Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3) CWE-94 CWE-94 High WordPress Plugin Mail logging-WP Mail Catcher Cross-Site Scripting (2.1.2) CVE-2023-3080 CWE-79 CWE-79 High WordPress Plugin Mail Masta Local File Inclusion (1.0) CVE-2016-10956 CWE-22 CWE-22 High WordPress Plugin Mail Masta Multiple SQL Injection Vulnerabilities (1.0) CVE-2017-6095 CVE-2017-6096 CVE-2017-6097 CVE-2017-6098 CVE-2017-6570 CVE-2017-6571 CVE-2017-6572 CVE-2017-6573 CVE-2017-6574 CVE-2017-6575 CVE-2017-6576 CVE-2017-6577 CVE-2017-6578 CWE-89 CWE-89 High WordPress Plugin Mail On Update Cross-Site Request Forgery (5.1.0) CVE-2013-2107 CWE-352 CWE-352 High WordPress Plugin MailPoet-emails and newsletters in WordPress Cross-Site Scripting (3.23.1) CVE-2019-11843 CWE-79 CWE-79 High WordPress Plugin MailPoet Newsletters (Previous) 'swfupload.swf' Cross-Site Scripting (2.1.6) CVE-2012-3414 CWE-79 CWE-79 High WordPress Plugin MailPoet Newsletters (Previous) Arbitrary File Upload (2.6.7) CVE-2014-4725 CVE-2014-4726 CWE-434 CWE-434 High WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Request Forgery (2.6.10) CVE-2014-3907 CWE-352 CWE-352 High WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.11) CWE-79 CWE-79 High WordPress Plugin MailPoet Newsletters (Previous) Cross-Site Scripting (2.6.19) CWE-79 CWE-79 High WordPress Plugin MailPoet Newsletters (Previous) Multiple Unspecified Vulnerabilities (2.7.1) High WordPress Plugin MailPoet Newsletters (Previous) Multiple Vulnerabilities (2.7.2) CWE-79 CWE-89 CWE-79 CWE-89 High WordPress Plugin MailPoet Newsletters (Previous) Security Bypass (2.8.1) CVE-2018-20853 CWE-264 CWE-264 High WordPress Plugin MailPoet Newsletters (Previous) SQL Injection (2.2) CVE-2013-1408 CWE-89 CWE-89 High WordPress Plugin MailPoet Newsletters (Previous) Unspecified Vulnerability (2.7.8) High WordPress Plugin MailPress Multiple Vulnerabilities (5.4.4) CWE-22 CWE-264 CWE-22 CWE-264 High WordPress Plugin MailPress Remote Code Execution (7.0.2) CWE-94 CWE-94 High WordPress Plugin Mail Queue Cross-Site Scripting (1.1) CVE-2023-3167 CWE-79 CWE-79 High WordPress Plugin Mailster-Email Newsletter for WordPress Cross-Site Scripting (2.4.5.1) CWE-79 CWE-79 High WordPress Plugin Mailster-Email Newsletter for WordPress Local File Inclusion (4.0.6) CVE-2024-32523 CWE-22 CWE-22 High WordPress Plugin Mail Subscribe List Unspecified Vulnerability (2.0.9) High WordPress Plugin Mailtree Log Mail Cross-Site Scripting (1.0.0) CVE-2023-3135 CWE-79 CWE-79 High WordPress Plugin MailUp newsletter sign-up form Security Bypass (1.3.2) CVE-2013-0731 CVE-2013-2640 CWE-264 CWE-264 High WordPress Plugin Maintenance Cross-Site Request Forgery (3.6.4) CWE-352 CWE-352 High WordPress Plugin Maintenance Cross-Site Scripting (4.02) CVE-2021-24533 CWE-79 CWE-79 High WordPress Plugin Maintenance Mode Under Construction Page Landing Page Possible Remote Code Execution (1.0.9) CVE-2016-10033 CVE-2016-10045 CWE-94 CWE-94 High WordPress Plugin Maintenance Mode Unspecified Vulnerability (1.3.3) High WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Cross-Site Scripting (2.0.12) CWE-79 CWE-79 High WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (2.0.9.1) CWE-264 CWE-264 High WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (3.4.4) CWE-287 CWE-287 High WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard SQL Injection (4.1.7.1) CVE-2021-24877 CWE-89 CWE-89 High WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Unspecified Vulnerability (2.0.27) High WordPress Plugin MainWP Child Reports SQL Injection (2.0.7) CVE-2021-24754 CWE-89 CWE-89 High WordPress Plugin MainWP Dashboard Cross-Site Scripting (3.1.2) CWE-79 CWE-79 High WordPress Plugin MainWP Dashboard Unspecified Vulnerability (2.0.22) High WordPress Plugin MalCare Security-Free Malware Scanner, Protection & Security for WordPress Cross-Site Scripting (4.57) CWE-79 CWE-79 High WordPress Plugin Malware Finder Cross-Site Scripting (1.1) CVE-2014-4538 CWE-79 CWE-79 High WordPress Plugin Malware Scanner Privilege Escalation (4.7.2) CVE-2024-2172 CWE-269 CWE-269 High WordPress Plugin Malware Scanner SQL Injection (4.7.2) CVE-2024-25902 CWE-89 CWE-89 High WordPress Plugin Malware Scanner Unspecified Vulnerability (4.7.3) High WordPress Plugin Manage and respond to conversations with leads-HappyForms PHP Object Injection (1.0.0) CWE-915 CWE-915 High WordPress Plugin Manage Calameo Publications by Athlon Cross-Site Scripting (1.1.0) CWE-79 CWE-79 High WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Arbitrary File Upload (1.2.2) CVE-2024-1205 CWE-434 CWE-434 High WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Unspecified Vulnerability (1.2.3) High WordPress Plugin Manage Notification E-mails Cross-Site Request Forgery (1.8.2) CVE-2022-34654 CWE-352 CWE-352 High WordPress Plugin ManageWP Worker Unspecified Vulnerability (4.1.7) High WordPress Plugin Mang Board WP SQL Injection (1.9.9) CVE-2021-26609 CWE-89 CWE-89 High WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.3) High WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.5) High WordPress Plugin Manual Image Crop Cross-Site Scripting (1.10) CWE-79 CWE-79 High WordPress Plugin Map Block for Google Maps Unspecified Vulnerability (1.31) High WordPress Plugin MapifyLite (by MapifyPro) Cross-Site Scripting (3.3) CWE-79 CWE-79 High WordPress Plugin Mapplic-Custom Interactive Map Server-Side Request Forgery (6.1) CWE-918 CWE-918 High WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0) CWE-918 CWE-918 High WordPress Plugin MapPress Maps for WordPress Cross-Site Request Forgery (2.53.8) CVE-2020-12077 CWE-352 CWE-352 High WordPress Plugin MapPress Maps for WordPress Security Bypass (2.54.5) CVE-2020-12675 CWE-264 CWE-264 High WordPress Plugin MapSVG Lite Arbitrary File Disclosure (4.2.3.1) CWE-538 CWE-538 High WordPress Plugin MapSVG Lite Arbitrary File Upload (4.0.5) CWE-434 CWE-434 High WordPress Plugin MapSVG Lite Arbitrary File Upload (4.2.4) CWE-434 CWE-434 High WordPress Plugin MapSVG Lite Cross-Site Request Forgery (4.2.4) CWE-352 CWE-352 High WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Cross-Site Scripting (2.30) CWE-79 CWE-79 High WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Open Redirect (4.0) CWE-601 CWE-601 High WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Security Bypass (4.16) CWE-264 CWE-264 High WordPress Plugin Mapwiz SQL Injection (1.0.1) CVE-2022-4546 CWE-89 CWE-89 High WordPress Plugin Marekkis Watermark Cross-Site Scripting (0.9.1) CVE-2013-1758 CWE-79 CWE-79 High WordPress Plugin Markdown on Save Improved Cross-Site Scripting (2.5) CVE-2016-4812 CWE-79 CWE-79 High WordPress Plugin Marketo Forms and Tracking Cross-Site Request Forgery (1.0.2) CVE-2020-6849 CWE-352 CWE-352 High WordPress Plugin MarketPress-WordPress eCommerce PHP Object Injection (3.2.6) CWE-915 CWE-915 High WordPress Plugin Markup (JSON-LD) structured in schema.org Cross-Site Scripting (4.8.1) CVE-2022-4666 CWE-79 CWE-79 High WordPress Plugin Mashshare-Social Media Icons SEO Share Buttons for Facebook, Twitter, Subscribe Information Disclosure (2.3.0) CWE-200 CWE-200 High WordPress Plugin Mass Delete Taxonomies Cross-Site Request Forgery (3.0.0) CWE-352 CWE-352 High WordPress Plugin Mass Delete Unused Tags Cross-Site Request Forgery (2.0.0) CVE-2023-27430 CWE-352 CWE-352 High WordPress Plugin Mass Pages/Posts Creator Cross-Site Scripting (1.2.2) CVE-2018-11580 CWE-79 CWE-79 High WordPress Plugin Master Popups Remote Code Execution (1.0.0) CWE-94 CWE-94 High 1...108109110111...169 109 / 169
