Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45615 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-49665 1 Webbricks 1 Web Bricks Addons 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Web Bricks Web Bricks Addons for Elementor webbricks-addons allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through <= 1.1.1.
CVE-2024-49664 1 Chatplus 1 Chatplusjp 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chatplusjp chatplusjp chatplusjp allows Reflected XSS.This issue affects chatplusjp: from n/a through <= 1.02.
CVE-2024-49663 1 Elenazhyvohliad 1 Ucat 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elenkadark uCAT – Next Story ucat-next-story allows Reflected XSS.This issue affects uCAT – Next Story: from n/a through <= 2.0.0.
CVE-2024-49662 1 Webgensis 1 Simple Load More 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webgensis Simple Load More simple-load-more allows Reflected XSS.This issue affects Simple Load More: from n/a through <= 1.0.
CVE-2024-49661 1 Leenk 1 Leenk.me 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lew Ayotte leenk.me leenkme allows Reflected XSS.This issue affects leenk.me: from n/a through <= 2.16.0.
CVE-2024-49660 1 Campusexplorer 1 Widget 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CampusExplorer Campus Explorer Widget campus-explorer-widget allows Reflected XSS.This issue affects Campus Explorer Widget: from n/a through <= 1.4.
CVE-2024-49659 1 Chartscss 1 Coub 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coub Coub coub allows DOM-Based XSS.This issue affects Coub: from n/a through <= 1.4.
CVE-2024-49656 2 Abdullah Irfan, Abdullahirfan 2 Document Press, Documentpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fifthsegment DocumentPress documentpress-display-any-document-on-your-site allows Reflected XSS.This issue affects DocumentPress: from n/a through <= 2.1.
CVE-2024-49654 2 Marian, Marianheddesheimer 2 Extra Privacy For Elementor, Extra Privacy For Elementor 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marian Heddesheimer Extra Privacy for Elementor extra-privacy-for-elementor allows Reflected XSS.This issue affects Extra Privacy for Elementor: from n/a through <= 0.1.3.
CVE-2024-49651 1 Mattroyal 1 Woocommerce Maintenance Mode 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Royal WooCommerce Maintenance Mode woocommerce-maintenance-mode allows Reflected XSS.This issue affects WooCommerce Maintenance Mode: from n/a through <= 2.0.1.
CVE-2024-49650 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xarbo BuddyPress Greeting Message bp-greeting-message allows Reflected XSS.This issue affects BuddyPress Greeting Message: from n/a through <= 1.0.3.
CVE-2024-49648 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rafasashi SVG Captcha svg-captcha allows Reflected XSS.This issue affects SVG Captcha: from n/a through <= 1.0.11.
CVE-2024-49647 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Carl Alberto Simple Custom Admin simple-custom-admin allows Reflected XSS.This issue affects Simple Custom Admin: from n/a through <= 1.2.
CVE-2024-49646 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ioannup Code Generate code-generator allows Reflected XSS.This issue affects Code Generate: from n/a through <= 1.0.
CVE-2024-49645 1 Soft-master 1 Affiliate Platform 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ilias Gomatos Affiliate Platform smdp-affiliate-platform allows Reflected XSS.This issue affects Affiliate Platform: from n/a through <= 1.4.8.
CVE-2024-49643 1 Abdullahirfan 1 Whitelist 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fifthsegment Whitelist fifthsegment-whitelist allows Reflected XSS.This issue affects Whitelist: from n/a through <= 3.5.
CVE-2024-49642 1 Rafasashi 1 Todo Custom Field 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rafasashi Todo Custom Field todo-custom-field allows Reflected XSS.This issue affects Todo Custom Field: from n/a through <= 3.0.4.
CVE-2024-49641 1 Tidaweb 1 Tida Url Screenshot 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot tida-url-screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: from n/a through <= 1.0.1.
CVE-2024-49640 1 Amadercode 1 Acl Floating Cart For Woocommerce 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AmaderCode Lab ACL Floating Cart for WooCommerce acl-floating-cart-for-woocommerce allows Reflected XSS.This issue affects ACL Floating Cart for WooCommerce: from n/a through <= 0.9.
CVE-2024-49639 1 Edwardstoever 1 Monitor.chat 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edward Stoever Monitor.chat monitor-chat allows Reflected XSS.This issue affects Monitor.chat: from n/a through <= 1.1.1.