Export limit exceeded: 342055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342055 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49240 | 1 Agustinberasategui | 1 Ab Categories Search Widget | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajberasategui AB Categories Search Widget ab-categories-search-widget allows Reflected XSS.This issue affects AB Categories Search Widget : from n/a through <= 0.2.5. | ||||
| CVE-2024-49239 | 1 Nikhilvaghela | 1 Add Categories Post Footer | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nikhilvaghela Add Categories Post Footer add-categories-post-footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through <= 2.2.2. | ||||
| CVE-2024-49238 | 1 Dh9sb.dx-info | 1 Adif Log Search Widget | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in emka73 ADIF Log Search Widget adif-log-search-widget allows Reflected XSS.This issue affects ADIF Log Search Widget: from n/a through <= 1.0f. | ||||
| CVE-2024-49237 | 1 Ahmetimamoglu | 1 Ahmeti Wp Timeline | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ahmeti Ahmeti Wp Timeline ahmeti-wp-timeline allows Stored XSS.This issue affects Ahmeti Wp Timeline: from n/a through <= 5.1. | ||||
| CVE-2024-49236 | 1 Hafizuddinahmed | 1 Crazy Call To Action Box | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hafiz Uddin Ahmed Crazy Call To Action Box crazy-call-to-action-box allows DOM-Based XSS.This issue affects Crazy Call To Action Box: from n/a through <= 1.0.5. | ||||
| CVE-2024-49235 | 1 Videowhisper | 1 Contact Forms Live Support Crm Video Messages Plugin | 2026-04-01 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in videowhisper Contact Forms, Live Support, CRM, Video Messages live-support-tickets allows Retrieve Embedded Sensitive Data.This issue affects Contact Forms, Live Support, CRM, Video Messages: from n/a through <= 1.10.2. | ||||
| CVE-2024-49234 | 1 Themeworm | 1 Plexx Elementor Extension | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeworm Plexx Elementor Extension plexx-elementor-extension allows DOM-Based XSS.This issue affects Plexx Elementor Extension: from n/a through <= 1.3.6. | ||||
| CVE-2024-49233 | 1 Madrasthemes | 1 Mas Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through <= 1.1.6. | ||||
| CVE-2024-49232 | 1 Javierloureiro | 1 El Mejor Cluster | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in derethor El mejor Cluster mejorcluster allows DOM-Based XSS.This issue affects El mejor Cluster: from n/a through <= 1.1.15. | ||||
| CVE-2024-49231 | 1 Petercyclop | 1 Wordpress Video | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cyclop WordPress Video wordpress-video allows Stored XSS.This issue affects WordPress Video: from n/a through <= 1.0. | ||||
| CVE-2024-49230 | 1 Harpreetsingh | 1 Ajax Custom Css\/js | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harry005 Ajax Custom CSS/JS ajax-awesome-css allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through <= 2.0.4. | ||||
| CVE-2024-49229 | 1 Arifnezami | 1 Better Author Bio | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arifnezami Better Author Bio better-author-bio allows Reflected XSS.This issue affects Better Author Bio: from n/a through <= 2.7.10.11. | ||||
| CVE-2024-49228 | 1 Crossedcode | 1 Bverse Convert | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edwin Rivera bVerse Convert bverse-convert allows Stored XSS.This issue affects bVerse Convert: from n/a through <= 1.3.7.1. | ||||
| CVE-2024-49227 | 1 Innovawebspzoo | 1 Free Stock Photos Foter | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in foter Free Stock Photos Foter free-stock-photos-foter allows Object Injection.This issue affects Free Stock Photos Foter: from n/a through <= 1.5.4. | ||||
| CVE-2024-49226 | 1 Taketin | 1 Taketin To Wp Membership | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in taketin TAKETIN To WP Membership taketin-to-wp-membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through <= 2.8.17. | ||||
| CVE-2024-49225 | 1 Swebdeveloper | 1 Wppricing Builder | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swebdeveloper wpPricing Builder wppricing-builder-lite-responsive-pricing-table-builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through <= 1.5.0. | ||||
| CVE-2024-49224 | 1 Maheshpatel | 1 Mitm Bug Tracker | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mahesh_9696 Mitm Bug Tracker mitm-bug-tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through <= 1.0. | ||||
| CVE-2024-49223 | 1 Shibulijack | 1 Cj Change Howdy | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in shibulijack CJ Change Howdy cj-change-howdy allows Cross Site Request Forgery.This issue affects CJ Change Howdy: from n/a through <= 3.3.1. | ||||
| CVE-2024-49222 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Object Injection.This issue affects WPGuppy: from n/a through <= 1.1.0. | ||||
| CVE-2024-49221 | 1 Julianweinert | 1 Cslider | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in julian.weinert cSlider cslider allows Cross Site Request Forgery.This issue affects cSlider: from n/a through <= 2.4.2. | ||||