Export limit exceeded: 342055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342055 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49702 | 1 Mycred | 1 Mycred Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred Elementor mycred-for-elementor allows Stored XSS.This issue affects myCred Elementor: from n/a through <= 1.2.6. | ||||
| CVE-2024-49701 | 1 Themehorse | 2 Interface, Mags | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Mags mags.This issue affects Mags: from n/a through <= 1.1.6. | ||||
| CVE-2024-49700 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARPrice arprice allows Reflected XSS.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49699 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49698 | 2 Pricelisto, Wordpress | 2 Best Restaurant Menu By Pricelisto, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in PriceListo Best Restaurant Menu by PriceListo best-restaurant-menu-by-pricelisto.This issue affects Best Restaurant Menu by PriceListo: from n/a through <= 1.4.2. | ||||
| CVE-2024-49697 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2026-04-01 | 4.3 Medium |
| Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9. | ||||
| CVE-2024-49696 | 1 Robosoft | 1 Robo Gallery | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows Stored XSS.This issue affects Robo Gallery: from n/a through <= 3.2.21. | ||||
| CVE-2024-49695 | 1 Spiffyplugins | 1 Wp Flow Plus | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through <= 5.2.3. | ||||
| CVE-2024-49694 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in imw3 My Wp Brand my-wp-brand.This issue affects My Wp Brand: from n/a through <= 1.1.2. | ||||
| CVE-2024-49693 | 1 Kraftplugins | 1 Mega Elements | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraft Plugins Mega Elements mega-elements-addons-for-elementor allows Stored XSS.This issue affects Mega Elements: from n/a through <= 1.2.6. | ||||
| CVE-2024-49692 | 1 Affiliatexblocks | 1 Affiliatex | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCenter AffiliateX affiliatex allows Stored XSS.This issue affects AffiliateX: from n/a through <= 1.2.9. | ||||
| CVE-2024-49691 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW woo-product-filter allows SQL Injection.This issue affects Product Filter by WBW: from n/a through <= 2.7.0. | ||||
| CVE-2024-49690 | 1 Qodeinteractive | 1 Qi Blocks | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through <= 1.3.2. | ||||
| CVE-2024-49689 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Harmonic Design HD Quiz – Save Results Light hd-quiz-save-results-light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HD Quiz – Save Results Light: from n/a through <= 0.5. | ||||
| CVE-2024-49688 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49687 | 2 Storeapps, Wordpress | 2 Smart Manager, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce.This issue affects Smart Manager: from n/a through <= 8.45.0. | ||||
| CVE-2024-49686 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in fatcatapps Landing Page Cat landing-page-cat.This issue affects Landing Page Cat: from n/a through <= 1.7.4. | ||||
| CVE-2024-49685 | 1 Smashballoon | 1 Custom Twitter Feeds | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Custom Twitter Feeds (Tweets Widget) custom-twitter-feeds allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds (Tweets Widget): from n/a through <= 2.2.3. | ||||
| CVE-2024-49684 | 1 Revmakx | 1 Backup And Staging By Wp Time Capsule | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through <= 1.22.21. | ||||
| CVE-2024-49683 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Magazine3 Schema & Structured Data for WP & AMP schema-and-structured-data-for-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Schema & Structured Data for WP & AMP: from n/a through <= 1.3.5. | ||||