
High
WordPress Plugin Gigya-Social Infrastructure Cross-Site Scripting (1.1.8)
-
CWE-79
High
WordPress Plugin Simple:Press Security Bypass and Arbitrary File Upload Vulnerabilities (4.1.2)
-
CWE-434
High
WordPress Plugin Events Manager 'events-manager.php' SQL Injection (2.1)
-
CWE-89
High
phpMyFAQ Uncaught Exception Vulnerability (CVE-2023-0790)
CVE-2023-0790
CWE-248
High
WordPress Plugin Accept Signups 'email' Parameter Cross-Site Scripting (0.1)
-
CWE-79
High
WordPress Plugin NextGEN Gallery-WordPress Gallery 'xml/media-rss.php' Cross-Site Scripting (1.5.1)
CVE-2010-1186
CWE-79
High
WordPress Plugin WPtouch 'wptouch_settings' Parameter Cross-Site Scripting (1.9.20)
CVE-2010-4779
CWE-79
High
OpenSSL Use After Free Vulnerability (CVE-2023-0215)
CVE-2023-0215
CWE-416
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0216)
CVE-2023-0216
CWE-476
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0217)
CVE-2023-0217
CWE-476
High
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)
CVE-2023-0286
CWE-843
High
WordPress Plugin Featured Content 'param' Parameter Cross-Site Scripting (0.0.1)
-
CWE-79
High
WordPress Plugin Feature Slideshow 'src' Parameter Cross-Site Scripting (1.0.6beta)
-
CWE-79
High
WordPress Plugin FCChat Widget 'path' Parameter Cross-Site Scripting (2.1.7)
-
CWE-79
High
WordPress Plugin Conduit Banner 'banner-index-field-id' Parameter Cross-Site Scripting (0.2)
-
CWE-79
High
WordPress Plugin BezahlCode-Generator 'gen_name' Parameter Cross-Site Scripting (1.0)
-
CWE-79
High
WordPress Plugin Audio 'showfile' Parameter Cross-Site Scripting (0.5.1)
-
CWE-79
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0401)
CVE-2023-0401
CWE-476
High
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771)
CVE-2023-0771
CWE-138
High
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0464)
CVE-2023-0464
CWE-295
High
WordPress Plugin WP Safe Search 'v1' Parameter Cross-Site Scripting (0.7)
CVE-2010-4518
CWE-79
High
WordPress Plugin WP Forum Multiple Security Vulnerbilities (1.7.8)
-
CWE-472
High
WordPress Plugin Twitter Feed:Embedded Timeline 'url' Parameter Cross-Site Scripting (0.3.1)
CVE-2010-4825
CWE-79
High
WordPress Plugin Register Plus Redux 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities (3.6.1)
-
CWE-79
High
PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568)
CVE-2023-0568
CWE-770
High
WordPress Plugin Processing Embed 'pluginurl' Parameter Cross-Site Scripting (0.5)
CVE-2010-4747
CWE-79
High
WordPress Plugin Embedded Video 'lembedded-video.php' Cross-Site Scripting (4.1)
CVE-2010-4277
CWE-79
High
WordPress Plugin Comment Rating Cross-Site Request Forgery (2.9.20)
-
CWE-352
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2023-0662)
CVE-2023-0662
CWE-400
High
WordPress Plugin Cimy Counter HTTP Response Splitting and Cross-Site Scripting Vulnerabilities (0.9.4)
-
CWE-113
High
WordPress Plugin Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)
-
CWE-89
High
WordPress Plugin WP-Footnotes 'admin_panel.php' Multiple Remote Vulnerabilities (2.2)
CVE-2008-0691
CWE-79
High
WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)
CVE-2008-5752
CWE-22
High
WebLogic CVE-2023-21839 Vulnerability (CVE-2023-21839)
CVE-2023-21839
-
High
WebLogic CVE-2023-21841 Vulnerability (CVE-2023-21841)
CVE-2023-21841
-
High
WebLogic CVE-2023-21842 Vulnerability (CVE-2023-21842)
CVE-2023-21842
-
High
WordPress Plugin Photoracer 'id' Parameter SQL Injection (1.0)
CVE-2009-2122
CWE-89
High
WordPress Plugin FireStats 'firestats-wordpress.php' Remote File Include (1.6.1)
CVE-2009-2143
CWE-94
High
WordPress Plugin DM Albums File Dislosure (1.9.2)
-
CWE-22
High
WordPress Plugin DM Albums 'album.php' Remote File Inclusion (1.9.2)
CVE-2009-2396
CWE-94
High
WordPress Plugin WP-Lytebox 'pg' Parameter Local File Inclusion (1.3)
CVE-2009-4672
CWE-22
High
WordPress Plugin fMoblog 'id' Parameter SQL Injection (2.1)
CVE-2009-0968
CWE-89
High
WordPress Plugin WP-Forum 'forum_feed.php' SQL Injection (1.7.8)
-
CWE-89
High
WordPress Plugin Fuctweb CapCC 'plugins.php' SQL Injection (1.0)
-
CWE-89
High
WebLogic CVE-2023-21837 Vulnerability (CVE-2023-21837)
CVE-2023-21837
-
High
WordPress Plugin WP Comment Remix SQL Injection and HTML Injection Vulnerabilities (1.4.3)
-
CWE-89
High
WordPress Plugin Instinct e-Commerce Arbitrary File Upload (3.4)
CVE-2008-6811
CWE-434
High
Oracle JRE CVE-2023-21930 Vulnerability (CVE-2023-21930)
CVE-2023-21930
-
High
WebLogic CVE-2023-21931 Vulnerability (CVE-2023-21931)
CVE-2023-21931
-
High
WordPress Plugin Downloads Manager 'upload.php' Arbitrary File Upload (0.2)
CVE-2008-3362
CWE-20
High
WordPress Plugin NextGEN Gallery-WordPress Gallery 'nggallery-manage-gallery' HTML Injection (0.96)
CVE-2008-7175
CWE-79
High
WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)
CVE-2008-0939
CWE-89
High
WordPress Plugin Spreadsheet (wpSS) 'ss_id' Parameter SQL Injection (0.61)
CVE-2008-1982
CWE-89
High
WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)
CVE-2008-1646
CWE-89
High
WordPress Plugin WP People 'wp-people-popup.php' SQL Injection (2.0)
-
CWE-89
High
WebLogic CVE-2023-21838 Vulnerability (CVE-2023-21838)
CVE-2023-21838
-
High
WordPress Plugin Related Sites 'guid' Parameter SQL Injection (2.1)
CVE-2009-2383
CWE-89
High
WordPress Plugin Calendar Multiple Cross-Site Scripting Vulnerabilities (1.2.1)
-
CWE-79
High
WordPress Plugin Funky Penguin WP-PHPList 'unsubscribeemail' Parameter Cross-Site Scripting (2.10.2)
-
CWE-79
High
WordPress Plugin Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16)
CVE-2010-0673
CWE-89
High
WordPress Plugin WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)
-
CWE-89
High
phpMyFAQ Improper Privilege Management Vulnerability (CVE-2023-1762)
CVE-2023-1762
CWE-269
High
WordPress Plugin WP-Forum Multiple SQL Injection Vulnerabilities (2.3)
CVE-2009-3703
CWE-89
High
WordPress Plugin Woopra Analytics Arbitrary File Upload (1.4.3.1)
CVE-2009-4140
CWE-434
High
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights 404 Error Page Cross-Site Scripting (3.2.4)
-
CWE-79
High
WordPress Plugin WP-Cumulus 'tagcloud.swf' Cross-Site Scripting (1.22)
CVE-2009-4168
CWE-79
High
WordPress Plugin Trashbin 'mtb_undelete' Parameter Cross-Site Scripting (0.1)
-
CWE-79
High