| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
WordPress Plugin Menu Image Malware/Addware Notification (2.6.9)
|
CWE-506
|
CWE-506
|
High
|
|
WordPress Plugin Menu Swapper Cross-Site Request Forgery (1.1.0.2)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Meow Gallery (+ Gallery Block) Security Bypass (4.1.9)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Meow Gallery (+ Gallery Block) SQL Injection (4.1.8)
|
CVE-2021-24465
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Merge+Minify+Refresh Cross-Site Request Forgery (1.10.6)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Deletion (4.16.2)
|
CVE-2019-14793
CWE-73
|
CWE-73
|
High
|
|
WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Upload (4.16.1)
|
CVE-2019-14794
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Meta Slider and Carousel with Lightbox Cross-Site Request Forgery (1.6.2)
|
CVE-2023-25703
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MetaSlider Cross-Site Scripting (2.6.2)
|
CVE-2014-4846
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MetaSlider Cross-Site Scripting (3.17.1)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MetaSlider Information Disclosure (3.3.1)
|
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Meteor Slides Cross-Site Scripting (1.5.6)
|
CVE-2022-4486
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Cross-Site Scripting (3.1.2)
|
CVE-2023-0084
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Information Disclosure (2.1.3)
|
CVE-2022-1442
CWE-200
|
CWE-200
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.2.1)
|
CVE-2023-0085
CWE-358
|
CWE-358
|
High
|
|
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.3.0)
|
CVE-2023-1843
CWE-862
|
CWE-862
|
High
|
|
WordPress Plugin Metronet Tag Manager Cross-Site Request Forgery (1.2.7)
|
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MF Gig Calendar 'page_id' Parameter Cross-Site Scripting (0.9.4.1)
|
CVE-2012-4242
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MF Gig Calendar Cross-Site Scripting (1.1)
|
CVE-2021-24510
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Microblog Poster SQL Injection (1.6.0)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Microblog Poster SQL Injection (1.6.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MicroCopy SQL Injection (1.1.0)
|
CVE-2021-24397
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Arbitrary File Deletion (0.9.76)
|
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Cross-Site Scripting (0.9.55)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Directory Traversal (0.9.75)
|
CVE-2022-2863
CWE-22
|
CWE-22
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid PHAR Deserialization (0.9.74)
|
CVE-2022-2442
CWE-502
|
CWE-502
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid Security Bypass (0.9.35)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Migration, Backup, Staging-WPvivid SQL Injection (0.9.52)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mikiurl WordPress Eklentisi Cross-Site Request Forgery (2.0)
|
CVE-2014-9337
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mimetic Books Cross-Site Scripting (0.2.13)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum Cross-Site Scripting (1.0.28)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Request Forgery Vulnerabilities (1.0.34)
|
CVE-2013-0736
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.32.1)
|
CVE-2012-5327
CVE-2012-5328
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum Multiple Cross-Site Scripting Vulnerabilities (1.0.33)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mingle Forum Multiple Vulnerabilities (1.0.33.3)
|
CVE-2013-0734
CVE-2013-0735
CWE-79
CWE-89
|
CWE-79
CWE-89
|
High
|
|
WordPress Plugin Mingle Forum SQL Injection and Security Bypass Vulnerabilities (1.0.26)
|
CWE-89
CWE-425
|
CWE-89
CWE-425
|
High
|
|
WordPress Plugin MiniCart SQL Injection (1.00.1)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)
|
CVE-2012-2583
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Cross-Site Request Forgery (2.10)
|
CVE-2020-6167
CVE-2020-6168
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Open Redirect (1.85)
|
CWE-601
|
CWE-601
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (1.87)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (2.15)
|
CVE-2020-6166
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin MiniMax-Page Layout Builder Arbitrary File Upload (1.7.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin MiniMax-Page Layout Builder Cross-Site Scripting (1.3.4)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MiniMax-Page Layout Builder Cross-Site Scripting (1.9.3)
|
CVE-2016-1000141
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin miniOrange's Google Authenticator-WordPress Two Factor Authentication (2FA, MFA, OTP SMS and Email)-Passwordless login Cross-Site Scripting (5.4.39)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin miniOrange Discord Integration Security Bypass (2.1.5)
|
CVE-2022-3082
CWE-284
|
CWE-284
|
High
|
|
WordPress Plugin Missed Schedule Fix WP Failed Future Posts Multiple Unspecified Vulnerabilities (2014.1231.2015.4)
|
|
|
High
|
|
WordPress Plugin Mitsol Social Post Feed Cross-Site Scripting (1.10)
|
CVE-2022-0209
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MiwoEvents-Manage & Book Events Unspecified Vulnerability (1.2.0)
|
|
|
High
|
|
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Disclosure (1.0.4)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Download (1.0.5)
|
CWE-538
|
CWE-538
|
High
|
|
WordPress Plugin MiwoFTP-File & Folder Manager Multiple Vulnerabilities (1.0.5)
|
CWE-73
CWE-79
CWE-94
CWE-352
|
CWE-73
CWE-79
CWE-94
CWE-352
|
High
|
|
WordPress Plugin mklasen's Photobox Cross-Site Scripting (1.0)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MM Duplicate 'index.php' SQL Injection (1.2)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin MM Forms Community 'doajaxfileupload.php' Arbitrary File Upload (2.2.6)
|
CVE-2012-3574
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin MM Forms Community 'edit_details.php' SQL Injection (1.2.3)
|
CWE-89
|
CWE-89
|
High
|
|
WordPress Plugin Mobile App Native (Make a mobile app-Native iPhone & Android Mobile App FREE) Arbitrary File Upload (3.0)
|
CVE-2017-6104
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Mobile Apps by Wiziapp (Native iPhone & Android mobile Apps) Multiple Unspecified Vulnerabilities (4.1.2)
|
|
|
High
|
|
WordPress Plugin Mobile blocks Security Bypass (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Mobile Booster Security Bypass (1.0)
|
CWE-264
|
CWE-264
|
High
|
|
WordPress Plugin Mobile browser color select Cross-Site Request Forgery (1.0.1)
|
CVE-2022-1969
CWE-352
|
CWE-352
|
High
|
|
WordPress Plugin MobileChief-Mobile Site Builder Cross-Site Scripting (1.5.7)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mobile Device Detection by 51Degrees Cross-Site Scripting (3.1.5.2)
|
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mobile Domain Multiple Vulnerabilities (1.5.2)
|
CVE-2015-1581
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
WordPress Plugin Mobile Events Manager CSV Injection (1.4.7)
|
CVE-2022-1194
CWE-1236
|
CWE-1236
|
High
|
|
WordPress Plugin MobileView by ColorLabs & Company Cross-Site Scripting (1.0.7)
|
CVE-2013-1808
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Mobiloud-Native Mobile Apps for your WordPress site (iPhone, iPad, Android) Multiple Cross-Site Scripting Vulnerabilities (2.3.7)
|
CVE-2014-5344
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin MobiLoud-WordPress Mobile Apps-Convert your WordPress Website to Native Mobile Apps Remote Code Execution (4.0.1)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Plugin Modern Events Calendar Arbitrary File Upload (7.11.0)
|
CVE-2024-5441
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Arbitrary File Upload (7.11.0)
|
CVE-2024-5441
CWE-434
|
CWE-434
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.1)
|
CVE-2021-24687
CWE-79
|
CWE-79
|
High
|
|
WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.2)
|
CVE-2021-24716
CWE-79
|
CWE-79
|
High
|
