Search

Expected end of text, found ':' (at char 24), (line:1, col:25)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (342055 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-35664 2 Wpvivid, Wpvivid Team 2 Wpvivid Backup For Mainwp, Wpvivid Backup For Mainwp 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpvividplugins WPvivid Backup for MainWP wpvivid-backup-mainwp allows Reflected XSS.This issue affects WPvivid Backup for MainWP: from n/a through <= 0.9.32.
CVE-2024-35659 1 Iqonic 1 Kivicare 2026-04-01 8.8 High
Missing Authorization vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiviCare: from n/a through <= 3.6.6.
CVE-2024-35655 2 Brave, Getbrave 2 Brave Popup Builder, Brave 2026-04-01 4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brave Brave brave-popup-builder allows DOM-Based XSS.This issue affects Brave: from n/a through <= 0.6.9.
CVE-2024-35653 1 Visualcomposer 1 Visual Composer Website Builder 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.This issue affects Visual Composer Website Builder: from n/a through <= 45.8.0.
CVE-2024-35650 1 Melapress 1 Melapress Login Security 2026-04-01 7.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through <= 1.3.0.
CVE-2024-35646 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erez Hadas-Sonnenschein Smartarget Message Bar smartarget-message-bar.This issue affects Smartarget Message Bar: from n/a through <= 1.5.
CVE-2024-35645 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M A Vinoth Kumar Random Banner random-banner allows DOM-Based XSS.This issue affects Random Banner: from n/a through <= 4.2.12.
CVE-2024-35639 2 Webliberty, Wordpress 2 Simple Spoiler, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webliberty Simple Spoiler simple-spoiler.This issue affects Simple Spoiler: from n/a through <= 1.2.
CVE-2024-35637 1 Church Admin Project 1 Church Admin 2026-04-01 N/A
Server-Side Request Forgery (SSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.3.6.
CVE-2024-35633 1 Creativethemes 1 Blocksy Companion 2026-04-01 4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Creative Themes Blocksy Companion blocksy-companion.This issue affects Blocksy Companion: from n/a through <= 2.0.42.
CVE-2024-35172 2 Shortpixel, Wordpress 2 Shortpixel Adaptive Images, Wordpress 2026-04-01 N/A
Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.8.3.
CVE-2024-35169 2 Areoi, Wordpress 2 All Bootstrap Blocks, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.15.
CVE-2024-34828 2 Church Admin Project, Wordpress 2 Church Admin, Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.32.
CVE-2024-34826 2026-04-01 N/A
Missing Authorization vulnerability in Saleswonder Team: Tobias CF7 WOW Styler cf7-styler.This issue affects CF7 WOW Styler: from n/a through <= 1.6.4.
CVE-2024-34821 1 Contactlistpro 1 Contact List 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Anssi Laitila Contact List contact-list.This issue affects Contact List: from n/a through <= 2.9.87.
CVE-2024-34819 1 Moreconvert 1 Woocommerce Wishlist 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert.This issue affects MC Woocommerce Wishlist: from n/a through <= 1.7.2.
CVE-2024-34815 2 Codection, Wordpress 2 Import And Export Users And Customers, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.5.
CVE-2024-34814 1 Brizy 1 Unyson 2026-04-01 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Unyson Unyson unyson.This issue affects Unyson: from n/a through <= 2.7.29.
CVE-2024-34813 2026-04-01 N/A
Missing Authorization vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert.This issue affects MC Woocommerce Wishlist: from n/a through <= 1.7.8.
CVE-2024-34812 2026-04-01 N/A
Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through <= 2.1.8.