2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-20084 | MEDIUM | 5.1 | 0.2% | Jun 15, 2026 | WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthen... |
| CVE-2016-20083 | MEDIUM | 6.9 | 0.1% | Jun 15, 2026 | WordPress More Fields Plugin 2.1 contains a cross-site request forgery vulnerability that allows attackers to perform un... |
| CVE-2016-20082 | MEDIUM | 6.9 | 0.3% | Jun 15, 2026 | WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated attackers to include a... |
| CVE-2016-20080 | MEDIUM | 6.9 | 0.4% | Jun 15, 2026 | WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that ... |
| CVE-2016-20079 | MEDIUM | 6.9 | 0.8% | Jun 15, 2026 | WordPress Dharma Booking 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated at... |
| CVE-2016-20078 | MEDIUM | 6.9 | 0.7% | Jun 15, 2026 | WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers ... |
| CVE-2016-20077 | MEDIUM | 6.9 | 0.4% | Jun 15, 2026 | WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers ... |
| CVE-2016-20074 | MEDIUM | 5.3 | 0.1% | Jun 15, 2026 | WordPress Lazy Content Slider Plugin 3.4 contains a cross-site request forgery vulnerability that allows attackers to pe... |
| CVE-2016-20070 | MEDIUM | 5.1 | 0.2% | Jun 15, 2026 | WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabili... |
| CVE-2016-20067 | MEDIUM | 5.3 | 0.1% | Jun 15, 2026 | WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthoriz... |
| CVE-2016-20066 | MEDIUM | 5.1 | 0.2% | Jun 15, 2026 | WordPress CP Polls 1.0.8 contains a persistent cross-site scripting vulnerability that allows attackers to inject malici... |
| CVE-2016-20064 | MEDIUM | 6.9 | 0.7% | Jun 9, 2026 | WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary f... |
| CVE-2016-20054 | MEDIUM | 5.3 | 0.1% | Apr 4, 2026 | Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative ... |
| CVE-2016-20053 | MEDIUM | 6.9 | 0.1% | Apr 4, 2026 | Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create admin... |
| CVE-2016-20051 | MEDIUM | 6.9 | 0.2% | Apr 4, 2026 | Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credenti... |
| CVE-2016-20050 | MEDIUM | 6.9 | 0.2% | Apr 4, 2026 | NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to c... |
| CVE-2016-20036 | MEDIUM | 5.1 | 0.2% | Mar 16, 2026 | Wowza Streaming Engine 4.5.0 contains multiple reflected cross-site scripting vulnerabilities in the enginemanager inter... |
| CVE-2016-20035 | MEDIUM | 6.9 | 0.2% | Mar 16, 2026 | Wowza Streaming Engine 4.5.0 contains a cross-site request forgery vulnerability that allows attackers to perform admini... |
| CVE-2016-20032 | MEDIUM | 5.1 | 0.3% | Mar 16, 2026 | ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to exec... |
| CVE-2016-20031 | MEDIUM | 6.8 | 0.1% | Mar 16, 2026 | ZKTeco ZKBioSecurity 3.0 contains a local authorization bypass vulnerability in visLogin.jsp that allows attackers to au... |
| CVE-2016-20029 | MEDIUM | 6.9 | 0.2% | Mar 16, 2026 | ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files... |
| CVE-2016-20028 | MEDIUM | 5.3 | 0.2% | Mar 16, 2026 | ZKTeco ZKBioSecurity 3.0 contains a cross-site request forgery vulnerability that allows attackers to perform administra... |
| CVE-2016-20027 | MEDIUM | 5.1 | 0.2% | Mar 16, 2026 | ZKTeco ZKBioSecurity 3.0 contains multiple reflected cross-site scripting vulnerabilities that allow attackers to execut... |
| CVE-2016-20023 | MEDIUM | 6.5 | 0.3% | Dec 5, 2025 | In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the corr... |
| CVE-2016-15053 | MEDIUM | 5.1 | 0.4% | Oct 30, 2025 | Nagios XI versions prior to 5.2.4 are vulnerable to cross-site scripting (XSS) via the “My Reports” listing of the web i... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now