Web Vulnerability & Security Check

Web.config File Detected

CAPEC-87

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

,

CWE-285

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A7

,

OWASP 2017-A5

,

WASC-34

,

Information

WebDAV Directory Has Write Permissions (IIS)

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C

,

CWE-732

,

ISO27001-A.9.4.1

,

OWASP 2017-A6

,

PCI v3.2-6.5.8

,

WASC-17

,

High

WebDAV Enabled

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C

,

CWE-16

,

ISO27001-A.9.4.4

,

WASC-15

,

Information

webERP Detected

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

WeBid Detected

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

WebLogic Identified

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

,

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

Werkzeug Python WSGI Library Identified

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

,

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

Whoops Error Handler Framework Detected

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive

ISO27001-A.14.2.5

,

Information

Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive

ISO27001-A.14.2.5

,

Information

Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive

ISO27001-A.14.2.5

,

Information

WildFly Application Server Identified

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

Windows Azure Web Server Identified

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

,

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

Windows CE OS Identified

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

Windows Server Identified

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

Windows Short Filename

CAPEC-87

,

CWE-538

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.8.2.3

,

OWASP 2013-A7

,

OWASP 2017-A6

,

PCI v3.2-6.5.8

,

WASC-34

,

Low

Windows Username Disclosure

CAPEC-118

,

CWE-200

,

ISO27001-A.18.1.3

,

OWASP 2013-A6

,

OWASP 2017-A3

,

PCI v3.2-6.5.5

,

WASC-13

,

Low

Wing FTP Anonymous access

CWE-CWE-200

,

Low

Wing FTP Server RCE (CVE-2025-47812)

CWE-CWE-158

,

Critical

WordPress Configuration File Detected

CAPEC-87

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

,

CWE-425

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A7

,

OWASP 2017-A5

,

PCI v3.2-6.5.8

,

WASC-34

,

Information

WordPress Detected

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Advanced Custom Fields Extended Identified

No items found.

Information

WordPress Plugin Advanced Custom Fields Extended Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Advanced Custom Fields Extended Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Akismet Spam Protection Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Akismet Spam Protection Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Akismet Spam Protector Identified

No items found.

Information

WordPress Plugin All In One WP Migration Identified

No items found.

Information

WordPress Plugin All-in-One WP Migration Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin All-in-One WP Migration Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Backup Migration Identified

No items found.

Information

WordPress Plugin Backup Migration Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Backup Migration Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Classic Editor Identified

No items found.

Information

WordPress Plugin Classic Editor Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Classic Editor Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Contact Form 7 Identified

No items found.

Information

WordPress Plugin Contact Form 7 Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Contact Form 7 Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Contact Form by WPForms Identified

No items found.

Information

WordPress Plugin Contact Form by WPForms Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Contact Form by WPForms Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Detected

No items found.

Information

WordPress Plugin Elementor Website Builder Identified

No items found.

Information

WordPress Plugin Elementor Website Builder Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Elementor Website Builder Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Jetpack Identified

No items found.

Information

WordPress Plugin Jetpack Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Jetpack Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Jupiter X Core Identified

No items found.

Information

WordPress Plugin Jupiter X Core Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Jupiter X Core Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin LiteSpeed Cache Identified

No items found.

Information

WordPress Plugin LiteSpeed Cache Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin LiteSpeed Cache Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Login with Phone Number Identified

No items found.

Information

WordPress Plugin Login with Phone Number Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Login with Phone Number Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Really Simple SSL Identified

No items found.

Information

WordPress Plugin Really Simple SSL Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Really Simple SSL Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Smash Balloon Social Photo Feed Identified

No items found.

Information

WordPress Plugin Smash Balloon Social Photo Feed Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Smash Balloon Social Photo Feed Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Ultimate Member Identified

No items found.

Information

WordPress Plugin Ultimate Member Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Ultimate Member Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin UpdraftPlus Identified

No items found.

Information

WordPress Plugin Updraft Plus Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin Updraft Plus Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin WooCommerce Identified

No items found.

Information

WordPress Plugin WooCommerce Out Of Date

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Information

WordPress Plugin WooCommerce Version Disclosure

CAPEC-170

,

CWE-205

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A5

,

OWASP 2017-A6

,

WASC-13

,

Low

WordPress Plugin Wordfence Security Identified

No items found.

Information

Web Application Vulnerabilities Index

Select Category

Select Vulnerability