Export limit exceeded: 79889 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79889 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50438 | 1 Themoyles | 1 Church Admin | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin allows Reflected XSS.This issue affects Church Admin: from n/a through < 5.0.0. | ||||
| CVE-2024-50436 | 1 Themehorse | 1 Clean Retina | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Clean Retina clean-retina.This issue affects Clean Retina: from n/a through <= 3.0.6. | ||||
| CVE-2024-50435 | 1 Themehorse | 1 Meta News | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Meta News meta-news.This issue affects Meta News: from n/a through <= 1.1.7. | ||||
| CVE-2024-50434 | 1 Themehorse | 1 Newscard | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse NewsCard newscard.This issue affects NewsCard: from n/a through <= 1.3. | ||||
| CVE-2024-50416 | 1 Wpclever | 1 Wpc Shop As A Customer For Woocommerce | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce wpc-shop-as-customer allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through <= 1.2.6. | ||||
| CVE-2024-50408 | 1 Kibokolabs | 1 Namaste\! Lms | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Bob Namaste! LMS namaste-lms allows Object Injection.This issue affects Namaste! LMS: from n/a through <= 2.6.3. | ||||
| CVE-2024-50407 | 1 Kibokolabs | 1 Namaste\! Lms | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Namaste! LMS namaste-lms allows Reflected XSS.This issue affects Namaste! LMS: from n/a through <= 2.6.2. | ||||
| CVE-2024-49701 | 1 Themehorse | 2 Interface, Mags | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Mags mags.This issue affects Mags: from n/a through <= 1.1.6. | ||||
| CVE-2024-49700 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARPrice arprice allows Reflected XSS.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49699 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49691 | 2026-04-23 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW woo-product-filter allows SQL Injection.This issue affects Product Filter by WBW: from n/a through <= 2.7.0. | ||||
| CVE-2024-49690 | 1 Qodeinteractive | 1 Qi Blocks | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through <= 1.3.2. | ||||
| CVE-2024-49684 | 1 Revmakx | 1 Backup And Staging By Wp Time Capsule | 2026-04-23 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through <= 1.22.21. | ||||
| CVE-2024-49677 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Cramer Bootstrap Buttons bootstrap-buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through <= 1.2. | ||||
| CVE-2024-49675 | 1 Vitaliibryl | 1 Switch User | 2026-04-23 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through <= 1.0.1. | ||||
| CVE-2024-49673 | 1 Latex2html | 1 Latex2html | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Van Abel LaTeX2HTML latex2html allows Reflected XSS.This issue affects LaTeX2HTML: from n/a through <= 2.5.4. | ||||
| CVE-2024-49672 | 1 Gief | 1 Google Docs Rsvp | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in giffordcheung Google Docs RSVP google-docs-rsvp-guestlist allows Stored XSS.This issue affects Google Docs RSVP: from n/a through <= 2.0.1. | ||||
| CVE-2024-49670 | 1 Samglover | 1 Client Power Tools | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sam Glover Client Power Tools Portal client-power-tools allows Reflected XSS.This issue affects Client Power Tools Portal: from n/a through <= 1.9.0. | ||||
| CVE-2024-49666 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARPrice arprice allows SQL Injection.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49664 | 1 Chatplus | 1 Chatplusjp | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chatplusjp chatplusjp chatplusjp allows Reflected XSS.This issue affects chatplusjp: from n/a through <= 1.02. | ||||