Export limit exceeded: 342050 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342050 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49276 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cliogrow Clio Grow clio-grow-form allows Reflected XSS.This issue affects Clio Grow: from n/a through <= 1.0.2. | ||||
| CVE-2024-49275 | 1 Northernbeacheswebsites | 1 Ideapush | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Northern Beaches Websites IdeaPush ideapush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through <= 8.69. | ||||
| CVE-2024-49274 | 1 Infomaniak | 1 Vod Infomaniak | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Network VOD Infomaniak vod-infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through <= 1.5.7. | ||||
| CVE-2024-49273 | 1 Metagauss | 1 Profilegrid | 2026-04-01 | 6.5 Medium |
| Missing Authorization vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities.This issue affects ProfileGrid : from n/a through <= 5.9.3. | ||||
| CVE-2024-49272 | 1 Wpwebinfotech | 1 Social Auto Poster | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpweb Social Auto Poster social-auto-poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through <= 5.3.15. | ||||
| CVE-2024-49271 | 1 Unlimited-elements | 2 Unlimited Elements For Elementor, Unlimited Elements For Elementor \(free Widgets\, Addons\, Templates\) | 2026-04-01 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor allows Command Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through <= 1.5.121. | ||||
| CVE-2024-49270 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Smart Blocks smart-blocks allows Stored XSS.This issue affects Smart Blocks: from n/a through <= 2.0. | ||||
| CVE-2024-49267 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nayon46 Unlimited Addon For Elementor unlimited-addon-for-elementor allows Stored XSS.This issue affects Unlimited Addon For Elementor: from n/a through <= 2.0.0. | ||||
| CVE-2024-49266 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thimo Grauerholz WP-Spreadplugin wp-spreadplugin allows Cross-Site Scripting (XSS).This issue affects WP-Spreadplugin: from n/a through <= 4.8.9. | ||||
| CVE-2024-49265 | 1 Booking | 1 Banner Creator | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SPBooking.com Booking.com Banner Creator bookingcom-banner-creator.This issue affects Booking.com Banner Creator: from n/a through <= 1.4.6. | ||||
| CVE-2024-49264 | 1 Nicheaddons | 1 Events Addon For Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Events Addon for Elementor events-addon-for-elementor allows Stored XSS.This issue affects Events Addon for Elementor: from n/a through <= 2.2.0. | ||||
| CVE-2024-49263 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama My Favorites my-favorites allows Stored XSS.This issue affects My Favorites: from n/a through <= 1.4.1. | ||||
| CVE-2024-49261 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryo Arkhe Blocks arkhe-blocks.This issue affects Arkhe Blocks: from n/a through <= 2.23.0. | ||||
| CVE-2024-49260 | 1 Limb | 1 Limb Image Gallery | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery allows Code Injection.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7. | ||||
| CVE-2024-49259 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Primary Addon for Elementor primary-addon-for-elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through <= 1.5.8. | ||||
| CVE-2024-49258 | 2026-04-01 | N/A | ||
| Path Traversal: '.../...//' vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7. | ||||
| CVE-2024-49257 | 1 Denis | 1 Azz Anonim Posting | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Denis Azz Anonim Posting azz-anonim-posting allows Upload a Web Shell to a Web Server.This issue affects Azz Anonim Posting: from n/a through <= 0.9. | ||||
| CVE-2024-49256 | 1 Wpchill | 1 Htaccess File Editor | 2026-04-01 | 8.8 High |
| Incorrect Authorization vulnerability in WP Chill Htaccess File Editor htaccess-file-editor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Htaccess File Editor: from n/a through <= 1.0.18. | ||||
| CVE-2024-49255 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele Alessandra Da Reactions da-reactions allows Stored XSS.This issue affects Da Reactions: from n/a through <= 5.1.5. | ||||
| CVE-2024-49254 | 1 Sunjianle | 1 Ajax Extend | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through <= 1.0. | ||||