Export limit exceeded: 341935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341935 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54206 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in URBAN BASE Z-Downloads z-downloads allows Stored XSS.This issue affects Z-Downloads: from n/a through <= 1.11.7. | ||||
| CVE-2024-54205 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget postman-widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through <= 1.14. | ||||
| CVE-2024-53826 | 1 Wpcasa Project | 1 Wpcasa | 2026-04-01 | N/A |
| Missing Authorization vulnerability in WPSight WPCasa wpcasa allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPCasa: from n/a through <= 1.2.13. | ||||
| CVE-2024-53825 | 1 Ninjateam | 1 Filebird | 2026-04-01 | 7.2 High |
| Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through <= 6.3.2. | ||||
| CVE-2024-53824 | 1 Areoi | 1 All Bootstrap Blocks | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.19. | ||||
| CVE-2024-53823 | 1 Posimyth | 1 The Plus Addons For Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through <= 5.6.14. | ||||
| CVE-2024-53820 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Stored XSS.This issue affects Captivate Sync: from n/a through <= 2.0.22. | ||||
| CVE-2024-53819 | 1 Webventures | 1 Client Invoicing By Sprout Invoices | 2026-04-01 | N/A |
| Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.0. | ||||
| CVE-2024-53818 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through <= 4.1.15. | ||||
| CVE-2024-53817 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Product Labels For Woocommerce aco-product-labels-for-woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through <= 1.5.8. | ||||
| CVE-2024-53816 | 1 Themeum | 1 Tutor Lms Elementor Addons | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Themeum Tutor LMS Elementor Addons tutor-lms-elementor-addons.This issue affects Tutor LMS Elementor Addons: from n/a through <= 2.1.5. | ||||
| CVE-2024-53815 | 1 Pinpoint.world | 1 Pinpoint Booking System | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.5.1. | ||||
| CVE-2024-53814 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Adnan Analytify wp-analytify.This issue affects Analytify: from n/a through <= 5.4.3. | ||||
| CVE-2024-53813 | 1 Wensolutions | 1 Wp Travel | 2026-04-01 | N/A |
| Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 9.6.0. | ||||
| CVE-2024-53812 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames wp-geonames allows Reflected XSS.This issue affects WP GeoNames: from n/a through <= 1.8. | ||||
| CVE-2024-53811 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through <= 1.0.40. | ||||
| CVE-2024-53810 | 1 N-media | 1 Simple User Registration | 2026-04-01 | N/A |
| Missing Authorization vulnerability in N-Media Simple User Registration wp-registration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Simple User Registration: from n/a through <= 5.5. | ||||
| CVE-2024-53809 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Bob Namaste! LMS namaste-lms allows Cross Site Request Forgery.This issue affects Namaste! LMS: from n/a through <= 2.6.4.1. | ||||
| CVE-2024-53808 | 1 Basixonline | 1 Nex-forms | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows SQL Injection.This issue affects NEX-Forms: from n/a through <= 8.7.8. | ||||
| CVE-2024-53807 | 1 Wpmailster | 1 Wp Mailster | 2026-04-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through <= 1.8.16.0. | ||||