High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Cross-Site Request Forgery (7.1.6)	CWE-352	CWE-352	High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Multiple Vulnerabilities (7.5.14)	CVE-2023-23706 CVE-2023-23710 CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.5.12)	CWE-862	CWE-862	High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.0)	CVE-2023-25455 CWE-862	CWE-862	High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.4)	CVE-2023-2982 CWE-287	CWE-287	High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Unspecified Vulnerability (5.1)			High
WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Unspecified Vulnerability (7.2)			High
WordPress Plugin WordPress Social Login Cross-Site Scripting (2.0.3)	CVE-2014-4576 CWE-79	CWE-79	High
WordPress Plugin WordPress Social Ring (Facebook Like, Google +1, ReTweet, LinkedIn and Pin It) Cross-Site Scripting (1.1.9)	CWE-79	CWE-79	High
WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Multiple Cross-Site Scripting Vulnerabilities (7.8.9)	CWE-79	CWE-79	High
WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Security Bypass (7.10.6)	CWE-287	CWE-287	High
WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Security Bypass (7.12.37)	CWE-287	CWE-287	High
WordPress Plugin WordPress Social Share Buttons & Analytics-GetSocial.io Cross-Site Request Forgery (4.2)	CWE-352	CWE-352	High
WordPress Plugin WordPress Social Stream Information Disclosure (1.6)	CWE-522	CWE-522	High
WordPress Plugin WordPress Social Stream Security Bypass (1.5.15)	CWE-264	CWE-264	High
WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll PHP Object Injection (1.5.5)	CWE-915	CWE-915	High
WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll SQL Injection (1.1.91)	CVE-2015-2090 CWE-89	CWE-89	High
WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll Unspecified Vulnerability (1.5.8.5)			High
WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Cross-Site Request Forgery (4.4)	CVE-2019-5992 CWE-352	CWE-352	High
WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Multiple Cross-Site Scripting Vulnerabilities (4.3.9.0)	CWE-79	CWE-79	High
WordPress Plugin Wordpress Uninstall Cross-Site Request Forgery (1.2.1)	CVE-2015-9332 CWE-352	CWE-352	High
WordPress Plugin WordPress Users 'uid' Parameter SQL Injection (1.3)	CVE-2011-4669 CWE-89	CWE-89	High
WordPress Plugin wordpress vertical image slider Multiple Vulnerabilities (1.0)	CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Cross-Site Request Forgery Vulnerabilities (2.8)	CWE-352	CWE-352	High
WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Vulnerabilities (2.3.1)	CVE-2014-9097 CVE-2014-9098 CWE-79 CWE-89	CWE-79 CWE-89	High
WordPress Plugin WORDPRESS VIDEO GALLERY Open Email Relay (2.8)	CWE-264	CWE-264	High
WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.0)	CVE-2013-3478 CWE-89	CWE-89	High
WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.7)	CVE-2015-2065 CWE-89	CWE-89	High
WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.8)	CWE-89	CWE-89	High
WordPress Plugin WordPress Video Player Cross-Site Scripting (1.5.1)	CVE-2014-8584 CWE-79	CWE-79	High
WordPress Plugin WordPress Video Player Multiple SQL Injection Vulnerabilities (1.5.16)	CWE-89	CWE-89	High
WordPress Plugin WordPress Video Player Multiple Vulnerabilities (1.5.4)	CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin WordPress WP-Advanced-Search Cross-Site Request Forgery (3.3.8)	CVE-2022-47447 CWE-352	CWE-352	High
WordPress Plugin WordPress WP-Advanced-Search Remote Code Execution (3.3.3)	CWE-94	CWE-94	High
WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.5)	CWE-89	CWE-89	High
WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.6)	CVE-2020-12104 CWE-89	CWE-89	High
WordPress Plugin Wordspew 'id' Parameter SQL Injection (1.16)	CVE-2008-0682 CWE-89	CWE-89	High
WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.3.1)	CWE-434	CWE-434	High
WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.5.2)	CWE-434	CWE-434	High
WordPress Plugin World of Warcraft-Armory Table Cross-Site Scripting (0.2.5)	CWE-79	CWE-79	High
WordPress Plugin World Travel Information Cross-Site Scripting (1.0.0)	CWE-79	CWE-79	High
WordPress Plugin Wow Forms-create any form with custom style SQL Injection (2.1)	CWE-89	CWE-89	High
WordPress Plugin Wow Forms-create any form with custom style SQL Injection (3.1.3)	CVE-2021-24628 CWE-89	CWE-89	High
WordPress Plugin Wow Moodboard Lite Open Redirect (1.1.1.1)	CVE-2015-4070 CWE-601	CWE-601	High
WordPress Plugin WoWPth Cross-Site Scripting (2.0)	CWE-79	CWE-79	High
WordPress Plugin Wow Viral Signups SQL Injection (2.1)	CWE-89	CWE-89	High
WordPress Plugin wp-autosuggest SQL Injection (0.24)	CWE-89	CWE-89	High
WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)	CWE-89	CWE-89	High
WordPress Plugin WP-Backgrounds Lite Cross-Site Request Forgery (2.3)	CWE-352	CWE-352	High
WordPress Plugin WP-Ban Cross-Site Scripting (1.69)	CVE-2022-4260 CWE-79	CWE-79	High
WordPress Plugin WP-Ban Security Bypass (1.63)	CVE-2014-6230 CWE-284	CWE-284	High
WordPress Plugin WP-BlipBot Cross-Site Scripting (3.0.9)	CVE-2014-4580 CWE-79	CWE-79	High
WordPress Plugin WP-Board SQL Injection (1.1)	CVE-2021-24404 CWE-89	CWE-89	High
WordPress Plugin wp-buddha-free-adwords Security Bypass (1.0.0)	CWE-264	CWE-264	High
WordPress Plugin WP-Business Directory (wp-ttisbdir) Multiple Cross-Site Scripting Vulnerabilities (1.0.2)	CVE-2014-4599 CWE-79	CWE-79	High
WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)	CVE-2008-0490 CWE-89	CWE-89	High
WordPress Plugin wp-championship SQL Injection (5.8)	CVE-2015-5308 CWE-89	CWE-89	High
WordPress Plugin WP-Client Lite::Client Portals, File Sharing, Messaging & Invoicing Local File Inclusion (1.1.1)	CVE-2014-2383 CWE-22	CWE-22	High
WordPress Plugin WP-Contact Multiple Cross-Site Scripting Vulnerabilities (1.0)	CVE-2014-4583 CWE-79	CWE-79	High
WordPress Plugin WP-CopyProtect [Protect your blog posts] Cross-Site Scripting (3.0.0)	CWE-79	CWE-79	High
WordPress Plugin WP-Cron Dashboard Cross-Site Scripting (1.1.5)	CVE-2013-6991 CWE-79	CWE-79	High
WordPress Plugin WP-Cumulus 'tagcloud.swf' Cross-Site Scripting (1.22)	CVE-2009-4168 CWE-79	CWE-79	High
WordPress Plugin WP-Curriculo Vitae Free Arbitrary File Upload (6.3)	CVE-2021-24222 CWE-434	CWE-434	High
WordPress Plugin Wp-D3 Cross-Site Request Forgery (2.4)	CWE-352	CWE-352	High
WordPress Plugin WP-DBManager 'wp-config.php' Arbitrary File Download (2.60)	CWE-22	CWE-22	High
WordPress Plugin WP-DBManager Arbitrary File Deletion (2.79.1)	CWE-73	CWE-73	High
WordPress Plugin WP-DBManager Multiple Vulnerabilities (2.71)	CVE-2014-8334 CVE-2014-8335 CVE-2014-8336 CWE-95 CWE-200	CWE-95 CWE-200	High
WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)	CVE-2008-1646 CWE-89	CWE-89	High
WordPress Plugin WP-DownloadManager Cross-Site Request Forgery (1.60)	CVE-2013-2697 CWE-352	CWE-352	High
WordPress Plugin WP-DownloadManager Cross-Site Scripting (1.67)	CWE-79	CWE-79	High
WordPress Plugin wp-easybooking Cross-Site Scripting (1.0.3)	CVE-2014-4584 CWE-79	CWE-79	High
WordPress Plugin WP-FaceThumb 'pagination_wp_facethumb' Parameter Cross-Site Scripting (0.1)	CVE-2012-2371 CWE-79	CWE-79	High
WordPress Plugin WP-FaceThumb Cross-Site Scripting (1.0)	CVE-2014-4585 CWE-79	CWE-79	High
WordPress Plugin WP-FB-AutoConnect Multiple Cross-Site Request Forgery Vulnerabilities (4.0.5)	CWE-352	CWE-352	High
WordPress Plugin WP-FeedStats de HTML Injection (2.3)	CVE-2007-4104 CWE-79	CWE-79	High

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Cross-Site Request Forgery (7.1.6)

CWE-352

High

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Multiple Vulnerabilities (7.5.14)

CVE-2023-23706 CVE-2023-23710

CWE-79 CWE-352

High

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.5.12)

CWE-862

High

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.0)

CVE-2023-25455

CWE-862

High

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.4)

CVE-2023-2982

CWE-287

High

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Unspecified Vulnerability (5.1)

High

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Unspecified Vulnerability (7.2)

High

WordPress Plugin WordPress Social Login Cross-Site Scripting (2.0.3)

CVE-2014-4576

CWE-79

High

WordPress Plugin WordPress Social Ring (Facebook Like, Google +1, ReTweet, LinkedIn and Pin It) Cross-Site Scripting (1.1.9)

CWE-79

High

WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Multiple Cross-Site Scripting Vulnerabilities (7.8.9)

CWE-79

High

WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Security Bypass (7.10.6)

CWE-287

High

WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Security Bypass (7.12.37)

CWE-287

High

WordPress Plugin WordPress Social Share Buttons & Analytics-GetSocial.io Cross-Site Request Forgery (4.2)

CWE-352

High

WordPress Plugin WordPress Social Stream Information Disclosure (1.6)

CWE-522

High

WordPress Plugin WordPress Social Stream Security Bypass (1.5.15)

CWE-264

High

WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll PHP Object Injection (1.5.5)

CWE-915

High

WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll SQL Injection (1.1.91)

CVE-2015-2090

CWE-89

High

WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll Unspecified Vulnerability (1.5.8.5)

High

WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Cross-Site Request Forgery (4.4)

CVE-2019-5992

CWE-352

High

WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Multiple Cross-Site Scripting Vulnerabilities (4.3.9.0)

CWE-79

High

WordPress Plugin Wordpress Uninstall Cross-Site Request Forgery (1.2.1)

CVE-2015-9332

CWE-352

High

WordPress Plugin WordPress Users 'uid' Parameter SQL Injection (1.3)

CVE-2011-4669

CWE-89

High

WordPress Plugin wordpress vertical image slider Multiple Vulnerabilities (1.0)

CWE-79 CWE-352

High

WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Cross-Site Request Forgery Vulnerabilities (2.8)

CWE-352

High

WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Vulnerabilities (2.3.1)

CVE-2014-9097 CVE-2014-9098

CWE-79 CWE-89

High

WordPress Plugin WORDPRESS VIDEO GALLERY Open Email Relay (2.8)

CWE-264

High

WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.0)

CVE-2013-3478

CWE-89

High

WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.7)

CVE-2015-2065

CWE-89

High

WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.8)

CWE-89

High

WordPress Plugin WordPress Video Player Cross-Site Scripting (1.5.1)

CVE-2014-8584

CWE-79

High

WordPress Plugin WordPress Video Player Multiple SQL Injection Vulnerabilities (1.5.16)

CWE-89

High

WordPress Plugin WordPress Video Player Multiple Vulnerabilities (1.5.4)

CWE-79 CWE-352

High

WordPress Plugin WordPress WP-Advanced-Search Cross-Site Request Forgery (3.3.8)

CVE-2022-47447

CWE-352

High

WordPress Plugin WordPress WP-Advanced-Search Remote Code Execution (3.3.3)

CWE-94

High

WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.5)

CWE-89

High

WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.6)

CVE-2020-12104

CWE-89

High

WordPress Plugin Wordspew 'id' Parameter SQL Injection (1.16)

CVE-2008-0682

CWE-89

High

WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.3.1)

CWE-434

High

WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.5.2)

CWE-434

High

WordPress Plugin World of Warcraft-Armory Table Cross-Site Scripting (0.2.5)

CWE-79

High

WordPress Plugin World Travel Information Cross-Site Scripting (1.0.0)

CWE-79

High

WordPress Plugin Wow Forms-create any form with custom style SQL Injection (2.1)

CWE-89

High

WordPress Plugin Wow Forms-create any form with custom style SQL Injection (3.1.3)

CVE-2021-24628

CWE-89

High

WordPress Plugin Wow Moodboard Lite Open Redirect (1.1.1.1)

CVE-2015-4070

CWE-601

High

WordPress Plugin WoWPth Cross-Site Scripting (2.0)

CWE-79

High

WordPress Plugin Wow Viral Signups SQL Injection (2.1)

CWE-89

High

WordPress Plugin wp-autosuggest SQL Injection (0.24)

CWE-89

High

WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)

CWE-89

High

WordPress Plugin WP-Backgrounds Lite Cross-Site Request Forgery (2.3)

CWE-352

High

WordPress Plugin WP-Ban Cross-Site Scripting (1.69)

CVE-2022-4260

CWE-79

High

WordPress Plugin WP-Ban Security Bypass (1.63)

CVE-2014-6230

CWE-284

High

WordPress Plugin WP-BlipBot Cross-Site Scripting (3.0.9)

CVE-2014-4580

CWE-79

High

WordPress Plugin WP-Board SQL Injection (1.1)

CVE-2021-24404

CWE-89

High

WordPress Plugin wp-buddha-free-adwords Security Bypass (1.0.0)

CWE-264

High

WordPress Plugin WP-Business Directory (wp-ttisbdir) Multiple Cross-Site Scripting Vulnerabilities (1.0.2)

CVE-2014-4599

CWE-79

High

WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)

CVE-2008-0490

CWE-89

High

WordPress Plugin wp-championship SQL Injection (5.8)

CVE-2015-5308

CWE-89

High

WordPress Plugin WP-Client Lite::Client Portals, File Sharing, Messaging & Invoicing Local File Inclusion (1.1.1)

CVE-2014-2383

CWE-22

High

WordPress Plugin WP-Contact Multiple Cross-Site Scripting Vulnerabilities (1.0)

CVE-2014-4583

CWE-79

High

WordPress Plugin WP-CopyProtect [Protect your blog posts] Cross-Site Scripting (3.0.0)

CWE-79

High

WordPress Plugin WP-Cron Dashboard Cross-Site Scripting (1.1.5)

CVE-2013-6991

CWE-79

High

WordPress Plugin WP-Cumulus 'tagcloud.swf' Cross-Site Scripting (1.22)

CVE-2009-4168

CWE-79

High

WordPress Plugin WP-Curriculo Vitae Free Arbitrary File Upload (6.3)

CVE-2021-24222

CWE-434

High

WordPress Plugin Wp-D3 Cross-Site Request Forgery (2.4)

CWE-352

High

WordPress Plugin WP-DBManager 'wp-config.php' Arbitrary File Download (2.60)

CWE-22

High

WordPress Plugin WP-DBManager Arbitrary File Deletion (2.79.1)

CWE-73

High

WordPress Plugin WP-DBManager Multiple Vulnerabilities (2.71)

CVE-2014-8334 CVE-2014-8335 CVE-2014-8336

CWE-95 CWE-200

High

WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)

CVE-2008-1646

CWE-89

High

WordPress Plugin WP-DownloadManager Cross-Site Request Forgery (1.60)

CVE-2013-2697

CWE-352

High

WordPress Plugin WP-DownloadManager Cross-Site Scripting (1.67)

CWE-79

High

WordPress Plugin wp-easybooking Cross-Site Scripting (1.0.3)

CVE-2014-4584

CWE-79

High

WordPress Plugin WP-FaceThumb 'pagination_wp_facethumb' Parameter Cross-Site Scripting (0.1)

CVE-2012-2371

CWE-79

High

WordPress Plugin WP-FaceThumb Cross-Site Scripting (1.0)

CVE-2014-4585

CWE-79

High

WordPress Plugin WP-FB-AutoConnect Multiple Cross-Site Request Forgery Vulnerabilities (4.0.5)

CWE-352

High

WordPress Plugin WP-FeedStats de HTML Injection (2.3)

CVE-2007-4104

CWE-79

High

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities