Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (342050 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-37918 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCone ConeBlog – WordPress Blog Widgets coneblog-widgets.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through <= 1.4.8.
CVE-2024-37555 1 Zealousweb 1 Generate Pdf Using Contact Form 7 2026-04-01 9.8 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using Contact Form 7 generate-pdf-using-contact-form-7.This issue affects Generate PDF using Contact Form 7: from n/a through <= 4.1.2.
CVE-2024-37554 1 Codeastrology 1 Ultraaddons 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows DOM-Based XSS.This issue affects UltraAddons Elementor Lite: from n/a through <= 2.0.2.
CVE-2024-37544 2026-04-01 N/A
Missing Authorization vulnerability in Saleswonder Team: Tobias Get Better Reviews for WooCommerce more-better-reviews-for-woocommerce.This issue affects Get Better Reviews for WooCommerce: from n/a through <= 4.0.6.
CVE-2024-37543 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Nitesh Ultimate Auction ultimate-auction allows Cross Site Request Forgery.This issue affects Ultimate Auction : from n/a through <= 4.2.5.
CVE-2024-37541 1 Staxwp 1 Stax 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax stax-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through <= 1.5.0.
CVE-2024-37540 2 Leaky Paywall, Wordpress 2 Leaky Paywall, Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Cross Site Request Forgery.This issue affects Leaky Paywall: from n/a through <= 4.21.2.
CVE-2024-37520 1 Radiustheme 1 Shopbuilder 2026-04-01 8.8 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through <= 2.1.12.
CVE-2024-37519 1 Leap13 1 Premium Blocks For Gutenburg 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress premium-blocks-for-gutenberg.This issue affects Premium Blocks – Gutenberg Blocks for WordPress: from n/a through <= 2.1.27.
CVE-2024-37518 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in StellarWP The Events Calendar the-events-calendar allows Cross Site Request Forgery.This issue affects The Events Calendar: from n/a through <= 6.5.1.4.
CVE-2024-37511 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in swte Swift Performance Lite swift-performance-lite allows Cross Site Request Forgery.This issue affects Swift Performance Lite: from n/a through <= 2.3.6.20.
CVE-2024-37508 1 Rarathemes 1 Construction Landing Page 2026-04-01 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in raratheme Construction Landing Page construction-landing-page allows Cross Site Request Forgery.This issue affects Construction Landing Page: from n/a through <= 1.3.5.
CVE-2024-37503 2 Rarathemes, Wordpress 2 Lawyer Landing Page, Wordpress 2026-04-01 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Cross Site Request Forgery.This issue affects Lawyer Landing Page: from n/a through <= 1.2.4.
CVE-2024-37502 3 Wordpress, Wpweb, Wpwebelite 3 Wordpress, Woocommerce Social Login, Woocommerce Social Login 2026-04-01 7.5 High
Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login woo-social-login.This issue affects WooCommerce Social Login: from n/a through <= 2.6.3.
CVE-2024-37497 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetThemeCore jet-theme-core.This issue affects JetThemeCore: from n/a through < 2.2.1.
CVE-2024-37495 1 Mediavine 1 Create 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through <= 1.9.7.
CVE-2024-37493 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Posterity posterity allows Cross Site Request Forgery.This issue affects Posterity: from n/a through <= 3.3.
CVE-2024-37491 2 Apollo13themes, Wordpress 2 Rife Free, Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in apollo13themes Rife Free rife-free allows Cross Site Request Forgery.This issue affects Rife Free: from n/a through <= 2.4.18.
CVE-2024-37490 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in wproyal Bard bard allows Cross Site Request Forgery.This issue affects Bard: from n/a through <= 2.210.
CVE-2024-37488 1 Helloasso 1 Helloasso 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through <= 1.1.9.