Vulnerabilities protected by our LFI: Local File Inclusion firewall rule

566,387
Attacks Blocked in Past 24 Hours

Showing 141-160 of 254 Vulnerabilities

Title CVE ID CVSS Vector Date
Wholesale Market for WooCommerce <= 1.0.7 - Authenticated (Administrator+) Arbitrary File Download CVE-2022-4108 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N November 28, 2022
Wholesale Market for WooCommerce <= 1.0.6 - Unauthenticated Arbitrary File Download CVE-2022-4106 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N November 28, 2022
S2W – Import Shopify to WooCommerce <= 1.1.12 - Authenticated (Admin+) Local File Inclusion CVE-2022-44634 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 10, 2022
SearchWP Live Ajax Search <= 1.6.2 - Directory Traversal and Local File Inclusion CVE-2022-3227 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N September 15, 2022
Multivendor Marketplace Solution for WooCommerce – WC Marketplace <= 3.8.11.8 - Local File Inclusion 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N August 15, 2022
VR Calendar <= 2.4.4 - Authenticated (Administrator+) Local File Inclusion 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N July 28, 2022
JupiterX Theme <= 2.0.6 and Jupiter Theme <= 6.10.1 - Authenticated Path Traversal and Local File Inclusion CVE-2022-1657 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N May 18, 2022
Popup Box <= 2.1.2 - Authenticated Local File Inclusion CVE-2022-29445 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H May 17, 2022
Counter Box <= 1.1.1 - Authenticated Local File Inclusion CVE-2022-29446 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H May 16, 2022
Hover Effects – easily create any hover effect <= 2.1 - Authenticated Local File Inclusion CVE-2022-29447 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H May 16, 2022
Herd Effects <= 5.2 - Local File Inclusion CVE-2022-29448 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 16, 2022
Cab fare calculator <= 1.0.3 - Unauthenticated Local File Inclusion CVE-2022-1391 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N April 20, 2022
Videos sync PDF <= 1.7.4 - Unauthenticated Local File Inclusion CVE-2022-1392 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 30, 2022
Amministrazione Aperta <= 3.7.3 - Admin+ Local File Inclusion CVE-2022-1560 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N March 23, 2022
Simple Job Board <= 2.9.3 - Local File Inclusion CVE-2020-35749 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N February 6, 2022
Cost Calculator <= 1.8 - Authenticated Local File Inclusion CVE-2021-24820 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H February 1, 2022
Popup Builder <= 4.0.6 - Local File Inclusion and PHAR Deserialization CVE-2021-25082 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 24, 2022
Essential Addons for Elementor <= 5.0.4 - Local File Inclusion CVE-2022-0320 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 21, 2022
WP-Appbox <= 4.3.17 - Local File Inclusion 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 17, 2022
Include Me <= 1.2.1 - Local File Inclusion leading to Authenticated Remote Code Execution CVE-2021-24453 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 2, 2022

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation