Export limit exceeded: 342065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342065 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50477 | 2 Stacks, Stacksmarket | 2 Stacks Mobile App Builder, Stacks Mobile App Builder | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3. | ||||
| CVE-2024-50476 | 1 Grun Software Group | 1 Spendino Spendenformular | 2026-04-01 | N/A |
| Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular spendino allows Privilege Escalation.This issue affects GRÜN spendino Spendenformular: from n/a through <= 1.0.1. | ||||
| CVE-2024-50475 | 1 Scott Gamon | 1 Signup Page | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through <= 1.0. | ||||
| CVE-2024-50473 | 1 Ajar Productions | 1 Ajar In5 Embed | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through <= 3.1.3. | ||||
| CVE-2024-50472 | 1 Amilia | 1 Store | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in martindrapeau Amilia Store amilia-store allows Stored XSS.This issue affects Amilia Store: from n/a through <= 2.9.8. | ||||
| CVE-2024-50471 | 1 Checklist | 1 Trip Plan | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in checklistcom Trip Plan tripplan allows DOM-Based XSS.This issue affects Trip Plan: from n/a through <= 1.0.10. | ||||
| CVE-2024-50470 | 1 Themes4wp | 1 Youtube External Subtitles | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themes4WP Themes4WP YouTube External Subtitles themes4wp-youtube-external-subtitles allows DOM-Based XSS.This issue affects Themes4WP YouTube External Subtitles: from n/a through <= 1.0. | ||||
| CVE-2024-50469 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brightvesseldev Textboxes textboxes allows DOM-Based XSS.This issue affects Textboxes: from n/a through <= 0.1.3.1. | ||||
| CVE-2024-50468 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in faceleg Raptor Editor wp-raptor allows DOM-Based XSS.This issue affects Raptor Editor: from n/a through <= 1.0.20. | ||||
| CVE-2024-50467 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in siteengineai Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin scrollbar-by-webxapp allows Stored XSS.This issue affects Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin: from n/a through <= 1.3.0. | ||||
| CVE-2024-50464 | 2 Pierre Lebedel, Wordpress | 2 Kodex Posts Likes, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes.This issue affects Kodex Posts likes: from n/a through <= 2.5.0. | ||||
| CVE-2024-50463 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2026-04-01 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9. | ||||
| CVE-2024-50462 | 2 Fla-shop, Wordpress | 2 Interactive World Map, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in html5maps Interactive World Map interactive-world-map allows Stored XSS.This issue affects Interactive World Map: from n/a through <= 3.4.4. | ||||
| CVE-2024-50461 | 1 Wpdeveloper | 1 Embedpress | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper EmbedPress embedpress allows Stored XSS.This issue affects EmbedPress: from n/a through <= 4.0.14. | ||||
| CVE-2024-50460 | 1 Firelightwp | 1 Firelight Lightbox | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firelight Firelight Lightbox easy-fancybox allows Stored XSS.This issue affects Firelight Lightbox: from n/a through <= 2.3.3. | ||||
| CVE-2024-50459 | 1 Hmplugin | 2 Accept Stripe Donation - Aidwp, Aidwp | 2026-04-01 | 9.8 Critical |
| Missing Authorization vulnerability in Hossni Mubarak AidWP wp-stripe-donation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AidWP: from n/a through <= 3.2.3. | ||||
| CVE-2024-50458 | 1 Wpcodeus | 1 Advanced Sermons | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CodeUs Advanced Sermons advanced-sermons allows Stored XSS.This issue affects Advanced Sermons: from n/a through <= 3.4. | ||||
| CVE-2024-50457 | 1 Qodeinteractive | 1 Qode Essential Addons | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Qode Essential Addons qode-essential-addons.This issue affects Qode Essential Addons: from n/a through <= 1.6.3. | ||||
| CVE-2024-50456 | 1 Seopress | 1 Seopress | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Benjamin Denis SEOPress wp-seopress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through <= 8.1.1. | ||||
| CVE-2024-50455 | 1 Seopress | 1 Seopress | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Benjamin Denis SEOPress wp-seopress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through <= 8.1.1. | ||||