Search

Expected end of text, found '/' (at char 36), (line:1, col:37)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346208 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-24831 1 Leap13 1 Premium Addons For Elementor 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.16.
CVE-2024-23507 1 Instawp 1 Instawp Connect 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.9.
CVE-2024-23506 1 Instawp 1 Instawp Connect 2026-04-23 7.7 High
Insertion of Sensitive Information Into Sent Data vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.9.
CVE-2024-23500 1 Kadencewp 1 Gutenberg Blocks With Ai 2026-04-23 7.7 High
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.19.
CVE-2024-22307 1 Wplab 1 Wp-lister Lite For Ebay 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.5.7.
CVE-2024-22289 1 Cybernetikz 1 Post Views Stats 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberNetikz Post views Stats post-views-stats allows DOM-Based XSS.This issue affects Post views Stats: from n/a through <= 1.4.1.
CVE-2024-22162 1 Wpzoom 1 Wpzoom Shortcodes 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Shortcodes wpzoom-shortcodes allows Reflected XSS.This issue affects WPZOOM Shortcodes: from n/a through <= 1.0.5.
CVE-2024-22145 1 Instawp 1 Instawp Connect 2026-04-23 8.8 High
Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8.
CVE-2024-1435 1 Tainacan 1 Tainacan 2026-04-23 5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in tainacan Tainacan tainacan.This issue affects Tainacan: from n/a through <= 0.20.6.
CVE-2024-11402 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue affects Block Editor Bootstrap Blocks: from n/a through <= 6.6.1.
CVE-2024-10676 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Flow Byte Conversion Helper conversion-helper allows Reflected XSS.This issue affects Conversion Helper: from n/a through <= 1.12.
CVE-2023-52190 1 Wpswings 1 Coupon Referral Program 2026-04-23 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Coupon Referral Program coupon-referral-program allows Retrieve Embedded Sensitive Data.This issue affects Coupon Referral Program: from n/a through <= 1.8.4.
CVE-2023-52135 1 Westguardsolutions 1 Ws Form 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mark Westguard WS Form LITE ws-form allows Blind SQL Injection.This issue affects WS Form LITE: from n/a through <= 1.9.170.
CVE-2023-51486 1 Rednao 1 Woocommerce Pdf Invoice Builder 2026-04-23 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Cross Site Request Forgery.This issue affects WooCommerce PDF Invoice Builder: from n/a through <= 1.2.101.
CVE-2023-51484 1 Wp-buy 1 Login As User Or Customer \(user Switching\) 2026-04-23 9.8 Critical
Incorrect Privilege Assignment vulnerability in wp-buy Login as User or Customer (User Switching) login-as-customer-or-user allows Privilege Escalation.This issue affects Login as User or Customer (User Switching): from n/a through <= 3.8.
CVE-2023-51362 1 Premio 1 All In One Floating Contact Form My Sticky Elements 2026-04-23 N/A
Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through <= 2.1.3.
CVE-2023-51360 1 Wpdeveloper 1 Essential Blocks 2026-04-23 8.8 High
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through <= 4.2.0.
CVE-2023-51359 1 Wpdeveloper 1 Essential Blocks 2026-04-23 8.8 High
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through <= 4.2.0.
CVE-2023-51357 1 Conversios 1 Conversios.io 2026-04-23 N/A
Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through <= 6.5.0.
CVE-2023-51355 1 Multivendorx 1 Wc Marketplace 2026-04-23 N/A
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: from n/a through <= 4.0.23.