Export limit exceeded: 342201 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342201 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50523 | 2 Rainbow-link, Rainbowlink | 2 All Post Contact Form, All Post Contact Form | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. All Post Contact Form allpost-contactform allows Upload a Web Shell to a Web Server.This issue affects All Post Contact Form: from n/a through <= 1.8.2. | ||||
| CVE-2024-50522 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redyyu WeChat Subscribers Lite wechat-subscribers-lite allows Reflected XSS.This issue affects WeChat Subscribers Lite : from n/a through <= 1.6.6. | ||||
| CVE-2024-50521 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alleythemes Alley Elementor Widget alley-elementor-widget allows DOM-Based XSS.This issue affects Alley Elementor Widget: from n/a through <= 1.0.7. | ||||
| CVE-2024-50520 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter J. Herrel Ancient World Linked Data ancient-world-linked-data-for-wordpress allows DOM-Based XSS.This issue affects Ancient World Linked Data: from n/a through <= 0.2.1. | ||||
| CVE-2024-50519 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Kohlbach Jigoshop – Store Exporter jigoshop-exporter allows Reflected XSS.This issue affects Jigoshop – Store Exporter: from n/a through <= 1.5.8. | ||||
| CVE-2024-50518 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Common Ninja Pricer Ninja pricer-ninja-pricing-tables allows Stored XSS.This issue affects Pricer Ninja: from n/a through <= 2.1.0. | ||||
| CVE-2024-50517 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IDSK team ID-SK Toolkit idsk-toolkit allows Stored XSS.This issue affects ID-SK Toolkit: from n/a through <= 1.7.2. | ||||
| CVE-2024-50516 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in adamskaat Countdown & Clock countdown-builder allows Stored XSS.This issue affects Countdown & Clock: from n/a through <= 3.0.8. | ||||
| CVE-2024-50515 | 1 Ninjaforms | 1 Ninja Forms | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kevin Stover Ninja Forms ninja-forms allows Stored XSS.This issue affects Ninja Forms: from n/a through <= 3.8.16. | ||||
| CVE-2024-50514 | 1 Ninjaforms | 1 Ninja Forms | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kevin Stover Ninja Forms ninja-forms allows Stored XSS.This issue affects Ninja Forms: from n/a through <= 3.8.16. | ||||
| CVE-2024-50513 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows Stored XSS.This issue affects PostX: from n/a through <= 4.1.15. | ||||
| CVE-2024-50512 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti Shipping posti-shipping allows Retrieve Embedded Sensitive Data.This issue affects Posti Shipping: from n/a through <= 3.10.2. | ||||
| CVE-2024-50511 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in donimedia WP donimedia carousel wp-donimedia-carousel allows Upload a Web Shell to a Web Server.This issue affects WP donimedia carousel: from n/a through <= 1.0.1. | ||||
| CVE-2024-50510 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For Woocommerce ar-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through <= 6.3. | ||||
| CVE-2024-50509 | 2 Chetan Khandla, Wordpress | 2 Woocommerce Product Design, Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design woo-product-design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through <= 1.0.0. | ||||
| CVE-2024-50508 | 2 Chetan Khandla, Wordpress | 2 Woocommerce Product Design, Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design woo-product-design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through <= 1.0.0. | ||||
| CVE-2024-50507 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Daschmi DS.DownloadList dsdownloadlist allows Object Injection.This issue affects DS.DownloadList: from n/a through <= 1.3. | ||||
| CVE-2024-50506 | 2 Azexo, Wordpress | 2 Marketing Automation By Azexo, Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in azexo Marketing Automation by AZEXO marketing-automation-by-azexo allows Privilege Escalation.This issue affects Marketing Automation by AZEXO: from n/a through <= 1.27.80. | ||||
| CVE-2024-50504 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in webxmedia Bulk Change Role bulk-role-change allows Privilege Escalation.This issue affects Bulk Change Role: from n/a through <= 1.1. | ||||
| CVE-2024-50503 | 2026-04-01 | N/A | ||
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Deryck User Toolkit user-toolkit allows Authentication Bypass.This issue affects User Toolkit: from n/a through <= 1.2.3. | ||||