Export limit exceeded: 79699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79699 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54205 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget postman-widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through <= 1.14. | ||||
| CVE-2024-53824 | 1 Areoi | 1 All Bootstrap Blocks | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.19. | ||||
| CVE-2024-53817 | 2026-04-23 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Product Labels For Woocommerce aco-product-labels-for-woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through <= 1.5.8. | ||||
| CVE-2024-53815 | 1 Pinpoint.world | 1 Pinpoint Booking System | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.5.1. | ||||
| CVE-2024-53812 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames wp-geonames allows Reflected XSS.This issue affects WP GeoNames: from n/a through <= 1.8. | ||||
| CVE-2024-53808 | 1 Basixonline | 1 Nex-forms | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows SQL Injection.This issue affects NEX-Forms: from n/a through <= 8.7.8. | ||||
| CVE-2024-53807 | 1 Wpmailster | 1 Wp Mailster | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through <= 1.8.16.0. | ||||
| CVE-2024-53805 | 2 Mailster, Wpmailster | 2 Mailster, Wp Mailster | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through <= 1.8.16.0. | ||||
| CVE-2024-53793 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows Blind SQL Injection.This issue affects eDoc Easy Tables: from n/a through <= 1.29. | ||||
| CVE-2024-53792 | 1 Kibokolabs | 1 Watu Quiz | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affects Watu Quiz: from n/a through <= 3.4.1.2. | ||||
| CVE-2024-53790 | 1 Ogun Labs | 1 Lenxel Core | 2026-04-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ogun Labs Lenxel Core for Lenxel(LNX) LMS lenxel-core allows PHP Local File Inclusion.This issue affects Lenxel Core for Lenxel(LNX) LMS: from n/a through <= 1.3.9. | ||||
| CVE-2024-53789 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ritesh Sanap Advanced What should we write next about advanced-what-should-we-write-about-next allows Stored XSS.This issue affects Advanced What should we write next about: from n/a through <= 1.0.3. | ||||
| CVE-2024-53783 | 2026-04-23 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods.This issue affects Ni WooCommerce Cost Of Goods: from n/a through <= 3.2.8. | ||||
| CVE-2024-53782 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in cmsaccount Photo Video Store photo-video-store allows Cross-Site Scripting (XSS).This issue affects Photo Video Store: from n/a through <= 21.07. | ||||
| CVE-2024-53781 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in homejunction SpatialMatch IDX spatialmatch-free-lifestyle-search allows Stored XSS.This issue affects SpatialMatch IDX: from n/a through <= 3.0.9. | ||||
| CVE-2024-53780 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in rajeevglocify Load More Posts load-more-posts allows Stored XSS.This issue affects Load More Posts: from n/a through <= 1.5.0. | ||||
| CVE-2024-53779 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in 8bitkid Yahoo! WebPlayer yahoo-media-player allows Stored XSS.This issue affects Yahoo! WebPlayer: from n/a through <= 2.0.6. | ||||
| CVE-2024-53778 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs essential-breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through <= 1.1.1. | ||||
| CVE-2024-53777 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alberto Reineri Simple Header and Footer simple-header-and-footer allows Stored XSS.This issue affects Simple Header and Footer: from n/a through <= 1.0.0. | ||||
| CVE-2024-53776 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in raphaelheide Donate Me donate-me allows Stored XSS.This issue affects Donate Me: from n/a through <= 1.2.5. | ||||