Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress Plugin TubePress Cross-Site Scripting (1.6.0) CWE-79 CWE-79 High WordPress Plugin Tune Library 'letter' Parameter SQL Injection (1.5.1) CWE-89 CWE-89 High WordPress Plugin Tune Library SQL Injection (1.5.4) CVE-2015-3314 CWE-89 CWE-89 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (1.5.2) CVE-2020-8615 CWE-352 CWE-352 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (2.6.1) CVE-2024-1503 CWE-352 CWE-352 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.1) CVE-2021-24455 CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.5) CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.10) CVE-2021-24873 CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.11) CVE-2021-25017 CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.14) CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (2.0.9) CVE-2022-2563 CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (2.6.2) CVE-2024-3994 CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Insecure Direct Object Reference (2.7.0) CVE-2024-4279 CWE-639 CWE-639 High WordPress Plugin Tutor LMS-eLearning and online course solution Local File Inclusion (1.8.7) CVE-2021-24242 CWE-22 CWE-22 High WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Cross-Site Scripting Vulnerabilities (1.9.8) CVE-2021-24740 CWE-79 CWE-79 High WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Vulnerabilities (1.7.6) CVE-2021-24181 CVE-2021-24184 CVE-2021-24185 CWE-89 CWE-264 CWE-89 CWE-264 High WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.1) CVE-2024-1502 CWE-862 CWE-862 High WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.2) CVE-2024-3553 CWE-862 CWE-862 High WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.7.0) CVE-2024-4223 CWE-862 CWE-862 High WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (1.8.2) CVE-2021-24182 CVE-2021-24183 CVE-2021-24186 CWE-89 CWE-89 High WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (2.6.1) CVE-2024-1751 CWE-89 CWE-89 High WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (2.7.0) CVE-2024-4318 CWE-89 CWE-89 High WordPress Plugin Tutor LMS Elementor Addons Cross-Site Scripting (2.1.3) CVE-2024-29913 CWE-79 CWE-79 High WordPress Plugin Tweet Blender Cross-Site Scripting (4.0.1) CVE-2013-6342 CWE-79 CWE-79 High WordPress Plugin TweetScribe Cross-Site Request Forgery (1.1) CVE-2014-9399 CWE-352 CWE-352 High WordPress Plugin Tweet Wheel Multiple Cross-Site Scripting Vulnerabilities (1.0.3.2) CWE-79 CWE-79 High WordPress Plugin Tweet Wheel Spam (0.3) CWE-702 CWE-702 High WordPress Plugin Twenty20 Image Before-After Cross-Site Scripting (1.5.9) CVE-2022-4580 CWE-79 CWE-79 High WordPress Plugin Twenty20 Image Before-After Malicious Code (1.6.3) CVE-2024-6297 CWE-506 CWE-506 High WordPress Plugin twimp-wp-twitter multi publisher Cross-Site Request Forgery (0.1) CVE-2014-9397 CWE-352 CWE-352 High WordPress Plugin Twitch Player Cross-Site Scripting (2.1.0) CVE-2023-25464 CWE-79 CWE-79 High WordPress Plugin Twitget Cross-Site Request Forgery (3.3.2) CVE-2014-2559 CVE-2014-2995 CWE-352 CWE-352 High WordPress Plugin Twitter Button by BestWebSoft Cross-Site Request Forgery (2.14) CWE-352 CWE-352 High WordPress Plugin Twitter Button by BestWebSoft Cross-Site Scripting (2.54) CVE-2017-2171 CVE-2017-2171 CVE-2017-18505 CWE-79 CWE-79 High WordPress Plugin Twitter Button by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (2.36) CWE-79 CWE-79 High WordPress Plugin Twitter Cards Meta Multiple Vulnerabilities (2.4.5) CWE-79 CWE-352 CWE-79 CWE-352 High WordPress Plugin TwitterCart Security Bypass (2.0) CWE-264 CWE-264 High WordPress Plugin twitterDash Cross-Site Request Forgery (2.1) CVE-2014-9368 CWE-352 CWE-352 High WordPress Plugin Twitter Feed:Embedded Timeline 'url' Parameter Cross-Site Scripting (0.3.1) CVE-2010-4825 CWE-79 CWE-79 High WordPress Plugin Twitter Feed Cross-Site Scripting (2.0.4) CWE-79 CWE-79 High WordPress Plugin Twitter Friends Widget Cross-Site Scripting (3.1) CVE-2021-38322 CWE-79 CWE-79 High WordPress Plugin Twitter LiveBlog Cross-Site Request Forgery (1.1.2) CVE-2014-9398 CWE-352 CWE-352 High WordPress Plugin Two-Factor Authentication-Clockwork SMS Cross-Site Scripting (1.0.3) CVE-2017-17780 CWE-79 CWE-79 High WordPress Plugin Two Factor Authentication Cross-Site Request Forgery (1.3.12) CVE-2018-20231 CWE-352 CWE-352 High WordPress Plugin Two Factor Authentication Cross-Site Scripting (1.0.7) CWE-79 CWE-79 High WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4) CWE-22 CWE-352 CWE-22 CWE-352 High WordPress Plugin typofr Cross-Site Scripting (0.11) CVE-2021-34657 CWE-79 CWE-79 High WordPress Plugin U BuddyPress Forum Attachment 'fileurl' Parameter Remote File Disclosure (1.1.1) CWE-22 CWE-22 High WordPress Plugin uCan Post Multiple HTML Injection Vulnerabilities (1.0.09) CWE-79 CWE-79 High WordPress Plugin uCare-Support Ticket System Cross-Site Scripting (1.2.1) CWE-79 CWE-79 High WordPress Plugin uContext for Amazon Cross-Site Request Forgery (3.9.1) CVE-2022-2541 CWE-352 CWE-352 High WordPress Plugin uContext for Clickbank Cross-Site Request Forgery (3.9.1) CVE-2022-2542 CWE-352 CWE-352 High WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download (1.0.1) CWE-22 CWE-22 High WordPress Plugin UiPress lite-Effortless custom dashboards, admin themes and pages SQL Injection (3.4.06) CVE-2024-38788 CWE-89 CWE-89 High WordPress Plugin Uji Countdown Cross-Site Scripting (2.0.6) CWE-79 CWE-79 High WordPress Plugin Uji Countdown Cross-Site Scripting (2.2) CVE-2022-3837 CWE-79 CWE-79 High WordPress Plugin UK Cookie Consent Cross-Site Scripting (2.3.9) CVE-2018-10310 CWE-79 CWE-79 High WordPress Plugin UK Cookie Cross-Site Request Forgery (1.1) CVE-2013-2180 CWE-352 CWE-352 High WordPress Plugin Ultimate Addons for Beaver Builder Cross-Site Scripting (1.24.3) CWE-79 CWE-79 High WordPress Plugin Ultimate Addons for Beaver Builder Security Bypass (1.24.0) CWE-287 CWE-287 High WordPress Plugin Ultimate Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (1.29.2) CVE-2021-24271 CWE-79 CWE-79 High WordPress Plugin Ultimate Addons for Elementor Security Bypass (1.20.0) CWE-287 CWE-287 High WordPress Plugin Ultimate Addons for Elementor Security Bypass (1.24.1) CVE-2020-13125 CWE-264 CWE-264 High WordPress Plugin Ultimate Addons for Visual Composer Multiple Vulnerabilities (3.16.10) CWE-79 CWE-94 CWE-352 CWE-79 CWE-94 CWE-352 High WordPress Plugin Ultimate Affiliate Pro Multiple Cross-Site Scripting Vulnerabilities (3.6) CWE-79 CWE-79 High WordPress Plugin Ultimate Appointment Booking & Scheduling Cross-Site Scripting (1.1.9) CVE-2020-24313 CWE-79 CWE-79 High WordPress Plugin Ultimate Appointment Booking & Scheduling Unspecified Vulnerability (1.1.10) High WordPress Plugin Ultimate Category Excluder Cross-Site Request Forgery (1.1) CVE-2020-35135 CWE-352 CWE-352 High WordPress Plugin Ultimate Coming Soon, Maintenance Mode for WordPress-Everest Coming Soon Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.0) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin Ultimate FAQ Cross-Site Scripting (1.8.21) CVE-2019-15643 CWE-79 CWE-79 High WordPress Plugin Ultimate FAQ Cross-Site Scripting (1.8.29) CVE-2020-7107 CWE-79 CWE-79 High WordPress Plugin Ultimate FAQ Security Bypass (1.8.24) CVE-2019-17232 CVE-2019-17233 CWE-264 CWE-264 High WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress Security Bypass (2.4) CWE-264 CWE-264 High WordPress Plugin Ultimate Gift Cards For WooCommerce Cross-Site Request Forgery (2.1.1) CWE-352 CWE-352 High WordPress Plugin Ultimate Google Analytics Cross-Site Request Forgery (1.6.0) CWE-352 CWE-352 High 1...260261262263...293 261 / 293