Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress Plugin Master Slider-Responsive Touch Slider Cross-Site Scripting (2.7.1) CWE-79 CWE-79 High WordPress Plugin Master Slider-Responsive Touch Slider SQL Injection (2.5.1) CWE-89 CWE-89 High WordPress Plugin Master Slider-WordPress Responsive Touch Slider Unspecified Vulnerability (2.18.2) High WordPress Plugin MasterStudy LMS-for Online Courses and Education Information Disclosure (3.2.10) CVE-2024-2106 CWE-200 CWE-200 High WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.0) CVE-2024-2411 CWE-22 CWE-22 High WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.3) CVE-2024-3136 CWE-22 CWE-22 High WordPress Plugin MasterStudy LMS-for Online Courses and Education Privilege Escalation (3.3.1) CVE-2024-2409 CWE-269 CWE-269 High WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.2.13) CVE-2024-1904 CWE-862 CWE-862 High WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.3.8) CVE-2024-3942 CWE-862 CWE-862 High WordPress Plugin MasterStudy LMS-for Online Courses and Education SQL Injection (3.2.5) CVE-2024-1512 CWE-89 CWE-89 High WordPress Plugin MathJax-LaTeX Cross-Site Request Forgery (1.1) CWE-352 CWE-352 High WordPress Plugin MATRIX 3D Cross-Site Scripting (1.2) CWE-79 CWE-79 High WordPress Plugin Matrix Gallery 'upload.php' Arbitrary File Upload (2.1) CWE-434 CWE-434 High WordPress Plugin MaxBlogPress Max Banner Ads Cross-Site Scripting (1.9) CWE-79 CWE-79 High WordPress Plugin MaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles Arbitrary File Deletion (1.9.2) CVE-2024-6885 CWE-73 CWE-73 High WordPress Plugin Max Mega Menu Cross-Site Scripting (2.3.8) CWE-79 CWE-79 High WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0) CVE-2021-24668 CWE-352 CWE-352 High WordPress Plugin MAZ Loader-Preloader Builder for WordPress SQL Injection (1.3.2) CVE-2021-24669 CWE-89 CWE-89 High WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Cross-Site Scripting Vulnerabilities (1.3.8) CWE-79 CWE-79 High WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.6.0) CWE-22 CWE-79 CWE-22 CWE-79 High WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.7.6) CVE-2016-0796 CWE-287 CWE-441 CWE-287 CWE-441 High WordPress Plugin mb.YTPlayer for background videos Unspecified Vulnerability (1.7.2) High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Request Forgery (4.8.4) CWE-352 CWE-352 High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (2.2.7) CWE-79 CWE-79 High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.0.10) CWE-79 CWE-79 High WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.1.6) CWE-79 CWE-79 High WordPress Plugin McAvoy Cross-Site Scripting (0.1.0) CWE-79 CWE-79 High WordPress Plugin MContact Button includes Backdoor [Only if downloaded via the vendor website] (2.0.6) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin MDC Private Message Cross-Site Scripting (1.0.0) CVE-2015-6805 CWE-79 CWE-79 High WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0) CVE-2015-5469 CWE-22 CWE-22 High WordPress Plugin MDTF-Wordpress Meta Data & Taxonomies Filter Cross-Site Request Forgery (2.2.7.2) CVE-2021-20781 CWE-352 CWE-352 High WordPress Plugin Media.net Ads Manager Arbitrary File Upload (2.10.13) CVE-2024-6431 CWE-434 CWE-434 High WordPress Plugin MediaElement.js-HTML5 Video & Audio Player Cross-Site Scripting (4.2.8) CVE-2022-4699 CWE-79 CWE-79 High WordPress Plugin Media File Manager Advanced Multiple Vulnerabilities (1.1.5) CWE-79 CWE-89 CWE-264 CWE-79 CWE-89 CWE-264 High WordPress Plugin Media File Manager Multiple Vulnerabilities (1.4.2) CWE-22 CWE-73 CWE-79 CWE-22 CWE-73 CWE-79 High WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Request Forgery (5.2.5) CVE-2021-36850 CWE-352 CWE-352 High WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Scripting (1.7.0) CVE-2014-2040 CWE-79 CWE-79 High WordPress Plugin Media from FTP Cross-Site Scripting (9.89) CWE-79 CWE-79 High WordPress Plugin Media from FTP Directory Traversal (9.85) CVE-2018-5310 CWE-22 CWE-22 High WordPress Plugin Media from FTP PHP Object Injection (9.79) CWE-915 CWE-915 High WordPress Plugin Media Library Assistant Information Disclosure (3.00) CVE-2022-41618 CWE-200 CWE-200 High WordPress Plugin Media Library Assistant Multiple Cross-Site Scripting Vulnerabilities (2.73) CWE-79 CWE-79 High WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.65) CWE-73 CWE-538 CWE-73 CWE-538 High WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81) CVE-2020-11731 CVE-2020-11732 CVE-2020-11928 CWE-22 CWE-79 CWE-94 CWE-22 CWE-79 CWE-94 High WordPress Plugin Media Library Assistant PHP Object Injection (2.60) CWE-915 CWE-915 High WordPress Plugin Media Library Assistant SQL Injection (2.84) CWE-89 CWE-89 High WordPress Plugin Media Library Assistant SQL Injection (3.05) CVE-2023-0279 CWE-89 CWE-89 High WordPress Plugin Media Library Categories 'termid' Parameter SQL Injection (1.0.6) CWE-89 CWE-89 High WordPress Plugin Media Library Categories Multiple Cross-Site Scripting Vulnerabilities (1.1.1) CVE-2012-6630 CWE-79 CWE-79 High WordPress Plugin Media Mirror Cross-Site Scripting (1.0.6) CVE-2021-24435 CWE-79 CWE-79 High WordPress Plugin MediaPress Security Bypass (1.1.9) CWE-264 CWE-264 High WordPress Plugin MediaRSS external gallery TimThumb Arbitrary File Upload (0.1) CVE-2011-4106 CWE-20 CWE-20 High WordPress Plugin Media Search Enhanced SQL Injection (0.6.0) CWE-89 CWE-89 High WordPress Plugin Media Tags Cross-Site Scripting (3.2.0.2) CVE-2021-24899 CWE-79 CWE-79 High WordPress Plugin Media Tagz Gallery Multiple Unspecified Vulnerabilities (1.0) High WordPress Plugin Media Usage Cross-Site Scripting (0.0.4) CVE-2021-34652 CWE-79 CWE-79 High WordPress Plugin Mega Menu for WordPress-AP Mega Menu includes Backdoor [Only if downloaded via the vendor website] (3.0.5) CVE-2021-24867 CWE-912 CWE-912 High WordPress Plugin MegaOptim Image Optimizer Unspecified Vulnerability (1.3.2) High WordPress Plugin Meks Easy Social Share Cross-Site Scripting (1.2.7) CVE-2022-2574 CWE-79 CWE-79 High WordPress Plugin Meks Flexible Shortcodes Cross-Site Scripting (1.3.4) CVE-2022-4562 CWE-79 CWE-79 High WordPress Plugin Member Approval Cross-Site Request Forgery (131109) CVE-2014-3850 CWE-352 CWE-352 High WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Unspecified Vulnerabilities (1.4.0) High WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions Multiple Vulnerabilities (2.4.1) CWE-79 CWE-89 CWE-79 CWE-89 High WordPress Plugin Membership 2 Unspecified Vulnerability (4.0.0.2) High WordPress Plugin Membership by Supsystic SQL Injection (1.4.7) CWE-89 CWE-89 High WordPress Plugin Membership For WooCommerce-Add Simple Membership Plans, Recurring Revenue, Product Tags & Send Emails To Members with WooCommerce Membership Arbitrary File Upload (2.1.6) CVE-2022-4395 CWE-434 CWE-434 High WordPress Plugin Membership Simplified Arbitrary File Download (1.58) CVE-2017-1002008 CWE-538 CWE-538 High WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58) CVE-2017-1002009 CVE-2017-1002010 CWE-89 CWE-89 High WordPress Plugin Members Import Cross-Site Request Forgery (1.3) CWE-352 CWE-352 High WordPress Plugin Members Import Cross-Site Scripting (1.4.2) CVE-2022-4663 CWE-79 CWE-79 High WordPress Plugin MemberSonic Lite Security Bypass (1.2) CWE-287 CWE-287 High WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5) CWE-538 CWE-538 High WordPress Plugin Memphis Documents Library Cross-Site Request Forgery (3.9.20) CWE-352 CWE-352 High WordPress Plugin Memphis Documents Library Multiple Unspecified Vulnerabilities (3.6.21) High WordPress Plugin Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7) CWE-89 CWE-89 High 1...109110111112...169 110 / 169
