Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Missing Update

This page lists 22224 vulnerabilities in this category.

Critical: 1394 High: 12186 Medium: 7891 Low: 749 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Plugin SEO Tools 'file' Parameter Directory Traversal (3.1.7)
-
CWE-22
High
WordPress Plugin WP Featured Post with thumbnail 'src' Parameter Cross-Site Scripting (3.0)
-
CWE-79
High
WordPress Plugin Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3)
-
CWE-434
High
WordPress Plugin Comment Rating 'id' Parameter SQL Injection (2.9.23)
-
CWE-89
High
WordPress Plugin ComicPress Manager 'lang' Parameter Cross-Site Scripting (1.4.9.9)
-
CWE-79
High
WordPress Plugin cdnvote 'cdnvote-post.php' Multiple SQL Injection Vulnerabilities (0.4.1)
CVE-2011-5308
CWE-89
High
WordPress Plugin BackWPup Multiple Local File Include Vulnerabilities (1.5.2)
-
CWE-22
High
WordPress Plugin WP Publication Archive 'file' Parameter Directory Traversal (2.3)
-
CWE-22
High
WordPress Plugin Videox7 UGC 'listid' Parameter Cross-Site Scripting (2.5.3.2)
-
CWE-79
High
WordPress Plugin oQey Gallery 'tbpv_domain' Parameter Cross-Site Scripting (0.2)
-
CWE-79
High
WordPress Plugin Uploader 'uploadify.php' Arbitrary File Upload (1.0.4)
-
CWE-434
High
WordPress Plugin Uploader 'num' Parameter Cross-Site Scripting (1.0.0)
-
CWE-79
High
WordPress Plugin StatPressCN 'wp-admin/admin.php' Multiple Cross-Site Scripting Vulnerabilities (1.9.0)
CVE-2011-0641
CWE-79
High
WordPress Plugin RSS Feed Reader 'rss_url' Parameter Cross-Site Scripting (0.1)
CVE-2011-0740
CWE-79
High
WordPress Plugin Recip.ly 'uploadImage.php' Arbitrary File Upload (1.1.7)
-
CWE-434
High
WordPress Plugin Powerhouse Museum Collection Image Grid 'tbpv_username' Parameter Cross-Site Scripting (0.9.1.1)
-
CWE-79
High
WordPress Plugin Pierre's Wordspew 'wordspew.php' Multiple SQL Injection Vulnerabilities (5.61)
-
CWE-89
High
WordPress Plugin Vodpod Video Gallery 'gid' Parameter Cross-Site Scripting (3.1.5)
CVE-2010-4875
CWE-79
High
WordPress Plugin Register Plus 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities (3.5.1)
CVE-2010-4402
CWE-79
High
WordPress Plugin DM Albums File Dislosure (1.9.2)
-
CWE-22
High
WordPress Plugin Funky Penguin WP-PHPList 'unsubscribeemail' Parameter Cross-Site Scripting (2.10.2)
-
CWE-79
High
WordPress Plugin Woopra Analytics Arbitrary File Upload (1.4.3.1)
CVE-2009-4140
CWE-434
High
WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights 404 Error Page Cross-Site Scripting (3.2.4)
-
CWE-79
High
WordPress Plugin WP-Cumulus 'tagcloud.swf' Cross-Site Scripting (1.22)
CVE-2009-4168
CWE-79
High
WordPress Plugin Trashbin 'mtb_undelete' Parameter Cross-Site Scripting (0.1)
-
CWE-79
High
WordPress Plugin Subscribe to Comments Unsubscribe Challenge Information Disclosure (2.0.2)
-
CWE-200
High
WordPress Plugin Subscribe to Comments Multiple Cross-Site Scripting Vulnerabilities (2.0.4)
-
CWE-79
High
WordPress Plugin FireStats Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities (1.0.2)
-
CWE-287
High
WordPress Plugin WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)
-
CWE-89
High
WordPress Plugin DM Albums Multiple File Deletion Vulnerabilities (2.1)
-
CWE-22
High
WordPress Plugin WP-Syntax Remote PHP Code Execution (0.9.9)
CVE-2009-2852
CWE-20
High
WordPress Plugin My Category Order 'parentID' Parameter SQL Injection (2.8)
CVE-2009-4748
CWE-89
High
WordPress Plugin Related Sites 'guid' Parameter SQL Injection (2.1)
CVE-2009-2383
CWE-89
High
WordPress Plugin Photoracer 'id' Parameter SQL Injection (1.0)
CVE-2009-2122
CWE-89
High
WordPress Plugin FireStats 'firestats-wordpress.php' Remote File Include (1.6.1)
CVE-2009-2143
CWE-94
High
WordPress Plugin WP-Forum Multiple SQL Injection Vulnerabilities (2.3)
CVE-2009-3703
CWE-89
High
WordPress Plugin Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16)
CVE-2010-0673
CWE-89
High
WordPress Plugin jRSS Widget 'url' Parameter Directory Traversal (1.1.1)
-
CWE-22
High
WordPress Plugin WP-UserOnline URL HTML Injection (2.62)
-
CWE-79
High
WordPress Plugin FeedList 'handler_image.php' Cross-Site Scripting (2.61.01)
CVE-2010-4637
CWE-79
High
WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.32)
CVE-2010-4839
CWE-89
High
WordPress Plugin DB Toolkit 'uploadify.php' Arbitrary File Upload (0.1.10)
-
CWE-434
High
WordPress Plugin cformsII 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities (13.1)
CVE-2010-3977
CWE-79
High
WordPress Plugin Events Manager Extended Multiple HTML Injection Vulnerabilities (3.1.2)
-
CWE-79
High
WordPress Plugin NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)
-
CWE-89
High
WordPress Plugin Simple:Press 'sf-header-forum.php' SQL Injection (4.3.0)
-
CWE-89
High
WordPress Plugin Calendar Multiple Cross-Site Scripting Vulnerabilities (1.2.1)
-
CWE-79
High
WordPress Plugin myLinksDump 'url' Parameter SQL Injection (1.2)
CVE-2010-2924
CWE-89
High
WordPress Plugin Gigya-Social Infrastructure Cross-Site Scripting (1.1.8)
-
CWE-79
High
WordPress Plugin Simple:Press Security Bypass and Arbitrary File Upload Vulnerabilities (4.1.2)
-
CWE-434
High
WordPress Plugin Events Manager 'events-manager.php' SQL Injection (2.1)
-
CWE-89
High
WordPress Plugin Cimy Counter HTTP Response Splitting and Cross-Site Scripting Vulnerabilities (0.9.4)
-
CWE-113
High
WordPress Plugin NextGEN Gallery-WordPress Gallery 'xml/media-rss.php' Cross-Site Scripting (1.5.1)
CVE-2010-1186
CWE-79
High
WordPress Plugin Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)
-
CWE-89
High
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.17)
-
CWE-502
High
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.20)
-
CWE-502
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.36)
CVE-2022-43504
CWE-601
High
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.15)
-
CWE-89
High
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.10)
-
CWE-89
High
WordPress 5.3.x Prototype Pollution (5.3 - 5.3.11)
CVE-2021-20083
CWE-1321
High
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.10)
CVE-2022-21664
CWE-915
High
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.13)
CVE-2022-43504
CWE-601
High
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.12)
-
CWE-89
High
WordPress 5.2.x Prototype Pollution (5.2 - 5.2.14)
CVE-2021-20083
CWE-1321
High
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.13)
CVE-2022-21664
CWE-915
High
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.8)
CVE-2022-21664
CWE-915
High
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.16)
CVE-2022-43504
CWE-601
High
WordPress 5.1.x Prototype Pollution (5.1 - 5.1.12)
CVE-2021-20083
CWE-1321
High
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.14)
CVE-2022-43504
CWE-601
High
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.11)
CVE-2022-21664
CWE-915
High
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.13)
-
CWE-89
High
WordPress 5.0.x Prototype Pollution (5.0 - 5.0.15)
CVE-2021-20083
CWE-1321
High
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.11)
CVE-2022-43504
CWE-601
High
WordPress 5.4.x Prototype Pollution (5.4 - 5.4.9)
CVE-2021-20083
CWE-1321
High
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.17)
CVE-2022-43504
CWE-601
High