Search

Expected end of text, found 'łace' (at char 35), (line:1, col:36)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346245 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-43971 1 Sunshinephotocart 1 Sunshine Photo Cart 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.5.
CVE-2024-43959 2 Themepoints, Wordpress 2 Testimonials, Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Testimonials super-testimonial allows Reflected XSS.This issue affects Testimonials: from n/a through <= 4.0.1.
CVE-2024-43956 1 Caseproof 1 Memberpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Caseproof, LLC MemberPress memberpress.This issue affects MemberPress: from n/a through <= 1.11.34.
CVE-2024-43955 1 Themeum 1 Droip 2026-04-23 10 Critical
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Droip droip allows Path Traversal.This issue affects Droip: from n/a through < 2.5.2.
CVE-2024-43954 1 Themeum 1 Droip 2026-04-23 6.3 Medium
Missing Authorization vulnerability in Themeum Droip droip allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Droip: from n/a through < 2.5.2.
CVE-2024-43953 1 Wpbakery 1 Page Builder 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through <= 3.5.
CVE-2024-43944 1 Wordpress 1 Wordpress 2026-04-23 3.7 Low
Authentication Bypass by Spoofing vulnerability in ilyasine Maintenance & Coming Soon Redirect Animation maintenance-coming-soon-redirect-animation allows Identity Spoofing.This issue affects Maintenance & Coming Soon Redirect Animation: from n/a through <= 2.3.3.
CVE-2024-43938 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Peters Name Directory name-directory.This issue affects Name Directory: from n/a through <= 1.29.0.
CVE-2024-43933 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amauri WPMobile.App wpappninja allows Stored XSS.This issue affects WPMobile.App: from n/a through <= 11.48.
CVE-2024-43932 1 Posimyth 1 The Plus Addons For Elementor 2026-04-23 6.5 Medium
Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through <= 5.6.2.
CVE-2024-43927 2026-04-23 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through <= 1.0.23.
CVE-2024-43353 2 Mycred, Wordpress 2 Mycred, Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2.
CVE-2024-43349 2 Areoi, Wordpress 2 All Bootstrap Blocks, Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.19.
CVE-2024-43338 2026-04-23 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Automattic Crowdsignal Dashboard – Polls, Surveys & more polldaddy allows Cross Site Request Forgery.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through <= 3.1.3.
CVE-2024-43336 1 Wpusermanager 1 Wp User Manager 2026-04-23 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager WP User Manager wp-user-manager.This issue affects WP User Manager: from n/a through <= 2.9.10.
CVE-2024-43334 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gavias Zilom zilom allows Reflected XSS.This issue affects Zilom: from n/a through < 1.4.5.
CVE-2024-43333 2026-04-23 7.5 High
Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro admin-site-enhancements-pro allows Privilege Escalation.This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through <= 7.6.2.1.
CVE-2024-43318 1 E2pdf 1 E2pdf 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E2Pdf e2pdf e2pdf.This issue affects e2pdf: from n/a through <= 1.25.05.
CVE-2024-43313 1 Formfacade 1 Formfacade 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in manidoraisamy FormFacade formfacade allows Reflected XSS.This issue affects FormFacade: from n/a through <= 1.3.2.
CVE-2024-43306 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.6.0.