| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
WordPress Plugin Media Library Assistant PHP Object Injection (2.60)
|
CWE-915
|
CWE-915
|
High
|
|
WordPress Plugin Media Library Assistant SQL Injection (2.84)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Library Assistant SQL Injection (3.05)
|
CVE-2023-0279
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Library Categories 'termid' Parameter SQL Injection (1.0.6)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Library Categories Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
|
CVE-2012-6630
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media Mirror Cross-Site Scripting (1.0.6)
|
CVE-2021-24435
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MediaPress Security Bypass (1.1.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MediaRSS external gallery TimThumb Arbitrary File Upload (0.1)
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
WordPress Plugin Media Search Enhanced SQL Injection (0.6.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Media Tags Cross-Site Scripting (3.2.0.2)
|
CVE-2021-24899
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Media Tagz Gallery Multiple Unspecified Vulnerabilities (1.0)
|
|
|
High
|
|
WordPress Plugin Media Usage Cross-Site Scripting (0.0.4)
|
CVE-2021-34652
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mega Menu for WordPress-AP Mega Menu includes Backdoor [Only if downloaded via the vendor website] (3.0.5)
|
CVE-2021-24867
CWE-912
|
CWE-912
|
High
|
|
WordPress Plugin MegaOptim Image Optimizer Unspecified Vulnerability (1.3.2)
|
|
|
High
|
|
WordPress Plugin Meks Easy Social Share Cross-Site Scripting (1.2.7)
|
CVE-2022-2574
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Meks Flexible Shortcodes Cross-Site Scripting (1.3.4)
|
CVE-2022-4562
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Member Approval Cross-Site Request Forgery (131109)
|
CVE-2014-3850
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Unspecified Vulnerabilities (1.4.0)
|
|
|
High
|
|
WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Vulnerabilities (2.4.1)
|
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Membership 2 Unspecified Vulnerability (4.0.0.2)
|
|
|
High
|
|
WordPress Plugin Membership by Supsystic SQL Injection (1.4.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Membership For WooCommerce-Add Simple Membership Plans, Recurring Revenue, Product Tags & Send Emails To Members with WooCommerce Membership Arbitrary File Upload (2.1.6)
|
CVE-2022-4395
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Membership Simplified Arbitrary File Download (1.58)
|
CVE-2017-1002008
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58)
|
CVE-2017-1002009
CVE-2017-1002010
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Members Import Cross-Site Request Forgery (1.3)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Members Import Cross-Site Scripting (1.4.2)
|
CVE-2022-4663
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MemberSonic Lite Security Bypass (1.2)
|
CWE-287
|
CWE-287
|
High
|
|
WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin Memphis Documents Library Cross-Site Request Forgery (3.9.20)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Memphis Documents Library Multiple Unspecified Vulnerabilities (3.6.21)
|
|
|
High
|
|
WordPress Plugin Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Menu Image Malware/Addware Notification (2.6.9)
|
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Menu Swapper Cross-Site Request Forgery (1.1.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Meow Gallery (+ Gallery Block) Security Bypass (4.1.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Meow Gallery (+ Gallery Block) SQL Injection (4.1.8)
|
CVE-2021-24465
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Merge+Minify+Refresh Cross-Site Request Forgery (1.10.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Deletion (4.16.2)
|
CVE-2019-14793
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Upload (4.16.1)
|
CVE-2019-14794
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Meta Slider and Carousel with Lightbox Cross-Site Request Forgery (1.6.2)
|
CVE-2023-25703
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MetaSlider Cross-Site Scripting (2.6.2)
|
CVE-2014-4846
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MetaSlider Cross-Site Scripting (3.17.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MetaSlider Information Disclosure (3.3.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Meteor Slides Cross-Site Scripting (1.5.6)
|
CVE-2022-4486
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Cross-Site Scripting (3.1.2)
|
CVE-2023-0084
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Information Disclosure (2.1.3)
|
CVE-2022-1442
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.2.1)
|
CVE-2023-0085
CWE-358
|
CWE-358
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.3.0)
|
CVE-2023-1843
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Metronet Tag Manager Cross-Site Request Forgery (1.2.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MF Gig Calendar 'page_id' Parameter Cross-Site Scripting (0.9.4.1)
|
CVE-2012-4242
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MF Gig Calendar Cross-Site Scripting (1.1)
|
CVE-2021-24510
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Microblog Poster SQL Injection (1.6.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Microblog Poster SQL Injection (1.6.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MicroCopy SQL Injection (1.1.0)
|
CVE-2021-24397
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Arbitrary File Deletion (0.9.76)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Cross-Site Scripting (0.9.55)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Directory Traversal (0.9.75)
|
CVE-2022-2863
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid PHAR Deserialization (0.9.74)
|
CVE-2022-2442
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Security Bypass (0.9.35)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid SQL Injection (0.9.52)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mikiurl WordPress Eklentisi Cross-Site Request Forgery (2.0)
|
CVE-2014-9337
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mimetic Books Cross-Site Scripting (0.2.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum Cross-Site Scripting (1.0.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Request Forgery Vulnerabilities (1.0.34)
|
CVE-2013-0736
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.32.1)
|
CVE-2012-5327
CVE-2012-5328
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Scripting Vulnerabilities (1.0.33)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum Multiple Vulnerabilities (1.0.33.3)
|
CVE-2013-0734
CVE-2013-0735
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum SQL Injection and Security Bypass Vulnerabilities (1.0.26)
|
CWE-89
CWE-425
|
CWE-89
CWE-425
|
High
|
|
WordPress Plugin MiniCart SQL Injection (1.00.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)
|
CVE-2012-2583
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Cross-Site Request Forgery (2.10)
|
CVE-2020-6167
CVE-2020-6168
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Open Redirect (1.85)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (1.87)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (2.15)
|
CVE-2020-6166
CWE-264
|
CWE-264
|
High
|
