High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Unspecified Vulnerability (3.1.6)			High
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution 'uploadify.php' Arbitrary File Upload (1.6.1)	CWE-434	CWE-434	High
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Download (2.4.0)	CVE-2014-9013 CVE-2014-9014 CWE-22	CWE-22	High
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Upload (1.2.1)	CWE-434	CWE-434	High
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Upload (2.4.1)	CWE-434	CWE-434	High
WordPress Plugin WP Marketplace TimThumb Arbitrary File Upload (1.1.0)	CVE-2011-4106 CWE-20	CWE-20	High
WordPress Plugin WP Mass Mail Open Email Relay (2.45)	CWE-264	CWE-264	High
WordPress Plugin WP Media Cleaner Multiple Cross-Site Scripting Vulnerabilities (2.2.6)	CVE-2015-2195 CWE-79	CWE-79	High
WordPress Plugin WP Mega Menu Security Bypass (1.3.9)	CWE-284	CWE-284	High
WordPress Plugin WP Mega Menu Security Bypass (1.4.0)	CWE-284	CWE-284	High
WordPress Plugin WP Mega Menu Unspecified Vulnerability (1.4.1)			High
WordPress Plugin WP Membership Multiple Vulnerabilities (1.2.3)	CVE-2015-4038 CVE-2015-4039 CWE-79 CWE-264	CWE-79 CWE-264	High
WordPress Plugin WP Meta and Date Remover Cross-Site Request Forgery (1.7.5)	CWE-352	CWE-352	High
WordPress Plugin WP Migrate DB Security Bypass (0.6)	CWE-264	CWE-264	High
WordPress Plugin WPMK Ajax Finder Cross-Site Request Forgery (1.0.1)	CVE-2022-1749 CWE-352	CWE-352	High
WordPress Plugin WPMktgEngine Security Bypass (3.7.6)	CWE-264	CWE-264	High
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Request Forgery (4.3.6)	CVE-2020-10568 CWE-352	CWE-352	High
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.2.6)	CWE-79	CWE-79	High
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.6.3)	CVE-2018-18069 CWE-79	CWE-79	High
WordPress Plugin WPML (WordPress Multilingual) Multiple Vulnerabilities (3.1.8.6)	CVE-2015-2314 CVE-2015-2315 CVE-2015-2791 CVE-2015-2792 CWE-79 CWE-89 CWE-284	CWE-79 CWE-89 CWE-284	High
WordPress Plugin WPML Translation Management PHP Object Injection (2.4.1)	CWE-915	CWE-915	High
WordPress Plugin WPML Unauthenticated Stored XSS	CVE-2018-18069 CWE-80	CWE-80	High
WordPress Plugin WP Mobile Detector Arbitrary File Upload (3.5)	CWE-434	CWE-434	High
WordPress Plugin WP Mobile Detector Cross-Site Scripting (3.2)	CWE-79	CWE-79	High
WordPress Plugin WP Mobile Detector Multiple Vulnerabilities (3.8)	CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin WP Mobile Detector Unspecified Vulnerability (2.1)			High
WordPress Plugin WP Mobile Edition Arbitrary File Disclosure (2.2.7)	CWE-22	CWE-22	High
WordPress Plugin WP Mobile Edition Multiple Vulnerabilities (2.4)	CWE-22 CWE-79	CWE-22 CWE-79	High
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Cross-Site Scripting (2.8.2.2)	CVE-2021-24435 CWE-79	CWE-79	High
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Security Bypass (2.7.2)	CWE-264	CWE-264	High
WordPress Plugin WPMovieLibrary Multiple Cross-Site Scripting Vulnerabilities (2.1.4.1)	CWE-79	CWE-79	High
WordPress Plugin Wp Multiple Meta Box SQL Injection (1.0.0)	CWE-89	CWE-89	High
WordPress Plugin WP Munich Blocks-Gutenberg Blocks for WordPress Security Bypass (0.7.2)	CWE-264	CWE-264	High
WordPress Plugin WP No External Links Cross-Site Scripting (3.5.15)	CWE-79	CWE-79	High
WordPress Plugin WP No External Links Cross-Site Scripting (3.5.18)	CVE-2017-15863 CWE-79	CWE-79	High
WordPress Plugin WP No External Links Spam Injection (4.2.2)	CWE-610	CWE-610	High
WordPress Plugin WP OAuth Server (OAuth Authentication) Cross-Site Scripting (4.2.1)	CVE-2022-3892 CWE-79	CWE-79	High
WordPress Plugin WP OAuth Server (OAuth Authentication) Security Bypass (3.1.4)	CWE-326	CWE-326	High
WordPress Plugin WP Offload SES Lite Cross-Site Scripting (1.4.4)	CVE-2021-24494 CWE-79	CWE-79	High
WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities (1.3.1)	CWE-22 CWE-538	CWE-22 CWE-538	High
WordPress Plugin WP Open Graph Cross-Site Request Forgery (1.6.1)	CVE-2019-5960 CWE-352	CWE-352	High
WordPress Plugin WP Open Social Cross-Site Scripting (5.0)	CVE-2023-25792 CWE-79	CWE-79	High
WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.6)	CVE-2022-40963 CWE-79	CWE-79	High
WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.8)	CVE-2022-3830 CWE-79	CWE-79	High
WordPress Plugin WP Page Builder Multiple Vulnerabilities (1.2.3)	CVE-2021-24207 CVE-2021-24208 CWE-79 CWE-264	CWE-79 CWE-264	High
WordPress Plugin WP Page Widget Cross-Site Scripting (2.7)	CWE-79	CWE-79	High
WordPress Plugin WP Payeezy Pay Local File Inclusion (2.97)	CVE-2018-20985 CWE-22	CWE-22	High
WordPress Plugin WP People 'wp-people-popup.php' SQL Injection (2.0)	CWE-89	CWE-89	High
WordPress Plugin WP Performance Score Booster-Optimize Speed, Enable Cache & Page Preload Cross-Site Request Forgery (2.0)	CVE-2021-24776 CWE-352	CWE-352	High
WordPress Plugin WP Photo Album 'id' Parameter Cross-Site Scripting (1.5.1)	CWE-79	CWE-79	High
WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)	CVE-2008-0939 CWE-89	CWE-89	High
WordPress Plugin WP Photo Album Plus 'wppa-album' Parameter SQL Injection (4.1.1)	CWE-89	CWE-89	High
WordPress Plugin WP Photo Album Plus Cross-Site Request Forgery (4.8.11)	CWE-352	CWE-352	High
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (4.9.2)	CWE-79	CWE-79	High
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.2)	CVE-2013-3254 CWE-79	CWE-79	High
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.10)	CWE-79	CWE-79	High
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.7)	CWE-79	CWE-79	High
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.17)	CVE-2014-8814 CWE-79	CWE-79	High
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (6.1.2)	CVE-2015-3647 CWE-79	CWE-79	High
WordPress Plugin WP Photo Album Plus Multiple Cross-Site Scripting Vulnerabilities (5.4.4)	CWE-79	CWE-79	High
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (6.5.00)			High
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (7.2.04)			High
WordPress Plugin WP PHP widget Information Disclosure (1.0.2)	CVE-2013-0721 CWE-200	CWE-200	High
WordPress Plugin WP Pipes Unspecified Vulnerability (1.28)			High
WordPress Plugin WPPizza Cross-Site Scripting (2.11.8.17)	CWE-79	CWE-79	High
WordPress Plugin WP Planet Cross-Site Scripting (0.1)	CVE-2014-4592 CWE-79	CWE-79	High
WordPress Plugin WP Plugin Info Card Unspecified Vulnerability (2.3.6)			High
WordPress Plugin WP Plugin Manager (WPPM) Cross-Site Scripting (1.6.4.b)	CVE-2014-4593 CWE-79	CWE-79	High
WordPress Plugin WP Poll Maker-Best WordPress Poll for Voting Contest Arbitrary File Upload (3.4)	CVE-2024-32514 CWE-434	CWE-434	High
WordPress Plugin WP Popup Banners includes Backdoor [Only if downloaded via the vendor website] (1.2.3)	CVE-2021-24867 CWE-912	CWE-912	High
WordPress Plugin WP Popup Builder-Popup Forms, Marketing PoPuP & Newsletter Multiple Vulnerabilities (1.2.8)	CVE-2022-2404 CVE-2022-2405 CWE-79 CWE-862	CWE-79 CWE-862	High
WordPress Plugin WP Popup Lite-Responsive popup for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.8)	CVE-2021-24867 CWE-912	CWE-912	High
WordPress Plugin WP Popups-WordPress Popup builder Cross-Site Scripting (2.1.4.6)	CVE-2022-4716 CWE-79	CWE-79	High
WordPress Plugin WP Portfolio Gallery Cross-Site Scripting (1.0.0)	CWE-79	CWE-79	High
WordPress Plugin WP Post Page Clone SQL Injection (1.0)	CWE-89	CWE-89	High

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Unspecified Vulnerability (3.1.6)

High