Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Missing Update

This page lists 22224 vulnerabilities in this category.

Critical: 1394 High: 12186 Medium: 7891 Low: 749 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin Sexy Add Template Cross-Site Request Forgery (1.0)
-
CWE-352
High
WordPress Plugin WP SimpleMail Multiple Cross-Site Scripting Vulnerabilities (1.0.6)
CVE-2012-2579
CWE-79
High
WordPress Plugin WP Lead Management Cross-Site Scripting (3.0.0)
-
CWE-79
High
WordPress Plugin ThreeWP Email Reflector 'Subject' Field Cross-Site Scripting (1.15)
CVE-2012-2572
CWE-79
High
WordPress Plugin RSVPMaker Cross-Site Scripting (2.5.4)
-
CWE-79
High
WordPress Plugin Postie 'From' Field Cross-Site Scripting (1.4.3)
CVE-2012-2580
CWE-79
High
WordPress Plugin Mz-jajak 'id' Parameter SQL Injection (2.1)
-
CWE-89
High
WordPress Plugin Notices Ticker Cross-Site Request Forgery (5.0)
-
CWE-352
High
WordPress Plugin TDO Mini Forms Arbitrary File Upload (0.13.9)
-
CWE-434
High
WordPress Plugin HD Webplayer Multiple SQL Injection Vulnerabilities (1.1)
-
CWE-89
High
WordPress Plugin Gallery-Flagallery Photo Portfolio Multiple Vulnerabilities (2.00)
-
CWE-94
High
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (3.3.5)
-
CWE-79
High
WordPress Plugin White Label CMS Cross-Site Request Forgery (1.5)
CVE-2012-5388
CWE-352
High
WordPress Plugin UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5)
-
CWE-95
High
WordPress Plugin Spider Calendar Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.1)
-
CWE-89
High
WordPress Plugin Social Discussions Remote File Include and Information Disclosure Vulnerabilities (6.1.1)
-
CWE-200
High
WordPress Plugin Slideshow Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (2.1.12)
-
CWE-200
High
WordPress Plugin FoxyPress Multiple Vulnerabilities (0.4.2.5)
-
CWE-434
High
WordPress Plugin Token Manager 'tid' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.0.2)
-
CWE-79
High
WordPress Plugin FireStorm Professional Real Estate Multiple SQL Injection Vulnerabilities (2.05.01)
-
CWE-89
High
WordPress Plugin FireStorm Professional Real Estate 'id' Parameter SQL Injection (2.06.03)
-
CWE-89
High
WordPress Plugin Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1)
-
CWE-94
High
WordPress Plugin Cimy User Manager 'cimy_um_filename' Parameter Arbitrary File Disclosure (1.4.2)
-
CWE-22
High
WordPress Plugin AJAX Post Search 'srch_txt' Parameter SQL Injection (1.2)
CVE-2012-5853
CWE-89
High
WordPress Plugin A/B Test 'action' Parameter Directory Traversal (1.0.6)
-
CWE-22
High
WordPress Plugin WP-TopBar Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (4.02)
-
CWE-352
High
WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)
CVE-2012-2583
CWE-79
High
WordPress Plugin G-Lock Double Opt-in Manager 'ajaxbackend.php' SQL Injection (2.6.2)
-
CWE-89
High
WordPress Plugin Automatic Online Backup 'url' Parameter Cross-Site Scripting (0.8.2)
-
CWE-79
High
WordPress Plugin Flexi Quote Rotator SQL Injection and Cross-Site Request Forgery Vulnerabilities (0.9)
-
CWE-352
High
WordPress Plugin LiveGrounds 'uid' Parameter Cross-Site Scripting (0.42)
-
CWE-79
High
WordPress Plugin Knews Multilingual Newsletters 'ff' Parameter Cross-Site Scripting (1.1.0)
-
CWE-79
High
WordPress Plugin Global Content Blocks PHP Code Execution and Information Disclosure Vulnerabilities (1.5.1)
-
CWE-200
High
WordPress Plugin GD Star Rating 'export.php' Security Bypass (1.9.18)
-
CWE-264
High
WordPress Plugin Front End Upload Arbitrary File Upload (0.5.4.4)
-
CWE-434
High
WordPress Plugin Front-end Editor 'upload.php' Arbitrary File Upload (2.2.1)
-
CWE-434
High
WordPress Plugin Custom Tables 'key' Parameter Cross-Site Scripting (3.4.4)
-
CWE-79
High
WordPress Plugin MoodThingy Mood Rating Widget 'postID' Parameter Blind SQL Injection (0.8.7)
-
CWE-89
High
WordPress Plugin Count per Day 'userperspan.php' Multiple Cross-Site Scripting Vulnerabilities (3.1.1)
CVE-2012-3434
CWE-79
High
WordPress Plugin CONTUS VBLOG-Video Blogging 'save.php' Arbitrary File Upload (1.0)
-
CWE-434
High
WordPress Plugin Code Embed 'suffix' Parameter Cross-Site Scripting (2.0.1)
-
CWE-79
High
WordPress Plugin Cimy User Extra Fields Arbitrary File Upload (2.3.7)
-
CWE-434
High
WordPress Plugin Church Admin 'id' Parameter Cross-Site Scripting (0.33.4.5)
-
CWE-79
High
WordPress Plugin ChenPress Arbitrary File Upload (3.0)
-
CWE-434
High
WordPress Plugin MAC PHOTO GALLERY 'macalbajax.php' Multiple Cross-Site Scripting Vulnerabilities (2.10)
-
CWE-79
High
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions 'memberslist-csv.php' Information Disclosure (1.4.9)
-
CWE-538
High
WordPress Plugin Download Monitor 'dlsearch' Parameter Cross-Site Scripting (3.3.5.8)
CVE-2012-4768
CWE-79
High
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (2.4.2)
-
CWE-79
High
WordPress Plugin Count per Day Search Bar Cross-Site Scripting (3.2.2)
-
CWE-79
High
WordPress Plugin Count per Day 'notes.php' Cross-Site Scripting (3.2.3)
-
CWE-79
High
WordPress Plugin cloudsafe365_for_WP 'file' Parameter Remote File Disclosure (1.46)
-
CWE-22
High
WordPress Plugin Zingiri Web Shop 'abspath' Parameter Remote File Include (2.4.6)
-
CWE-94
High
WordPress Plugin WP Symposium A Social Network For WordPress Multiple SQL Injection Vulnerabilities (12.06.16)
-
CWE-89
High
WordPress Plugin WP Symposium A Social Network For WordPress Multiple Cross-Site Scripting Vulnerabilities (12.07.07)
-
CWE-79
High
WordPress Plugin WP-Predict 'predictId' Parameter Blind SQL Injection (1.0)
-
CWE-89
High
WordPress Plugin PHPFreeChat 'url' Parameter Cross-Site Scripting (0.2.8)
-
CWE-79
High
WordPress Plugin SocialFit 'msg' Parameter Cross-Site Scripting (1.2.2)
-
CWE-79
High
WordPress Plugin Sendit WP Newsletter 'id' Parameter SQL Injection (2.1.0)
-
CWE-89
High
WordPress Plugin RocketTheme RokBox 'jwplayer.swf' Cross-Site Scripting (2.11)
-
CWE-79
High
WordPress Plugin Resume Submissions & Job Postings Arbitrary File Upload (2.5.1)
-
CWE-434
High
WordPress Plugin Quotes Collection Cross-Site Request Forgery (1.5.5.1)
-
CWE-352
High
WordPress Plugin Quick Post Widget Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.9.1)
CVE-2012-4226
CWE-352
High
WordPress Plugin Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2)
-
CWE-94
High
WordPress Plugin IWantOneButton 'updateAJAX.php' SQL Injection (3.0.1)
-
CWE-89
High
WordPress Plugin GigPress 'Notes' Field HTML Injection (2.1.10)
-
CWE-79
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.12)
CVE-2017-6819
CWE-601
High
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.31)
CVE-2020-28040
CWE-502
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.28)
CVE-2020-28040
CWE-502
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.30)
CVE-2020-25286
CWE-601
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.31)
CVE-2020-28040
CWE-502
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.29)
CVE-2020-11030
CWE-264
High
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.30)
CVE-2020-25286
CWE-601
High
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.29)
CVE-2020-11030
CWE-264
High
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.32)
CVE-2020-28040
CWE-502
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.27)
CVE-2020-25286
CWE-601
High