Vulnerabilities protected by our LFI: Local File Inclusion firewall rule

559,128
Attacks Blocked in Past 24 Hours

Showing 161-180 of 254 Vulnerabilities

Title CVE ID CVSS Vector Date
All-In-One-Gallery <= 2.4.9 - Admin+ Local File Inclusion CVE-2021-24970 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 15, 2021
Images to WebP <= 1.8 - Local File Inclusion CVE-2021-24644 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N October 19, 2021
Two Way Chat <= 3.1.4 - Authenticated (Admin+) Local File Inclusion 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 5, 2021
wp-publications < 1.1 - Local File Inclusion CVE-2021-38360 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L September 9, 2021
Live Scores for SportsPress <= 1.9.0 - Authenticated (Admin+) Local File Inclusion 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H August 24, 2021
WOOCS – Currency Switcher for WooCommerce Professional Free <= 1.3.7 - Authenticated Local File Inclusion CVE-2021-24566 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H July 22, 2021
UpdraftPlus < 1.16.59 - Authenticated (Admin+) Local File Inclusion 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H July 12, 2021
WP Image Zoom <= 1.46 - Local File Inclusion CVE-2021-24447 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N June 23, 2021
Motor – Cars, Parts, Service, Equipments and Accessories WooCommerce Store < 3.1.0 - Local File Inclusion CVE-2021-24375 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 9, 2021
Tutor LMS <= 1.8.7 - Authenticated Local File Inclusion CVE-2021-24242 5.5 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L April 5, 2021
Adaptive Images for WordPress <= 0.6.66 - Local File Inclusion CVE-2019-14205 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N July 19, 2019
Sina Extension for Elementor < 2.2.1 - Local File Inclusion CVE-2019-15839 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 19, 2019
Revamp CRM for WooCommerce < 1.0.4 - Local File Inclusion 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 10, 2019
Photo Gallery by 10Web <= 1.5.24 - Authenticated Local File Inclusion CVE-2019-14798 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N May 15, 2019
GraceMedia Media Player <= 1.0 - Local File Inclusion CVE-2019-9618 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 13, 2019
WordPress Core <= 5.0.3 - Path Traversal and Local File Inclusion CVE-2019-8943 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N February 19, 2019
Shortcode Factory <= 2.7 - Local File Inclusion CVE-2019-15322 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 16, 2019
WP Payeezy Pay < 2.98 - Local File Inclusion CVE-2018-20985 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H December 7, 2018
Companion Auto Update <= 3.2.0 - Local File Inclusion CVE-2018-20973 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 1, 2018
Redirection <= 2.7.3 - Local File Inclusion CVE-2018-1000504 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H July 12, 2018

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation