CVEs and Security Vulnerabilities

Export limit exceeded: 347026 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45620 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45620 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-49232	1 Javierloureiro	1 El Mejor Cluster	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in derethor El mejor Cluster mejorcluster allows DOM-Based XSS.This issue affects El mejor Cluster: from n/a through <= 1.1.15.
CVE-2024-49231	1 Petercyclop	1 Wordpress Video	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cyclop WordPress Video wordpress-video allows Stored XSS.This issue affects WordPress Video: from n/a through <= 1.0.
CVE-2024-49229	1 Arifnezami	1 Better Author Bio	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arifnezami Better Author Bio better-author-bio allows Reflected XSS.This issue affects Better Author Bio: from n/a through <= 2.7.10.11.
CVE-2024-49228	1 Crossedcode	1 Bverse Convert	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edwin Rivera bVerse Convert bverse-convert allows Stored XSS.This issue affects bVerse Convert: from n/a through <= 1.3.7.1.
CVE-2024-49225	1 Swebdeveloper	1 Wppricing Builder	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swebdeveloper wpPricing Builder wppricing-builder-lite-responsive-pricing-table-builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through <= 1.5.0.
CVE-2024-48049	1 Mightyplugins	1 Mighty Builder	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mighty Plugins Mighty Builder mighty-builder allows Stored XSS.This issue affects Mighty Builder: from n/a through <= 1.0.2.
CVE-2024-48046			2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Stored XSS.This issue affects Contact Form by Supsystic: from n/a through <= 1.7.28.
CVE-2024-48041	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through <= 4.3.9.
CVE-2024-48036	1 Sktthemes	1 Skt Blocks	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks.This issue affects SKT Blocks: from n/a through <= 1.6.
CVE-2024-48032	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sumitsurai Featured Posts with Multiple Custom Groups (FPMCG) featured-posts-with-multiple-custom-groups-fpmcg allows Reflected XSS.This issue affects Featured Posts with Multiple Custom Groups (FPMCG): from n/a through <= 4.0.
CVE-2024-48025			2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dogrow Simple Baseball Scoreboard simple-baseball-scoreboard allows Stored XSS.This issue affects Simple Baseball Scoreboard: from n/a through <= 1.3.
CVE-2024-48023			2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rconnect305 Restaurant Reservations Widget restaurantconnect-reswidget allows Reflected XSS.This issue affects Restaurant Reservations Widget: from n/a through <= 1.0.
CVE-2024-48022			2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SysBasics Shortcode For Elementor Templates shortcode-support-for-elementor-templates allows Stored XSS.This issue affects Shortcode For Elementor Templates: from n/a through <= 1.0.0.
CVE-2024-48021			2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on contact-form-7-paypal-add-on allows Reflected XSS.This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through <= 2.3.
CVE-2024-47650	2 Axton, Wordpress	2 Wp-webauthn, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Axton WP-WebAuthn wp-webauthn allows Stored XSS.This issue affects WP-WebAuthn: from n/a through <= 1.3.1.
CVE-2024-47647			2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Essekia Helpie FAQ helpie-faq allows Stored XSS.This issue affects Helpie FAQ: from n/a through <= 1.27.
CVE-2024-47644			2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Copyscape Copyscape Premium copyscape-premium allows Stored XSS.This issue affects Copyscape Premium: from n/a through <= 1.3.9.
CVE-2024-47643	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through <= 4.0.0.
CVE-2024-47642	2 Keap, Wordpress	2 Keap Official Opt In Forms, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms infusionsoft-official-opt-in-forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through <= 2.0.3.
CVE-2024-47641	2 Wordpress, Wpdeveloperr	2 Wordpress, Confetti Fall Animation	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Muhammad Shakeel Confetti Fall Animation confetti-fall-animation allows Stored XSS.This issue affects Confetti Fall Animation: from n/a through <= 1.3.0.

« first previous Page 181 of 2281. next last »