Export limit exceeded: 347343 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347343 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347343 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-4233 | 2026-04-28 | 4.3 Medium | ||
| Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through 2.1.10; Arconix FAQ: from n/a through 1.9.3. | ||||
| CVE-2024-4234 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sayful Islam Filterable Portfolio allows Stored XSS.This issue affects Filterable Portfolio: from n/a through 1.6.4. | ||||
| CVE-2024-4214 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 2.7 Low |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Bill Minozzi Car Dealer allows Code Injection.This issue affects Car Dealer: from n/a through 4.15. | ||||
| CVE-2024-39655 | 2026-04-28 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands.This issue affects LiquidPoll – Advanced Polls for Creators and Brands: from n/a through 3.3.77. | ||||
| CVE-2024-38788 | 1 Uipress | 1 Uipress Lite | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bởi Admin 2020 UiPress lite allows SQL Injection.This issue affects UiPress lite: from n/a through 3.4.06. | ||||
| CVE-2024-38785 | 1 Jegstudio | 1 Gutenverse | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jegstudio Gutenverse allows Stored XSS.This issue affects Gutenverse: from n/a through 1.9.2. | ||||
| CVE-2024-38781 | 1 Artistscope | 1 Copysafe Web Protection | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ArtistScope CopySafe Web Protection allows Reflected XSS.This issue affects CopySafe Web Protection: from n/a through 3.15. | ||||
| CVE-2024-38758 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 6.0.4. | ||||
| CVE-2024-38739 | 2026-04-28 | 5.1 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FameThemes OnePress allows Stored XSS.This issue affects OnePress: from n/a through 2.3.8. | ||||
| CVE-2024-38728 | 1 S-sols | 1 Seraphinite Post .docx Source | 2026-04-28 | 7.1 High |
| Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source.This issue affects Seraphinite Post .DOCX Source: from n/a through 2.16.9. | ||||
| CVE-2024-38722 | 2026-04-28 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Stored XSS.This issue affects Job Board Manager: from n/a through 2.1.57. | ||||
| CVE-2024-38715 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ExS ExS Widgets allows PHP Local File Inclusion.This issue affects ExS Widgets: from n/a through 0.3.1. | ||||
| CVE-2024-38713 | 2026-04-28 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002. | ||||
| CVE-2024-38706 | 1 Hasthemes | 1 Ht Mega | 2026-04-28 | 6.5 Medium |
| Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through <= 2.5.7. | ||||
| CVE-2024-38704 | 2026-04-28 | 6.5 Medium | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DynamicWebLab WordPress Team Manager allows PHP Local File Inclusion.This issue affects WordPress Team Manager: from n/a through 2.1.12. | ||||
| CVE-2024-38710 | 1 Master-addons | 1 Master Addons | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.2. | ||||
| CVE-2024-38701 | 1 Kodezen | 1 Academy Lms | 2026-04-28 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4. | ||||
| CVE-2024-37959 | 1 Atlaspolicy | 1 Power Bi Embedded | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7. | ||||
| CVE-2024-37957 | 1 Bradmax | 1 Bradmax Player | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bradmax Bradmax Player allows Stored XSS.This issue affects Bradmax Player: from n/a through 1.1.27. | ||||
| CVE-2024-37952 | 1 Themeenergy | 2 Book Your Travel, Bookyourtravel | 2026-04-28 | 8.8 High |
| Improper Privilege Management vulnerability in themeenergy BookYourTravel allows Privilege Escalation.This issue affects BookYourTravel: from n/a through 8.18.17. | ||||