Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WordPress CVE-2012-0937 Vulnerability (CVE-2012-0937) CVE-2012-0937 Medium WordPress CVE-2020-25286 Vulnerability (CVE-2020-25286) CVE-2020-25286 Medium WordPress CVE-2023-5561 Vulnerability (CVE-2023-5561) CVE-2023-5561 Medium WordPress CVE-2023-39999 Vulnerability (CVE-2023-39999) CVE-2023-39999 Medium WordPress database credentials disclosure CWE-538 CWE-538 Medium WordPress Data Processing Errors Vulnerability (CVE-2014-9034) CVE-2014-9034 Medium WordPress Direct Request ('Forced Browsing') Vulnerability (CVE-2005-1688) CVE-2005-1688 CWE-425 CWE-425 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0191) CVE-2008-0191 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0195) CVE-2008-0195 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-0701) CVE-2011-0701 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3126) CVE-2011-3126 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3128) CVE-2011-3128 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3818) CVE-2011-3818 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4898) CVE-2011-4898 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2202) CVE-2013-2202 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730) CVE-2015-5730 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5487) CVE-2017-5487 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5610) CVE-2017-5610 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6514) CVE-2017-6514 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-17671) CVE-2019-17671 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-29450) CVE-2021-29450 CWE-200 CWE-200 Medium WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39200) CVE-2021-39200 CWE-200 CWE-200 Medium WordPress Improper Access Control Vulnerability (CVE-2015-5623) CVE-2015-5623 CWE-284 CWE-284 Medium WordPress Improper Authentication Vulnerability (CVE-2009-2334) CVE-2009-2334 CWE-287 CWE-287 Medium WordPress Improper Authentication Vulnerability (CVE-2014-0166) CVE-2014-0166 CWE-287 CWE-287 Medium WordPress Improper Authentication Vulnerability (CVE-2022-43504) CVE-2022-43504 CWE-287 CWE-287 Medium WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3890) CVE-2009-3890 CWE-94 CWE-94 Medium WordPress Improper Input Validation Vulnerability (CVE-2008-4106) CVE-2008-4106 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2009-2431) CVE-2009-2431 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2011-3127) CVE-2011-3127 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2011-4957) CVE-2011-4957 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2013-2204) CVE-2013-2204 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2013-5738) CVE-2013-5738 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2014-9038) CVE-2014-9038 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2016-9263) CVE-2016-9263 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2017-6815) CVE-2017-6815 CWE-20 CWE-20 Medium WordPress Improper Input Validation Vulnerability (CVE-2018-20152) CVE-2018-20152 CWE-20 CWE-20 Medium WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0196) CVE-2008-0196 CWE-22 CWE-22 Medium WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0615) CVE-2008-0615 CWE-22 CWE-22 Medium WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-7169) CVE-2016-7169 CWE-22 CWE-22 Medium WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8943) CVE-2019-8943 CWE-22 CWE-22 Medium WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-2745) CVE-2023-2745 CWE-22 CWE-22 Medium WordPress Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-6762) CVE-2008-6762 CWE-59 CWE-59 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-4139) CVE-2007-4139 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5105) CVE-2007-5105 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5106) CVE-2007-5106 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6677) CVE-2007-6677 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0192) CVE-2008-0192 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0193) CVE-2008-0193 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0617) CVE-2008-0617 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0618) CVE-2008-0618 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1304) CVE-2008-1304 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2068) CVE-2008-2068 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3233) CVE-2008-3233 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5278) CVE-2008-5278 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2851) CVE-2009-2851 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4536) CVE-2010-4536 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5294) CVE-2010-5294 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5295) CVE-2010-5295 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4956) CVE-2011-4956 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0782) CVE-2012-0782 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2403) CVE-2012-2403 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2404) CVE-2012-2404 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3414) CVE-2012-3414 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6633) CVE-2012-6633 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0236) CVE-2013-0236 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0237) CVE-2013-0237 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2201) CVE-2013-2201 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9031) CVE-2014-9031 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9032) CVE-2014-9032 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9035) CVE-2014-9035 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9036) CVE-2014-9036 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3438) CVE-2015-3438 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3439) CVE-2015-3439 CWE-707 CWE-707 Medium WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3440) CVE-2015-3440 CWE-707 CWE-707 Medium 1...93949596...99 94 / 99
