Export limit exceeded: 341935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341935 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49660 | 1 Campusexplorer | 1 Widget | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CampusExplorer Campus Explorer Widget campus-explorer-widget allows Reflected XSS.This issue affects Campus Explorer Widget: from n/a through <= 1.4. | ||||
| CVE-2024-49659 | 1 Chartscss | 1 Coub | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coub Coub coub allows DOM-Based XSS.This issue affects Coub: from n/a through <= 1.4. | ||||
| CVE-2024-49658 | 1 Ecomerciar | 1 Woocommerce Custom Profile Picture | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in ecomerciar Woocommerce Custom Profile Picture woo-custom-profile-picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile Picture: from n/a through <= 1.0. | ||||
| CVE-2024-49657 | 2 Reneecussack, Wordpress | 2 3d Work In Progress, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Renata Bracichowicz 3D Work In Progress renee-work-in-progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a through <= 1.0.3. | ||||
| CVE-2024-49656 | 2 Abdullah Irfan, Abdullahirfan | 2 Document Press, Documentpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fifthsegment DocumentPress documentpress-display-any-document-on-your-site allows Reflected XSS.This issue affects DocumentPress: from n/a through <= 2.1. | ||||
| CVE-2024-49655 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARPrice arprice allows SQL Injection.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49654 | 2 Marian, Marianheddesheimer | 2 Extra Privacy For Elementor, Extra Privacy For Elementor | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marian Heddesheimer Extra Privacy for Elementor extra-privacy-for-elementor allows Reflected XSS.This issue affects Extra Privacy for Elementor: from n/a through <= 0.1.3. | ||||
| CVE-2024-49653 | 1 James Egger | 1 Portfolleo | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in james-eggers Portfolleo portfolleo allows Upload a Web Shell to a Web Server.This issue affects Portfolleo: from n/a through <= 1.2. | ||||
| CVE-2024-49652 | 1 Reneecussack | 1 3d Work In Progress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Renata Bracichowicz 3D Work In Progress renee-work-in-progress allows Upload a Web Shell to a Web Server.This issue affects 3D Work In Progress: from n/a through <= 1.0.3. | ||||
| CVE-2024-49651 | 1 Mattroyal | 1 Woocommerce Maintenance Mode | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Royal WooCommerce Maintenance Mode woocommerce-maintenance-mode allows Reflected XSS.This issue affects WooCommerce Maintenance Mode: from n/a through <= 2.0.1. | ||||
| CVE-2024-49650 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xarbo BuddyPress Greeting Message bp-greeting-message allows Reflected XSS.This issue affects BuddyPress Greeting Message: from n/a through <= 1.0.3. | ||||
| CVE-2024-49649 | 1 Buildapp | 1 Build App Online | 2026-04-01 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hakeemnala Build App Online build-app-online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through <= 1.0.23. | ||||
| CVE-2024-49648 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rafasashi SVG Captcha svg-captcha allows Reflected XSS.This issue affects SVG Captcha: from n/a through <= 1.0.11. | ||||
| CVE-2024-49647 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Carl Alberto Simple Custom Admin simple-custom-admin allows Reflected XSS.This issue affects Simple Custom Admin: from n/a through <= 1.2. | ||||
| CVE-2024-49646 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ioannup Code Generate code-generator allows Reflected XSS.This issue affects Code Generate: from n/a through <= 1.0. | ||||
| CVE-2024-49645 | 1 Soft-master | 1 Affiliate Platform | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ilias Gomatos Affiliate Platform smdp-affiliate-platform allows Reflected XSS.This issue affects Affiliate Platform: from n/a through <= 1.4.8. | ||||
| CVE-2024-49644 | 2026-04-01 | N/A | ||
| Incorrect Privilege Assignment vulnerability in AllAccessible Accessibility by AllAccessible allaccessible allows Privilege Escalation.This issue affects Accessibility by AllAccessible: from n/a through <= 1.3.4. | ||||
| CVE-2024-49643 | 1 Abdullahirfan | 1 Whitelist | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fifthsegment Whitelist fifthsegment-whitelist allows Reflected XSS.This issue affects Whitelist: from n/a through <= 3.5. | ||||
| CVE-2024-49642 | 1 Rafasashi | 1 Todo Custom Field | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rafasashi Todo Custom Field todo-custom-field allows Reflected XSS.This issue affects Todo Custom Field: from n/a through <= 3.0.4. | ||||
| CVE-2024-49641 | 1 Tidaweb | 1 Tida Url Screenshot | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot tida-url-screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: from n/a through <= 1.0.1. | ||||