Export limit exceeded: 348242 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79702 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79702 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52435 | 1 Wpdownloadmanager | 1 Premium Packages - Sell Digital Products Securely | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages.This issue affects WPDM – Premium Packages: from n/a through <= 6.0.5. | ||||
| CVE-2024-52428 | 1 Scripteo | 2 Ads Booster, Ads Booster By Ads Pro | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Peter Ads Booster by Ads Pro free-wp-booster-by-ads-pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through <= 1.12. | ||||
| CVE-2024-52424 | 1 Sureshkumar | 1 Wp-login Customizer | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in sureshdsk wp-login customizer wp-login-customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through <= 1.0. | ||||
| CVE-2024-52421 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker easy-popup-lightbox-maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through <= 2.0. | ||||
| CVE-2024-52418 | 1 Cactusthemes | 1 Gameplan | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CactusThemes Gameplan gameplan allows Reflected XSS.This issue affects Gameplan: from n/a through <= 1.5.10. | ||||
| CVE-2024-52417 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes ReConstruction reconstruction allows Reflected XSS.This issue affects ReConstruction: from n/a through <= 1.4.7. | ||||
| CVE-2024-52415 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in skipstorm SK WP Settings Backup sk-wp-settings-backup allows Object Injection.This issue affects SK WP Settings Backup: from n/a through <= 1.0. | ||||
| CVE-2024-52388 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in mikeage Hebrew Date hebrewdates allows Stored XSS.This issue affects Hebrew Date: from n/a through <= 2.1.0. | ||||
| CVE-2024-52383 | 1 Kct | 1 Ai Auto Tool Content Writing Assistant | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in aitool Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One ai-auto-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One: from n/a through <= 2.1.2. | ||||
| CVE-2024-52381 | 1 Shoaib Rehmat | 1 Zij Kart | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Shoaib Rehmat ZIJ KART zij-kart allows PHP Local File Inclusion.This issue affects ZIJ KART: from n/a through <= 1.1. | ||||
| CVE-2024-52378 | 1 Labs64 | 1 Digipass | 2026-04-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in labs64 DigiPass digipass allows Absolute Path Traversal.This issue affects DigiPass: from n/a through <= 0.3.0. | ||||
| CVE-2024-52371 | 1 Payeezy | 1 Global Gateway E4 | 2026-04-23 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DonnellC Global Gateway e4 | Payeezy Gateway | globe-gateway-e4.This issue affects Global Gateway e4 | Payeezy Gateway |: from n/a through <= 2.0. | ||||
| CVE-2024-51882 | 1 Ehues | 1 Gboy Custom Google Map | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopalkumar315 Gboy Custom Google Map gboy-custom-google-map allows Blind SQL Injection.This issue affects Gboy Custom Google Map: from n/a through <= 1.2. | ||||
| CVE-2024-51845 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in richteam Share Buttons – Social Media rich-web-share-button allows Blind SQL Injection.This issue affects Share Buttons – Social Media: from n/a through <= 1.0.2. | ||||
| CVE-2024-51843 | 1 Olland | 1 Horsemanager | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in fruitcakestudios Horsemanager fruitcake-horsemanager allows Blind SQL Injection.This issue affects Horsemanager: from n/a through <= 1.3. | ||||
| CVE-2024-51837 | 1 Andsonsdesign | 1 Wp-contest | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sophia M Williams WP Contest wp-contest allows SQL Injection.This issue affects WP Contest: from n/a through <= 1.0.0. | ||||
| CVE-2024-51820 | 1 Lsquared | 1 L Squared Hub | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wplsquared L Squared Hub WP l-squared-hub-wp-virtual-device allows SQL Injection.This issue affects L Squared Hub WP: from n/a through <= 1.0. | ||||
| CVE-2024-51784 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VietFriend team FriendStore for WooCommerce friendstore-for-woocommerce allows Reflected XSS.This issue affects FriendStore for WooCommerce: from n/a through <= 1.4.2. | ||||
| CVE-2024-51783 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zaus Forms: 3rd-Party Post Again forms-3rdparty-post-again allows Reflected XSS.This issue affects Forms: 3rd-Party Post Again: from n/a through <= 0.3. | ||||
| CVE-2024-51782 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sanjay Prasad Loginplus loginplus allows Stored XSS.This issue affects Loginplus: from n/a through <= 1.2. | ||||