Which option is a list of publicly disclosed information security defects?

• Severity

• High
• Medium
• Low
• Informational

• Vulnerability Categories

• Abuse Of Functionality
• Acumonitor
• Arbitrary File Creation
• Authentication Bypass
• Bruteforce Possible
• Buffer Overflow
• CSRF
• CSTI
• Code Execution
• Configuration
• Crlf Injection
• Deepscan
• Default Credentials
• Denial Of Service
• Dev Files
• Directory Listing
• Directory Traversal
• Eli Injection
• Error Handling
• File Inclusion
• Http Parameter Pollution
• Http Response Splitting
• Information Disclosure
• Insecure Admin Access
• Insecure Deserialization
• Internal Ip Disclosure
• Known Vulnerabilities
• Ldap Injection
• Malware
• Missing Update
• Privilege Escalation
• SSRF
• Sensitive Data Not Over Ssl
• Server Side Template Injection
• Session Fixation
• Source Code Disclosure
• Sql Injection
• Test Files
• Unauthenticated File Upload
• Url Redirection
• Weak Credentials
• Weak Crypto
• XFS
• XSS
• XXE
• Xpath Injection

Vulnerability NameCVE

---

CWECWESeverity.htaccess file readable

---

CWE-443CWE-443Medium Access database found

---

CWE-538CWE-538Medium Adminer 4.6.2 file disclosure vulnerability

---

CWE-22CWE-22High Adobe ColdFusion directory traversalCVE-2013-3336

---

CWE-22CWE-22High Amazon S3 public bucket

---

CWE-264CWE-264Medium Amazon S3 publicly writable bucket

---

CWE-264CWE-264High Apache 2.x version older than 2.0.48CVE-2003-0542 CVE-2003-0789

---

CWE-119CWE-119Medium Apache Axis2 administration console weak password

---

CWE-200CWE-200High Apache Axis2 information disclosure

---

CWE-200CWE-200Medium Apache Axis2 web services enumeration

---

CWE-200CWE-200Low Apache balancer-manager application publicly accessible

---

CWE-200CWE-200Medium Apache httpOnly cookie disclosureCVE-2012-0053

---

CWE-264CWE-264Medium Apache mod_negotiation filename bruteforcing

---

CWE-538CWE-538Low Apache perl-status enabled

---

CWE-200CWE-200Medium Apache server-info enabled

---

CWE-200CWE-200Medium Apache server-status enabled

---

CWE-200CWE-200Medium Apache Solr endpoint

---

CWE-200CWE-200Low Apache solr service exposed

---

CWE-200CWE-200High Apache stronghold-info enabled

---

CWE-200CWE-200Low Apache stronghold-status enabled

---

CWE-200CWE-200Low Apache Tomcat examples directory vulnerabilities

---

CWE-264CWE-264Medium Apache Tomcat Information Disclosure CVE-2017-7674CVE-2017-12616

---

CWE-200CWE-200High Apache Tomcat version older than 4.1.37CVE-2005-3164 CVE-2007-1355 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5333 CVE-2007-5461

---

CWE-79CWE-79Medium Apache Tomcat version older than 6.0.11CVE-2005-2090 CVE-2007-1355

---

CWE-79CWE-79Medium Apache Tomcat version older than 6.0.35CVE-2011-3190 CVE-2011-3375 CVE-2012-0022

---

CWE-264CWE-264High Apache Tomcat version older than 7.0.21CVE-2011-3190

---

CWE-264CWE-264High apc.php page found

---

CWE-538CWE-538Medium Application error messages

---

CWE-209CWE-209Medium Arbitrary file existence disclosure in Action PackCVE-2014-7829

---

CWE-200CWE-200Medium ASP.NET application trace enabled

---

CWE-215CWE-215Medium ASP.NET custom errors disabled

---

CWE-12CWE-12Medium ASP.NET debugging enabled

---

CWE-11CWE-11Low ASP.NET diagnostic page

---

CWE-200CWE-200Medium ASP.NET error message

---

CWE-12CWE-12Medium ASP.NET MVC version disclosure

---

CWE-200CWE-200Low ASP.NET path disclosure

---

CWE-200CWE-200Low ASP.NET version disclosure

---

CWE-200CWE-200Low Atlassian Confluence Access Restriction BypassCVE-2017-9505

---

Medium Atlassian Confluence information disclosureCVE-2017-7415

---

High Atlassian Confluence Stored Cross Site ScriptingCVE-2016-6283

---

Medium Atlassian Jira Manage Filters information disclosure

---

CWE-200CWE-200Low AWStats script

---

CWE-538CWE-538Medium Backup files

---

CWE-538CWE-538Medium Bazaar repository found

---

CWE-538CWE-538High Chrome Logger information disclosure

---

CWE-200CWE-200Medium ColdFusion path disclosures

---

CWE-200CWE-200Low ColdFusion Request Debugging information disclosure

---

CWE-200CWE-200Medium ColdFusion Robust Exception enabled

---

CWE-200CWE-200Medium Configuration file disclosure

---

CWE-538CWE-538High Configuration file source code disclosure

---

CWE-538CWE-538High Core dump checker PHP script

---

CWE-200CWE-200Medium Core dump file

---

CWE-200CWE-200High Credit card number disclosed

---

CWE-200CWE-200Medium CVS web repository

---

CWE-527CWE-527High Database connection string disclosure

---

CWE-200CWE-200Medium Development configuration files

---

CWE-538CWE-538Medium Devise weak password

---

CWE-200CWE-200High Directory listings

---

CWE-538CWE-538Medium Django debug mode enabled

---

CWE-200CWE-200Medium Documentation files

---

CWE-538CWE-538Low Dotenv .env file

---

CWE-538CWE-538High Drupal 7 arbitrary PHP code execution and information disclosureCVE-2012-4553 CVE-2012-4554

---

CWE-264CWE-264High Drupal Backup Migrate directory publicly accessible

---

CWE-538CWE-538High Drupal Core 5.x Information Disclosure (5.0 - 5.18)CVE-2009-2374

---

CWE-200CWE-200High Drupal Core 6.x Information Disclosure (6.0 - 6.30)CVE-2014-2983

---

CWE-200CWE-200High Drupal Core 7.x Information Disclosure (7.0 - 7.14)CVE-2012-2922

---

CWE-200CWE-200High Drupal Core 7.x Information Disclosure (7.0 - 7.26)CVE-2014-2983

---

CWE-200CWE-200High Drupal Core 8.8.x Information Disclosure (8.8.0 - 8.8.9)CVE-2020-13670

---

CWE-200CWE-200High Drupal Core 8.9.x Information Disclosure (8.9.0 - 8.9.5)CVE-2020-13670

---

CWE-200CWE-200High Drupal Core 8.x.x Information Disclosure (8.0.0 - 8.7.14)CVE-2020-13670

---

CWE-200CWE-200High Drupal Core 9.0.x Information Disclosure (9.0.0 - 9.0.5)CVE-2020-13670

---

CWE-200CWE-200High Drupal Views module information disclosure vulnerability

---

CWE-200CWE-200Medium Elasticsearch service accessible

---

CWE-200CWE-200High elmah.axd information disclosure

---

CWE-209CWE-209Medium Email addresses

---

CWE-200CWE-200Informational Error messages

---

CWE-209CWE-209Medium Error page path disclosure

---

CWE-200CWE-200Low Error page web server version disclosure

---

CWE-200CWE-200Informational File Content Disclosure in Action ViewCVE-2019-5418

---

CWE-200CWE-200High Folder backup

---

CWE-538CWE-538Medium Frontpage authors.pwd available

---

CWE-538CWE-538Medium Frontpage extensions enabled

---

CWE-16CWE-16Medium Full public read access Azure blob storage

---

CWE-264CWE-264Medium Git repository found

---

CWE-527CWE-527High GlassFish admin console weak credentials

---

CWE-693CWE-693High Global.asa backup file found

---

CWE-538CWE-538Medium Golang runtime profiling data

---

CWE-200CWE-200Medium HTML Form found in redirect page

---

CWE-287CWE-287Low IBM Web Content Manager XPath injectionCVE-2013-6735

---

CWE-264CWE-264High IBM WebSphere/WebLogic application source file exposure

---

CWE-200CWE-200High IBM WebSphere administration console weak password

---

CWE-200CWE-200High Insecure transition from HTTPS to HTTP in form post

---

CWE-200CWE-200Low Insecure transition from HTTP to HTTPS in form post

---

CWE-200CWE-200Medium Internal IP address disclosure

---

CWE-200CWE-200Informational Internet Information Server returns IP address in HTTP header (Content-Location)

---

CWE-200CWE-200Low JBoss BSHDeployer MBean

---

CWE-200CWE-200High JBoss HttpAdaptor JMXInvokerServlet

---

CWE-94CWE-94High JBoss JMX Console Unrestricted Access

---

CWE-200CWE-200High JBoss JMX management console

---

CWE-200CWE-200High JBoss Seam remoting vulnerabilitiesCVE-2013-6447 CVE-2013-6448

---

CWE-611CWE-611High JBoss ServerInfo MBeanCVE-2010-0738

---

CWE-200CWE-200High JBoss Server MBean

---

CWE-200CWE-200High JBoss status servlet information leakCVE-2010-1429

---

CWE-200CWE-200Medium JBoss Web Console JMX Invoker

---

CWE-200CWE-200High JBoss web service console

---

CWE-200CWE-200Low Jenkins dashboard

---

CWE-200CWE-200Medium Jenkins user enumeration

---

CWE-200CWE-200Low Jenkins weak password

---

CWE-200CWE-200High JetBrains .idea project directory

---

CWE-538CWE-538Medium JetLeak vulnerabilityCVE-2015-2080

---

CWE-200CWE-200High Joe Editor DEADJOE file

---

CWE-538CWE-538Low Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.11)CVE-2011-4911

---

CWE-200CWE-200High Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.12)

---

CWE-200CWE-200High Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.14)

---

CWE-200CWE-200High Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.15)CVE-2010-1432

---

CWE-200CWE-200High Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.23)CVE-2011-3629

---

CWE-200CWE-200High Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.25)CVE-2012-1599

---

CWE-264CWE-264High Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.3)

---

CWE-200CWE-200High Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.6)CVE-2012-0821

---

CWE-200CWE-200High Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.6)CVE-2012-0819

---

CWE-200CWE-200High Joomla! Core 1.7.0 Information Disclosure (1.7.0 - 1.7.0)

---

CWE-200CWE-200High Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.1)CVE-2011-4937

---

CWE-200CWE-200High Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.1)CVE-2011-3629

---

CWE-200CWE-200High Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.3)CVE-2012-0819

---

CWE-200CWE-200High Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.3)CVE-2012-0821

---

CWE-200CWE-200High Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4)CVE-2012-0837

---

CWE-200CWE-200High Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4)CVE-2012-0835

---

CWE-200CWE-200High Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4)CVE-2012-0836

---

CWE-200CWE-200High Joomla! Core 2.5.0 Information Disclosure (2.5.0 - 2.5.0)CVE-2012-0835

---

CWE-200CWE-200High Joomla! Core 2.5.0 Information Disclosure (2.5.0 - 2.5.0)CVE-2012-0837

---

CWE-200CWE-200High Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.3)CVE-2012-1611

---

CWE-200CWE-200High Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.4)CVE-2012-2748

---

CWE-200CWE-200High Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.8)CVE-2013-1453

---

CWE-200CWE-200High Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.9)CVE-2013-3057

---

CWE-200CWE-200High Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2)CVE-2013-1454

---

CWE-200CWE-200High Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2)CVE-2013-1453

---

CWE-200CWE-200High Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2)CVE-2013-1455

---

CWE-200CWE-200High Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.3)CVE-2013-3057

---

CWE-200CWE-200High Joomla! Core 3.7.x Information Disclosure (3.7.0 - 3.7.5)CVE-2017-14595

---

CWE-200CWE-200High Joomla! Core 3.9.x Information Disclosure (3.9.0 - 3.9.22)CVE-2020-35614

---

CWE-200CWE-200High Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.8.7)CVE-2018-11325

---

CWE-200CWE-200High Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.9.19)CVE-2020-15698

---

CWE-200CWE-200High Joomla! Core 3.x.x Information Disclosure (3.1.0 - 3.8.7)CVE-2018-11327

---

CWE-200CWE-200High Joomla! Core 3.x.x Information Disclosure (3.4.0 - 3.6.5)CVE-2017-8057

---

CWE-200CWE-200High Joomla! Core 3.x.x Information Disclosure (3.6.0 - 3.9.12)CVE-2019-18674

---

CWE-200CWE-200High Joomla! Core 3.x.x Information Disclosure (3.7.0 - 3.8.1)CVE-2017-16633

---

CWE-200CWE-200High Joomla! Core 3.x.x Information Disclosure (3.8.0 - 3.9.13)CVE-2019-19845

---

CWE-200CWE-200High Joomla! Core Information Disclosure (1.5.0 - 3.7.5)CVE-2017-14596

---

CWE-200CWE-200High Joomla! Core Information Disclosure (1.5.0 - 3.8.1)CVE-2017-14596

---

CWE-200CWE-200High Joomla! Core Information Disclosure (2.5.0 - 3.9.22)CVE-2020-35611

---

CWE-200CWE-200High Joomla! Core Information Disclosure (2.5.0 - 3.9.22)CVE-2020-35610

---

CWE-200CWE-200High JSONP enabled by default in MappingJackson2JsonViewCVE-2018-11040

---

CWE-538CWE-538Medium JVM version leakage

---

CWE-200CWE-200Informational Laravel log file publicly accessible

---

CWE-538CWE-538Medium Macromedia Dreamweaver remote database scriptsCVE-2004-1893

---

CWE-200CWE-200High Magento Cacheleak

---

CWE-200CWE-200High MantisBT multiple security issuesCVE-2014-9571 CVE-2014-9572 CVE-2014-9573 CVE-2014-9624 CVE-2015-1042

---

CWE-200CWE-200High Mercurial repository found

---

CWE-538CWE-538High Microsoft Frontpage configuration information

---

CWE-200CWE-200Informational Microsoft IIS5 NTLM and Basic authentication bypassCVE-2007-2815

---

CWE-264CWE-264High Microsoft IIS Server service.cnf file found

---

CWE-538CWE-538Low Microsoft IIS tilde directory enumeration

---

CWE-20CWE-20High Microsoft IIS version disclosure

---

CWE-200CWE-200Informational Microsoft Office possible sensitive information

---

CWE-200CWE-200Low Minify arbitrary file disclosureCVE-2013-6619

---

CWE-538CWE-538High MongoDB HTTP status interface

---

CWE-200CWE-200Medium Multiple vulnerabilities in Ioncube loader-wizard.php

---

CWE-552CWE-552High MySQL connection credentials

---

CWE-538CWE-538High MySQL username disclosure

---

CWE-538CWE-538Low Nginx memory disclosure with specially crafted HTTP backend responsesCVE-2012-1180

---

CWE-399CWE-399High nginx range filter integer overflowCVE-2017-7529

---

CWE-200CWE-200Medium npm log file publicly accessible (npm-debug.log)

---

CWE-200CWE-200Medium OData feed accessible anonymously

---

CWE-200CWE-200Low Oracle applications logs publicy available

---

CWE-200CWE-200Medium Oracle JavaServer Faces multiple vulnerabilitiesCVE-2013-3827

---

CWE-22CWE-22High Oracle Reports Services RWServlet environment variables disclosure

---

CWE-200CWE-200Low Padding oracle attack

---

CWE-209CWE-209High Password field submitted using GET method

---

CWE-200CWE-200Medium PHP-CGI remote code executionCVE-2012-1823 CVE-2012-2311

---

CWE-20CWE-20High PHP-CS-Fixer cache file publicly accessible (.php_cs.cache)

---

CWE-200CWE-200Medium PHP-FPM Status Page

---

CWE-200CWE-200Medium PHP curl_exec() url is controlled by userCVE-2009-0037

---

CWE-352CWE-352Medium PHP errors enabled

---

CWE-209CWE-209Medium PHPinfo page

---

CWE-200CWE-200Medium PHPinfo pages

---

CWE-200CWE-200Medium PHP opcache-status page publicly accessible

---

CWE-200CWE-200Medium Possible database backup

---

CWE-538CWE-538High Possible sensitive directories

---

CWE-200CWE-200Low Possible sensitive files

---

CWE-200CWE-200Low Possible server path disclosure (Unix)

---

CWE-200CWE-200Informational Possible server path disclosure (Windows)

---

CWE-200CWE-200Informational Possible social security number disclosed

---

CWE-200CWE-200Medium Possible SQL Statement in comment

---

CWE-200CWE-200Low Possible username or password disclosure

---

CWE-200CWE-200Informational Possible virtual host found

---

CWE-200CWE-200Low rack-mini-profiler environment variables disclosure

---

CWE-287CWE-287Medium Rails controller possible sensitive information disclosure

---

CWE-200CWE-200Medium Reachable SharePoint interface

---

CWE-200CWE-200High RSA private key

---

CWE-200CWE-200High Ruby on Rails database configuration file

---

CWE-538CWE-538High SAP ICF /sap/public/info sensitive information disclosure

---

CWE-200CWE-200Medium SAP Management Console get user list

---

CWE-200CWE-200High SAP Management Console list logfiles

---

CWE-200CWE-200High SAP NetWeaver Java AS WD_CHAT information disclosure vulnerability

---

CWE-200CWE-200Medium SAP NetWeaver server info information disclosure

---

CWE-200CWE-200Medium SAP NetWeaver server info information disclosure BCB

---

CWE-200CWE-200Medium SAP weak/predictable user credentials

---

CWE-200CWE-200High Secrets leakage

---

CWE-200CWE-200Medium Sensitive pages could be cached

---

CWE-200CWE-200Low Server-based source code disclosures

---

CWE-538CWE-538Medium Session token in URL

---

CWE-200CWE-200Low SFTP/FTP credentials exposure

---

CWE-200CWE-200High SharePoint exposed web services

---

CWE-200CWE-200Medium SharePoint user enumeration

---

CWE-200CWE-200High Snoop Servlet information disclosure

---

CWE-200CWE-200Low Source code disclosures

---

CWE-538CWE-538Medium SQLite database found

---

CWE-538CWE-538Medium Stack Trace Disclosure (Apache MyFaces)

---

CWE-209CWE-209Low Stack Trace Disclosure (ASP.NET)

---

CWE-209CWE-209Low Stack Trace Disclosure (CakePHP)

---

CWE-209CWE-209Low Stack Trace Disclosure (CherryPy)

---

CWE-209CWE-209Low Stack Trace Disclosure (ColdFusion)

---

CWE-209CWE-209Low Stack Trace Disclosure (Grails)

---

CWE-209CWE-209Low Stack Trace Disclosure (GWT)

---

CWE-209CWE-209Low Stack Trace Disclosure (Java)

---

CWE-209CWE-209Low Stack Trace Disclosure (Laravel)

---

CWE-209CWE-209Low Stack Trace Disclosure (Node.js)

---

CWE-209CWE-209Low Stack Trace Disclosure (Python)

---

CWE-209CWE-209Low Stack Trace Disclosure (Rails)

---

CWE-209CWE-209Low Stack Trace Disclosure (Ruby)

---

CWE-209CWE-209Low Stack Trace Disclosure (Tomcat)

---

CWE-209CWE-209Low SVN repository found

---

CWE-538CWE-538High Symfony databases.yml configuration file

---

CWE-538CWE-538High Symfony web debug toolbar

---

CWE-489CWE-489Medium The Heartbleed BugCVE-2014-0160

---

CWE-200CWE-200High Tiki Wiki CMS: Arbitrary Code Execution

---

High Tiki Wiki CMS: Arbitrary File Download

---

High Tiki Wiki CMS: Remote Code Execution via Calendar Module

---

High Tomcat status page

---

CWE-200CWE-200Low Unencrypted __VIEWSTATE parameter

---

CWE-200CWE-200Medium Unprotected JSON file leaking secrets

---

CWE-200CWE-200Medium Unprotected phpMyAdmin interface

---

CWE-205CWE-205High Unrestricted access to NGINX+ API interface (read only)

---

CWE-200CWE-200Medium Unrestricted access to NGINX+ API interface (read write)

---

CWE-200CWE-200High Unrestricted access to NGINX+ Dashboard

---

CWE-200CWE-200Medium Unrestricted access to NGINX+ Status module

---

CWE-200CWE-200Low Unrestricted access to NGINX+ Upstream HTTP interface

---

CWE-200CWE-200Medium vBulletin customer number disclosureCVE-2013-6129

---

CWE-264CWE-264High Virtual host directory listing

---

CWE-538CWE-538Medium W3 total cache debug mode

---

CWE-489CWE-489Medium Weak password

---

CWE-200CWE-200High web.xml configuration file disclosure

---

CWE-538CWE-538High webadmin.php script

---

CWE-552CWE-552High Webalizer script

---

CWE-538CWE-538Medium Web application default/weak credentials

---

CWE-200CWE-200High WebDAV directory listing

---

CWE-538CWE-538Medium WebLogic admin console weak credentials

---

CWE-693CWE-693High Webmail weak password

---

CWE-200CWE-200High Web server default welcome page

---

CWE-200CWE-200Informational WordPress database credentials disclosure

---

CWE-538CWE-538Medium WordPress debug mode

---

CWE-200CWE-200High WordPress full path disclosure

---

CWE-200CWE-200Low WordPress pingback scannerCVE-2013-0235

---

CWE-918CWE-918Medium WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)CVE-2007-0540

---

CWE-200 CWE-400CWE-200 CWE-400High WordPress Plugin A2 Optimized WP Information Disclosure (2.0.10.8)

---

CWE-200CWE-200High WordPress Plugin AccessAlly Information Disclosure (3.5.6)CVE-2021-24226

---

CWE-200CWE-200High WordPress Plugin ACF to REST API Information Disclosure (3.2.0)CVE-2020-13700

---

CWE-200CWE-200High WordPress Plugin Activity Log Information Disclosure (2.2.12)

---

CWE-200CWE-200High WordPress Plugin Acumbamail Information Disclosure (1.0.4)

---

CWE-200CWE-200High WordPress Plugin Advanced Contact form 7 DB Information Disclosure (1.1.0)

---

CWE-200CWE-200High WordPress Plugin Advanced Contact form 7 DB Information Disclosure (1.6.2)

---

CWE-200CWE-200High WordPress Plugin Advanced Woo Search Information Disclosure (1.99)CVE-2020-12070

---

CWE-200CWE-200High WordPress Plugin Advanced XML Reader XML External Entity Information Disclosure (0.3.4)

---

CWE-611CWE-611High WordPress Plugin AlertWire Information Disclosure (1.1.1)

---

CWE-200CWE-200High WordPress Plugin All-in-One WP Migration Information Disclosure (7.0)

---

CWE-200CWE-200High WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve Your SEO Rankings Information Disclosure (2.2.5.1)CVE-2015-0902

---

CWE-200CWE-200High WordPress Plugin ApplyOnline-Application Form Builder and Manager Arbitrary File Disclosure (1.9.92)

---

CWE-538CWE-538High WordPress Plugin Aspose Cloud eBook Generator Arbitrary File Download (1.0)

---

CWE-22CWE-22High WordPress Plugin Aspose DOC Exporter Arbitrary File Download (1.0)

---

CWE-22CWE-22High WordPress Plugin Aspose Importer & Exporter Arbitrary File Download (2.0)

---

CWE-22CWE-22High WordPress Plugin Aspose PDF Exporter Arbitrary File Download (1.0)

---

CWE-22CWE-22High WordPress Plugin BackupBuddy Arbitrary File Download (8.7.4.1)CVE-2022-31474

---

CWE-22CWE-22High WordPress Plugin BackupBuddy Information Disclosure (2.2.28)CVE-2013-2743 CVE-2013-2744

---

CWE-200CWE-200High WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)CVE-2022-1186

---

CWE-200CWE-200High WordPress Plugin Better WordPress Minify Arbitrary File Disclosure (1.2.2)

---

CWE-538CWE-538High WordPress Plugin Breadcrumb NavXT Information Disclosure (6.1.0)

---

CWE-200CWE-200High WordPress Plugin BuddyPress Information Disclosure (5.1.1)CVE-2020-5244

---

CWE-200CWE-200High WordPress Plugin BulletProof Security Information Disclosure (5.1)CVE-2021-39327

---

CWE-200CWE-200High WordPress Plugin Caldera Forms-More Than Contact Forms Arbitrary File Disclosure (1.8.1)

---

CWE-538CWE-538High WordPress Plugin Caldera Forms-More Than Contact Forms Information Disclosure (1.3.5.2)

---

CWE-200CWE-200High WordPress Plugin Candidate Application Form Arbitrary File Disclosure (1.6)

---

CWE-538CWE-538High WordPress Plugin Candidate Application Form Arbitrary File Download (1.0)CVE-2015-1000005

---

CWE-22CWE-22High WordPress Plugin Cart66 Pro Arbitrary File Disclosure (1.5.3)CVE-2014-9461

---

CWE-22CWE-22High WordPress Plugin Cherry Services List Information Disclosure (1.4.1)

---

CWE-200CWE-200High WordPress Plugin Cherry Team Members Information Disclosure (1.4.1)

---

CWE-200CWE-200High WordPress Plugin Child Theme Configurator Arbitrary File Disclosure (1.7.4)

---

CWE-538CWE-538High WordPress Plugin Cimy User Manager 'cimy_um_filename' Parameter Arbitrary File Disclosure (1.4.2)

---

CWE-22CWE-22High WordPress Plugin cloudsafe365_for_WP 'file' Parameter Remote File Disclosure (1.46)

---

CWE-22CWE-22High WordPress Plugin CodeArt-Google MP3 Player Arbitrary File Disclosure (1.0.11)

---

CWE-538CWE-538High WordPress Plugin Contact Form 7 Database Information Disclosure (1.3)

---

CWE-200CWE-200High WordPress Plugin Contact Form Email Information Disclosure (1.2.66)

---

CWE-200CWE-200High WordPress Plugin Count per Day Arbitrary File Download and Cross-Site Scripting Vulnerabilities (3.1)CVE-2012-0896

---

CWE-22 CWE-79CWE-22 CWE-79High WordPress Plugin Count per Day Information Disclosure (3.2.5)

---

CWE-200CWE-200High WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)

---

CWE-22CWE-22High WordPress Plugin Crayon Syntax Highlighter Local File Disclosure (2.6.10)

---

CWE-22CWE-22High WordPress Plugin Credova_Financial Information Disclosure (1.4.8)CVE-2021-39342

---

CWE-200CWE-200High WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure (1.8.6)CVE-2022-0345

---

CWE-200CWE-200High WordPress Plugin Direct Download for Woocommerce Arbitrary File Download (1.15)

---

CWE-538CWE-538High WordPress Plugin Doneren met Mollie Information Disclosure (2.8.4)

---

CWE-200CWE-200High WordPress Plugin Download Monitor Information Disclosure (1.6.3)

---

CWE-538CWE-538High WordPress Plugin Download Shortcode Arbitrary File Disclosure (0.1)

---

CWE-22CWE-22High WordPress Plugin Download Zip Attachments Arbitrary File Download (1.0.0)CVE-2015-4704

---

CWE-22CWE-22High WordPress Plugin Duplicator-WordPress Migration Arbitrary File Disclosure (0.3.0)

---

CWE-22CWE-22High WordPress Plugin Duplicator-WordPress Migration Arbitrary File Download (1.3.26)CVE-2020-11738

---

CWE-538CWE-538High WordPress Plugin DZS Video Gallery Information Disclosure (3.1.3)

---

CWE-200CWE-200High WordPress Plugin Easy Author Image Information Disclosure (1.5)

---

CWE-200CWE-200High WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure (1.1.0)

---

CWE-22CWE-22High WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Information Disclosure (2.7.6)

---

CWE-200CWE-200High WordPress Plugin Email Log Information Disclosure (1.9)

---

CWE-200CWE-200High WordPress Plugin Email newsletter 'option' Parameter Information Disclosure (8.0)

---

CWE-200CWE-200High WordPress Plugin Email Subscribers & Newsletters Information Disclosure (3.4.7)CVE-2018-6015

---

CWE-200CWE-200High WordPress Plugin Eshop Magic Arbitrary File Disclosure (0.1)

---

CWE-22CWE-22High WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6)CVE-2019-19983

---

CWE-200CWE-200High WordPress Plugin Filedownload 'download.php' Local File Disclosure (0.1)

---

CWE-22CWE-22High WordPress Plugin File Manager Information Disclosure (6.4)CVE-2020-24312

---

CWE-200CWE-200High WordPress Plugin Find My Blocks Information Disclosure (3.3.2)CVE-2021-24677

---

CWE-200CWE-200High WordPress Plugin FireStats Arbitrary File Download (1.6.5)

---

CWE-538CWE-538High WordPress Plugin Font Awesome Information Disclosure (4.0.0-rc16)

---

CWE-200CWE-200High WordPress Plugin Formidable Form Builder-Contact Form, Survey & Quiz Forms for WordPress Information Disclosure (2.0.07)

---

CWE-200CWE-200High WordPress Plugin Forums 'url' Parameter Arbitrary File Disclosure (1.4.3)CVE-2012-4920

---

CWE-22CWE-22High WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)

---

CWE-22CWE-22High WordPress Plugin Gallery-Flagallery Photo Portfolio Information Disclosure (4.24)CVE-2014-8491

---

CWE-200CWE-200High WordPress Plugin Gallery-Flagallery Photo Portfolio SQL Injection and Information Disclosure Vulnerabilities (0.59)

---

CWE-22 CWE-89CWE-22 CWE-89High WordPress Plugin Gallery by BestWebSoft Arbitrary File Disclosure (3.8.3)

---

CWE-538CWE-538High WordPress Plugin Ghost Arbitrary File Download (0.5.5)

---

CWE-538CWE-538High WordPress Plugin GiveWP-Donation and Fundraising Platform Information Disclosure (2.20.2)CVE-2022-2117

---

CWE-200CWE-200High WordPress Plugin Global Content Blocks PHP Code Execution and Information Disclosure Vulnerabilities (1.5.1)

---

CWE-95 CWE-200CWE-95 CWE-200High WordPress Plugin GlotPress Information Disclosure (2.2.1)

---

CWE-200CWE-200High WordPress Plugin Gmail SMTP Arbitrary File Disclosure (1.1.0)CVE-2017-5223

---

CWE-200CWE-200High WordPress Plugin Google Doc Embedder Arbitrary File Disclosure (2.4.6)CVE-2012-4915

---

CWE-22CWE-22High WordPress Plugin Google Drive for WordPress Information Disclosure (2.2)

---

CWE-538CWE-538High WordPress Plugin Gravity Forms Information Disclosure (2.4.8)CVE-2020-13764

---

CWE-200CWE-200High WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Arbitrary File Disclosure (2.0.9.4)

---

CWE-538CWE-538High WordPress Plugin HB AUDIO GALLERY LITE Arbitrary File Download (1.0.0)

---

CWE-538CWE-538High WordPress Plugin Health Check & Troubleshooting Arbitrary File Disclosure (1.2.3)

---

CWE-538CWE-538High WordPress Plugin Helpful Information Disclosure (4.5.25)CVE-2022-2834

---

CWE-200CWE-200High WordPress Plugin History Collection Arbitrary File Download (1.1.1)

---

CWE-538CWE-538High WordPress Plugin HTML5 MP3 Player with Playlist Free Information Disclosure (2.6)CVE-2014-9177

---

CWE-200CWE-200High WordPress Plugin IBS Mappro Arbitrary File Download (0.6)CVE-2015-5472

---

CWE-22CWE-22High WordPress Plugin Image Export Arbitrary File Download (1.1.0)CVE-2015-5609

---

CWE-22CWE-22High WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Disclosure (3.7)

---

CWE-22CWE-22High WordPress Plugin Import all XML, CSV & TXT into WordPress Information Disclosure (3.6.74)

---

CWE-200CWE-200High WordPress Plugin IP Blacklist Cloud Arbitrary File Disclosure (3.42)

---

CWE-22CWE-22High WordPress Plugin iThemes Security (formerly Better WP Security) Information Disclosure (5.1.1)

---

CWE-200CWE-200High WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Information Disclosure (9.7.1)CVE-2021-24374

---

CWE-200CWE-200High WordPress Plugin Jigoshop Information Disclosure (1.17.9)

---

CWE-200CWE-200High WordPress Plugin JM Twitter Cards Information Disclosure (6.1)

---

CWE-200CWE-200High WordPress Plugin Log Emails Information Disclosure (1.0.6)

---

CWE-200CWE-200High WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)

---

CWE-22CWE-22High WordPress Plugin MAC PHOTO GALLERY Arbitrary File Download (3.0)

---

CWE-538CWE-538High WordPress Plugin Mailing List 'dl.php' Arbitrary File Download (1.4.1)

---

CWE-22CWE-22High WordPress Plugin MapSVG Lite Arbitrary File Disclosure (4.2.3.1)

---

CWE-538CWE-538High WordPress Plugin Mashshare-Social Media Icons SEO Share Buttons for Facebook, Twitter, Subscribe Information Disclosure (2.3.0)

---

CWE-200CWE-200High WordPress Plugin Membership Simplified Arbitrary File Download (1.58)CVE-2017-1002008

---

CWE-538CWE-538High WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)

---

CWE-538CWE-538High WordPress Plugin MetaSlider Information Disclosure (3.3.1)

---

CWE-200CWE-200High WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Information Disclosure (2.1.3)CVE-2022-1442

---

CWE-200CWE-200High WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Disclosure (1.0.4)

---

CWE-538CWE-538High WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Download (1.0.5)

---

CWE-538CWE-538High WordPress Plugin MP3-jPlayer Information Disclosure (2.3.2)CVE-2015-1000008

---

CWE-200CWE-200High WordPress Plugin MP3-jPlayer Local File Disclosure (2.3)

---

CWE-538CWE-538High WordPress Plugin Multi Plugin Installer Arbitrary File Disclosure (1.1.0)

---

CWE-538CWE-538High WordPress Plugin NextGEN Gallery-WordPress Gallery Information Disclosure (1.9.11)CVE-2013-0291

---

CWE-200CWE-200High WordPress Plugin Order Export & Order Import for WooCommerce Information Disclosure (1.0.8)

---

CWE-200CWE-200High WordPress Plugin Organizer Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (1.2.1)CVE-2012-6511 CVE-2012-6512

---

CWE-79 CWE-200CWE-79 CWE-200High WordPress Plugin Page and Post Clone Information Disclosure (1.1)

---

CWE-200CWE-200High WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)CVE-2008-5752

---

CWE-22CWE-22High WordPress Plugin Paid Memberships Pro 'memberslist-csv.php' Information Disclosure (1.4.9)

---

CWE-538CWE-538High WordPress Plugin Paid Memberships Pro Information Disclosure (2.5.2)

---

CWE-200CWE-200High WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)

---

CWE-538CWE-538High WordPress Plugin PICA Photo Gallery 'imgname' Parameter Information Disclosure (1.0)

---

CWE-22CWE-22High WordPress Plugin Pike Firewall Information Disclosure (1.4)

---

CWE-200CWE-200High WordPress Plugin Plugin:Newsletter 'data' Parameter Information Disclosure (1.5)CVE-2012-3588

---

CWE-22CWE-22High WordPress Plugin Popup Maker-Popup Forms, Optins & More Information Disclosure (1.8.11)CVE-2019-17574

---

CWE-200CWE-200High WordPress Plugin Product Input Fields for WooCommerce Arbitrary File Download (1.2.6)

---

CWE-538CWE-538High WordPress Plugin Product Subtitle For WooCommerce Arbitrary File Disclosure (4.1)

---

CWE-538CWE-538High WordPress Plugin Quick Buy For Woocommerce Arbitrary File Disclosure (2.0)

---

CWE-538CWE-538High WordPress Plugin RB Agency Local File Disclosure (2.4.7)

---

CWE-22CWE-22High WordPress Plugin Recent Backups Arbitrary File Download (0.7)CVE-2015-1000006

---

CWE-22CWE-22High WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics Arbitrary File Download (0.7)CVE-2015-9464

---

CWE-22CWE-22High WordPress Plugin Save Contact Form 7 Information Disclosure (2.0)

---

CWE-200CWE-200High WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.1)CVE-2014-9511

---

CWE-538CWE-538High WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.17)

---

CWE-22CWE-22High WordPress Plugin Service Finder-Provider and Business Listing Local File Disclosure (3.0)

---

CWE-538CWE-538High WordPress Plugin Share Drafts Publicly Information Disclosure (1.1.4)

---

CWE-200CWE-200High WordPress Plugin ShareYourCart Information Disclosure (1.6.1)CVE-2012-4332

---

CWE-200CWE-200High WordPress Plugin Shopping Cart & eCommerce Store Information Disclosure (2.0.5)CVE-2014-4942

---

CWE-200CWE-200High WordPress Plugin Simple Backup Arbitrary File Download (2.7.10)

---

CWE-538CWE-538High WordPress Plugin Simple Download Button Shortcode 'file' Parameter Information Disclosure (1.0)

---

CWE-22CWE-22High WordPress Plugin Simple File List Arbitrary File Download (3.2.7)CVE-2022-1119

---

CWE-538CWE-538High WordPress Plugin Simple Gmail Login Stack Trace Information Disclosure (1.1.3)CVE-2012-6313

---

CWE-200CWE-200High WordPress Plugin Simple History Information Disclosure (1.0.7)

---

CWE-200CWE-200High WordPress Plugin Simple History Information Disclosure (2.7.4)

---

CWE-200CWE-200High WordPress Plugin Simple Image Manipulator Arbitrary File Download (1.0)CVE-2015-1000010

---

CWE-538CWE-538High WordPress Plugin Simply Static Arbitrary File Download (1.6.2)

---

CWE-22CWE-22High WordPress Plugin SKU Shortlink For WooCommerce Arbitrary File Disclosure (1.3.4)

---

CWE-538CWE-538High WordPress Plugin Slack-Chat Information Disclosure (1.5.5)CVE-2019-14367

---

CWE-200CWE-200High WordPress Plugin Slideshow Information Disclosure (2.2.21)CVE-2015-3634

---

CWE-200CWE-200High WordPress Plugin Slideshow Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (2.1.12)

---

CWE-79 CWE-200CWE-79 CWE-200High WordPress Plugin SL User Create Information Disclosure (0.2.4)

---

CWE-200CWE-200High WordPress Plugin Social Discussions Remote File Include and Information Disclosure Vulnerabilities (6.1.1)

---

CWE-94 CWE-200CWE-94 CWE-200High WordPress Plugin Social Network Tabs Information Disclosure (1.7.1)CVE-2018-20555

---

CWE-200CWE-200High WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities (1.4.3)

---

CWE-352 CWE-538CWE-352 CWE-538High WordPress Plugin SSL Insecure Content Fixer Information Disclosure (2.0.0)

---

CWE-200CWE-200High WordPress Plugin Stop User Enumeration Cross-Site Scripting (1.3.7)

---

CWE-79CWE-79High WordPress Plugin Stop User Enumeration Security Bypass (1.3.18)

---

CWE-264CWE-264High WordPress Plugin Stop User Enumeration User Enumeration (1.2.4)

---

CWE-203CWE-203High WordPress Plugin Stop User Enumeration User Enumeration (1.3.4)

---

CWE-203CWE-203High WordPress Plugin Stop User Enumeration User Enumeration (1.3.8)

---

CWE-203CWE-203High WordPress Plugin Subscribe to Comments Unsubscribe Challenge Information Disclosure (2.0.2)

---

CWE-200CWE-200High WordPress Plugin Super Refer A Friend Information Disclosure (1.0)

---

CWE-200CWE-200High WordPress Plugin Swim Team Arbitrary File Download (1.44.1077)CVE-2015-5471

---

CWE-22CWE-22High WordPress Plugin Theme Editor Arbitrary File Download (2.5)CVE-2021-24154

---

CWE-538CWE-538High WordPress Plugin Thinkun Remind 'dirPath' Parameter Information Disclosure (1.1.3)

---

CWE-22CWE-22High WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure (2.3.19)CVE-2021-24585

---

CWE-200CWE-200High WordPress Plugin Tinymce Thumbnail Gallery 'href' Parameter Information Disclosure (1.0.7)

---

CWE-22CWE-22High WordPress Plugin Total Upkeep-WordPress Backup plus Restore & Migrate by BoldGrid Information Disclosure (1.14.9)

---

CWE-200CWE-200High WordPress Plugin TRADIES Information Disclosure (2.2.6)

---

CWE-200CWE-200High WordPress Plugin U BuddyPress Forum Attachment 'fileurl' Parameter Remote File Disclosure (1.1.1)

---

CWE-22CWE-22High WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download (1.0.1)

---

CWE-22CWE-22High WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership Information Disclosure (1.2.5)

---

CWE-200CWE-200High WordPress Plugin UnGallery Local File Disclosure (1.5.8)

---

CWE-22CWE-22High WordPress Plugin Unyson Information Disclosure (2.7.18)

---

CWE-200CWE-200High WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)

---

CWE-538CWE-538High WordPress Plugin User Meta Manager Information Disclosure (3.4.7)

---

CWE-200CWE-200High WordPress Plugin User Profile Picture Information Disclosure (2.4.0)CVE-2021-24170

---

CWE-200CWE-200High WordPress Plugin Video Embed & Thumbnail Generator Information Disclosure (1.1)CVE-2012-1786

---

CWE-200CWE-200High WordPress Plugin Vitamin Multiple Arbitrary File Disclosure Vulnerabilities (1.0.0)CVE-2012-6651

---

CWE-22CWE-22High WordPress Plugin W3 Total Cache Arbitrary File Disclosure (0.9.3)CVE-2019-6715

---

CWE-538CWE-538High WordPress Plugin W3 Total Cache Information Disclosure (0.9.2.4)

---

CWE-200CWE-200High WordPress Plugin WebP Express Arbitrary File Disclosure (0.14.10)CVE-2019-15330

---

CWE-538CWE-538High WordPress Plugin Welcart e-Commerce Information Disclosure (2.2.7)

---

CWE-200CWE-200High WordPress Plugin WooCommerce Arbitrary File Download (3.4.5)

---

CWE-538CWE-538High WordPress Plugin WooCommerce Email Test Information Disclosure (1.5)

---

CWE-200CWE-200High WordPress Plugin WooCommerce Information Disclosure (4.5.2)CVE-2020-29156

---

CWE-200CWE-200High WordPress Plugin WordPress Backup to Dropbox Information Disclosure (4.7.1)

---

CWE-200CWE-200High WordPress Plugin WordPress Mobile Pack Information Disclosure (2.0.1)CVE-2014-5337

---

CWE-264CWE-264High WordPress Plugin WordPress Mobile Pack Information Disclosure (2.1.2)CVE-2015-9269

---

CWE-200CWE-200High WordPress Plugin WordPress renaming tool by Vlajo Arbitrary File Download (1.0)CVE-2015-4703

---

CWE-538CWE-538High WordPress Plugin WordPress Social Stream Information Disclosure (1.6)

---

CWE-522CWE-522High WordPress Plugin WP-DBManager 'wp-config.php' Arbitrary File Download (2.60)

---

CWE-22CWE-22High WordPress Plugin wp-FileManager Arbitrary File Disclosure (1.3.0)

---

CWE-22CWE-22High WordPress Plugin Wp-ImageZoom 'file' Parameter Information Disclosure (1.0.3)

---

CWE-22CWE-22High WordPress Plugin WP-Live Chat by 3CX Information Disclosure (8.0.28)

---

CWE-200CWE-200High WordPress Plugin WP-Mon Arbitrary File Disclosure (0.5.1)

---

CWE-22CWE-22High WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management Information Disclosure (1.38.3.2)

---

CWE-200CWE-200High WordPress Plugin WP Activity Log Information Disclosure (3.1.1)CVE-2018-8719

---

CWE-200CWE-200High WordPress Plugin WP Attachment Export Arbitrary File Download (0.2.3)

---

CWE-538CWE-538High WordPress Plugin WP CSS 'wp-css-compress.php' Local File Disclosure (2.0.5)

---

CWE-22CWE-22High WordPress Plugin WP Custom Pages 'url' Parameter Local File Disclosure (0.5.0.1)CVE-2011-1669

---

CWE-22CWE-22High WordPress Plugin WP e-Commerce Shop Styling Arbitrary File Download (2.5)CVE-2015-5468

---

CWE-22CWE-22High WordPress Plugin WP Easy full backup Information Disclosure (1.4)

---

CWE-200CWE-200High WordPress Plugin WP Hide & Security Enhancer Arbitrary File Download (1.3.9.2)

---

CWE-538CWE-538High WordPress Plugin WP Import Export Information Disclosure (3.9.15)CVE-2022-0236

---

CWE-200CWE-200High WordPress Plugin WP Import Export Lite Information Disclosure (3.9.15)CVE-2022-0236

---

CWE-200CWE-200High WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure (1.2.1)CVE-2019-14365

---

CWE-200CWE-200High WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Download (2.4.0)CVE-2014-9013 CVE-2014-9014

---

CWE-22CWE-22High WordPress Plugin WP Mobile Edition Arbitrary File Disclosure (2.2.7)

---

CWE-22CWE-22High WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities (1.3.1)

---

CWE-22 CWE-538CWE-22 CWE-538High WordPress Plugin WP PHP widget Information Disclosure (1.0.2)CVE-2013-0721

---

CWE-200CWE-200High WordPress Plugin WP REST API (WP API) Information Disclosure (1.2)

---

CWE-200CWE-200High WordPress Plugin WP SlackSync Information Disclosure (1.8.5)CVE-2019-14366

---

CWE-200CWE-200High WordPress Plugin wp superb Slideshow Information Disclosure (2.4)

---

CWE-200CWE-200High WordPress Plugin wptf-image-gallery Arbitrary File Download (1.0.3)CVE-2015-1000007

---

CWE-538CWE-538High WordPress Plugin Yoast SEO Information Disclosure (3.2.4)

---

CWE-200CWE-200High WordPress Plugin Zip Attachments Arbitrary File Download (1.4)CVE-2015-4694

---

CWE-538CWE-538High WordPress REST API User Enumeration

---

CWE-200CWE-200Low WordPress username enumeration

---

CWE-200CWE-200Medium WordPress W3 Total Cache plugin predictable cache filenamesCVE-2012-6077 CVE-2012-6078 CVE-2012-6079

---

CWE-200CWE-200High WPEngine _wpeprivate/config.json information disclosure

---

CWE-200CWE-200High WS_FTP log file found

---

CWE-538CWE-538Medium X-Forwarded-For HTTP header security bypass

---

CWE-287CWE-287High XML entity injection

---

CWE-611CWE-611High XML external entity injection

---

CWE-611CWE-611High XML external entity injection (variant)

---

CWE-611CWE-611High XML external entity injection and XML injection

---

CWE-611CWE-611High XML external entity injection via external file

---

CWE-611CWE-611High XML external entity injection via File Upload

---

CWE-611CWE-611High Yii2 debug toolkit

---

CWE-200CWE-200Medium Zend framework configuration file information disclosure

---

CWE-538CWE-538High Zend Framework local file disclosure via XXE injectionCVE-2012-3363 CVE-2015-5161

---

CWE-611CWE-611High

What is disclosure in information security?

What are the different types of security disclosures?

Which of the following is an example of information disclosure?

What is CVE in security?